deps: Update Jetty to version 9.4.49.v20220914

This updates Jetty to the latest 9.x version as of writing. The 9.x is
still running on Java 8. The update needs two code changes.

`SessionManager` was replaced with `SessionHandler`. This was documented
in the Jetty documentation.

Adding the `GitblitContext` to the `WebAppContext` will result in two
instances getting created, because the code was changed that prevents
instantiation the same listener class multiple times. (The second time
is when the web.xml is read.) Instead, it must be added to the servlet
handler of the `WebAppContext`. This results in properly adhering to the
changed internal startup flow.

Updating Jetty also resolves #1409.

1 files changed, 10 insertions, 10 deletions

diff --git a/src/main/java/com/gitblit/GitBlitServer.java b/src/main/java/com/gitblit/GitBlitServer.java
index ae01e8e0..d91b3be0 100644
--- a/src/main/java/com/gitblit/GitBlitServer.java
+++ b/src/main/java/com/gitblit/GitBlitServer.java
@@ -44,7 +44,8 @@ import org.eclipse.jetty.server.HttpConfiguration;
 import org.eclipse.jetty.server.HttpConnectionFactory;
 import org.eclipse.jetty.server.Server;
 import org.eclipse.jetty.server.ServerConnector;
-import org.eclipse.jetty.server.session.HashSessionManager;
+import org.eclipse.jetty.server.session.SessionHandler;
+import org.eclipse.jetty.servlet.ListenerHolder;
 import org.eclipse.jetty.util.security.Constraint;
 import org.eclipse.jetty.util.thread.QueuedThreadPool;
 import org.eclipse.jetty.webapp.WebAppContext;
@@ -302,7 +303,6 @@ public class GitBlitServer {
 				}
 
 				ServerConnector connector = new ServerConnector(server, factory);
-				connector.setSoLingerTime(-1);
 				connector.setIdleTimeout(settings.getLong(Keys.server.httpIdleTimeout, 30000L));
 				connector.setPort(params.securePort);
 				String bindInterface = settings.getString(Keys.server.httpsBindInterface, null);
@@ -339,7 +339,6 @@ public class GitBlitServer {
 	        httpConfig.setSendDateHeader(false);
 
 			ServerConnector connector = new ServerConnector(server, new HttpConnectionFactory(httpConfig));
-			connector.setSoLingerTime(-1);
 			connector.setIdleTimeout(settings.getLong(Keys.server.httpIdleTimeout, 30000L));
 			connector.setPort(params.port);
 			String bindInterface = settings.getString(Keys.server.httpBindInterface, null);
@@ -381,13 +380,13 @@ public class GitBlitServer {
 		rootContext.setWar(location.toExternalForm());
 		rootContext.setTempDirectory(tempDir);
 
+
 		// Set cookies HttpOnly so they are not accessible to JavaScript engines
-		HashSessionManager sessionManager = new HashSessionManager();
-		sessionManager.setHttpOnly(true);
+		SessionHandler sessionHandler = rootContext.getSessionHandler();
+		sessionHandler.setHttpOnly(true);
 		// Use secure cookies if only serving https
-		sessionManager.setSecureRequestOnly( (params.port <= 0 && params.securePort > 0) ||
-				(params.port > 0 && params.securePort > 0 && settings.getBoolean(Keys.server.redirectToHttpsPort, true)) );
-		rootContext.getSessionHandler().setSessionManager(sessionManager);
+		sessionHandler.setSecureRequestOnly( (params.port <= 0 && params.securePort > 0) ||
+											 (params.port > 0 && params.securePort > 0 && settings.getBoolean(Keys.server.redirectToHttpsPort, true)) );
 
 		// Ensure there is a defined User Service
 		String realmUsers = params.userService;
@@ -457,8 +456,9 @@ public class GitBlitServer {
 		}
 
 		// Setup the Gitblit context
-		GitblitContext gitblit = newGitblit(settings, baseFolder);
-		rootContext.addEventListener(gitblit);
+		ListenerHolder gitblitHolder = new ListenerHolder(GitblitContext.class);
+		gitblitHolder.setListener(newGitblit(settings, baseFolder));
+		rootContext.getServletHandler().addListener(gitblitHolder);
 
 		try {
 			// start the shutdown monitor