TechQA.

spring-ws-security dependency conflict

1.5k views Asked by At

I'd like to use spring-ws-security in order to secure my web service with Wss4jSecurityInterceptor and signatures. But there is a dependency conflict which make this system unworkable. The spring-ws-security:2.1.2.RELEASE seems to be not workable as well.

spring-ws-security : 2.1.3.RELEASE [compile]
 - wss4j : 1.6.5                   [compile]
   - xmlsec : 1.5.1                [compile]
   - opensaml : 2.5.1-1            [compile]
     - openws : 1.4.2-1            [compile]
       - xmltooling : 1.3.2-1      [compile]
         - xmlsec : 1.4.4          [compile] (omitted for conflict with 1.5.1)

Is there any way to solve this problem?

Many thanks in advance.

spring-ws wss4j opensaml xmlsec
Original Q&A
2

There are 2 answers

0
Stefan Rasmusson On BEST ANSWER

Problem is you are already including a the same dependency witha newer version I think something in the lines of this would solve it. Add it to your spring-ws-security dependency declaration.

<exclusions>
     <exclusion>
          <groupId>org.apache.santuario</groupId>
          <artifactId>xmlsec</artifactId>
     </exclusion>
</exclusions>
0
Andreas Veithen On

There is actually no problem here. wss4j has a direct dependency on xmlsec and it simply overrides the version of the transitive dependency. WSS4J is sufficiently tested to ensure that replacing 1.4.4 with 1.5.1 doesn't cause any issues in OpenSAML.

Related Questions in SPRING-WS

Related Questions in WSS4J

Related Questions in OPENSAML

Related Questions in XMLSEC

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions