jetty fixes II

[duncdrum]

Summary

Follow-up fixes from the Jetty 12.1 upgrade work in #6390. Addresses Windows CI failures, flaky integration-test startup, persistent-login cookies under Jetty 12, and several issues found while hardening the test harness.

see jetty/jetty.project#15011

What changed

Jetty 12.1 runtime and Windows

• Bump Jetty group (7 dependency updates) on top of Dp fix jetty 12.1 #6390
• WindowsPathResource — workaround for Jetty 12.1 PathResource.resolve() regression on Windows drive URIs (/D:/...), which left webapps available=false and returned 503 on every path
• throwUnavailableOnStartupException in deploy configs so startup failures surface immediately
• WindowsPathResourceIT — Windows-only regression test in exist-webdav (Failsafe on Windows CI)
• Hardening: symmetric equals, double-wrap guard, OSUtil.isWindows() consistency, cleaner startup failure logging

Integration test reliability

• JettyStart.awaitWebAppContextsStarted() — block until required WebAppContext instances are isAvailable() (not just started)
• ExistWebServer — builder API, distribution-mode portal dir, embedded startup failure detail on timeout
• JettyStartListener — replaces deprecated Observable for lifecycle signals
• org.exist.jetty.startup.timeout.ms — configurable readiness timeout (180s on CI)
• Remove redundant TCP probe from LoginModuleIT
• ControllerTest — @ClassRule (one server per class)
• Jetty WARN logging in integration-test log4j2.xml configs

Persistent login (Jetty 12 cookies)

• Map empty servlet context path to Path=/ in login.xql and HttpResponseWrapper
• Use | token separator (strict Set-Cookie parsers reject : in unquoted cookie values)
• Dual-separator parsing (| first, : legacy fallback) plus unit tests
• CookieSpecs.STANDARD and shared cookie store in LoginModuleIT / AbstractHttpTest for Jetty 12 RFC6265 Set-Cookie (Jetty 12 Cookie format incompatible by default with Apache HTTP Client 4.5.14 jetty/jetty.project#12771)

Other fixes

• MimeTable.load() — fail loudly on missing or invalid mime-types.xml instead of silent empty maps
• IndexController — explicit index worker chain ordering (structural, statistics, Lucene, then others) instead of undefined HashMap iteration
• JettyStart.run() — refactor for Codacy NPath threshold (WebAppReadinessAwaiter, extracted startup phases)

References

• Follow-up to Dp fix jetty 12.1 #6390
• Jetty 12 Cookie format incompatible by default with Apache HTTP Client 4.5.14 jetty/jetty.project#12771
• Related: [feature] Replace Milton WebDAV with Apache Jackrabbit (Level 2 + dead properties + litmus compliance) #6364 (Jackrabbit WebDAV — webdav module gets HC4 retention comment only in this PR)

Test plan

• exist-core unit tests (MimeTableTest, IndexIntegrationTest, ControllerTest, URLRewritingTest)
• LoginModuleIT and PersistentLoginTest
• Windows CI: WindowsPathResourceIT (Failsafe, verify -DskipUnitTests=true)
• Sample webdav JUnit tests (HC4 milton-client harness unchanged)
• Full CI green on Linux and Windows integration jobs
• Manual smoke: standalone launcher and dashboard login with persistent-login module

[joewiz]

[This response was co-authored with Claude Code. -Joe]

Nice work @duncdrum — read through end-to-end, all 10 commits are clean and CI green across the full matrix (ubuntu/macOS/windows integration, ubuntu unit, container, W3C). The disciplined commit structure makes this very pleasant to follow. A few observations worth flagging for future maintainability; none are blockers.

1. WindowsPathResource extends Resource (not PathResource)

The docstring acknowledges that Jetty internals using instanceof PathResource won't recognise wrapped resources, and says CI validates the exploded-webapp path doesn't depend on that. Worth asking — have you also audited eXist's own code for instanceof PathResource (or getClass() == PathResource.class) call sites that might silently get the wrong answer for a wrapped resource? A quick grep should put that to bed if not already done.

2. MimeTable parameterised getInstance overloads

Each variant is correctly double-checked-locked individually, but if two threads call different overloads concurrently during init (e.g. getInstance() and getInstance(Path)), the singleton seed is whichever wins the race — they don't coordinate with each other. In practice the singleton is initialised once at startup so this is latent, but a single shared lock (or making the three overloads delegate to one canonical entry point) would close the door on the footgun. Optional polish, not a blocker.

3. LEGACY_TOKEN_SEPARATOR retention

The dual-separator parsing in PersistentLogin is the right call for backward compat with cookies already in users' browsers. A one-line comment along the lines of "safe to remove once all v7-era persistent-login cookies have expired — target eXist 8.x" would help a future maintainer know when to retire it. (Browser cookies expire; we don't need this forever.)

4. CHAIN_PRIORITY_* constants

The gaps (0 → 100 → 1000 → MAX_VALUE) are reasonable for future insertion room, but a one-line comment explaining the spacing — e.g. "100s reserve room for pre-Lucene workers, 1000+ for Lucene-and-later, MAX for legacy unranked" — would help future contributors pick a value for a new index without guessing.

Otherwise

The substantive engineering choices are all well-motivated:

• JettyStart's migration off deprecated Observable to a typed listener API
• IndexController swapping HashMap → LinkedHashMap + explicit comparator (fixes a real latent ordering bug)
• HttpResponseWrapper's explicit empty-Path handling for standalone Jetty's getContextPath()=""
• ExistWebServer.builder() replacing the boolean-arg constructor chain
• The Windows-only IT in exist-webdav (gated to Failsafe) — exactly the right shape

LGTM modulo the observations above.

[joewiz]

@duncdrum Let me know if the comments above were useful at all or not. Happy to pass this info along whenever you'd like.

[duncdrum]

Thanks @joewiz

• PathResource audit: grep confirms no eXist production instanceof PathResource call sites (only wrapIfNeeded + the IT). Javadoc updated.
• MimeTable overloads: fair point — pre-existing, leaving for a follow-up PR.
• LEGACY_TOKEN_SEPARATOR: retirement note added, gated on HC4 Phase 5 in [refactor] Migrate integration tests to Apache HttpClient 5.x (hybrid HC4/HC5) #6393.
• CHAIN_PRIORITY spacing: comment added.

Also noted a test gap for the portal. So I added PortalRedirectTest for distribution GET /, and switched the portal to org.exist.jetty.WebAppContext.

[line-o]

It's a lot but it it's also a lot of good stuff in one PR

[duncdrum]

Thx @line-o yes it was quite a journey.

The next one is coming up with the http client. The changes here should make our tests less flaky, and the interaction with Jetty more robust. It sets us on the path to have login work properly again. So yay for that.

[dizzzz]

LGTM