jaxrs | JAX-RS with Jersey and Jetty Example | REST library

I am using WebTarget to send a GET request with query params.

This is my expected request that I need to generate:

I am working on a web application managed by Apache ant builder. We recently upgraded jersey from 2.17 to 2.35 and all the related dependencies in the class path. After upgrading i noticed one error where the PSOT method argument is populated as null.

Did some digging to solve this issue, found jersey-media-json-binding.jar might be causing the issue. Removed it from class path, and everything works fine.

But I am unable to figure why did the issue cause in the first place, what is the use of this jersey-media-json-binding.jar library.

Does jersey-media-json-binding.jar and jackson-jaxrs-json-provider-2.12.2.jar provide the same functionality, which is causing the issue?

I'm currently struggling with exposing the REST api in my project using Apache Camel. When I run the project it seems to be fine in the console, but it just doesn't work:

curl http://127.0.0.1:8080/materials

curl: (7) Failed to connect to 127.0.0.1 port 8080: Connection refused

Here's the pom.xml file:

We are using keycloak as IDP and have some custom plugins/Spi, we are in process of updating our keycloak instance to version 17 Quarkas distribution and the SPIs began to break (error below) during keycloak build process. I've made sure that there are no keycloak libraries packed as part of jar.

The SPI looks like below and have corresponding entries in Manifest file under Manifest/services/org.keycloak.services.resource.RealmResourceProviderFactory

Custom SPI/plugin

We are building an app based on Red Hat JBoss AMQ 6. We wrap some Java code around the base image to provide extra functionalities which are lacking in AMQ 6.

Now, when the CVE of Log4j stroke, we found that this component is vulnerable because it uses log4j 1.x. Now I don't just mean our Java code uses it, but also the base image of Red Hat AMQ 6 uses it. As AMQ 6 is EOL now, Red Hat does not provide support anymore, so there will not be official releases with fix.

So, how do I remove vulnerable log4j 1.x classes from:

• my Java code
• the base image

?

I am building with jib maven plugin.

It seems mvn dependency:tree only gives info about our Java wrapper code, not about the base image. And I don't understand what does the "+" and "-" mean while it gives output like this:

I'm having troubles getting bean validation to work with the following minimalised project consisting only of this three java files plus pom.xml. I'm using Apache TomEE 8.0.10.

LoginMessage.java

I am tring to convert my .jar project into a native image since I need to run it in a device where Java is not supported. For that I installed GraalVM and all the required dependencies, and the native-image build works perfectly (or at least, seems to, as it doesn't give out any errors during the proccess).

The command that I'm using for the build is:

/usr/lib/jvm/graalvm/bin/native-image -jar MyApp.jar MyApp --enable-http --enable-https --no-fallback -H:+ReportExceptionStackTraces

The problem is, when I try to run the native file, I get an exception saying that the log4j class could not be found, and thus I have no application logs during execution:

In my application config i have defined the following properties:

I'm running Keycloak 15.0.2 in docker (jboss/keycloak:15.0.2) and use Identity Brokering with an external OpenId Connect Identity Provider

When a login is initialized on keycloak the browser is redirected to the external IDP. After authenticated there the browser is redirected to keycloaks broker endpoint /broker/oidc/endpoint?code=xxx

But then Keycloak throws a Exception caused by

Caused by: java.security.NoSuchAlgorithmException: HMACSHA256 Signature not available

Has someone an idea why this is happening? Should this HMACSHA256 algorithm not already be part of the JRE in the docker-container?

Full stacktrace