It was that.
In Gradle I used
org.apache.shiro:shiro-crypto:2.0.0
instead of
org.apache.shiro:shiro-crypto-cipher:2.0.0
I started from https://mvnrepository.com/artifact/org.apache.shiro using core
then switched to crypto, forgoting cipher.
I don't work how that worked in a situation (w/ OFBiz plugins) and not another
(w/o OFBiz plugins).
As you suggested (pulling in the old version somewhere unexpectedly) maybe the
reason.
Though I tried with Gradle --no-cache-build. Anyway who cares now ;)
Remains an issue with HashRequest. I'll have a look at
https://github.com/apache/shiro/issues/1022
And https://www.google.fr/search?q=%22shiro+2.0.0%22+Hash&ie=UTF-8 globally
It's time for us to envisage argon or such...
Thanks again
Jacques
Le 24/03/2024 à 17:35, le...@flowlogix.com a écrit :
Make sure to look at the dependency tree, I bet you are pulling in the old
version somewhere unexpectedly.
On Mar 24, 2024, at 11:32 AM, Jacques Le Roux<jacques.le.r...@les7arts.com>
wrote:
Thanks Lenny,
Oops, indeed it should be 2.0.0 everywhere. Else nothing would work ;)
I did not want to repeat all what's in links, that why I just put links.
Anyway, I'll have a look at Crypto classes’ package names, easier than anything
else.
I'm though surprised that it works with current names when we have the 3
org.apereo.cas packages in the classpath.
Maybe we miss something else...
Jacques
Le 24/03/2024 à 15:54,le...@flowlogix.com <mailto:le...@flowlogix.com> a
écrit :
I am not quite sure that there enough information here to help…
First, you mention shiro-core 2.2.0 (vs. 2.0.0) are you sure you have the
correct version?
Crypto classes’ package names have changed. All you would need to do is change
Java source to reflect this.
On Mar 24, 2024, at 3:51 AM, Jacques Le Roux<jacques.le.r...@les7arts.com>
<mailto:jacques.le.r...@les7arts.com> wrote:
Hi,
We (the Apache OFBiz project) use Shiro mostly for ciphering.
We use Gradle and refer to Maven for dependencies.
We recently upgraded from 1.13.0 to 2.0.0
https://issues.apache.org/jira/browse/OFBIZ-12961
<https://issues.apache.org/jira/browse/OFBIZ-12961>
<https://issues.apache.org/jira/browse/OFBIZ-12961>
<https://issues.apache.org/jira/browse/OFBIZ-12961>
As we we had only this dependency, I started by replacing shiro-core:1.13.0 by
shiro-core:2.2.0
It did not work (mostly AesCipherService creation compile errors).
I then tried only shiro-crypto:2.0.0 and It worked.
Then (thanks to our CI) we discovered that there was other dependencies related
to org.apereo.cas:cas-server
https://lists.apache.org/thread/cszft6134oon9tx0xy0wn3hgvh4ogbpz
<https://lists.apache.org/thread/cszft6134oon9tx0xy0wn3hgvh4ogbpz>
<https://lists.apache.org/thread/cszft6134oon9tx0xy0wn3hgvh4ogbpz>
<https://lists.apache.org/thread/cszft6134oon9tx0xy0wn3hgvh4ogbpz>
So I added them withhttps://github.com/apache/ofbiz-framework/commit/61f5831400
<https://github.com/apache/ofbiz-framework/commit/61f5831400>
<https://github.com/apache/ofbiz-framework/commit/61f5831400>
<https://github.com/apache/ofbiz-framework/commit/61f5831400>
This morning I removed them and tried to add shiro-core:2.2.0, to no avail.
If it's possible, could you please give us more information to get read of the
org.apereo.cas:cas-server dependencies?
Thanks in advance
Jacques
