On 03/19/2012 04:42 PM, Carlucci, Tony wrote:
Hello,
I am getting an error when trying to startup the current rave-vanilla-extension
project. After some investigation it appears to be because of a jar version
mismatch - all of the spring jars are set to 3.1.0.RELEASE except for one:
spring-aop, which is still getting resolved to 3.0.6.RELEASE. It seems that
the spring-security-web 3.1.0.RELEASE module still has some dependencies on
3.0.6.RELEASE jars:
http://repo1.maven.org/maven2/org/springframework/security/spring-security-web/3.1.0.RELEASE/spring-security-web-3.1.0.RELEASE.pom
I've solved this locally by putting the following snippet into
rave-vanilla-extension-portal/pom.xml which forces spring-aop to always be
3.1.0.RELEASE:
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-aop</artifactId>
<version>${org.springframework.version}</version>
</dependency>
</dependencies>
</dependencyManagement>
My question: Before I commit it, is this the most appropriate way of solving
the problem in our maven config files, or is there a better way?
I think this is the appropriate and only good way to solve this.
This is a 'problem' produced by Spring itself. the spring-security 3.1.0.RELEASE
has even more 3.0.6.RELEASE dependencies (spring-core and related for instance),
so seems rather weirdly assembled IMO.
Effectively we're already 'overriding' several other spring components from
spring-security perspective. Adding one more spring-aop override isn't a big
deal then.
Regards, Ate
Thanks, Tony
---
Anthony Carlucci | SW App Dev Eng, Sr. | R501 / KW App Development& Maint
e: [email protected]<mailto:[email protected]> | v: 781.271.2432 | f:
781.271.3299
The MITRE Corporation | 202 Burlington Rd | Bedford, MA 01730-1420
