Updated to tomcat 11, spring 7, camunda 7.24.6-ee

Author: jamesfwood

.github/workflows/camunda.yml

@@ -146,7 +146,7 @@ jobs:
 
       - name: List CWS Logs
         run: |
-          cd "dist/console-only/cws/server/apache-tomcat-10.1.50/logs"
+          cd "dist/console-only/cws/server/apache-tomcat-11.0.20/logs"
           ls -al
 
       - name: Set up Google Chrome
@@ -182,25 +182,25 @@ jobs:
 
       - name: Show CWS Log for Console
         if: always()
-        working-directory: dist/console-only/cws/server/apache-tomcat-10.1.50/logs
+        working-directory: dist/console-only/cws/server/apache-tomcat-11.0.20/logs
         run: |
           cat cws.log
 
       - name: Show Catalina Log for Console
         if: always()
-        working-directory: dist/console-only/cws/server/apache-tomcat-10.1.50/logs
+        working-directory: dist/console-only/cws/server/apache-tomcat-11.0.20/logs
         run: |
           cat catalina.out
   
       - name: Show CWS Log for Worker1
         if: always()
-        working-directory: dist/worker1/cws/server/apache-tomcat-10.1.50/logs
+        working-directory: dist/worker1/cws/server/apache-tomcat-11.0.20/logs
         run: |
           cat cws.log
 
       - name: Show Catalina Log for Worker1
         if: always()
-        working-directory: dist/worker1/cws/server/apache-tomcat-10.1.50/logs
+        working-directory: dist/worker1/cws/server/apache-tomcat-11.0.20/logs
         run: |
           cat catalina.out
   
@@ -347,7 +347,7 @@ jobs:
 
       - name: List CWS Logs
         run: |
-          cd dist/console-only/cws/server/apache-tomcat-10.1.50/logs
+          cd dist/console-only/cws/server/apache-tomcat-11.0.20/logs
           ls -al
 
       - name: Set up Google Chrome
@@ -372,37 +372,37 @@ jobs:
 
       - name: Show CWS Log for Console
         if: always()
-        working-directory: dist/console-only/cws/server/apache-tomcat-10.1.50/logs
+        working-directory: dist/console-only/cws/server/apache-tomcat-11.0.20/logs
         run: |
           cat cws.log
 
       - name: Show Catalina Log for Console
         if: always()
-        working-directory: dist/console-only/cws/server/apache-tomcat-10.1.50/logs
+        working-directory: dist/console-only/cws/server/apache-tomcat-11.0.20/logs
         run: |
           cat catalina.out
 
       - name: Show CWS Log for Worker1
         if: always()
-        working-directory: dist/worker1/cws/server/apache-tomcat-10.1.50/logs
+        working-directory: dist/worker1/cws/server/apache-tomcat-11.0.20/logs
         run: |
           cat cws.log
 
       - name: Show Catalina Log for Worker1
         if: always()
-        working-directory: dist/worker1/cws/server/apache-tomcat-10.1.50/logs
+        working-directory: dist/worker1/cws/server/apache-tomcat-11.0.20/logs
         run: |
           cat catalina.out
 
       - name: Show CWS Log for Worker2
         if: always()
-        working-directory: dist/worker2/cws/server/apache-tomcat-10.1.50/logs
+        working-directory: dist/worker2/cws/server/apache-tomcat-11.0.20/logs
         run: |
           cat cws.log
 
       - name: Show Catalina Log for Worker2
         if: always()
-        working-directory: dist/worker2/cws/server/apache-tomcat-10.1.50/logs
+        working-directory: dist/worker2/cws/server/apache-tomcat-11.0.20/logs
         run: |
           cat catalina.out
 

.github/workflows/ldap.yml

@@ -122,7 +122,7 @@ jobs:
 
       - name: List CWS Logs
         run: |
-          cd dist/console-only/cws/server/apache-tomcat-10.1.50/logs
+          cd dist/console-only/cws/server/apache-tomcat-11.0.20/logs
           ls -al
 
       - name: Set up Google Chrome
@@ -140,25 +140,25 @@ jobs:
 
       - name: Show CWS Log for Console
         if: always()
-        working-directory: dist/console-only/cws/server/apache-tomcat-10.1.50/logs
+        working-directory: dist/console-only/cws/server/apache-tomcat-11.0.20/logs
         run: |
           cat cws.log
 
       - name: Show Catalina Log for Console
         if: always()
-        working-directory: dist/console-only/cws/server/apache-tomcat-10.1.50/logs
+        working-directory: dist/console-only/cws/server/apache-tomcat-11.0.20/logs
         run: |
           cat catalina.out
 
       - name: Show CWS Log for Worker1
         if: always()
-        working-directory: dist/worker1/cws/server/apache-tomcat-10.1.50/logs
+        working-directory: dist/worker1/cws/server/apache-tomcat-11.0.20/logs
         run: |
           cat cws.log
 
       - name: Show Catalina Log for Worker1
         if: always()
-        working-directory: dist/worker1/cws/server/apache-tomcat-10.1.50/logs
+        working-directory: dist/worker1/cws/server/apache-tomcat-11.0.20/logs
         run: |
           cat catalina.out
 

CHANGELOG.md

@@ -10,10 +10,18 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ## [Unreleased]
 ### Added
 ### Changed
+- Updated to Camunda 7.24.6-ee
+- Updated to Spring 7
+- Updated to Apache Tomcat 11
 ### Deprecated
 ### Removed
 ### Fixed
 ### Security
+### Breaking Changes
+- Update Database Schema from Camunda 7.23.0-ee to Camunda 7.24.0-ee:
+  - Go to the <root-dir>/sql/upgrade/ dir and use the upgrade script: 
+    - mysql_engine_7.23_to_7.24.sql
+
 
 ## [2.8.0]
 ### Added

CLAUDE.md

@@ -86,11 +86,11 @@ CWS follows a layered service-oriented architecture with these key modules:
 - **cws-test**: Integration and system testing framework
 
 ### Key Technologies
-- **Spring Framework 6.2.4**: Dependency injection, web services, transactions
-- **Camunda BPM 7.23.0-ee**: Workflow engine and BPMN execution
+- **Spring Framework 7.0.6**: Dependency injection, web services, transactions
+- **Camunda BPM 7.24.6-ee**: Workflow engine and BPMN execution
 - **Apache Artemis**: Message queue for external task communication
 - **MyBatis**: Database ORM and query mapping
-- **Apache Tomcat 10.1.50**: Application server
+- **Apache Tomcat 11.0.20**: Application server
 
 ### Module Dependencies
 ```
@@ -118,8 +118,8 @@ cws-core (foundation)
 
 ### Version Information
 - CWS Version: 2.8.0   (update this each CWS release)
-- Camunda Version: 7.24.0-ee
-- Tomcat Version: 10.1.50
+- Camunda Version: 7.24.6-ee
+- Tomcat Version: 11.0.20
 - Java Version: 17 (enforced by Maven)
 
 ### Security Requirements

README.md

@@ -186,8 +186,8 @@ The CWS image available on Github is loaded with self-signed SSL certs that requ
 If you'd like to provide your own SSL certs, you can use the `generate_certs.sh` script in `cws_certs/` to do so. You'll then need to copy those files into the image before startup or (more easily) use volume mounts to make them available to CWS. Take a look at the `docker-compose.yml` file in `install/docker/` -- there are commented-out volume store lines that you can use.
 
 The keystore files CWS looks for are at these paths inside the image:
-`/home/cws_user/cws/server/apache-tomcat-10.1.50/conf/.keystore`
-`/home/cws_user/cws/server/apache-tomcat-10.1.50/lib/cws_truststore.jks`
+`/home/cws_user/cws/server/apache-tomcat-11.0.20/conf/.keystore`
+`/home/cws_user/cws/server/apache-tomcat-11.0.20/lib/cws_truststore.jks`
 
 You'll also want to provide CWS with the password you used to create the certs so the software can use them. This is a plaintext file with the password in it. CWS looks for this file at the path: `/root/.cws/creds:ro`. Note that this password is not related to what you'd use to log into the CWS interface -- it's only the password for the certs themselves.
 

cws-core/src/main/java/jpl/cws/core/web/CwsSecurityFilter.java

@@ -296,9 +296,7 @@ else if (path.startsWith("/cws-ui/") ) {
 			if (path.startsWith("/cws-ui/fonts/") ||
 				path.endsWith("login") ||
 				path.endsWith("not_authorized") ||
-				//path.toLowerCase().endsWith("/api/authenticate.mvc") ||
-				path.toLowerCase().endsWith("/api/validatecwstoken.mvc") ||
-				path.toLowerCase().contains("/api/checksession.mvc")
+				path.toLowerCase().endsWith("/api/validatecwstoken")
 			) {
 				return true; // skip
 			}
@@ -456,8 +454,8 @@ protected boolean isAuthorized(HttpServletRequest req, String username, String c
 		if (path.startsWith("/cws-ui/")) {
 			if (path.endsWith("/home") ||
 				path.endsWith("/logintotarget") ||
-				path.endsWith("/api/process-instance/status.mvc") ||
-				path.endsWith("/cws-ui/api/authenticate.mvc")) {
+				(path.contains("/api/process-instance/") && path.endsWith("/status")) ||
+				path.endsWith("/api/authenticate")) {
 				log.trace("NOT AUTHORIZING CWS PATH: " + path);
 				return true; // no authorization
 			}

cws-ui/src/main/webapp/WEB-INF/springmvc-servlet.xml

@@ -17,9 +17,8 @@
 
     <bean id="swaggerConfig" class="jpl.cws.controller.SwaggerConfig"/>
 
-    <mvc:annotation-driven>
-        <mvc:path-matching suffix-pattern="true" />
-    </mvc:annotation-driven>
+    <mvc:annotation-driven/>
+    <mvc:default-servlet-handler/>
 
 <!--     <bean id="viewResolver"
     	class="org.springframework.web.servlet.view.InternalResourceViewResolver" >

cws-ui/src/main/webapp/WEB-INF/urlrewrite.xml

@@ -10,10 +10,9 @@
 -->
 <urlrewrite>
 
-	<!--  REWRITE SO THAT SPRING DISPATCH SERVLET WILL FIND *.mvc -->
 	<rule match-type="wildcard">
 		<from>/rest/**</from>
-		<to>/api/$1.mvc</to>
+		<to>/api/$1</to>
 	</rule>
 
 </urlrewrite>

cws-ui/src/main/webapp/WEB-INF/web.xml

@@ -80,7 +80,7 @@
 		<url-pattern>/v3/api-docs/*</url-pattern>
 		<url-pattern>/swagger-ui</url-pattern>
 		<url-pattern>/swagger-ui/*</url-pattern>
-		<url-pattern>*.mvc</url-pattern>
+		<url-pattern>/*</url-pattern>
 	</servlet-mapping>
 
 	<!-- Webapp context definitions -->

dependency-compatibility.md

@@ -3,7 +3,7 @@
 ### **Java Version Requirements**
 - **Minimum**: Java 17
 - **Current**: Java 17
-- **Reason**: Required for Spring Framework 6.x and modern libraries
+- **Reason**: Required for Spring Framework 7.x and modern libraries
 
 ### **Maven Version Requirements**
 - **Minimum**: Maven 3.9.6
@@ -16,8 +16,8 @@
 
 | Library | Current Version | Compatible Versions | Notes |
 |---------|----------------|-------------------|-------|
-| **Spring Framework** | 6.2.4 | 6.2.x, 6.3.x | ✅ Stable |
-| **Camunda BPM** | 7.23.0-ee | 7.23.x | ✅ Enterprise |
+| **Spring Framework** | 7.0.6 | 7.0.x | ✅ Stable |
+| **Camunda BPM** | 7.24.6-ee | 7.24.x | ✅ Enterprise |
 | **Java** | 17 | 17, 21 | ✅ LTS |
 
 ### **Testing Dependencies**
@@ -39,8 +39,8 @@
 1. **JUnit**: 4.13.2 → 5.12.2 (Complete rewrite)
 
 ### **Enterprise Considerations**
-1. **Camunda**: 7.23.0-ee (Enterprise license required)
-2. **Spring**: 6.2.4 (Stable, well-tested)
+1. **Camunda**: 7.24.6-ee (Enterprise license required)
+2. **Spring**: 7.0.6 (Stable, well-tested)
 
 ## 🛠️ **Tools for Compatibility Checking**