I am migrating from Grails 1.1 to Grails 4.0.11. we have used Spring Webflow in it, but it never works in Grails 4. Is there any solution to implement Spring Webflow in Grails4?
Here's an open issue about the situation of Spring Webflow in newest grails version. The plugin is broken since version 2.x and seems that will not have any kind of refactoring.
Related
The spring published that:
I used spring 5.3.16, spring boot 2.2.10.RELEASE, spring cloud 2.2.10.RELEASE to use spring-cloud-netflix-zuul, so, can I just upgrade the spring version to 5.3.18, but don't upgrade other framwork?
Spring Boot 2.2.x is EOL and may contain other security fixes that affect you. Spring Boot 2.2.10.RELEASE use Spring Framework 5.2.9.RELEASE.
If you are using Spring Framework 5.3.x, this is not really a supported scenario irrespective of this CVE. You should be using Spring Framework 5.2.x. For that, we have released Spring Framework 5.2.20.
Of course, to be really safe you should upgrade to a supported version.
There is a vulnerability (https://nvd.nist.gov/vuln/detail/CVE-2021-22047) discovered in spring-data-rest-webmvc which is only fixed in versions 3.4.14 and 3.5.6. Spring Boot 2.3.12 uses the version 3.3.9. Migrating to spring boot 2.4.x or above is not an option for us.
We would like to use spring-data-rest-webmvc:3.4.14, but we are not sure if it's compatible with spring boot 2.3.x.
Can we use them together?
Spring Data Rest version 3.4 and up use Spring Framework version 5.3.x.
Spring Boot 2.3 is build with Spring Framework 5.2.x.
Will it work, probably, but there are no garanties that it will keep working or work at all. Most like it will fail with some NoSuchMethodError or ClassNotFOundExceptions or other exotic expetions one gets when mixing modules/jars from different versions of a framework.
Is there a compatibility matrix for spring, spring security and spring webflow for recent releases resp. versions running under Java 7 and JSF 2.2? Or are simply all versions > some threshold compatible?
you can check on maven here and check the compile dependencies of the versions.
for example you can see that WebFlow 2.4.4 is compatible with Spring Security 4.1.0.RELEASE and Spring 4.3.0.RELEASE which is then compatible with jsf 2.2 (through spring-web)
Please what is the compatible release version for Spring Security for Spring 3.2.8 release ?
There is little dependancy between Spring Security versions and Spring Framework versions. I have already used Spring Security 3.1.x with Spring Framework 3.1.x and 3.2.x.
If you have no reason to do differently (portability of code) you should choose the more recent General Available version that is compatible with your other components.
Doc for latest GA (4.0.1) says that it builds against Spring Framework 4.1.6.RELEASE, but should work with 4.0.x => no good.
Doc for previous GA (3.2.7) says that is builds against Spring Framework 3.2.13.RELEASE, but is also tested against Spring Framework 4.1.6.RELEASE
It would be my first choice, but if you use maven, you will have to control what is actually imported via transitive dependancy and eventually force 3.2.8 versions for all used Spring Framework components to avoid mixing different versions, or better upgrade to 3.2.13 since it is only a patch level different version.
Of course, you can also make use of the fact that previous Spring Security version (3.2.6) explicitely builds against Spring Framework 3.2.8.RELEASE, as said by #zeisi
According to the Docs it would be 3.2.6, see Spring Security Docs
Apache CXF is shipped with Spring 2.5.6, can I also use the Spring 3.0 framework without serious troubles.
Yes. I'm using CXF 2.2.7 and Spring 3.0.2 (The latest version) together without any issues.
You have to exclude CXF's Spring 2.5.6 dependavies otherwise the integration test in Spring Roo will not work