Spring Security
  1. Spring Security
  2. SEC-1301

security setup doesn't add commons codec to pom.xml

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Won't Fix
    • Affects Version/s: 3.0.0 RC1
    • Fix Version/s: 3.0.0.RC2
    • Component/s: Core
    • Labels:
      None

      Description

      I was trying out "security setup" to add security to my Roo-based application. After it generated the Spring Security config, I tweaked it to limit access to certain URLs unless logged in as 'admin'. It worked great until I tried logging in. Upon attempting to login, I get "java.lang.NoClassDefFoundError: org/apache/commons/codec/binary/Hex".

      Apparently Common Codec needs to be added to the pom.xml file. This is something that I would have expected "security setup" to do for me.

        Issue Links

          Activity

          Hide
          Maximiliano Guzenski added a comment -

          Yes, I've this issue as well.

          Spring security works well with "mvn tomcat:run" but fail on login in an external tomcat. Solution is add dependecy of commons codec to project.

          But, it looks like to by more a bug of spring security pom.xml then a roo bug.

          Show
          Maximiliano Guzenski added a comment - Yes, I've this issue as well. Spring security works well with "mvn tomcat:run" but fail on login in an external tomcat. Solution is add dependecy of commons codec to project. But, it looks like to by more a bug of spring security pom.xml then a roo bug.
          Hide
          Luke Taylor added a comment -

          I think the codec dep is optional at the moment. I'd like to removed it from the distro and just add internal code for base64 and hex encoding.

          Show
          Luke Taylor added a comment - I think the codec dep is optional at the moment. I'd like to removed it from the distro and just add internal code for base64 and hex encoding.
          Hide
          Luke Taylor added a comment -

          Closing as commons codec is no longer required (see SEC-1303). In any case, an optional maven dependency isn't a bug - it just means that users have to add that dependency themselves if they need it.

          Show
          Luke Taylor added a comment - Closing as commons codec is no longer required (see SEC-1303 ). In any case, an optional maven dependency isn't a bug - it just means that users have to add that dependency themselves if they need it.

            People

            • Assignee:
              Luke Taylor
              Reporter:
              Craig Walls
            • Votes:
              1 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: