Created Spring Security Update in 1.1.10 (markdown)
Justin Richer
parent
b652a7b276
commit
5407a26082
|
|
@ -0,0 +1,46 @@
|
||||||
|
## Why update?
|
||||||
|
|
||||||
|
While we try to avoid major library changes in patch releases, one of our upstream libraries, Spring Security OAuth, has pushed an important release that depends directly on newer versions of Spring and Spring Security, two other major underlying libraries. The Spring version dependency is now a new major version, `4.0`, which we have decided is too much of a jump for a patch release. We have masked out this dependency for now and will instead wait for the `1.2` development branch of MITREid Connect to switch to (see #657). Some testing has been done on running our libraries against Spring 4.0 and while success has been reported, we do not want to force all of our developers to move to a new major revision. The Spring Security release is more minor, from `3.1.4` to `3.2.3`, and it should cause only minor headaches for existing developers on the 1.1 series of releases. As such, we have decided to **update to Spring Security ``3.2.3``** effective in MITREid Connect release `1.1.10`.
|
||||||
|
|
||||||
|
The core project has been updated (see #656) but if you're building a custom server or client there are some things you'll need to do to make things work again.
|
||||||
|
|
||||||
|
## Updating Spring Security Versions
|
||||||
|
|
||||||
|
If you're using servers based on the example-server-overlay project or clients based on the simple-web-app project, you will want to change the `spring-security-version` tag in your `pom.xml` file from this:
|
||||||
|
|
||||||
|
```xml
|
||||||
|
<properties>
|
||||||
|
...
|
||||||
|
<spring.security.version>3.1.4.RELEASE</spring.security.version>
|
||||||
|
...
|
||||||
|
</properties>
|
||||||
|
```
|
||||||
|
|
||||||
|
to this:
|
||||||
|
|
||||||
|
|
||||||
|
```xml
|
||||||
|
<properties>
|
||||||
|
...
|
||||||
|
<spring.security.version>3.2.3.RELEASE</spring.security.version>
|
||||||
|
...
|
||||||
|
</properties>
|
||||||
|
```
|
||||||
|
|
||||||
|
If you are managing your dependencies in other ways, you will need to change your spring security release to this version yourself.
|
||||||
|
|
||||||
|
## Updating Bean Definition Files
|
||||||
|
|
||||||
|
Bean definition files such as `applicationContext.xml` or `servlet-context.xml` that reference the Spring Security namespace will need to be updated to point to the Spring Security 3.2 schema. In all bean definition files, find the schema location definition URL and change it from this:
|
||||||
|
|
||||||
|
```xml
|
||||||
|
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd
|
||||||
|
```
|
||||||
|
|
||||||
|
to this:
|
||||||
|
|
||||||
|
```xml
|
||||||
|
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd
|
||||||
|
```
|
||||||
|
|
||||||
|
Note that this must be done for **all** bean definition files.
|
||||||
Loading…
Reference in New Issue