David Handermann created NIFI-8186:
--------------------------------------
Summary: Exclude bcprov-ext-jdk15on from spring-security-saml2-core
Key: NIFI-8186
URL: https://issues.apache.org/jira/browse/NIFI-8186
Project: Apache NiFi
Issue Type: Bug
Affects Versions: 1.13.0
Reporter: David Handermann
Assignee: David Handermann
The spring-security-saml2-core library has a transitive dependency on
bcprov-ext-jdk15on version 1.60 through the
com.narupley:not-going-to-be-commons-ssl library. The standard bcprov-jdk15on
library is configured with version 1.68 through the framework, so the older
extension version of the Bouncy Castle Provider should be excluded to avoid
expected runtime behavior. The standard and extended versions of the Bouncy
Castle Provider libraries are fundamentally similar, with the primary
difference being the inclusion of classes to support of obscure NTRU algorithm
in the extension library.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
