SEC-2090: LDAP dependencies (3.1.3) #2324

Closed
spring-issuemaster opened this Issue Dec 7, 2012 · 2 comments

1 participant

@spring-issuemaster

Flavio Donzé (Migrated from SEC-2090) said:

Trying to update the spring framework and spring security from 3.0.5 to 3.1.3.
I encountered this OSGi problem:

The org.springframework.security.ldap 3.1.3 bundle has the following dependencies:
org.springframework.ldap;version="[1.3.0,1.4.0)",
org.springframework.ldap.core;version="[1.3.0,1.4.0)",
org.springframework.ldap.core.support;version="[1.3.0,1.4.0)",
org.springframework.ldap.support;version="[1.3.0,1.4.0)"

Well the org.springframework.ldap 1.3.1 bundle than has the following dependencies:
org.springframework.beans [3.0.5.RELEASE, 3.1.0) false
org.springframework.beans.factory [3.0.5.RELEASE, 3.1.0) false
org.springframework.beans.factory.config [3.0.5.RELEASE, 3.1.0) false
org.springframework.context [3.0.5.RELEASE, 3.1.0) true
org.springframework.core [3.0.5.RELEASE, 3.1.0) false
org.springframework.dao [3.0.5.RELEASE, 3.1.0) false
org.springframework.jdbc.datasource [3.0.5.RELEASE, 3.1.0) true
org.springframework.orm.hibernate3 [3.0.5.RELEASE, 3.1.0) true
org.springframework.transaction [3.0.5.RELEASE, 3.1.0) false
org.springframework.transaction.support [3.0.5.RELEASE, 3.1.0) false
org.springframework.util [3.0.5.RELEASE, 3.1.0) false
http://ebr.springsource.com/reposito...archQuery=ldap

So I can not update the spring framework and spring security to 3.1.3 since o.s.ldap excludes he 3.1.x releases.

@spring-issuemaster

Greg Turnquist said:

https://issuetracker.springsource.com/browse/EBR-881 shows fixes made to the EBR, indicating the version range from Spring LDAP should work correctly now.

@spring-issuemaster

Greg Turnquist said:

The fix for this was completed in https://issuetracker.springsource.com/browse/EBR-881. No need to patch Spring Security.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment