Closed sandhya223 closed 2 years ago
ArtifactResolutionProfileImpl requires the commons httpclient. However, I understand that declaring a bean with the name "httpClient" in a plugin is not a good idea because its such a common name. I can rename the bean but I am not sure if there is anyone out there who depends on this implementation detail. If I want to ensure no breaking changes I have to declare the HttpClient twice and users would have to manually override it or set a config to disable the obsolete bean.
I have renamed the bean in the 4.0.4 branch but I haven't tested the code yet:
Thank you for the reply.
We have received blackduck security vulnerability for Apache Client 3.1 which is a transitive dependency of org.springframework.security.extensions1.0.9.RELEASE -> openws1.5.6 -> opensaml 2.6.6
We are trying to exclude Apache Client 3.1(commons-httpclient) version and upgrading to 4.5.13 (org.apache.httpcomponents) version in build.gradle
We are getting below exception java.lang.NoClassDefFoundError: org/apache/commons/httpclient/protocol/ProtocolSocketFactory
Could you please help me to replace httpclient(HttpClient) bean which is importing from import org.apache.commons.httpclient.HttpClient in SpringSecuritySamlGrailsPlugin to org.apache.httpcomponents 4.5.13
Hi valentingoebel,
We are blocked with above issue, Could you please share your thoughts which will help us to move forward.
Hi valentingoebel,
Could you please look in to it.
Hi valentingoebel,
Could you please share your suggestions.
Can we override httpClient bean from commons-httpclient(3.1) to org.apache.httpcomponents(4.5.13) in SpringSecuritySamlGrailsPlugin in grails-spring-security-saml: 4.0.2.