Return-Path: X-Original-To: apmail-roller-commits-archive@www.apache.org Delivered-To: apmail-roller-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 425D210819 for ; Mon, 12 Aug 2013 18:12:52 +0000 (UTC) Received: (qmail 68407 invoked by uid 500); 12 Aug 2013 18:12:52 -0000 Delivered-To: apmail-roller-commits-archive@roller.apache.org Received: (qmail 67596 invoked by uid 500); 12 Aug 2013 18:12:49 -0000 Mailing-List: contact commits-help@roller.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@roller.apache.org Delivered-To: mailing list commits@roller.apache.org Received: (qmail 67127 invoked by uid 99); 12 Aug 2013 18:12:48 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 12 Aug 2013 18:12:48 +0000 Date: Mon, 12 Aug 2013 18:12:48 +0000 (UTC) From: "Glen Mazza (JIRA)" To: commits@roller.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Created] (ROL-1968) Upgrade Spring Security from 2.0.7 to 3.1.4 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 Glen Mazza created ROL-1968: ------------------------------- Summary: Upgrade Spring Security from 2.0.7 to 3.1.4 Key: ROL-1968 URL: https://issues.apache.org/jira/browse/ROL-1968 Project: Roller Issue Type: Task Affects Versions: 5.1 Reporter: Glen Mazza Assignee: Roller Unassigned Attachments: SpringSecurity.patch The enclosed patch gets us codewise about (my guess) 95-98% there, but there is some configuration error in the updated security.xml that makes it all for naught. Basically, the app will compile and run via mvn jetty:run at http://localhost:8080/roller but authentication of the first user created at the login screen *always* fails. I'm attaching the patch of what I have so far in case somebody wants to be a hero and get the remaining 2-5% in--I'll try to work on it more myself as well. Debugging can be done via IntelliJ by doing Menu item Run -> Edit Configurations, adding a new Maven config item ("debug Roller") with a working directory of /full/path/to/app/folder and a command line option of "jetty:run". Then add breakpoints to the code and choose Menu Item Run -> "debug Roller". It's difficult to debug however, as most of the code is Spring internal via the XML Configuration file and not Roller code. We don't need to get the OpenID auth method working to commit this patch (AFAICT it needed updating to work in 2.0.7 as it wasn't working right OOTB anyway) -- I can look into that later, but just to get the standard username/login at the command prompt working would be good enough to commit this patch. I'm partly inclined to commit this patch anyway and hold Roller trunk hostage, meaning *nobody* can use trunk until somebody patches it to get Spring Security 3.1 working, but I'll pass on such a drastic step. :) -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira