From 7b2d225df2af7aad1c81dae105a0f2d76b62c949 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=A9r=C3=B4me=20Pochat?= <jpochat@cloudbees.com>
Date: Fri, 17 Feb 2023 11:15:35 +0100
Subject: [PATCH] Add ServletAPITest

---
 src/it/servlet-api/invoker.properties         |  3 ++
 src/it/servlet-api/pom.xml                    | 37 +++++++++++++++++++
 .../src/main/resources/index.jelly            |  2 +
 .../src/test/java/test/ServletAPITest.java    | 34 +++++++++++++++++
 4 files changed, 76 insertions(+)
 create mode 100644 src/it/servlet-api/invoker.properties
 create mode 100644 src/it/servlet-api/pom.xml
 create mode 100644 src/it/servlet-api/src/main/resources/index.jelly
 create mode 100644 src/it/servlet-api/src/test/java/test/ServletAPITest.java

diff --git a/src/it/servlet-api/invoker.properties b/src/it/servlet-api/invoker.properties
new file mode 100644
index 0000000000..ccb70fca53
--- /dev/null
+++ b/src/it/servlet-api/invoker.properties
@@ -0,0 +1,3 @@
+# install, not verify, because we want to check the artifact as we would be about to deploy it
+# release.skipTests normally set in jenkins-release profile since release:perform would do the tests
+invoker.goals=-Dstyle.color=always -ntp -Pjenkins-release -Drelease.skipTests=false clean install
diff --git a/src/it/servlet-api/pom.xml b/src/it/servlet-api/pom.xml
new file mode 100644
index 0000000000..5f9eb97409
--- /dev/null
+++ b/src/it/servlet-api/pom.xml
@@ -0,0 +1,37 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <parent>
+        <groupId>org.jenkins-ci.plugins</groupId>
+        <artifactId>plugin</artifactId>
+        <version>@project.version@</version>
+        <relativePath/>
+    </parent>
+    <groupId>org.jenkins-ci.plugins.its</groupId>
+    <artifactId>servlet-api</artifactId>
+    <version>1.0-SNAPSHOT</version>
+    <packaging>hpi</packaging>
+    <properties>
+        <jenkins.version>2.361.4</jenkins.version>
+    </properties>
+    <repositories>
+        <repository>
+            <id>repo.jenkins-ci.org</id>
+            <url>https://repo.jenkins-ci.org/public/</url>
+        </repository>
+    </repositories>
+    <pluginRepositories>
+        <pluginRepository>
+            <id>repo.jenkins-ci.org</id>
+            <url>https://repo.jenkins-ci.org/public/</url>
+        </pluginRepository>
+    </pluginRepositories>
+    <dependencies>
+        <dependency>
+            <groupId>org.jenkins-ci.plugins</groupId>
+            <artifactId>structs</artifactId>
+            <version>1.5</version>
+        </dependency>
+    </dependencies>
+</project>
diff --git a/src/it/servlet-api/src/main/resources/index.jelly b/src/it/servlet-api/src/main/resources/index.jelly
new file mode 100644
index 0000000000..2f655e510a
--- /dev/null
+++ b/src/it/servlet-api/src/main/resources/index.jelly
@@ -0,0 +1,2 @@
+<?jelly escape-by-default='true'?>
+<div/>
diff --git a/src/it/servlet-api/src/test/java/test/ServletAPITest.java b/src/it/servlet-api/src/test/java/test/ServletAPITest.java
new file mode 100644
index 0000000000..fcaaf2b6f5
--- /dev/null
+++ b/src/it/servlet-api/src/test/java/test/ServletAPITest.java
@@ -0,0 +1,34 @@
+package test;
+
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.JenkinsRule;
+
+import hudson.security.LegacySecurityRealm;
+import jenkins.model.Jenkins;
+
+public class ServletAPITest {
+
+    @Rule
+    public final JenkinsRule rule = new JenkinsRule();
+
+    /**
+     * When having both Servlet APIs 3.1 and 4.0 in classpath, the following error
+     * is logged on server side:
+     * 
+     * <pre>
+     * WARNING	o.e.jetty.server.HttpChannel#handleException: /jenkins/j_security_check
+     * java.lang.AbstractMethodError: Receiver class org.eclipse.jetty.security.authentication.SessionAuthentication does not define or inherit an
+     * implementation of the resolved emethod 'abstract void valueBound(javax.servlet.http.HttpSessionBindingEvent)' of interface
+     * javax.servlet.http.HttpSessionBindingListener. at org.eclipse.jetty.server.session.Session.bindValue(Session.java:357)
+     * </pre>
+     * 
+     * And then on client side getting "500 Server Error for
+     * http://localhost:.../jenkins/j_security_check"
+     */
+    @Test
+    public void involveHttpSessionBindingListener() throws Exception {
+        Jenkins.get().setSecurityRealm(new LegacySecurityRealm());
+        rule.createWebClient().login("bob");
+    }
+}