Added JIRA: https://issues.apache.org/jira/browse/GEODE-1193
Anthony > On Apr 7, 2016, at 9:44 AM, Jens Deppe <[email protected]> wrote: > > The reason that the servlet API jar is included is because it gets used on > the server classpath (where the sessions are stored). I'm going through the > Modules docs now, so we should be able to direct users to use the servlet > jar provided by the container. We should be OK not to ship it. > > --Jens > > On Thu, Apr 7, 2016 at 8:33 AM, John Blum <[email protected]> wrote: > >> I would not include the (javax.)servlet-api JAR with Geode. It will be a >> significant pain point for web applications (and frameworks, e.g. *Spring >> Session*) that expect a specific version of the Servlet API and then >> suddenly encounter conflicting versions. >> >> Also, FYI, the latest release of the core *Spring Framework >> <http://projects.spring.io/spring-framework/>* [1] is now 4.2.5.RELEASE. >> The latest *Spring Security <http://projects.spring.io/spring-security/>* >> [2] >> release is 4.0.4.RELEASE. The latest in the 3.x line is 3.2.9; the *Spring >> Security* version used by Geode (3.1.x) is not even supported any more. >> >> >> [1] http://projects.spring.io/spring-framework/ >> [2] http://projects.spring.io/spring-security/ >> >> >> On Thu, Apr 7, 2016 at 8:21 AM, Anthony Baker <[email protected]> wrote: >> >>> You can’t tell from the diff below but it turns out we’re including two >>> versions of servlet-api: >>> >>> servlet-api-2.5.jar >>> javax.servlet-api-3.1.0.jar >>> >>> Version 3.1.0 is from the geode/lib while the older jar is from the app >>> server module. Do we need to ship these at all since they are only >> needed >>> for compiling? >>> >>> Anthony >>> >>> >>>> On Apr 6, 2016, at 10:51 PM, Anthony Baker <[email protected]> wrote: >>>> >>>> Here’s a comparison of the bundled jar dependencies present in the >>> binary distribution from the M1 release versus the current develop >> branch. >>> The good news is there aren’t that many changes despite lots of build >>> refactoring and new source code in pulse / modules / wan / cq. >>>> >>>> If you see something that looks wrong, please speak up. I see a >>> possible version conflict on sl4j. >>>> >>>> Anthony-Baker-MacBook-Pro:tmp abaker$ diff -y --suppress-common-lines >>> license.M1/M1-jars license.M2/M2-jars >>>> activation-1.1.1.jar | >>> activation-1.1.jar >>>>> >>> commons-beanutils-1.8.3.jar >>>>> >>> commons-collections-3.2.2.jar >>>>> >>> commons-digester-2.1.jar >>>> commons-logging-1.1.1.jar | >>> commons-logging-1.2.jar >>>> hbase-0.94.27.jar < >>>> jgroups-3.6.6.Final.jar | >>> jgroups-3.6.7.Final.jar >>>>> >>> servlet-api-2.5.jar >>>>> >>> slf4j-api-1.7.12.jar >>>>> >>> slf4j-jdk14-1.7.7.jar >>>> spring-aop-3.2.12.RELEASE.jar | >>> spring-aop-4.2.4.RELEASE.jar >>>> spring-aspects-3.2.12.RELEASE.jar | >>> spring-aspects-4.2.4.RELEASE.jar >>>> spring-beans-3.2.12.RELEASE.jar | >>> spring-beans-4.2.4.RELEASE.jar >>>> spring-context-3.2.12.RELEASE.jar | >>> spring-context-4.2.4.RELEASE.jar >>>> spring-context-support-3.2.12.RELEASE.jar | >>> spring-context-support-4.2.4.RELEASE.jar >>>> spring-core-3.2.12.RELEASE.jar | >>> spring-core-4.2.4.RELEASE.jar >>>> spring-data-gemfire-1.5.1.RELEASE.jar | >>> spring-data-gemfire-1.7.2.RELEASE.jar >>>> spring-expression-3.2.12.RELEASE.jar | >>> spring-expression-4.2.4.RELEASE.jar >>>> spring-oxm-3.2.12.RELEASE.jar | >>> spring-ldap-core-1.3.2.RELEASE.jar >>>>> >>> spring-oxm-4.2.4.RELEASE.jar >>>>> >>> spring-security-config-3.1.7.RELEASE.jar >>>>> >>> spring-security-core-3.1.7.RELEASE.jar >>>>> >>> spring-security-ldap-3.1.7.RELEASE.jar >>>>> >>> spring-security-web-3.1.7.RELEASE.jar >>>> spring-tx-3.2.12.RELEASE.jar | >>> spring-tx-4.2.4.RELEASE.jar >>>> spring-web-3.2.12.RELEASE.jar | >>> spring-web-4.2.4.RELEASE.jar >>>> spring-webmvc-3.2.12.RELEASE.jar | >>> spring-webmvc-4.2.4.RELEASE.jar >>>> >>>> >>>> Anthony >>>> >>>> >>> >>> >> >> >> -- >> -John >> 503-504-8657 >> john.blum10101 (skype) >>
signature.asc
Description: Message signed with OpenPGP using GPGMail
