I have the following gradle settings:
plugins {
id 'org.springframework.boot' version '3.0.0'
id 'io.spring.dependency-management' version '1.1.0'
id 'java'
}
repositories {
mavenCentral()
}
dependencies {
implementation 'org.springframework.boot:spring-boot-starter-actuator'
implementation 'org.springframework.boot:spring-boot-starter-web'
implementation 'org.springframework.boot:spring-boot-starter-aop'
testImplementation 'org.springframework.boot:spring-boot-starter-test'
implementation 'org.springframework.boot:spring-boot-starter-amqp'
testImplementation 'org.springframework.amqp:spring-rabbit-test'
}
How can I lock or specify exactly the versions of all the dependencies libs, how do I check the compatibility with the other libs and chose the most new and updated ones?
as I understand - spring boot doesn't need spring framework specified?
checked other Stackoverflow posts.
checked compatibility matrix.
dependencyManagement {
imports {
mavenBom "org.springframework.boot:spring-boot-dependencies:3.0.0"
}
}
solved the issue.
Related
I'm having a problem importing dependencies into my code in IntelliJ
My build.gradle file is as follows:
plugins {
id 'groovy'
id 'java'
}
group 'org.example'
version '1.0-SNAPSHOT'
repositories {
mavenCentral()
}
dependencies {
implementation 'org.codehaus.groovy:groovy-all:2.3.11'
testImplementation group: 'junit', name: 'junit', version: '4.12'
testImplementation 'org.junit.jupiter:junit-jupiter-api:5.6.0'
testRuntimeOnly 'org.junit.jupiter:junit-jupiter-engine'
implementation 'com.squareup.retrofit2:retrofit:2.9.0'
}
test {
useJUnitPlatform()
}
Gradle doesn't seem to struggle to find and download the dependencies as I can find them locally in
C:\Users%USER%.gradle\caches\modules-2\files-2.1\com.squareup.retrofit2\retrofit\2.9.0
I've updated IntelliJ to make sure it's up-to-date and have also tried invalidating cache and restarting several times. I'm out of ideas at this point, any help would be kind.
I’m implementing sample application which is supposed to combine SAML 2.0, Oauth 2.0 and UMA 2.0. I’ve generated Spring Boot template using initializr.
I’m stuck at the beginning by saml2ogin(). It looks like SAML 2.0 support is missed. RelyingPartyRegistrationRepository is not available. When I browse imports in HttpSecurity class, I have org.springframework.security.saml2 – Cannot resolve symbol “saml2”.
According to the documentation:
https://docs.spring.io/spring-security/site/docs/5.3.x/reference/html5/
SAML 2.0 support should by bundled in spring-boot-starter-security
Have I missed something?
My build.gradle:
plugins {
id 'org.springframework.boot' version '2.2.6.RELEASE'
id 'io.spring.dependency-management' version '1.0.9.RELEASE'
id 'java'
}
group = 'com.example'
version = '0.0.1-SNAPSHOT'
sourceCompatibility = '11'
repositories {
mavenCentral()
}
dependencies {
implementation 'org.springframework.boot:spring-boot-starter-security'
implementation 'org.springframework.boot:spring-boot-starter-thymeleaf'
implementation 'org.springframework.boot:spring-boot-starter-web'
testImplementation('org.springframework.boot:spring-boot-starter-test') {
exclude group: 'org.junit.vintage', module: 'junit-vintage-engine'
}
testImplementation 'org.springframework.security:spring-security-test'
}
test {
useJUnitPlatform()
}
implementation 'org.springframework.security:spring-security-saml2-service-provider'
As far as I can tell that dependency is marked as optional, so it has to be included explicitly.
https://github.com/spring-projects/spring-security/blob/master/config/spring-security-config.gradle
Is it possible to configure or autowire a JWE key selector for a spring boot 2.0 application with spring security 5.x.x to be able to decrypt the id_oken received from an OpenId connect provider?
The JWS Keys can be defined by the spring security oauth2 client registration properties. But I did not find a way for specifing the JWEKeySelector for the JWTDecoder used by spring security oauth.
Thanks in advance!
dependencies:
buildscript {
ext {
springBootVersion = '2.0.0.RELEASE'
}
repositories {
mavenCentral()
}
dependencies {
classpath("org.springframework.boot:spring-boot-gradle-plugin:${springBootVersion}")
}
}
apply plugin: 'java'
apply plugin: 'eclipse'
apply plugin: 'org.springframework.boot'
apply plugin: 'io.spring.dependency-management'
sourceCompatibility = 1.8
repositories {
mavenCentral()
}
ext['thymeleaf.version'] = '3.0.9.RELEASE'
dependencies {
compile 'org.springframework.security:spring-security-config'
compile 'org.springframework.security:spring-security-oauth2-client'
compile 'org.springframework.security:spring-security-oauth2-jose'
compile 'org.springframework.boot:spring-boot-starter-web'
compile 'org.springframework.boot:spring-boot-starter-thymeleaf'
compile 'org.thymeleaf.extras:thymeleaf-extras-springsecurity4'
compile 'io.projectreactor.ipc:reactor-netty'
compile 'org.springframework:spring-webflux'
compile 'org.webjars:jquery:3.3.1-1'
compile 'org.webjars:bootstrap:4.0.0-1'
compile 'org.webjars:webjars-locator:0.32'
testCompile 'org.springframework.security:spring-security-test'
testCompile 'org.springframework.boot:spring-boot-starter-test'
}
I am trying to manage my spring dependencies using gradle and the spring dependency management plugin. Currently this brings down version 5.0.3.RELEASE of spring-data-neo4j which according to the pom here, should bring down version 3.0.3 of the neo4j-ogm, but instead it brings down version 2.1.5. This means that even though I've followed the docs to the letter about configuration that the ConfigurationBuilder symbol is not found. Any help would be greatly appreciated. I am currently using gradle 4.4.1
buildscript {
repositories {
mavenCentral()
maven { url 'https://repo.spring.io/plugins-snapshot' }
}
dependencies {
classpath("org.springframework.boot:spring-boot-gradle-plugin:1.5.8.RELEASE")
classpath 'io.spring.gradle:dependency-management-plugin:1.0.5.BUILD-SNAPSHOT'
}
}
plugins {
id "io.spring.dependency-management" version "1.0.4.RELEASE"
}
apply plugin: 'java'
apply plugin: 'eclipse'
apply plugin: 'idea'
apply plugin: 'org.springframework.boot'
apply plugin: "io.spring.dependency-management"
ext {
springVersion = '5.0.3.RELEASE'
springDataVersion = 'Kay-SR3'
}
dependencyManagement {
imports {
mavenBom "org.springframework:spring-framework-bom:${springVersion}"
mavenBom "org.springframework.data:spring-data-releasetrain:${springDataVersion}"
}
}
repositories {
mavenCentral()
maven {
url 'https://repo.spring.io/libs-release'
}
}
dependencies {
compile group: "org.springframework.boot", name: "spring-boot-starter-web"
compile group: "org.springframework.boot", name: "spring-boot-starter-security"
compile group: "org.springframework", name: "spring-aspects"
compile group: "org.springframework.data", name: "spring-data-neo4j"
compile group: 'com.fasterxml.jackson.datatype', name: 'jackson-datatype-jsr310'
testCompile group: "org.springframework.boot", name: "spring-boot-starter-test"
testCompile group: "org.neo4j", name: "neo4j-ogm-embedded-driver", version: "3.1.0"
}
You are using the spring-boot-gradle-plugin with version 1.5.8.RELEASE. This will pull in the version 4 of SDN and its dependency OGM 2.1.x when you declare the dependency here compile group: "org.springframework.data", name: "spring-data-neo4j".
The only solution at this point is to use Spring Boot 2 RC1. If you would include SDN with its dependencies to Spring Data commons and Spring Framework 5 you will mess up your class path because Spring Boot 1 is based on Spring Framework 4.
Background: Tried it once to integrate SDN 5.x in Spring Boot 1 but it did not work out, you will lose all benefits of Spring Boot since you have to deactivate pretty everything.
As far as I know gradle requires a version number when setting dependencies, but partial wildcards are allowed. For example if I want Guava, I cannot do this as it fails:
compile('com.google.guava:guava')
It has to be (as an example):
compile('com.google.guava:guava:21.0')
However, I'm learning Spring, which has the following:
compile("org.springframework.boot:spring-boot-starter")
compile("org.springframework:spring-web")
compile("com.fasterxml.jackson.core:jackson-databind")
How are these dependencies working with no version supplied?
Is it because of the following, but I thought these lines were required only for my plugin 'org.springframework.boot':
buildscript {
repositories {
mavenCentral()
}
dependencies {
classpath("org.springframework.boot:spring-boot-gradle-plugin:1.4.3.RELEASE")
}
}
It is worth mentioning that the trick is called BOM (bill of materials) and the actual versions can be checked in the related POM file (in this example, it is for the version 2.7.0) inside spring-boot-dependencies package. This is mentioned in the Spring Boot official documentation here: Build Systems.
Another way that Spring provides this (for non Boot projects) is through Spring Platform BOM where it actually provides version for the following dependencies.
buildscript {
repositories {
jcenter()
}
dependencies {
classpath 'io.spring.gradle:dependency-management-plugin:0.6.0.RELEASE'
}
}
apply plugin: 'io.spring.dependency-management'
dependencyManagement {
imports {
mavenBom 'io.spring.platform:platform-bom:Athens-SR2'
}
}
TL;DR - spring boot uses custom dependencies resolver.
A spring boot plugin that is applied with the following piece of code:
apply plugin: 'spring-boot'
handles the dependencies that are listed without version. This logic is implemented in this class which delegates it to here. DependencyManagementPluginFeatures are applied here.
The spring boot gradle plugin documentation states the following:
The version of the spring-boot gradle plugin that you declare
determines the version of the spring-boot-starter-parent bom that is
imported (this ensures that builds are always repeatable). You should
always set the version of the spring-boot gradle plugin to the actual
Spring Boot version that you wish to use.
Spring Boot Dependency Management Plugin is not necessary.
You may use build-in Gradle BOM support instead of Spring Boot Dependency Management Plugin
For example:
plugins {
id 'java'
id 'org.springframework.boot' version '2.1.0.RELEASE'
}
repositories {
jcenter()
}
dependencies {
implementation platform('org.springframework.boot:spring-boot-dependencies:2.1.0.RELEASE')
implementation 'org.springframework.boot:spring-boot-starter-web'
implementation 'org.springframework.boot:spring-boot-starter-security'
}
and for multi-module project:
in root build.gradle :
plugins {
id 'java-library'
id 'org.springframework.boot' version '2.1.0.RELEASE'
}
allprojects {
apply plugin: 'java-library'
repositories {
jcenter()
}
}
dependencies {
implementation project(':core')
implementation 'org.springframework.boot:spring-boot-starter-web'
}
and in core/build.gradle
dependencies {
api platform('org.springframework.boot:spring-boot-dependencies:2.1.0.RELEASE')
implementation 'org.springframework.boot:spring-boot-starter-web'
testImplementation 'org.springframework.boot:spring-boot-starter-test'
}