Merge branch 'main' of https://github.com/eclipse-basyx/basyx-java-server-sdk into apiclient-pooling

Author: chris-koo

basyx.aasenvironment/basyx.aasenvironment.component/src/main/java/org/eclipse/digitaltwin/basyx/aasenvironment/component/AasEnvironmentConfiguration.java

@@ -50,7 +50,7 @@ public class AasEnvironmentConfiguration {
 
 	@Bean
 	@ConditionalOnMissingBean
-	public static AasEnvironment getAasEnvironment(AasEnvironmentFactory aasEnvironmentFactory, List<AasEnvironmentFeature> features, @Value("${basyx.aasenvironment.minInflateRatio:0.001}") double minInflateRatio) {
+	public static AasEnvironment getAasEnvironment(AasEnvironmentFactory aasEnvironmentFactory, List<AasEnvironmentFeature> features, @Value("${basyx.aasenvironment.mininflateratio:0.001}") double minInflateRatio) {
 		ZipSecureFile.setMinInflateRatio(minInflateRatio);
 		return new DecoratedAasEnvironmentFactory(aasEnvironmentFactory, features).create();
 	}

basyx.aasenvironment/basyx.aasenvironment.component/src/main/resources/application.properties

@@ -20,7 +20,7 @@ basyx.backend = InMemory
 # basyx.cors.allowed-origins=http://localhost:3000, http://localhost:4000
 # basyx.cors.allowed-methods=GET,POST,PATCH,DELETE,PUT,OPTIONS,HEAD
 
-# basyx.aasenvironment.minInflateRatio=0.00001
+# basyx.aasenvironment.mininflateratio=0.00001
 
 ####################################################################################
 # Preconfiguring the Environment;
@@ -113,4 +113,4 @@ basyx.backend = InMemory
 # basyx.submodelrepository.feature.experimental.search.indexname=sm-index-test
 # spring.elasticsearch.uris=http://localhost:9200
 # spring.elasticsearch.username=elastic
-# spring.elasticsearch.password=vtzJFt1b
+# spring.elasticsearch.password=vtzJFt1b

basyx.aasregistry/basyx.aasregistry-feature-search/pom.xml

@@ -30,7 +30,7 @@
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-core</artifactId>
-            <version>2.20.1</version>
+            <version>2.21.0</version>
         </dependency>
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>

basyx.aasregistry/docker-compose/docker-compose.yml

@@ -80,7 +80,7 @@ services:
       - basyx
 
   mongodb:
-    image: mongo:5.0.10
+    image: mongo:8
     container_name: mongodb
     environment:
       MONGO_INITDB_ROOT_USERNAME: admin

basyx.common/basyx.authorization/src/main/java/org/eclipse/digitaltwin/basyx/authorization/CommonSecurityConfiguration.java

@@ -33,6 +33,7 @@
 import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter;
 import org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuthoritiesConverter;
 import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.web.cors.CorsConfigurationSource;
 
 /**
  * Common configurations for security
@@ -43,9 +44,16 @@
 @ConditionalOnExpression("#{${" + CommonAuthorizationProperties.ENABLED_PROPERTY_KEY + ":false}}")
 public class CommonSecurityConfiguration {
 
+	private final CorsConfigurationSource corsConfigurationSource;
+
+	public CommonSecurityConfiguration(CorsConfigurationSource corsConfigurationSource) {
+		this.corsConfigurationSource = corsConfigurationSource;
+	}
+
 	@Bean
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
+				.cors(cors -> cors.configurationSource(corsConfigurationSource))
 				.authorizeHttpRequests(authorize -> authorize
 						.requestMatchers("/actuator/health/**").permitAll()
 						.requestMatchers(HttpMethod.OPTIONS, "/**").permitAll()

basyx.common/basyx.http/src/main/java/org/eclipse/digitaltwin/basyx/http/BaSyxHTTPConfiguration.java

@@ -35,6 +35,9 @@
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.converter.json.Jackson2ObjectMapperBuilder;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.CorsConfigurationSource;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
 import org.springframework.web.servlet.config.annotation.CorsRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 
@@ -103,4 +106,45 @@ private void configureOrigins(String[] allowedOrigins, String[] allowedMethods,
 			}
 		};
 	}
+
+	/**
+	 * Creates a {@link CorsConfigurationSource} that can be used by Spring Security
+	 * to apply CORS headers even on error responses (e.g., 401, 403).
+	 * This ensures consistent CORS behavior between Spring MVC and Spring Security.
+	 *
+	 * @param configurationUrlProviders
+	 * @param allowedOrigins
+	 * @param allowedMethods
+	 * @return
+	 */
+	@Bean
+	public CorsConfigurationSource corsConfigurationSource(List<CorsPathPatternProvider> configurationUrlProviders,
+															 @Value("${basyx.cors.allowed-origins:}") String[] allowedOrigins,
+															 @Value("${basyx.cors.allowed-methods:}") String[] allowedMethods) {
+		UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+
+		if (allowedOrigins.length == 0 && allowedMethods.length == 0) {
+			return source;
+		}
+
+		CorsConfiguration configuration = new CorsConfiguration();
+
+		if (allowedOrigins.length > 0) {
+			configuration.setAllowedOriginPatterns(Arrays.asList(allowedOrigins));
+		}
+
+		if (allowedMethods.length > 0) {
+			configuration.setAllowedMethods(Arrays.asList(allowedMethods));
+		}
+
+		configuration.setAllowedHeaders(List.of("*"));
+		configuration.setAllowCredentials(true);
+
+		for (CorsPathPatternProvider provider : configurationUrlProviders) {
+			logger.info("Registering CORS configuration for path pattern: " + provider.getPathPattern());
+			source.registerCorsConfiguration(provider.getPathPattern(), configuration);
+		}
+
+		return source;
+	}
 }

basyx.conceptdescriptionrepository/basyx.conceptdescriptionrepository-feature-search/pom.xml

@@ -38,7 +38,7 @@
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-core</artifactId>
-            <version>2.20.1</version>
+            <version>2.21.0</version>
         </dependency>
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>

basyx.submodelregistry/basyx.submodelregistry-feature-search/pom.xml

@@ -30,7 +30,7 @@
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-core</artifactId>
-            <version>2.20.1</version>
+            <version>2.21.0</version>
         </dependency>
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>

basyx.submodelregistry/docker-compose/docker-compose.yml

@@ -80,7 +80,7 @@ services:
       - basyx-submodel
 
   mongodb:
-    image: mongo:5.0.10
+    image: mongo:8
     container_name: mongodb
     environment:
       MONGO_INITDB_ROOT_USERNAME: admin

basyx.submodelrepository/basyx.submodelrepository-feature-search/pom.xml

@@ -40,7 +40,7 @@
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-core</artifactId>
-            <version>2.20.1</version>
+            <version>2.21.0</version>
         </dependency>
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>