Results 1 to 3 of 3

Thread: Acegi 1.0.5 & Spring 2.0.7 & Maven

  1. Nov 2nd, 2007, 04:32 PM #1
    alis
    alis is offline Junior Member
    Join Date
    Nov 2007
    Posts
    3

    Default Acegi 1.0.5 & Spring 2.0.7 & Maven

    Acegi 1.0.5 has Spring 1.2.9 as Maven dependency and it cause conflict with Spring 2 when I use it in my project as Maven dependency.

    From http://mirrors.ibiblio.org/pub/mirro...rent-1.0.5.pom
    Code:
    ...
	<properties>
		<spring.version>1.2.9</spring.version>
...
    I have make it working by editing my local acegi-security-parent-1.0.5.pom and setting Spring version to 2.0.7. It also may be possible to exclude Spring 1 by adding exclusion/s tags to Acegi Maven dependency.

    It may be better to correct it in source pom!

    This is the problem that I had faced:
    http://forum.springframework.org/showthread.php?t=37883

    Regards,
    Ali
  2. Nov 4th, 2007, 11:54 AM #2
    Luke Taylor
    Luke Taylor is offline Senior Member Acegi Security System TeamSpring Team
    Join Date
    Aug 2004
    Location
    Glasgow, Scotland
    Posts
    3,449

    Default

    Acegi 1.0.x is supposed to be compatible with Spring 1.2, so the version number was deliberately chosen. If you want to use it with Spring 2.0, use maven "excludes" in your own pom.xml to prevent the transient dependencies being included in your project.
  3. Nov 18th, 2007, 11:07 PM #3
    almeitus
    almeitus is offline Junior Member
    Join Date
    Dec 2006
    Posts
    11

    Default

    I've encountered the same issue, and have used the same remedy as alis in the past, but think there may be a better solution.

    None of the spring jars specified in the "dependencyManagement" section of the parent pom are required to run acegi, except spring-core, correct? This being the case, can't you mark the others (e.g. spring-jdbc, spring-mock) as:

    <optional>true</optional>

    which is the case for log4j (as well as spring-web and spring-mock in the child pom), and should hold true for these spring module dependencies as well.

    Even better yet, couldn't the "spring-core" reference be changed to just "spring" to simplify things even more? All the other specified spring jars, minus spring-mock, are included in the "spring.jar" file anyway? Shortens the pom a bit as well as reduces unnecessary "duplicate" jars in your local repo (e.g. the contents of spring-core.jar are already in spring.jar). And it does not force pom authors to have an "exclusion" (which you've prescribed and I've had to do in my webapp pom to keep these jars out of that artifact) section for these transitive dependencies. Let them choose which, if any to include in their own poms. They'll override the "core" 1.2.9 spring version to hopefully a 2.x flavor in their own poms...

    -Chris
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules