MTM-58822 Spring Boot 3 update 3 of 3: functional adjustments

microservice/package/src/main/java/com/cumulocity/agent/packaging/PackageMojo.java

@@ -26,11 +26,13 @@
 import org.apache.maven.settings.Proxy;
 import org.apache.maven.shared.filtering.MavenFilteringException;
 import org.apache.maven.shared.filtering.MavenResourcesExecution;
+import org.hibernate.validator.messageinterpolation.ParameterMessageInterpolator;
 
 import jakarta.validation.ConstraintViolation;
 import jakarta.validation.Validation;
 import jakarta.validation.Validator;
 import jakarta.validation.ValidatorFactory;
+
 import java.io.*;
 import java.nio.file.Files;
 import java.util.*;
@@ -361,7 +363,9 @@ private void validateManifest(File file) throws IOException, MavenExecutionExcep
         log.info("Validating manifest");
         try (BufferedReader reader = Files.newBufferedReader(file.toPath(), Charsets.UTF_8)) {
             final MicroserviceManifest manifest = MicroserviceManifest.from(reader);
-            ValidatorFactory factory = Validation.buildDefaultValidatorFactory();
+            ValidatorFactory factory = Validation.byDefaultProvider().configure()
+                    .messageInterpolator(new ParameterMessageInterpolator())
+                    .buildValidatorFactory();
             Validator validator = factory.getValidator();
 
             Set<ConstraintViolation<MicroserviceManifest>> constraintViolations = validator.validate(manifest);

microservice/security/src/main/java/com/cumulocity/microservice/security/configuration/WebSecurityConfiguration.java

@@ -5,17 +5,20 @@
 import com.cumulocity.microservice.security.filter.PrePostFiltersConfiguration;
 import com.cumulocity.microservice.security.token.CumulocityOAuthConfiguration;
 import com.cumulocity.microservice.security.token.CumulocityOAuthMicroserviceFilter;
+import org.springframework.beans.factory.ObjectProvider;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Import;
 import org.springframework.core.annotation.Order;
 import org.springframework.http.HttpMethod;
+import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.crypto.password.NoOpPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
@@ -52,26 +55,28 @@ public static PasswordEncoder passwordEncoder() {
     }
 
     @Bean
-    public SecurityFilterChain securityFilterChain(HttpSecurity http,
-                                                   CumulocityOAuthMicroserviceFilter cumulocityOAuthMicroserviceFilter,
-                                                   PreAuthenticateServletFilter preAuthenticateServletFilter,
-                                                   PostAuthenticateServletFilter postAuthenticateServletFilter)
-            throws Exception {
+    public SecurityFilterChain securityFilterChain(
+            HttpSecurity http,
+            CumulocityOAuthMicroserviceFilter cumulocityOAuthMicroserviceFilter,
+            PreAuthenticateServletFilter preAuthenticateServletFilter,
+            PostAuthenticateServletFilter postAuthenticateServletFilter,
+            ObjectProvider<Customizer<SessionManagementConfigurer<HttpSecurity>>> sessionManagementConfigurer
+    ) throws Exception {
 
         if (securityRolesLoggersActuator.length == 0) {
             securityRolesLoggersActuator = new String[] {"TENANT_MANAGEMENT_ADMIN"};
         }
 
         http
                 .authorizeHttpRequests(authorize -> authorize
-                        .requestMatchers("/metadata", "/health", "/prometheus", "/metrics", "/version").permitAll()
+                        .requestMatchers("/metadata", "/health", "/prometheus", "/metrics", "/version", "/error").permitAll()
                         .requestMatchers(HttpMethod.POST, "/loggers/*", "/loggers").hasAnyRole(securityRolesLoggersActuator)
                         .anyRequest().fullyAuthenticated()
                 )
                 .httpBasic(withDefaults())
                 .csrf(AbstractHttpConfigurer::disable)
                 .securityContext(AbstractHttpConfigurer::disable)
-                .sessionManagement(AbstractHttpConfigurer::disable)
+                .sessionManagement(sessionManagementConfigurer.getIfAvailable(() -> AbstractHttpConfigurer::disable))
                 .requestCache(AbstractHttpConfigurer::disable);
 
         http.addFilterBefore(cumulocityOAuthMicroserviceFilter, BasicAuthenticationFilter.class);

microservice/security/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports

@@ -0,0 +1 @@
+com.cumulocity.microservice.security.configuration.UserDetailsServiceConfiguration