Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Grails 7: grails-spring-security-cas #107

Merged
merged 9 commits into from
Oct 15, 2024
Merged

Grails 7: grails-spring-security-cas #107

merged 9 commits into from
Oct 15, 2024

Conversation

bkoehm
Copy link
Contributor

@bkoehm bkoehm commented Sep 23, 2024

No description provided.

@jamesfredley jamesfredley changed the title Grails 7 Grails 7: grails-spring-security-cas Sep 24, 2024
jdaugherty
jdaugherty approved these changes Sep 30, 2024
View reviewed changes
.github/workflows/gradle.yml Outdated Show resolved Hide resolved
@codeconsole
Copy link
Contributor

@bkoehm please seem my question regarding the configurations {} block

@codeconsole
Copy link
Contributor

@bkoehm I was referring to the configurations.configureEach {} block where you are forcing the version of gradle. That should not be needed if you have groovyVersion set in gradle.properties

@bkoehm bkoehm force-pushed the bkoehm.6.0.x branch 2 times, most recently from 7514e19 to 037ae3a Compare October 7, 2024 22:25
@bkoehm
Grails 7: Bundling a CAS server in the testapps directory is not real…
aeff460 
…istically maintainable. Remove the very old CAS server from the testapps directory and also remove spring-security-cas-test2. The latter was a duplicate of spring-security-cas-test1 with the only difference being 'test2' was configured to run on a different port.
codeconsole
codeconsole requested changes Oct 8, 2024
View reviewed changes
Copy link
Contributor

@codeconsole codeconsole left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@bkoehm

onfigurations {
    all {
        exclude group: 'javax.servlet'
        exclude group: 'javax.xml.bind'
    }
}

why is that needed in plugin/build.gradle?

@bkoehm
Copy link
Contributor Author

bkoehm commented Oct 8, 2024
edited
Loading

@bkoehm

onfigurations {
    all {
        exclude group: 'javax.servlet'
        exclude group: 'javax.xml.bind'
    }
}

why is that needed in plugin/build.gradle?

Because there are dependencies that leak javax.servlet and javax.xml.bind (at least, there were as of a few days ago).

@codeconsole
Copy link
Contributor

codeconsole commented Oct 9, 2024
edited
Loading

why is that needed in plugin/build.gradle?

Because there are dependencies that leak javax.servlet and javax.xml.bind (at least, there were as of a few days ago).

I don't see anywhere where that should be the case. If so, they should be updated to the latest version.

grails-spring-security-cas/plugin/build.gradle

Lines 65 to 82 in 545d30b

dependencies {
compileOnly "javax.servlet:javax.servlet-api:$javaxServletApiVersion"
compileOnly "org.springframework.boot:spring-boot-starter-logging"
compileOnly "org.grails:grails-web-boot"
profile "org.grails.profiles:web-plugin"
api "org.grails.plugins:spring-security-core:$springSecurityCoreVersion"
api "org.jasig.cas.client:cas-client-core:$casClientCoreVersion", {
exclude module: 'slf4j-api'
}
api "org.springframework.security:spring-security-cas:$springSecurityVersion", {
['spring-beans', 'spring-context', 'spring-core', 'spring-security-core',
'spring-security-web', 'spring-web'].each { exclude module: it }
}
documentation "com.github.javaparser:javaparser-core:3.25.8"
}

If it is ever the case, the preference is the exclusion on the dependency that has the older dependency.

@bkoehm
Copy link
Contributor Author

bkoehm commented Oct 10, 2024

why is that needed in plugin/build.gradle?

Because there are dependencies that leak javax.servlet and javax.xml.bind (at least, there were as of a few days ago).

I don't see anywhere where that should be the case. If so, they should be updated to the latest version.

grails-spring-security-cas/plugin/build.gradle

Lines 65 to 82 in 545d30b

dependencies {
compileOnly "javax.servlet:javax.servlet-api:$javaxServletApiVersion"
compileOnly "org.springframework.boot:spring-boot-starter-logging"
compileOnly "org.grails:grails-web-boot"
profile "org.grails.profiles:web-plugin"
api "org.grails.plugins:spring-security-core:$springSecurityCoreVersion"
api "org.jasig.cas.client:cas-client-core:$casClientCoreVersion", {
exclude module: 'slf4j-api'
}
api "org.springframework.security:spring-security-cas:$springSecurityVersion", {
['spring-beans', 'spring-context', 'spring-core', 'spring-security-core',
'spring-security-web', 'spring-web'].each { exclude module: it }
}
documentation "com.github.javaparser:javaparser-core:3.25.8"
}

If it is ever the case, the preference is the exclusion on the dependency that has the older dependency.

Ok, removed.

@codeconsole
Copy link
Contributor

@bkoehm thanks, quick question, you deleted the second server. How is it tested now? Do you just start the first server on a different port?

@bkoehm
Copy link
Contributor Author

bkoehm commented Oct 14, 2024

@bkoehm thanks, quick question, you deleted the second server. How is it tested now? Do you just start the first server on a different port?

Yes, the second test app was a dupe of the first one. And it requires a working CAS server to test with. It's not an automated test.

@codeconsole
Copy link
Contributor

codeconsole commented Oct 14, 2024
edited
Loading

@bkoehm thanks, quick question, you deleted the second server. How is it tested now? Do you just start the first server on a different port?

Yes, the second test app was a dupe of the first one. And it requires a working CAS server to test with. It's not an automated test.

@bkoehm Was there an automated test previously? I am sure it would be easy enough to just pass the port at startup so removing it was the right call.

@bkoehm
Copy link
Contributor Author

bkoehm commented Oct 14, 2024

@bkoehm thanks, quick question, you deleted the second server. How is it tested now? Do you just start the first server on a different port?

Yes, the second test app was a dupe of the first one. And it requires a working CAS server to test with. It's not an automated test.

@bkoehm Was there an automated test previously? I am sure it would be easy enough to just pass the port at startup so removing it was the right call.

No, there wasn't.

@codeconsole codeconsole merged commit e9af5ba into grails:6.0.x Oct 15, 2024
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jdaugherty jdaugherty jdaugherty approved these changes

@codeconsole codeconsole codeconsole requested changes

Assignees
No one assigned
Labels
None yet
Projects
Grails 7
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@bkoehm @codeconsole @jdaugherty