From 8f0f28a31066c1f26c75d82259c8b6fdf57d2930 Mon Sep 17 00:00:00 2001
From: Pradeep AgrawaL <pradeep@apache.org>
Date: Thu, 4 Jun 2026 22:40:27 +0530
Subject: [PATCH] RANGER-4563: Exclude transitive Jetty libraries from Ranger
 Maven modules

---
 agents-audit/dest-solr/pom.xml                |  6 ++
 agents-common/pom.xml                         | 16 ++++
 agents-cred/pom.xml                           | 18 +++++
 .../dispatcher-common/pom.xml                 |  4 +
 .../audit-dispatcher/dispatcher-hdfs/pom.xml  |  8 ++
 audit-server/audit-ingestor/pom.xml           |  4 +
 audit-server/pom.xml                          | 12 +++
 credentialbuilder/pom.xml                     |  4 +
 hbase-agent/pom.xml                           | 35 ++++++--
 hdfs-agent/pom.xml                            | 12 +++
 hive-agent/pom.xml                            | 24 ++++++
 kms/pom.xml                                   | 52 ++++++++++++
 knox-agent/pom.xml                            |  8 ++
 plugin-atlas/pom.xml                          |  8 ++
 plugin-kafka/pom.xml                          |  4 +
 plugin-kylin/pom.xml                          | 16 ++++
 plugin-ozone/pom.xml                          | 16 ++++
 plugin-schema-registry/pom.xml                | 20 +++++
 plugin-solr/pom.xml                           | 12 +++
 plugin-yarn/pom.xml                           |  8 ++
 pom.xml                                       |  6 +-
 ranger-common-ha/pom.xml                      |  8 ++
 ranger-examples/plugin-sampleapp/pom.xml      |  4 +
 ranger-hbase-plugin-shim/pom.xml              |  4 +
 ranger-hdfs-plugin-shim/pom.xml               |  4 +
 ranger-hive-plugin-shim/pom.xml               |  4 +
 ranger-knox-plugin-shim/pom.xml               |  4 +
 ranger-kylin-plugin-shim/pom.xml              |  4 +
 ranger-metrics/pom.xml                        | 13 +++
 ranger-ozone-plugin-shim/pom.xml              |  4 +
 ranger-solr-plugin-shim/pom.xml               |  8 ++
 ranger-storm-plugin-shim/pom.xml              |  4 +
 ranger-yarn-plugin-shim/pom.xml               |  4 +
 security-admin/pom.xml                        | 80 +++++++++++++++++++
 .../security/handler/TestPermission.java      | 10 +--
 .../filter/TestRangerHeaderPreAuthFilter.java | 31 +++----
 .../web/filter/TestRangerKrbFilter.java       | 18 +----
 .../web/filter/TestRangerMDCFilter.java       | 16 +---
 ...tRangerSecurityContextFormationFilter.java | 28 +++----
 storm-agent/pom.xml                           | 25 ++++++
 tagsync/pom.xml                               | 41 ++++++++++
 41 files changed, 529 insertions(+), 78 deletions(-)

diff --git a/agents-audit/dest-solr/pom.xml b/agents-audit/dest-solr/pom.xml
index b9e562ca065..067b69298c2 100644
--- a/agents-audit/dest-solr/pom.xml
+++ b/agents-audit/dest-solr/pom.xml
@@ -114,6 +114,12 @@
             <groupId>org.eclipse.jetty</groupId>
             <artifactId>jetty-client</artifactId>
             <version>${jetty-client.version}</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>*</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
         </dependency>
         <dependency>
             <groupId>org.slf4j</groupId>
diff --git a/agents-common/pom.xml b/agents-common/pom.xml
index 52cce7e2ce6..78b9026d972 100644
--- a/agents-common/pom.xml
+++ b/agents-common/pom.xml
@@ -55,6 +55,10 @@
                     <groupId>jakarta.activation</groupId>
                     <artifactId>jakarta.activation-api</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -105,6 +109,10 @@
                     <groupId>com.sun.jersey.contribs</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -120,6 +128,10 @@
                     <groupId>com.sun.jersey.contribs</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -161,6 +173,10 @@
                     <groupId>org.apache.logging.log4j</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
diff --git a/agents-cred/pom.xml b/agents-cred/pom.xml
index 753a00989d5..7e7c00be1eb 100644
--- a/agents-cred/pom.xml
+++ b/agents-cred/pom.xml
@@ -60,16 +60,34 @@
             <groupId>org.apache.hadoop</groupId>
             <artifactId>hadoop-auth</artifactId>
             <version>${hadoop.version}</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
         </dependency>
         <dependency>
             <groupId>org.apache.hadoop</groupId>
             <artifactId>hadoop-client-api</artifactId>
             <version>${hadoop.version}</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
         </dependency>
         <dependency>
             <groupId>org.apache.hadoop</groupId>
             <artifactId>hadoop-client-runtime</artifactId>
             <version>${hadoop.version}</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
         </dependency>
         <dependency>
             <groupId>org.slf4j</groupId>
diff --git a/audit-server/audit-dispatcher/dispatcher-common/pom.xml b/audit-server/audit-dispatcher/dispatcher-common/pom.xml
index 3b717af732e..1092a639186 100644
--- a/audit-server/audit-dispatcher/dispatcher-common/pom.xml
+++ b/audit-server/audit-dispatcher/dispatcher-common/pom.xml
@@ -71,6 +71,10 @@
                     <groupId>log4j</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
diff --git a/audit-server/audit-dispatcher/dispatcher-hdfs/pom.xml b/audit-server/audit-dispatcher/dispatcher-hdfs/pom.xml
index f1a07a79aa7..7aaa7118f5d 100644
--- a/audit-server/audit-dispatcher/dispatcher-hdfs/pom.xml
+++ b/audit-server/audit-dispatcher/dispatcher-hdfs/pom.xml
@@ -97,6 +97,10 @@
                     <groupId>org.apache.hadoop</groupId>
                     <artifactId>hadoop-client-api</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
 
@@ -126,6 +130,10 @@
                     <groupId>org.apache.hadoop</groupId>
                     <artifactId>hadoop-client-api</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
diff --git a/audit-server/audit-ingestor/pom.xml b/audit-server/audit-ingestor/pom.xml
index bcb6d0233ef..9f89eaa8f24 100644
--- a/audit-server/audit-ingestor/pom.xml
+++ b/audit-server/audit-ingestor/pom.xml
@@ -163,6 +163,10 @@
                     <groupId>org.codehaus.jackson</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
diff --git a/audit-server/pom.xml b/audit-server/pom.xml
index 22d246b2d08..2a3d5e8a95b 100644
--- a/audit-server/pom.xml
+++ b/audit-server/pom.xml
@@ -115,12 +115,24 @@
                 <groupId>org.apache.hadoop</groupId>
                 <artifactId>hadoop-azure</artifactId>
                 <version>${hadoop.version}</version>
+                <exclusions>
+                    <exclusion>
+                        <groupId>org.eclipse.jetty</groupId>
+                        <artifactId>*</artifactId>
+                    </exclusion>
+                </exclusions>
             </dependency>
 
             <dependency>
                 <groupId>org.apache.hadoop</groupId>
                 <artifactId>hadoop-common</artifactId>
                 <version>${hadoop.version}</version>
+                <exclusions>
+                    <exclusion>
+                        <groupId>org.eclipse.jetty</groupId>
+                        <artifactId>*</artifactId>
+                    </exclusion>
+                </exclusions>
             </dependency>
             <dependency>
                 <groupId>org.apache.hadoop</groupId>
diff --git a/credentialbuilder/pom.xml b/credentialbuilder/pom.xml
index c0257fb747d..be0d98fe4a5 100644
--- a/credentialbuilder/pom.xml
+++ b/credentialbuilder/pom.xml
@@ -105,6 +105,10 @@
                     <groupId>org.apache.zookeeper</groupId>
                     <artifactId>zookeeper</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
diff --git a/hbase-agent/pom.xml b/hbase-agent/pom.xml
index b4af771536a..92bcada4a89 100644
--- a/hbase-agent/pom.xml
+++ b/hbase-agent/pom.xml
@@ -43,6 +43,10 @@
                         <groupId>ch.qos.logback</groupId>
                         <artifactId>*</artifactId>
                     </exclusion>
+                    <exclusion>
+                        <groupId>org.eclipse.jetty</groupId>
+                        <artifactId>*</artifactId>
+                    </exclusion>
                 </exclusions>
             </dependency>
         </dependencies>
@@ -72,6 +76,10 @@
                     <groupId>jakarta.activation</groupId>
                     <artifactId>jakarta.activation-api</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -131,6 +139,10 @@
                     <groupId>com.fasterxml.jackson.module</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -151,6 +163,10 @@
                     <groupId>com.fasterxml.jackson.module</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -166,6 +182,10 @@
                     <groupId>org.apache.hadoop</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
@@ -201,6 +221,10 @@
                     <groupId>org.apache.zookeeper</groupId>
                     <artifactId>zookeeper</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.glassfish</groupId>
                     <artifactId>javax.el</artifactId>
@@ -235,6 +259,10 @@
                     <groupId>org.apache.hadoop</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -569,12 +597,7 @@
             <version>${hbase.jetty.version}</version>
             <scope>test</scope>
         </dependency>
-        <dependency>
-            <groupId>org.eclipse.jetty</groupId>
-            <artifactId>jetty-server</artifactId>
-            <version>${hbase.jetty.version}</version>
-            <scope>test</scope>
-        </dependency>
+
         <dependency>
             <groupId>org.eclipse.jetty</groupId>
             <artifactId>jetty-util</artifactId>
diff --git a/hdfs-agent/pom.xml b/hdfs-agent/pom.xml
index 7b86beb37b7..7fea884c39b 100644
--- a/hdfs-agent/pom.xml
+++ b/hdfs-agent/pom.xml
@@ -127,6 +127,10 @@
                     <groupId>org.apache.zookeeper</groupId>
                     <artifactId>zookeeper</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
@@ -172,6 +176,10 @@
                     <groupId>log4j</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
@@ -207,6 +215,10 @@
                     <groupId>javax.ws.rs</groupId>
                     <artifactId>jsr311-api</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
diff --git a/hive-agent/pom.xml b/hive-agent/pom.xml
index 3bf1b0deb00..f60cf5342c1 100644
--- a/hive-agent/pom.xml
+++ b/hive-agent/pom.xml
@@ -119,6 +119,10 @@
                     <groupId>org.apache.zookeeper</groupId>
                     <artifactId>zookeeper</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
@@ -162,6 +166,10 @@
                     <groupId>org.apache.zookeeper</groupId>
                     <artifactId>zookeeper</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
@@ -193,6 +201,10 @@
                     <groupId>org.apache.zookeeper</groupId>
                     <artifactId>zookeeper</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.glassfish</groupId>
                     <artifactId>javax.el</artifactId>
@@ -232,6 +244,10 @@
                     <groupId>org.apache.zookeeper</groupId>
                     <artifactId>zookeeper</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -267,6 +283,10 @@
                     <groupId>org.apache.zookeeper</groupId>
                     <artifactId>zookeeper</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.glassfish</groupId>
                     <artifactId>javax.el</artifactId>
@@ -302,6 +322,10 @@
                     <groupId>javax.ws.rs</groupId>
                     <artifactId>jsr311-api</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
diff --git a/kms/pom.xml b/kms/pom.xml
index f49d33984c1..100e91eb815 100644
--- a/kms/pom.xml
+++ b/kms/pom.xml
@@ -50,6 +50,10 @@
                     <groupId>com.fasterxml.jackson.dataformat</groupId>
                     <artifactId>jackson-dataformat-cbor</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>software.amazon.ion</groupId>
                     <artifactId>ion-java</artifactId>
@@ -96,6 +100,10 @@
                     <groupId>jakarta.activation</groupId>
                     <artifactId>jakarta.activation-api</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -143,6 +151,10 @@
             <artifactId>log4jdbc</artifactId>
             <version>${googlecode.log4jdbc.version}</version>
             <exclusions>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
@@ -166,6 +178,10 @@
                     <groupId>org.apache.commons</groupId>
                     <artifactId>commons-lang3</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -181,6 +197,10 @@
                     <groupId>org.apache.commons</groupId>
                     <artifactId>commons-lang3</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -197,6 +217,10 @@
                     <groupId>org.apache.commons</groupId>
                     <artifactId>commons-lang3</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -213,6 +237,10 @@
                     <groupId>org.apache.commons</groupId>
                     <artifactId>commons-lang3</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -324,6 +352,10 @@
                     <groupId>junit</groupId>
                     <artifactId>junit</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -393,6 +425,10 @@
                     <groupId>net.minidev</groupId>
                     <artifactId>json-smart</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
@@ -457,6 +493,10 @@
                     <groupId>org.apache.commons</groupId>
                     <artifactId>commons-text</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
@@ -497,6 +537,10 @@
                     <groupId>log4j</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -536,6 +580,10 @@
                     <groupId>net.minidev</groupId>
                     <artifactId>json-smart</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -569,6 +617,10 @@
                     <groupId>log4j</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
diff --git a/knox-agent/pom.xml b/knox-agent/pom.xml
index 4b7a3cd7dc8..7de45bf7db9 100644
--- a/knox-agent/pom.xml
+++ b/knox-agent/pom.xml
@@ -110,6 +110,10 @@
                     <groupId>org.apache.zookeeper</groupId>
                     <artifactId>zookeeper</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
@@ -146,6 +150,10 @@
                     <groupId>javax.ws.rs</groupId>
                     <artifactId>jsr311-api</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
             <!-- TO DEBUG JERSEY2 code: uncomment this exclusion
        <exclusions><exclusion><artifactId>*</artifactId><groupId>*</groupId></exclusion></exclusions>
diff --git a/plugin-atlas/pom.xml b/plugin-atlas/pom.xml
index 2dc2c42e71b..ce41d7c18f4 100644
--- a/plugin-atlas/pom.xml
+++ b/plugin-atlas/pom.xml
@@ -54,6 +54,10 @@
                     <groupId>com.sun.jersey.contribs</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
@@ -74,6 +78,10 @@
                     <groupId>com.sun.jersey.contribs</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
diff --git a/plugin-kafka/pom.xml b/plugin-kafka/pom.xml
index d925a721ba8..28064932a70 100644
--- a/plugin-kafka/pom.xml
+++ b/plugin-kafka/pom.xml
@@ -100,6 +100,10 @@
                     <groupId>javax.ws.rs</groupId>
                     <artifactId>jsr311-api</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
diff --git a/plugin-kylin/pom.xml b/plugin-kylin/pom.xml
index 51100073a23..409761cd29e 100644
--- a/plugin-kylin/pom.xml
+++ b/plugin-kylin/pom.xml
@@ -55,6 +55,10 @@
                     <groupId>com.sun.jersey</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -122,6 +126,14 @@
                     <groupId>org.apache.zookeeper</groupId>
                     <artifactId>zookeeper-jute</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty.http2</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
@@ -150,6 +162,10 @@
                     <groupId>org.apache.kylin</groupId>
                     <artifactId>kylin-shaded-guava</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
diff --git a/plugin-ozone/pom.xml b/plugin-ozone/pom.xml
index 0aa9f7f3ac2..89eb342f13e 100644
--- a/plugin-ozone/pom.xml
+++ b/plugin-ozone/pom.xml
@@ -79,6 +79,10 @@ limitations under the License.
                     <groupId>org.bouncycastle</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.yaml</groupId>
                     <artifactId>snakeyaml</artifactId>
@@ -103,6 +107,10 @@ limitations under the License.
                     <groupId>io.netty</groupId>
                     <artifactId>netty-all</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -134,6 +142,10 @@ limitations under the License.
                     <groupId>org.codehaus.jackson</groupId>
                     <artifactId>jackson-mapper-asl</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -156,6 +168,10 @@ limitations under the License.
                     <groupId>jakarta.activation</groupId>
                     <artifactId>jakarta.activation-api</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
diff --git a/plugin-schema-registry/pom.xml b/plugin-schema-registry/pom.xml
index ce163873850..3823dcab7f0 100644
--- a/plugin-schema-registry/pom.xml
+++ b/plugin-schema-registry/pom.xml
@@ -85,6 +85,10 @@
                         <groupId>org.apache.hadoop</groupId>
                         <artifactId>hadoop-yarn-common</artifactId>
                     </exclusion>
+                    <exclusion>
+                        <groupId>org.eclipse.jetty</groupId>
+                        <artifactId>*</artifactId>
+                    </exclusion>
                     <exclusion>
                         <groupId>org.slf4j</groupId>
                         <artifactId>*</artifactId>
@@ -110,6 +114,10 @@
                         <groupId>log4j</groupId>
                         <artifactId>*</artifactId>
                     </exclusion>
+                    <exclusion>
+                        <groupId>org.eclipse.jetty</groupId>
+                        <artifactId>*</artifactId>
+                    </exclusion>
                     <exclusion>
                         <groupId>org.slf4j</groupId>
                         <artifactId>*</artifactId>
@@ -134,6 +142,10 @@
                     <groupId>net.minidev</groupId>
                     <artifactId>json-smart</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -153,6 +165,10 @@
                     <groupId>org.apache.commons</groupId>
                     <artifactId>commons-compress</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
@@ -193,6 +209,10 @@
                     <groupId>log4j</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.glassfish.jersey.*</groupId>
                     <artifactId>*</artifactId>
diff --git a/plugin-solr/pom.xml b/plugin-solr/pom.xml
index 863027c535c..8422aac9e33 100644
--- a/plugin-solr/pom.xml
+++ b/plugin-solr/pom.xml
@@ -45,6 +45,10 @@
                     <groupId>jakarta.activation</groupId>
                     <artifactId>jakarta.activation-api</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -144,6 +148,14 @@
                     <groupId>org.apache.zookeeper</groupId>
                     <artifactId>zookeeper-jute</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty.http2</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
diff --git a/plugin-yarn/pom.xml b/plugin-yarn/pom.xml
index d4035a57644..9465d728b94 100644
--- a/plugin-yarn/pom.xml
+++ b/plugin-yarn/pom.xml
@@ -77,6 +77,10 @@
                     <groupId>log4j</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
@@ -97,6 +101,10 @@
                     <groupId>com.sun.jersey</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
diff --git a/pom.xml b/pom.xml
index f2964473463..9584aabdfe2 100755
--- a/pom.xml
+++ b/pom.xml
@@ -145,7 +145,7 @@
         <jericho.html.version>3.4</jericho.html.version>
         <jersey-client.version>2.47</jersey-client.version>
         <jettison.version>1.5.4</jettison.version>
-        <jetty-client.version>9.4.56.v20240826</jetty-client.version>
+        <jetty-client.version>9.4.58.v20250814</jetty-client.version>
         <jline.version>0.9.94</jline.version>
         <joda.time.version>2.10.6</joda.time.version>
         <jopt-simple.version>3.2</jopt-simple.version>
@@ -322,6 +322,10 @@
                         <groupId>org.codehaus.jettison</groupId>
                         <artifactId>jettison</artifactId>
                     </exclusion>
+                    <exclusion>
+                        <groupId>org.eclipse.jetty</groupId>
+                        <artifactId>*</artifactId>
+                    </exclusion>
                     <exclusion>
                         <groupId>org.jline</groupId>
                         <artifactId>*</artifactId>
diff --git a/ranger-common-ha/pom.xml b/ranger-common-ha/pom.xml
index b7615665138..b58e9c5c27d 100644
--- a/ranger-common-ha/pom.xml
+++ b/ranger-common-ha/pom.xml
@@ -82,6 +82,10 @@
                     <groupId>io.netty</groupId>
                     <artifactId>netty-all</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>slf4j-log4j12</artifactId>
@@ -97,6 +101,10 @@
                     <groupId>ch.qos.logback</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
diff --git a/ranger-examples/plugin-sampleapp/pom.xml b/ranger-examples/plugin-sampleapp/pom.xml
index 8e8e5c338d9..46779c1fa8f 100644
--- a/ranger-examples/plugin-sampleapp/pom.xml
+++ b/ranger-examples/plugin-sampleapp/pom.xml
@@ -46,6 +46,10 @@
                     <groupId>jakarta.activation</groupId>
                     <artifactId>jakarta.activation-api</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
diff --git a/ranger-hbase-plugin-shim/pom.xml b/ranger-hbase-plugin-shim/pom.xml
index 4a012343621..d4f26d6d08c 100644
--- a/ranger-hbase-plugin-shim/pom.xml
+++ b/ranger-hbase-plugin-shim/pom.xml
@@ -85,6 +85,10 @@
                     <groupId>org.apache.zookeeper</groupId>
                     <artifactId>zookeeper</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.glassfish</groupId>
                     <artifactId>javax.el</artifactId>
diff --git a/ranger-hdfs-plugin-shim/pom.xml b/ranger-hdfs-plugin-shim/pom.xml
index 241fafcb404..eae293f814d 100644
--- a/ranger-hdfs-plugin-shim/pom.xml
+++ b/ranger-hdfs-plugin-shim/pom.xml
@@ -52,6 +52,10 @@
                     <groupId>log4j</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
diff --git a/ranger-hive-plugin-shim/pom.xml b/ranger-hive-plugin-shim/pom.xml
index 4f77686c84b..c56e84ac1c2 100644
--- a/ranger-hive-plugin-shim/pom.xml
+++ b/ranger-hive-plugin-shim/pom.xml
@@ -77,6 +77,10 @@
                     <groupId>org.codehaus.jackson</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
diff --git a/ranger-knox-plugin-shim/pom.xml b/ranger-knox-plugin-shim/pom.xml
index d8166cc3b6c..b2a96e75459 100644
--- a/ranger-knox-plugin-shim/pom.xml
+++ b/ranger-knox-plugin-shim/pom.xml
@@ -52,6 +52,10 @@
                     <groupId>org.apache.zookeeper</groupId>
                     <artifactId>zookeeper</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
diff --git a/ranger-kylin-plugin-shim/pom.xml b/ranger-kylin-plugin-shim/pom.xml
index 8c577c64f51..7cb19fcc417 100644
--- a/ranger-kylin-plugin-shim/pom.xml
+++ b/ranger-kylin-plugin-shim/pom.xml
@@ -59,6 +59,10 @@
                     <groupId>org.apache.kylin</groupId>
                     <artifactId>kylin-shaded-guava</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
diff --git a/ranger-metrics/pom.xml b/ranger-metrics/pom.xml
index 7141503ded6..595f3118abc 100644
--- a/ranger-metrics/pom.xml
+++ b/ranger-metrics/pom.xml
@@ -62,6 +62,12 @@
                 </exclusion>
             </exclusions>
         </dependency>
+        <!-- Tomcat APIs used by EmbeddedServerMetricsCollector (do not exclude via Jetty rules) -->
+        <dependency>
+            <groupId>org.apache.tomcat.embed</groupId>
+            <artifactId>tomcat-embed-core</artifactId>
+            <version>${tomcat.embed.version}</version>
+        </dependency>
 
         <dependency>
             <groupId>org.junit.jupiter</groupId>
@@ -73,6 +79,13 @@
         <dependency>
             <groupId>org.mockito</groupId>
             <artifactId>mockito-core</artifactId>
+            <version>${mockito.version}</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.mockito</groupId>
+            <artifactId>mockito-junit-jupiter</artifactId>
+            <version>${mockito.version}</version>
             <scope>test</scope>
         </dependency>
     </dependencies>
diff --git a/ranger-ozone-plugin-shim/pom.xml b/ranger-ozone-plugin-shim/pom.xml
index 66587bc1814..5000d2ad331 100644
--- a/ranger-ozone-plugin-shim/pom.xml
+++ b/ranger-ozone-plugin-shim/pom.xml
@@ -40,6 +40,10 @@
                     <groupId>io.netty</groupId>
                     <artifactId>netty-all</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.yaml</groupId>
                     <artifactId>snakeyaml</artifactId>
diff --git a/ranger-solr-plugin-shim/pom.xml b/ranger-solr-plugin-shim/pom.xml
index 14c11efec82..fa2fcb7001f 100644
--- a/ranger-solr-plugin-shim/pom.xml
+++ b/ranger-solr-plugin-shim/pom.xml
@@ -98,6 +98,14 @@
                     <groupId>org.apache.zookeeper</groupId>
                     <artifactId>zookeeper-jute</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty.http2</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
diff --git a/ranger-storm-plugin-shim/pom.xml b/ranger-storm-plugin-shim/pom.xml
index 16e70f331ac..4ac8512c19f 100644
--- a/ranger-storm-plugin-shim/pom.xml
+++ b/ranger-storm-plugin-shim/pom.xml
@@ -50,6 +50,10 @@
                     <groupId>org.apache.logging.log4j</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
diff --git a/ranger-yarn-plugin-shim/pom.xml b/ranger-yarn-plugin-shim/pom.xml
index f61e9105dad..ae5909714ad 100644
--- a/ranger-yarn-plugin-shim/pom.xml
+++ b/ranger-yarn-plugin-shim/pom.xml
@@ -49,6 +49,10 @@
                     <groupId>log4j</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
diff --git a/security-admin/pom.xml b/security-admin/pom.xml
index 491baf80fcb..f92bf8f9f40 100644
--- a/security-admin/pom.xml
+++ b/security-admin/pom.xml
@@ -80,6 +80,10 @@
                     <groupId>jakarta.activation</groupId>
                     <artifactId>jakarta.activation-api</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -97,6 +101,10 @@
             <artifactId>log4jdbc</artifactId>
             <version>${googlecode.log4jdbc.version}</version>
             <exclusions>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
@@ -112,6 +120,10 @@
                     <groupId>com.google.guava</groupId>
                     <artifactId>guava</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -130,6 +142,10 @@
             <artifactId>HikariCP</artifactId>
             <version>${HikariCP.version}</version>
             <exclusions>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
@@ -313,6 +329,10 @@
                     <groupId>org.apache.commons</groupId>
                     <artifactId>commons-text</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.mortbay.jetty</groupId>
                     <artifactId>*</artifactId>
@@ -398,6 +418,10 @@
                     <groupId>org.apache.commons</groupId>
                     <artifactId>commons-compress</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
@@ -463,6 +487,10 @@
                     <groupId>org.apache.logging.log4j</groupId>
                     <artifactId>log4j-api</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
@@ -482,6 +510,10 @@
                     <groupId>org.apache.logging.log4j</groupId>
                     <artifactId>log4j-api</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
@@ -522,6 +554,10 @@
                     <groupId>javax.ws.rs</groupId>
                     <artifactId>jsr311-api</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -538,6 +574,10 @@
                     <groupId>com.sun.xml.bind</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -586,6 +626,14 @@
                     <groupId>org.apache.zookeeper</groupId>
                     <artifactId>zookeeper-jute</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty.http2</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
@@ -601,6 +649,10 @@
                     <groupId>org.apache.tomcat.embed</groupId>
                     <artifactId>tomcat-embed-core</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
@@ -612,6 +664,10 @@
             <artifactId>velocity-engine-core</artifactId>
             <version>${velocity.version}</version>
             <exclusions>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
@@ -639,6 +695,10 @@
                     <groupId>log4j</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
@@ -650,6 +710,18 @@
             <artifactId>jettison</artifactId>
             <version>${jettison.version}</version>
         </dependency>
+        <!-- SolrJ HTTP client; jetty excluded from solr-solrj above -->
+        <dependency>
+            <groupId>org.eclipse.jetty</groupId>
+            <artifactId>jetty-client</artifactId>
+            <version>${jetty-client.version}</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
         <dependency>
             <groupId>org.eclipse.persistence</groupId>
             <artifactId>eclipselink</artifactId>
@@ -735,6 +807,10 @@
             <artifactId>spring-core</artifactId>
             <version>${springframework.version}</version>
             <exclusions>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.springframework</groupId>
                     <artifactId>spring-jcl</artifactId>
@@ -776,6 +852,10 @@
             <artifactId>spring-ldap-core</artifactId>
             <version>${spring-ldap-core.version}</version>
             <exclusions>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
diff --git a/security-admin/src/test/java/org/apache/ranger/security/handler/TestPermission.java b/security-admin/src/test/java/org/apache/ranger/security/handler/TestPermission.java
index c88a72682ca..c8d7d3f2872 100644
--- a/security-admin/src/test/java/org/apache/ranger/security/handler/TestPermission.java
+++ b/security-admin/src/test/java/org/apache/ranger/security/handler/TestPermission.java
@@ -25,6 +25,8 @@
 import static org.junit.jupiter.api.Assertions.assertArrayEquals;
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertNull;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
 
 /**
 * @generated by Cursor
@@ -49,12 +51,8 @@ public void getPermission_returnsNullForUnknown() {
 
     @Test
     public void getPermission_acceptsNonStringInputs() {
-        Object in = new Object() {
-            @Override
-            public String toString() {
-                return "READ";
-            }
-        };
+        Object in = mock(Object.class);
+        when(in.toString()).thenReturn("READ");
         assertEquals(Permission.PermissionType.READ, Permission.getPermission(in));
     }
 
diff --git a/security-admin/src/test/java/org/apache/ranger/security/web/filter/TestRangerHeaderPreAuthFilter.java b/security-admin/src/test/java/org/apache/ranger/security/web/filter/TestRangerHeaderPreAuthFilter.java
index c721c30f063..8bd9df73b80 100644
--- a/security-admin/src/test/java/org/apache/ranger/security/web/filter/TestRangerHeaderPreAuthFilter.java
+++ b/security-admin/src/test/java/org/apache/ranger/security/web/filter/TestRangerHeaderPreAuthFilter.java
@@ -33,8 +33,6 @@
 import org.springframework.security.core.context.SecurityContextHolder;
 
 import javax.servlet.FilterChain;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
@@ -130,22 +128,19 @@ public void testDoFilter_enabled_withUsername_setsAuthenticationFromRangerDbRole
 
         when(request.getHeader("x-awc-username")).thenReturn("joeuser");
 
-        FilterChain chain = new FilterChain() {
-            @Override
-            public void doFilter(ServletRequest req, ServletResponse res) {
-                org.springframework.security.core.Authentication auth = SecurityContextHolder.getContext().getAuthentication();
-
-                assertNotNull(auth);
-                assertTrue(auth instanceof RangerAuthenticationToken);
-                RangerAuthenticationToken rangerAuth = (RangerAuthenticationToken) auth;
-                assertEquals(XXAuthSession.AUTH_TYPE_TRUSTED_PROXY, rangerAuth.getAuthType());
-                assertEquals("joeuser", auth.getName());
-
-                Collection<?> authorities = auth.getAuthorities();
-                assertEquals(2, authorities.size());
-                assertTrue(authorities.stream().anyMatch(a -> "ROLE_SYS_ADMIN".equals(a.toString())));
-                assertTrue(authorities.stream().anyMatch(a -> "ROLE_USER".equals(a.toString())));
-            }
+        FilterChain chain = (req, res) -> {
+            org.springframework.security.core.Authentication auth = SecurityContextHolder.getContext().getAuthentication();
+
+            assertNotNull(auth);
+            assertTrue(auth instanceof RangerAuthenticationToken);
+            RangerAuthenticationToken rangerAuth = (RangerAuthenticationToken) auth;
+            assertEquals(XXAuthSession.AUTH_TYPE_TRUSTED_PROXY, rangerAuth.getAuthType());
+            assertEquals("joeuser", auth.getName());
+
+            Collection<?> authorities = auth.getAuthorities();
+            assertEquals(2, authorities.size());
+            assertTrue(authorities.stream().anyMatch(a -> "ROLE_SYS_ADMIN".equals(a.toString())));
+            assertTrue(authorities.stream().anyMatch(a -> "ROLE_USER".equals(a.toString())));
         };
 
         filter.doFilter(request, response, chain);
diff --git a/security-admin/src/test/java/org/apache/ranger/security/web/filter/TestRangerKrbFilter.java b/security-admin/src/test/java/org/apache/ranger/security/web/filter/TestRangerKrbFilter.java
index 43a0ab27c2e..f147eb5dd0a 100644
--- a/security-admin/src/test/java/org/apache/ranger/security/web/filter/TestRangerKrbFilter.java
+++ b/security-admin/src/test/java/org/apache/ranger/security/web/filter/TestRangerKrbFilter.java
@@ -180,22 +180,8 @@ public void testProtectedDoFilterDelegates() throws Exception {
     @Test
     public void testIsCustomSignerSecretProvider() throws Exception {
         RangerKrbFilter filter = new RangerKrbFilter();
-        // Custom provider (anonymous) should be detected as custom
-        SignerSecretProvider custom = new SignerSecretProvider() {
-            @Override
-            public void init(Properties config, ServletContext servletContext, long tokenValidity) {
-            }
-
-            @Override
-            public byte[] getCurrentSecret() {
-                return new byte[0];
-            }
-
-            @Override
-            public byte[][] getAllSecrets() {
-                return new byte[0][];
-            }
-        };
+        // Custom provider (mock) should be detected as custom
+        SignerSecretProvider custom = mock(SignerSecretProvider.class);
         setField(filter, "secretProvider", custom);
         assertTrue((Boolean) invoke(filter, "isCustomSignerSecretProvider"));
     }
diff --git a/security-admin/src/test/java/org/apache/ranger/security/web/filter/TestRangerMDCFilter.java b/security-admin/src/test/java/org/apache/ranger/security/web/filter/TestRangerMDCFilter.java
index 16156c6e6e9..0ef68218b90 100644
--- a/security-admin/src/test/java/org/apache/ranger/security/web/filter/TestRangerMDCFilter.java
+++ b/security-admin/src/test/java/org/apache/ranger/security/web/filter/TestRangerMDCFilter.java
@@ -30,7 +30,6 @@
 import javax.servlet.FilterChain;
 import javax.servlet.FilterConfig;
 import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
@@ -88,12 +87,7 @@ public void testInitAndDoFilter_enabled_setsAndClearsMDC() throws Exception {
 
         ServletResponse response = mock(ServletResponse.class);
 
-        FilterChain chain = new FilterChain() {
-            @Override
-            public void doFilter(ServletRequest req, ServletResponse res) throws IOException, ServletException {
-                assertEquals("abc-123", MDC.get("RID"));
-            }
-        };
+        FilterChain chain = (req, res) -> assertEquals("abc-123", MDC.get("RID"));
 
         filter.doFilter(request, response, chain);
 
@@ -110,13 +104,7 @@ public void testDoFilter_disabled_bypasses() throws Exception {
         HttpServletRequest request = mock(HttpServletRequest.class);
         ServletResponse response = mock(ServletResponse.class);
 
-        FilterChain chain = new FilterChain() {
-            @Override
-            public void doFilter(ServletRequest req, ServletResponse res) {
-                // MDC should not be set
-                assertNull(MDC.get(RangerMDCFilter.DEFAULT_MDC_KEY));
-            }
-        };
+        FilterChain chain = (req, res) -> assertNull(MDC.get(RangerMDCFilter.DEFAULT_MDC_KEY));
 
         filter.doFilter(request, response, chain);
     }
diff --git a/security-admin/src/test/java/org/apache/ranger/security/web/filter/TestRangerSecurityContextFormationFilter.java b/security-admin/src/test/java/org/apache/ranger/security/web/filter/TestRangerSecurityContextFormationFilter.java
index ff9f059bc4f..fc59cab53d7 100644
--- a/security-admin/src/test/java/org/apache/ranger/security/web/filter/TestRangerSecurityContextFormationFilter.java
+++ b/security-admin/src/test/java/org/apache/ranger/security/web/filter/TestRangerSecurityContextFormationFilter.java
@@ -124,14 +124,11 @@ public void testDoFilter_setsCreatePrincipalsIfAbsentFlag() throws Exception {
 
         when(req.getParameter("createPrincipalsIfAbsent")).thenReturn("true");
 
-        FilterChain chain = new FilterChain() {
-            @Override
-            public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse) {
-                Boolean flag = RangerContextHolder.getOpContext() != null
-                        ? RangerContextHolder.getOpContext().getCreatePrincipalsIfAbsent()
-                        : null;
-                assertEquals(Boolean.TRUE, flag);
-            }
+        FilterChain chain = (servletRequest, servletResponse) -> {
+            Boolean flag = RangerContextHolder.getOpContext() != null
+                    ? RangerContextHolder.getOpContext().getCreatePrincipalsIfAbsent()
+                    : null;
+            assertEquals(Boolean.TRUE, flag);
         };
 
         filter.doFilter(req, res, chain);
@@ -222,16 +219,13 @@ public void testDoFilter_authenticated_createsSecurityContextAndUserSession() th
             Mockito.when(sessionMgr.processSuccessLogin(Mockito.anyInt(), Mockito.anyString(), Mockito.any(HttpServletRequest.class)))
                     .thenReturn(userSession);
 
-            FilterChain chain = new FilterChain() {
-                @Override
-                public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse) {
-                    RangerSecurityContext ctx = RangerContextHolder.getSecurityContext();
+            FilterChain chain = (servletRequest, servletResponse) -> {
+                RangerSecurityContext ctx = RangerContextHolder.getSecurityContext();
 
-                    assertNotNull(ctx);
-                    assertNotNull(ctx.getRequestContext());
-                    assertEquals("awc-request-1", ctx.getRequestContext().getServerRequestId());
-                    assertSame(userSession, ctx.getUserSession());
-                }
+                assertNotNull(ctx);
+                assertNotNull(ctx.getRequestContext());
+                assertEquals("awc-request-1", ctx.getRequestContext().getServerRequestId());
+                assertSame(userSession, ctx.getUserSession());
             };
 
             filter.doFilter(req, res, chain);
diff --git a/storm-agent/pom.xml b/storm-agent/pom.xml
index 7e526e20751..327549c5b8f 100644
--- a/storm-agent/pom.xml
+++ b/storm-agent/pom.xml
@@ -50,6 +50,10 @@
                     <groupId>jakarta.activation</groupId>
                     <artifactId>jakarta.activation-api</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -100,6 +104,10 @@
                     <groupId>com.fasterxml.jackson.module</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -120,6 +128,10 @@
                     <groupId>com.fasterxml.jackson.module</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -132,6 +144,11 @@
             <artifactId>credentialbuilder</artifactId>
             <version>${project.version}</version>
             <exclusions>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
@@ -147,6 +164,10 @@
                     <groupId>org.apache.hadoop</groupId>
                     <artifactId>hadoop-common</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
@@ -162,6 +183,10 @@
                     <groupId>org.apache.logging.log4j</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
diff --git a/tagsync/pom.xml b/tagsync/pom.xml
index 30d5eea5b5a..11662bf21d9 100644
--- a/tagsync/pom.xml
+++ b/tagsync/pom.xml
@@ -176,6 +176,10 @@
                     <groupId>log4j</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
@@ -199,6 +203,10 @@
                     <groupId>log4j</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
@@ -230,6 +238,10 @@
                     <groupId>org.apache.logging.log4j</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
@@ -269,6 +281,10 @@
                     <groupId>org.apache.logging.log4j</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
@@ -308,6 +324,10 @@
                     <groupId>org.apache.logging.log4j</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
@@ -323,6 +343,10 @@
                     <groupId>org.apache.commons</groupId>
                     <artifactId>commons-lang3</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -354,6 +378,10 @@
                     <groupId>log4j</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -385,6 +413,10 @@
                     <groupId>javax.servlet</groupId>
                     <artifactId>javax.servlet-api</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.graalvm.sdk</groupId>
                     <artifactId>graal-sdk</artifactId>
@@ -413,6 +445,10 @@
                     <groupId>log4j</groupId>
                     <artifactId>*</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>*</artifactId>
@@ -452,6 +488,11 @@
             <artifactId>jersey-spring5</artifactId>
             <version>${jersey-client.version}</version>
             <exclusions>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+
                 <exclusion>
                     <groupId>org.springframework</groupId>
                     <artifactId>*</artifactId>