Announcement Announcement Module
No announcement yet.
Spring Security 3.0 on dm Server 2.0 Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Spring Security 3.0 on dm Server 2.0

    I'm trying to get our Security module working with Spring dm Server. So far, I've hit several roadblocks. This is our current showstopper in getting our application to run on Spring dm Server.

    I've managed to get upgraded (at least got it to compile anyway) to Spring Security 3.0.0.RC1 (which nicely uses Spring 3.0 bundles provided by dm Server). We currently depend on spring-security 3.0.0.RC1 modules: core, cas-client, web, and ldap. These are not published in the EBR yet.

    Problem is, that the spring-security-ldap depends in spring-ldap-core (the non EBR one), and the EBR one of those still has spring 2.5.6 dependencies (i.e. we need a 3.0 version of spring-ldap-core).

    As well, spring-security-core brings in a whole bunch of non-OSGi jars.

    Spring-security-cas-client brings in cas-client-core which isn't OSGi.

    Security-ldap requires org.springframework.ldap 1.3.0.RELEASE which isn't Spring 3.0.

    So, as you can see, trying to use spring security in dm Server is pretty much a mess.

    My request, can we get a fully Spring 3.0 and OSGi friendly version of Spring Security 3.0 brought into the EBR (or at least core, cas, ldap, and web)... one where all the transitive dependencies resolve to OSGi-ified JARs in the EBR and all depend on only Spring 3.0 (i.e. no Spring 2.5.6 dependencies)?

    Thanks in advance!


  • #2
    J.C., from where are you getting Spring Security 3.0 RC1?

    It's built entirely against bundles in the EBR so it, and all of its dependencies, should be valid OSGi bundles as long as you get them from the right place...

    You can get hold of the "right" artifacts via Ivy with this configuration:

    <url name="com.springsource.repository.bundles.milestone">
        <ivy pattern="[organisation]/[module]/[revision]/[artifact]-[revision].[ext]" />
        <artifact pattern="[organisation]/[module]/[revision]/[artifact]-[revision].[ext]" />
    Or via Maven:

        <name>SpringSource Enterprise Bundle Repository - SpringSource Bundle Milestones</name>
    Hopefully if you use one of the above repositories things should be significantly better than you've described above.

    The last remaining problem may be the Spring LDAP dependency but we can cross that bridge when we get to it...