Results 1 to 2 of 2

Thread: Spring Security 3.0 on dm Server 2.0

  1. Nov 14th, 2009, 07:40 PM #1
    jchamlin
    jchamlin is offline Junior Member
    Join Date
    Aug 2009
    Posts
    20

    Default Spring Security 3.0 on dm Server 2.0

    I'm trying to get our Security module working with Spring dm Server. So far, I've hit several roadblocks. This is our current showstopper in getting our application to run on Spring dm Server.

    I've managed to get upgraded (at least got it to compile anyway) to Spring Security 3.0.0.RC1 (which nicely uses Spring 3.0 bundles provided by dm Server). We currently depend on spring-security 3.0.0.RC1 modules: core, cas-client, web, and ldap. These are not published in the EBR yet.

    Problem is, that the spring-security-ldap depends in spring-ldap-core (the non EBR one), and the EBR one of those still has spring 2.5.6 dependencies (i.e. we need a 3.0 version of spring-ldap-core).

    As well, spring-security-core brings in a whole bunch of non-OSGi jars.

    Spring-security-cas-client brings in cas-client-core which isn't OSGi.

    Security-ldap requires org.springframework.ldap 1.3.0.RELEASE which isn't Spring 3.0.

    So, as you can see, trying to use spring security in dm Server is pretty much a mess.

    My request, can we get a fully Spring 3.0 and OSGi friendly version of Spring Security 3.0 brought into the EBR (or at least core, cas, ldap, and web)... one where all the transitive dependencies resolve to OSGi-ified JARs in the EBR and all depend on only Spring 3.0 (i.e. no Spring 2.5.6 dependencies)?

    Thanks in advance!

    -J.C.
    J.C. Hamlin
    Principal Consultant
    Technology Partners LLC
    http://www.technology-partners.net
  2. Nov 16th, 2009, 11:14 AM #2
    Andy Wilkinson
    Andy Wilkinson is offline Senior Member Spring Team
    Join Date
    Oct 2008
    Posts
    493

    Default

    J.C., from where are you getting Spring Security 3.0 RC1?

    It's built entirely against bundles in the EBR so it, and all of its dependencies, should be valid OSGi bundles as long as you get them from the right place...

    You can get hold of the "right" artifacts via Ivy with this configuration:

    Code:
    <url name="com.springsource.repository.bundles.milestone">
    <ivy pattern="http://repository.springsource.com/ivy/bundles/milestone/[organisation]/[module]/[revision]/[artifact]-[revision].[ext]" />
    <artifact pattern="http://repository.springsource.com/ivy/bundles/milestone/[organisation]/[module]/[revision]/[artifact]-[revision].[ext]" />
</url>
    Or via Maven:

    Code:
    <repository>
    <id>com.springsource.repository.bundles.milestone</id>
    <name>SpringSource Enterprise Bundle Repository - SpringSource Bundle Milestones</name>
    <url>http://repository.springsource.com/maven/bundles/milestone</url>
</repository>
    Hopefully if you use one of the above repositories things should be significantly better than you've described above.

    The last remaining problem may be the Spring LDAP dependency but we can cross that bridge when we get to it...
    Andy Wilkinson
    SpringSource
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules