Spring Security
  1. Spring Security
  2. SEC-1085

Import-Package version constraints too limited in the annotations bundle

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Won't Fix
    • Affects Version/s: 2.0.4
    • Fix Version/s: 3.0.0 M1
    • Component/s: Build and Admin
    • Labels:
      None
    • Environment:
      OSGi

      Description

      Hi,
      in, spring-security-core-tiger-2.0.4.jar/META-INF/MANIFEST.MF, and in the Import-Package section, one can see :

      ...,org.springf

      ramework.security;version="[2.0.3.RELEASE,2.0.3.RELEASE]",org.springf

      ramework.security.annotation;version="[2.0.3.RELEASE,2.0.3.RELEASE]",

      org.springframework.security.intercept.method;version="[2.0.3.RELEASE

      ,2.0.3.RELEASE]",org.springframework.security.vote;version="[2.0.3.RE

      LEASE,2.0.3.RELEASE]"

      i.e. the import package constraints accepts only the 2.0.3.RELEASE version of the core security bundle.
      This way, the annotations bundle ver. 2.0.4 WILL NOT work as is with the core security bundle of the same version in an OSGi environment.

      By the way, the version hosted in the "SpringSource Enterprise Bundle Repository" does have a correct manifest (well, with an A qualifier).

      I would suggest upgrading the constraints to 2.0.4, or evenen to relax it to something like [2.0.3, 2.1.0).

      Cheers,
      Jawher

        Issue Links

          Activity

          Hide
          Luke Taylor added a comment -

          We have to redo OSGi support in the next release. There is no longer a core-tiger jar as it will require JDK 1.5. The project modules have also been substantially refactored to support better partitioning of the codebase, avoid split packages across OSGi modules etc.

          We will be using bundlor moving forward - See SEC-998.

          Show
          Luke Taylor added a comment - We have to redo OSGi support in the next release. There is no longer a core-tiger jar as it will require JDK 1.5. The project modules have also been substantially refactored to support better partitioning of the codebase, avoid split packages across OSGi modules etc. We will be using bundlor moving forward - See SEC-998 .

            People

            • Assignee:
              Luke Taylor
              Reporter:
              Jawher Moussa
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: