diff --git a/build.gradle b/build.gradle index 2ff5d1b832..8c0fcc7f68 100644 --- a/build.gradle +++ b/build.gradle @@ -25,10 +25,8 @@ allprojects { ext.releaseBuild = version.endsWith('RELEASE') ext.snapshotBuild = version.endsWith('SNAPSHOT') - ext.springVersion = '3.2.8.RELEASE' - ext.spring4Version = '4.0.2.RELEASE' - ext.springLdapVersion = '1.3.2.RELEASE' - ext.springLdap2Version = '2.0.1.RELEASE' + ext.springVersion = '4.0.2.RELEASE' + ext.springLdapVersion = '2.0.1.RELEASE' group = 'org.springframework.security' @@ -107,23 +105,6 @@ configure(coreModuleProjects) { } configurations { jacoco //Configuration Group used by Sonar to provide Code Coverage using JaCoCo - spring4TestRuntime.extendsFrom testRuntime - } - configurations.spring4TestRuntime { - resolutionStrategy.eachDependency { DependencyResolveDetails details -> - if (details.requested.group == 'org.springframework') { - details.useVersion spring4Version - } - if (details.requested.name == 'ehcache') { - details.useVersion '2.6.5' - } - if (details.requested.name == 'ehcache-terracotta') { - details.useVersion '2.1.1' - } - if (details.requested.group == 'org.springframework.ldap') { - details.useVersion springLdap2Version - } - } } dependencies { @@ -135,14 +116,6 @@ configure(coreModuleProjects) { integrationTest { jvmArgs "-javaagent:${configurations.jacoco.asPath}=destfile=${buildDir}/jacoco.exec,includes=${project.group}.*" } - task spring4Test(type: Test) { - jvmArgs = ['-ea', '-Xmx500m', '-XX:MaxPermSize=128M'] - exclude "**/EhCacheBasedAclCacheTests.class", "**/Issue55Tests.class" - classpath = sourceSets.test.output + sourceSets.main.output + configurations.spring4TestRuntime - testResultsDir = file("$buildDir/spring4-test-results/") - testReportDir = file("$buildDir/reports/spring4-tests/") - } - check.dependsOn spring4Test } configure (aspectjProjects) { diff --git a/docs/docs.gradle b/docs/docs.gradle index 6906f28656..f56302045c 100644 --- a/docs/docs.gradle +++ b/docs/docs.gradle @@ -26,7 +26,6 @@ project('manual') { numbered: '', 'spring-security-version' : project.version, 'spring-version' : springVersion, - 'spring4-version' : spring4Version, revnumber : project.version ] ] diff --git a/docs/manual/src/asciidoc/index.adoc b/docs/manual/src/asciidoc/index.adoc index 6df0da8129..407662e172 100644 --- a/docs/manual/src/asciidoc/index.adoc +++ b/docs/manual/src/asciidoc/index.adoc @@ -198,9 +198,9 @@ If you are using a milestone or release candidate version, you will need to ensu ---- [[maven-bom]] -===== Using Spring 4 and Maven +===== Spring Framework Bom -Spring Security builds against Spring Framework {spring-version}, but is also tested against Spring Framework {spring4-version}. This means you can use Spring Security {spring-security-version} with Spring Framework {spring4-version}. The problem that many users will have is that Spring Security's transitive dependencies resolve Spring Framework {spring-version} causing all sorts of strange classpath problems. +Spring Security builds against Spring Framework {spring-version}, but should work with 4.0.x. The problem that many users will have is that Spring Security's transitive dependencies resolve Spring Framework {spring-version} which can cause strange classpath problems. One (tedious) way to circumvent this issue would be to include all the Spring Framework modules in a http://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html#Dependency_Management[] section of your pom. An alternative approach is to include the `spring-framework-bom` within your `` section of your `pom.xml` as shown below: @@ -213,7 +213,7 @@ One (tedious) way to circumvent this issue would be to include all the Spring Fr org.springframework spring-framework-bom - {spring4-version} + {spring-version} pom import @@ -221,7 +221,7 @@ One (tedious) way to circumvent this issue would be to include all the Spring Fr ---- -This will ensure that all the transitive dependencies of Spring Security use the Spring {spring4-version} modules. +This will ensure that all the transitive dependencies of Spring Security use the Spring {spring-version} modules. NOTE: This approach uses Maven's "bill of materials" (BOM) concept and is only available in Maven 2.0.9+. For additional details about how dependencies are resolved refer to http://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html[Maven's Introduction to the Dependency Mechanism documentation]. @@ -274,9 +274,9 @@ repositories { ---- [[gradle-resolutionStrategy]] -===== Using Spring 4 and Gradle +===== Using Spring 4.0.x and Gradle -By default Gradle will use the newest version when resolving transitive versions. This means that often times no additional work is necessary when running Spring Security {spring-security-version} with Spring Framework {spring4-version}. However, at times there can be issues that come up so it is best to mitigate this using http://www.gradle.org/docs/current/dsl/org.gradle.api.artifacts.ResolutionStrategy.html[Gradle's ResolutionStrategy] as shown below: +By default Gradle will use the newest version when resolving transitive versions. This means that often times no additional work is necessary when running Spring Security {spring-security-version} with Spring Framework {spring-version}. However, at times there can be issues that come up so it is best to mitigate this using http://www.gradle.org/docs/current/dsl/org.gradle.api.artifacts.ResolutionStrategy.html[Gradle's ResolutionStrategy] as shown below: .build.gradle [source,groovy] @@ -285,13 +285,13 @@ By default Gradle will use the newest version when resolving transitive versions configurations.all { resolutionStrategy.eachDependency { DependencyResolveDetails details -> if (details.requested.group == 'org.springframework') { - details.useVersion '{spring4-version}' + details.useVersion '{spring-version}' } } } ---- -This will ensure that all the transitive dependencies of Spring Security use the Spring {spring4-version} modules. +This will ensure that all the transitive dependencies of Spring Security use the Spring {spring-version} modules. NOTE: This example uses Gradle 1.9, but may need modifications to work in future versions of Gradle since this is an incubating feature within Gradle. @@ -809,7 +809,7 @@ public class MultiHttpSecurityConfig { [[jc-method]] === Method Security -From version 2.0 onwards Spring Security has improved support substantially for adding security to your service layer methods. It provides support for JSR-250 annotation security as well as the framework’s original @Secured annotation. From 3.0 you can also make use of new <>. You can apply security to a single bean, using the intercept-methods element to decorate the bean declaration, or you can secure multiple beans across the entire service layer using the AspectJ style pointcuts. +From version 2.0 onwards Spring Security has improved support substantially for adding security to your service layer methods. It provides support for JSR-250 annotation security as well as the framework���s original @Secured annotation. From 3.0 you can also make use of new <>. You can apply security to a single bean, using the intercept-methods element to decorate the bean declaration, or you can secure multiple beans across the entire service layer using the AspectJ style pointcuts. ==== EnableGlobalMethodSecurity @@ -824,7 +824,7 @@ public class MethodSecurityConfig { } ---- -Adding an annotation to a method (on an class or interface) would then limit the access to that method accordingly. Spring Security’s native annotation support defines a set of attributes for the method. These will be passed to the AccessDecisionManager for it to make the actual decision: +Adding an annotation to a method (on an class or interface) would then limit the access to that method accordingly. Spring Security���s native annotation support defines a set of attributes for the method. These will be passed to the AccessDecisionManager for it to make the actual decision: [source,java] ---- @@ -852,7 +852,7 @@ public class MethodSecurityConfig { } ---- -These are standards-based and allow simple role-based constraints to be applied but do not have the power Spring Security’s native annotations. To use the new expression-based syntax, you would use +These are standards-based and allow simple role-based constraints to be applied but do not have the power Spring Security���s native annotations. To use the new expression-based syntax, you would use [source,java] ---- diff --git a/gradle/javaprojects.gradle b/gradle/javaprojects.gradle index 5f20df2e69..14129a05bb 100644 --- a/gradle/javaprojects.gradle +++ b/gradle/javaprojects.gradle @@ -11,7 +11,7 @@ apply plugin: 'propdeps-eclipse' sourceCompatibility = 1.5 targetCompatibility = 1.5 -ext.ehcacheVersion = '1.6.2' +ext.ehcacheVersion = '2.6.5' ext.aspectjVersion = '1.6.10' ext.apacheDsVersion = '1.5.5' ext.jstlVersion = '1.2'