SEC-2195: Update Groovy, Geb, Spock, httpcomponents, and Jetty

config/config.gradle

@@ -38,12 +38,12 @@ dependencies {
                 "org.springframework:spring-jdbc:$springVersion",
                 "org.springframework:spring-orm:$springVersion",
                 "org.springframework:spring-tx:$springVersion",
-                'org.spockframework:spock-core:0.6-groovy-1.8',
+                "org.spockframework:spock-core:$spockVersion",
                 "org.slf4j:jcl-over-slf4j:$slf4jVersion",
                 "org.hibernate.javax.persistence:hibernate-jpa-2.0-api:1.0.1.Final",
                 "org.hibernate:hibernate-entitymanager:4.1.0.Final",
-                powerMockDependencies,
-                'org.codehaus.groovy:groovy:1.8.7'
+                "org.codehaus.groovy:groovy-all:$groovyVersion",
+                powerMockDependencies
     testCompile('org.openid4java:openid4java-nodeps:0.9.6') {
        exclude group: 'com.google.code.guice', module: 'guice'
     }

gradle/javaprojects.gradle

@@ -17,6 +17,10 @@ ext.logbackVersion = '0.9.29'
 ext.cglibVersion = '2.2'
 ext.powerMockVersion = '1.4.12'
 ext.servletApiVersion = '7.0.33'
+ext.seleniumVersion = '2.33.0'
+ext.groovyVersion = '2.0.5'
+ext.spockVersion = '0.7-groovy-2.0'
+ext.gebVersion = '0.9.0'
 
 ext.powerMockDependencies = [
     "org.powermock:powermock-core:$powerMockVersion",

openid/openid.gradle

@@ -18,5 +18,5 @@ dependencies {
 
     provided "org.apache.tomcat:tomcat-servlet-api:$servletApiVersion"
 
-    runtime 'org.apache.httpcomponents:httpclient:4.1.1'
+    runtime 'org.apache.httpcomponents:httpclient:4.2.3'
 }

samples/cas/sample/cassample.gradle

@@ -5,7 +5,7 @@ apply plugin: 'jetty'
 apply plugin: 'groovy'
 
 def excludeModules = ['spring-security-acl', 'jsr250-api', 'spring-jdbc', 'spring-tx']
-def jettyVersion = '7.1.6.v20100715'
+def jettyVersion = '8.1.9.v20130131'
 def keystore = "$rootDir/samples/certificates/server.jks"
 def password = 'password'
 
@@ -16,8 +16,6 @@ configurations {
     }
 
     runtime.exclude group: 'org.aspectj'
-
-    integrationTestCompile.extendsFrom groovy
 }
 
 sourceSets {
@@ -28,8 +26,6 @@ sourceSets {
 eclipse.classpath.plusConfigurations += configurations.integrationTestRuntime
 
 dependencies {
-    groovy 'org.codehaus.groovy:groovy:1.8.7'
-
     providedCompile "org.apache.tomcat:tomcat-servlet-api:$servletApiVersion"
 
     compile project(':spring-security-core'),
@@ -42,12 +38,13 @@ dependencies {
             "ch.qos.logback:logback-classic:$logbackVersion"
 
     integrationTestCompile project(':spring-security-cas'),
-                   'org.seleniumhq.selenium:selenium-htmlunit-driver:2.25.0',
-                   'org.spockframework:spock-core:0.6-groovy-1.8',
-                   'org.codehaus.geb:geb-spock:0.7.2',
+                   "org.seleniumhq.selenium:selenium-htmlunit-driver:$seleniumVersion",
+                   "org.spockframework:spock-core:$spockVersion",
+                   "org.gebish:geb-spock:$gebVersion",
                    'commons-httpclient:commons-httpclient:3.1',
                    "org.eclipse.jetty:jetty-server:$jettyVersion",
-                   "org.eclipse.jetty:jetty-servlet:$jettyVersion"
+                   "org.eclipse.jetty:jetty-servlet:$jettyVersion",
+                   "org.codehaus.groovy:groovy:$groovyVersion"
 }
 
 [jettyRun, jettyRunWar]*.configure {

samples/cas/sample/src/integration-test/groovy/org/springframework/security/samples/cas/CasSampleTests.groovy

@@ -17,8 +17,11 @@ package org.springframework.security.samples.cas
 
 import geb.spock.*
 
+import org.apache.http.impl.conn.DefaultClientConnectionOperator;
 import org.junit.runner.RunWith;
 import org.spockframework.runtime.Sputnik;
+import org.springframework.security.authentication.DefaultAuthenticationEventPublisher;
+import org.springframework.security.core.context.ThreadLocalSecurityContextHolderStrategy;
 import org.springframework.security.samples.cas.pages.*
 
 import spock.lang.Shared;
@@ -42,7 +45,7 @@ class CasSampleTests extends AbstractCasTests {
 
     def 'access extremely secure page with unauthenitcated user requires login'() {
         when: 'Unauthenticated user accesses the extremely secure page'
-        to ExtremelySecurePage
+        via ExtremelySecurePage
         then: 'The login page is displayed'
         at LoginPage
     }
@@ -56,7 +59,7 @@ class CasSampleTests extends AbstractCasTests {
 
     def 'access secure page with unauthenticated user requires login'() {
         when: 'Unauthenticated user accesses the secure page'
-        to SecurePage
+        via SecurePage
         then: 'The login page is displayed'
         at LoginPage
     }
@@ -77,7 +80,7 @@ class CasSampleTests extends AbstractCasTests {
 
     def 'access extremely secure page with ROLE_USER is denied'() {
         when: 'User with ROLE_USER accesses extremely secure page'
-        to ExtremelySecurePage
+        via ExtremelySecurePage
         then: 'the access denied page is displayed'
         at AccessDeniedPage
     }
@@ -94,7 +97,7 @@ class CasSampleTests extends AbstractCasTests {
     def 'clicking cas server logout link successfully performs logout'() {
         when: 'the cas server logout link is clicked and the secure page is requested'
         casServerLogout.click()
-        to SecurePage
+        via SecurePage
         then: 'the login page is displayed'
         at LoginPage
     }
@@ -112,20 +115,20 @@ class CasSampleTests extends AbstractCasTests {
         when: 'logout and request extremely secure page'
         navModule.logout.click()
         casServerLogout.click()
-        to ExtremelySecurePage
+        via ExtremelySecurePage
         then: 'login page is displayed'
         at LoginPage
     }
 
     def 'logging out of the cas server successfully logs out of the cas sample application'() {
         setup: 'login with ROLE_USER'
-        to SecurePage
+        via SecurePage
         at LoginPage
         login 'rod'
         at SecurePage
         when: 'logout of the CAS Server'
         go casServerLogoutUrl
-        to SecurePage
+        via SecurePage
         then: 'user is logged out of the CAS Service'
         at LoginPage
     }