[jira] [Commented] (ROL-1968) Upgrade Spring Security from 2.0.7 to 3.1.4

[Glen Mazza (JIRA)]

    [ 
https://issues.apache.org/jira/browse/ROL-1968?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13737320#comment-13737320
 ] 

Glen Mazza commented on ROL-1968:
---------------------------------

I think I got it working, I just needed to combine the multiple 
authentication-manager elements in the security.xml into one.  A little more 
testing needed, but otherwise this looks to be a great day in Apache 
Roller-land.
                
> Upgrade Spring Security from 2.0.7 to 3.1.4
> -------------------------------------------
>
>                 Key: ROL-1968
>                 URL: https://issues.apache.org/jira/browse/ROL-1968
>             Project: Roller
>          Issue Type: Task
>    Affects Versions: 5.1
>            Reporter: Glen Mazza
>            Assignee: Roller Unassigned
>         Attachments: SpringSecurity.patch
>
>
> The enclosed patch gets us codewise about (my guess) 95-98% there, but there 
> is some configuration error in the updated security.xml that makes it all for 
> naught.  Basically, the app will compile and run via mvn jetty:run at 
> http://localhost:8080/roller but authentication of the first user created at 
> the login screen *always* fails.  I'm attaching the patch of what I have so 
> far in case somebody wants to be a hero and get the remaining 2-5% in--I'll 
> try to work on it more myself as well.
> Debugging can be done via IntelliJ by doing Menu item Run -> Edit 
> Configurations, adding a new Maven config item ("debug Roller") with a 
> working directory of /full/path/to/app/folder and a command line option of 
> "jetty:run".  Then add breakpoints to the code and choose Menu Item Run -> 
> "debug Roller".  It's difficult to debug however, as most of the code is 
> Spring internal via the XML Configuration file and not Roller code. 
> We don't need to get the OpenID auth method working to commit this patch 
> (AFAICT it needed updating to work in 2.0.7 as it wasn't working right OOTB 
> anyway) -- I can look into that later, but just to get the standard 
> username/login at the command prompt working would be good enough to commit 
> this patch.  I'm partly inclined to commit this patch anyway and hold Roller 
> trunk hostage, meaning *nobody* can use trunk until somebody patches it to 
> get Spring Security 3.1 working, but I'll pass on such a drastic step.  :)

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira