You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by rz...@apache.org on 2021/04/07 14:19:52 UTC

[tomee] 01/02: TOMEE-2997 - Update OpenSAML to v3.4.6 (transient dependency of wss4j)

This is an automated email from the ASF dual-hosted git repository.

rzo1 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomee.git

commit 91240c9631b9af395f289ee8d48d9c0bd8e3d8c4
Author: Richard Zowalla <13...@users.noreply.github.com>
AuthorDate: Wed Apr 7 15:31:50 2021 +0200

    TOMEE-2997 - Update OpenSAML to v3.4.6 (transient dependency of wss4j)
---
 server/openejb-cxf/pom.xml | 95 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 95 insertions(+)

diff --git a/server/openejb-cxf/pom.xml b/server/openejb-cxf/pom.xml
index 93c6127..440c460 100644
--- a/server/openejb-cxf/pom.xml
+++ b/server/openejb-cxf/pom.xml
@@ -34,6 +34,8 @@
   <properties>
     <tomee.build.name>${project.groupId}.server.cxf</tomee.build.name>
     <wss4j.version>2.3.1</wss4j.version>
+    <!-- XXX If wss4j is upgraded to >= 2.3.2 (unreleased yet), we can drop the overrides of opensaml -->
+    <opensaml.version>3.4.6</opensaml.version>
     <openejb.osgi.import.pkg>
       org.apache.xml.resolver*;resolution:=optional,
       *
@@ -78,6 +80,10 @@
           <artifactId>ehcache</artifactId>
         </exclusion>
         <exclusion>
+          <groupId>org.ehcache</groupId>
+          <artifactId>ehcache</artifactId>
+        </exclusion>
+        <exclusion>
           <artifactId>guava</artifactId>
           <groupId>com.google.guava</groupId>
         </exclusion>
@@ -103,6 +109,91 @@
     </dependency>
     <dependency>
       <groupId>org.apache.wss4j</groupId>
+      <artifactId>wss4j-ws-security-common</artifactId>
+      <version>${wss4j.version}</version>
+      <exclusions>
+        <exclusion>
+          <groupId>org.opensaml</groupId>
+          <artifactId>opensaml-saml-impl</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>org.opensaml</groupId>
+          <artifactId>opensaml-xacml-impl</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>org.opensaml</groupId>
+          <artifactId>opensaml-xacml-saml-impl</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>org.apache.geronimo.specs</groupId>
+          <artifactId>geronimo-javamail_1.4_spec</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>org.apache.geronimo.javamail</groupId>
+          <artifactId>geronimo-javamail_1.4_mail</artifactId>
+        </exclusion>
+        <exclusion>
+          <artifactId>guava</artifactId>
+          <groupId>com.google.guava</groupId>
+        </exclusion>
+      </exclusions>
+    </dependency>
+    <!-- TOMEE-2997: Override opensaml from the previous artifact "wss4j-ws-security-common" to get >= v3.4.6-->
+    <dependency>
+      <groupId>org.opensaml</groupId>
+      <artifactId>opensaml-saml-impl</artifactId>
+      <version>${opensaml.version}</version>
+      <exclusions>
+        <exclusion>
+          <groupId>org.opensaml</groupId>
+          <artifactId>opensaml-soap-impl</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>org.opensaml</groupId>
+          <artifactId>opensaml-storage-api</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>org.opensaml</groupId>
+          <artifactId>opensaml-messaging-api</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>org.apache.velocity</groupId>
+          <artifactId>velocity</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>org.apache.httpcomponents</groupId>
+          <artifactId>httpclient</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>com.google.code.findbugs</groupId>
+          <artifactId>jsr305</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>com.google.guava</groupId>
+          <artifactId>guava</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>org.cryptacular</groupId>
+          <artifactId>cryptacular</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>io.dropwizard.metrics</groupId>
+          <artifactId>metrics-core</artifactId>
+        </exclusion>
+      </exclusions>
+    </dependency>
+    <dependency>
+      <groupId>org.opensaml</groupId>
+      <artifactId>opensaml-xacml-impl</artifactId>
+      <version>${opensaml.version}</version>
+    </dependency>
+    <dependency>
+      <groupId>org.opensaml</groupId>
+      <artifactId>opensaml-xacml-saml-impl</artifactId>
+      <version>${opensaml.version}</version>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.wss4j</groupId>
       <artifactId>wss4j-policy</artifactId>
       <version>${wss4j.version}</version>
     </dependency>
@@ -115,6 +206,10 @@
           <groupId>net.sf.ehcache</groupId>
           <artifactId>ehcache</artifactId>
         </exclusion>
+        <exclusion>
+          <groupId>org.ehcache</groupId>
+          <artifactId>ehcache</artifactId>
+        </exclusion>
       </exclusions>
     </dependency>
     <dependency>