I just attempted to upgrade from 6.5 to 7.2 because of a bug preventing the change password workflow from working after adding MFA (this bug appears to have a fix in 7.2: https://github.com/apereo/cas/commit/ 3010b6c2caf99d3f6f5888cb1aada3576eddc580).
But there appears to be a version conflict in ANTLR dependencies that I can’t seem to work around. It stems from the fact that hibernate (as of 6) updated to ANTLR 4.10 (https://github.com/hibernate/ hibernate-orm/discussions/4975) which uses ATN version 4, but cqengine has not yet done so (https://github.com/npgall/cqengine/issues/307) so it is still using ATN version 3. When I look at my dependency tree I see: [INFO] +- org.apereo.cas:cas-server-support-audit-jdbc:jar:7.2.0-RC3:runtime [INFO] | \- org.apereo.cas:cas-server-support-jpa-hibernate:jar:7.2. 0-RC3:runtime [INFO] | \- org.hibernate.orm:hibernate-core:jar:6.6.3.Final:runtime [INFO] | \- org.antlr:antlr4-runtime:jar:4.13.0:runtime [INFO] \- org.apereo.cas:cas-server-support-json-service-registry: jar:7.2.0-RC3:runtime [INFO] \- org.apereo.cas:cas-server-core-services-registry:jar:7. 2.0-RC3:runtime [INFO] \- com.googlecode.cqengine:cqengine:jar:3.6.0:runtime [INFO] \- (org.antlr:antlr4-runtime:jar:4.7.2:runtime - omitted for conflict with 4.13.0) And when I run CAS with both dependencies, the moment my browsers transitions to the MFA (cas-server-support-gauth-jpa) screen, I see this error in my logs: java.lang.RuntimeException: jakarta.servlet.ServletException: Request processing failed: org.springframework.webflow.execution.ActionExecutionException: Exception thrown executing org.apereo.cas.gauth.web.flow. GoogleAuthenticatorPrepareLoginAction@45784074 in state 'initializeLoginForm' of flow 'mfa-gauth' -- action execution attributes were 'map[[empty]]' at org.apereo.cas.web.support.filters.AbstractSecurityFilter. throwException(AbstractSecurityFilter.java:42) ~[cas-server-core-web-api-7.2.0-RC3.jar!/:7.2.0-RC3] at org.apereo.cas.web.support.filters.ResponseHeadersEnforcementFilt er.doFilter(ResponseHeadersEnforcementFilter.java:198) ~[cas-server-core-web-api-7.2.0-RC3.jar!/:7.2.0-RC3] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( ApplicationFilterChain.java:164) ~[tomcat-embed-core-10.1.33.jar!/:?] at org.apache.catalina.core.ApplicationFilterChain.doFilter( ApplicationFilterChain.java:140) ~[tomcat-embed-core-10.1.33.jar!/:?] ... Caused by: java.io.InvalidClassException: org.antlr.v4.runtime.atn.ATN; Could not deserialize ATN with version 4 (expected 3). I am unsure how to proceed here. I am not against attempting to contribute, but what would the proper contribution be? Would we try to downgrade to a version of hibernate before 6? Remove cqengine because the update to ATN 4 does not appear to be forthcoming? Try to workaround the cqengine by using their shaded jar (https://github.com/npgall/ cqengine/issues/307#issuecomment-1437226922)? Lucas -- - Website: https://apereo.github.io/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/0fccc337-2080-41cd-8ab6-4993e6064a59n%40apereo.org.
