SEC-1326: Updating dependencies to match Spring versions. Removing unused deps.

build.gradle

@@ -1,3 +1,6 @@
+
+import org.gradle.api.tasks.diagnostics.GraphvizReportRenderer
+
 usePlugin('java')
 
 version = '3.0.0.CI-SNAPSHOT'
@@ -11,13 +14,22 @@ allprojects {
 
 subprojects {
     usePlugin 'java'
-    springVersion = '3.0.0.RC3'
+    usePlugin 'project-reports'
+    
+    springVersion = '3.0.0.RELEASE'
+    springLdapVersion = '1.3.0.RELEASE'
     ehcacheVersion = '1.6.2'
+    aspectjVersion = '1.6.5'
+    apacheDsVersion = '1.5.5'    
+
+/*    dependencyReport {
+        renderer = new GraphvizReportRenderer()
+    }*/
 
     dependencies {
         compile     'commons-logging:commons-logging:1.1.1'
 
-        testCompile 'junit:junit:4.6',
+        testCompile 'junit:junit:4.7',
                     'org.mockito:mockito-core:1.7',
                     'org.jmock:jmock:2.5.1',
                     'org.jmock:jmock-junit4:2.5.1',

config/build.gradle

@@ -6,7 +6,7 @@ dependencies {
     compile project(':core'),
             project(':web'),
             "javax.servlet:servlet-api:2.5",
-            'org.aspectj:aspectjweaver:1.6.5',
+            "org.aspectj:aspectjweaver:$aspectjVersion",
             "org.springframework:spring-aop:$springVersion",
             "org.springframework:spring-core:$springVersion",
             "org.springframework:spring-context:$springVersion",
@@ -17,8 +17,9 @@ dependencies {
     testCompile project(':ldap'),
                 project(':openid'),
                 files(this.project(':core').sourceSets.test.classesDir),
+                'javax.annotation:jsr250-api:1.0',
                 'aopalliance:aopalliance:1.0',
-                'org.springframework.ldap:spring-ldap-core:1.3.0.RELEASE',
+                "org.springframework.ldap:spring-ldap-core:$springLdapVersion",
                 "org.springframework:spring-jdbc:$springVersion"
 }
 

config/pom.xml

@@ -90,8 +90,8 @@
             <scope>test</scope>
         </dependency>
         <dependency>
-            <groupId>org.apache.tomcat</groupId>
-            <artifactId>annotations-api</artifactId>
+            <groupId>javax.annotation</groupId>
+            <artifactId>jsr250-api</artifactId>
             <scope>test</scope>
         </dependency>
         <dependency>

core/build.gradle

@@ -11,11 +11,11 @@ dependencies {
             "org.springframework:spring-jdbc:$springVersion",
             "org.springframework:spring-tx:$springVersion",
             "org.springframework:spring-web:$springVersion",
-            'org.aspectj:aspectjrt:1.6.5',
-            'org.aspectj:aspectjweaver:1.6.5',
-            'org.apache.tomcat:annotations-api:6.0.14'
+            "org.aspectj:aspectjrt:$aspectjVersion",
+            "org.aspectj:aspectjweaver:$aspectjVersion",
+            'javax.annotation:jsr250-api:1.0'
 
-    runtime 'hsqldb:hsqldb:1.8.0.7'
+    runtime 'hsqldb:hsqldb:1.8.0.10'
 
     testCompile 'commons-collections:commons-collections:3.2',
                 "org.springframework:spring-test:$springVersion"

core/pom.xml

@@ -80,10 +80,10 @@
             <scope>test</scope>
         </dependency>
         <dependency>
-            <groupId>org.apache.tomcat</groupId>
-            <artifactId>annotations-api</artifactId>
-            <optional>true</optional>
-        </dependency>
+            <groupId>javax.annotation</groupId>
+            <artifactId>jsr250-api</artifactId>
+            <optional>true</optional>            
+        </dependency>       
         <dependency>
             <groupId>log4j</groupId>
             <artifactId>log4j</artifactId>

core/src/test/java/org/springframework/security/access/annotation/Jsr250MethodDefinitionSourceTests.java

@@ -4,7 +4,6 @@ import static org.junit.Assert.assertEquals;
 
 import java.util.Collection;
 
-import javax.annotation.security.DenyAll;
 import javax.annotation.security.PermitAll;
 import javax.annotation.security.RolesAllowed;
 
@@ -22,7 +21,6 @@ public class Jsr250MethodDefinitionSourceTests {
     Jsr250MethodSecurityMetadataSource mds = new Jsr250MethodSecurityMetadataSource();
     A a = new A();
     UserAllowedClass userAllowed = new UserAllowedClass();
-    DenyAllClass denyAll = new DenyAllClass();
 
     private ConfigAttribute[] findAttributes(String methodName) throws Exception {
         return mds.findAttributes(a.getClass().getMethod(methodName), null).toArray(new ConfigAttribute[0]);
@@ -42,20 +40,6 @@ public class Jsr250MethodDefinitionSourceTests {
         assertEquals("javax.annotation.security.PermitAll", accessAttributes[0].toString());
     }
 
-    @Test
-    public void noRoleMethodHasDenyAllAttributeWithDenyAllClass() throws Exception {
-        ConfigAttribute[] accessAttributes = mds.findAttributes(denyAll.getClass()).toArray(new ConfigAttribute[0]);
-        assertEquals(1, accessAttributes.length);
-        assertEquals("javax.annotation.security.DenyAll", accessAttributes[0].toString());
-    }
-
-    @Test
-    public void adminMethodHasAdminAttributeWithDenyAllClass() throws Exception {
-        Collection<ConfigAttribute> accessAttributes = mds.findAttributes(denyAll.getClass().getMethod("adminMethod"), null);
-        assertEquals(1, accessAttributes.size());
-        assertEquals("ADMIN", accessAttributes.toArray()[0].toString());
-    }
-
     @Test
     public void noRoleMethodHasNoAttributes() throws Exception {
         Collection<ConfigAttribute> accessAttributes = mds.findAttributes(a.getClass().getMethod("noRoleMethod"), null);
@@ -95,16 +79,4 @@ public class Jsr250MethodDefinitionSourceTests {
         @RolesAllowed("ADMIN")
         public void adminMethod() {}
     }
-
-    @DenyAll
-    public static class DenyAllClass {
-
-        public void noRoleMethod()  {}
-
-        @RolesAllowed("ADMIN")
-        public void adminMethod() {}
-    }
-
-
-
 }

ldap/build.gradle

@@ -8,12 +8,12 @@ dependencies {
             "org.springframework:spring-beans:$springVersion",
             "org.springframework:spring-context:$springVersion",
             "org.springframework:spring-tx:$springVersion",
-            'org.springframework.ldap:spring-ldap-core:1.3.0.RELEASE',
-            'org.apache.directory.server:apacheds-core:1.5.5',
-            'org.apache.directory.server:apacheds-core-entry:1.5.5',
-            'org.apache.directory.server:apacheds-protocol-shared:1.5.5',
-            'org.apache.directory.server:apacheds-protocol-ldap:1.5.5', 
-            'org.apache.directory.server:apacheds-server-jndi:1.5.5',
+            "org.springframework.ldap:spring-ldap-core:$springLdapVersion",
+            "org.apache.directory.server:apacheds-core:$apacheDsVersion",
+            "org.apache.directory.server:apacheds-core-entry:$apacheDsVersion",
+            "org.apache.directory.server:apacheds-protocol-shared:$apacheDsVersion",
+            "org.apache.directory.server:apacheds-protocol-ldap:$apacheDsVersion", 
+            "org.apache.directory.server:apacheds-server-jndi:$apacheDsVersion",
             'org.apache.directory.shared:shared-ldap:0.9.15',             
             'ldapsdk:ldapsdk:4.1'
 

pom.xml

@@ -651,16 +651,23 @@
                 <artifactId>commons-collections</artifactId>
                 <version>3.2</version>
             </dependency>
+<!--            
             <dependency>
                 <groupId>org.apache.tomcat</groupId>
                 <artifactId>annotations-api</artifactId>
-                <version>6.0.14</version>
+                <version>6.0.20</version>
             </dependency>
+-->
+            <dependency>
+                <groupId>javax.annotation</groupId>
+                <artifactId>jsr250-api</artifactId>
+                <version>1.0</version>
+            </dependency>
+            
             <dependency>
                 <groupId>hsqldb</groupId>
                 <artifactId>hsqldb</artifactId>
-                <version>1.8.0.7</version>
-                <scope>runtime</scope>
+                <version>1.8.0.10</version>
             </dependency>
             <dependency>
                 <groupId>commons-logging</groupId>

samples/preauth/pom.xml

@@ -33,12 +33,6 @@
             <artifactId>spring-jdbc</artifactId>
             <scope>runtime</scope>
         </dependency>
-        <dependency>
-            <groupId>jaxen</groupId>
-            <artifactId>jaxen</artifactId>
-            <version>1.1.1</version>
-            <scope>runtime</scope>
-        </dependency>
     </dependencies>
 
     <build>

sandbox/heavyduty/pom.xml

@@ -78,7 +78,7 @@
         <dependency>
           <groupId>hsqldb</groupId>
           <artifactId>hsqldb</artifactId>
-          <version>1.8.0.7</version>
+          <version>1.8.0.10</version>
           <scope>compile</scope>
         </dependency>
         <dependency>
@@ -179,7 +179,7 @@
             <plugin>
                 <groupId>org.mortbay.jetty</groupId>
                 <artifactId>maven-jetty-plugin</artifactId>
-                <version>6.1.18</version>
+                <version>6.1.22</version>
                 <configuration>
                     <contextPath>/heavyduty</contextPath>
                     <!--jettyConfig>jetty-jmx.xml</jettyConfig-->
@@ -204,7 +204,7 @@
         </plugins>
     </build>
     <properties>
-        <spring.version>3.0.0.RC3</spring.version>
+        <spring.version>3.0.0.RELEASE</spring.version>
         <spring.security.version>3.0.0.CI-SNAPSHOT</spring.security.version>
     </properties>
 

web/build.gradle

@@ -4,7 +4,6 @@ dependencies {
     compile project(':core'),
             'aopalliance:aopalliance:1.0',
             'javax.servlet:servlet-api:2.5',
-            'commons-codec:commons-codec:1.3',
             'org.aspectj:aspectjweaver:1.6.5',            
             "org.springframework:spring-aop:$springVersion",            
             "org.springframework:spring-core:$springVersion",
@@ -15,4 +14,6 @@ dependencies {
             "org.springframework:spring-tx:$springVersion",
             "org.springframework:spring-web:$springVersion",
             "org.springframework:spring-test:$springVersion"
+            
+    testCompile 'commons-codec:commons-codec:1.3'
 }

web/pom.xml

@@ -36,12 +36,6 @@
             <version>1.3</version>
             <scope>test</scope>
         </dependency>
-        <dependency>
-            <groupId>jaxen</groupId>
-            <artifactId>jaxen</artifactId>
-            <version>1.1.1</version>
-            <optional>true</optional>
-        </dependency>
         <dependency>
             <groupId>hsqldb</groupId>
             <artifactId>hsqldb</artifactId>