SEC-1994: Spring security 3.1.1.RELEASE is not JDK 1.5 compatible #2215
Comments
|
Rob Winch said: Thank you for reporting this issue. Like any bug this should not have happened, but hopefully the explanation below helps to understand why it did happen. The problem occurred with the update from gradle 1.0-m3 to gradle 1.0 which had changed the default sourceCompatibility from 1.5 to the current JDK being used. While our CI server builds with 1.5 we typically release with 1.6 due to:
|
|
Rob Winch said: A fix which explicitly states the sourceCompatibility and targetCompatibility has been pushed to master. If anyone wants a workaround until 3.1.2 is released they can use 3.1.0 or they can build the tagged 3.1.1 release with JDK 1.5. Note that I have also logged SEC-1995 and SEC-1996 to help ensure things like this do not happen again. |
|
Lyor Goldstein said: Thanks for the quick reply - we have "downgraded" to 3.1.0.RELEASE for now and can wait for 3.1.2 which I assume will be JDK 1.5 compatible. BTW, on an un-related (or yes) question, is there some intention to declare that Spring artifacts will no longer be JDK 1.5 compatible as of some future version ? Like you mentioned, there are quite a few issues/bugs that have been fixed in 1.6 ... |
spring-projects-issues
added
in: build
|
This issue relates to #2125 |
Lyor Goldstein (Migrated from SEC-1994) said:
Even though the site states that it only requires 1.5+. See maven build exception below as well as javap command result.
Compiled from "Authentication.java"
public interface org.springframework.security.core.Authentication extends java.security.Principal,java.io.Serializable
SourceFile: "Authentication.java"
minor version: 0
major version: 50
Constant pool:
const #1 = class #21; // org/springframework/security/core/Authentication
const #2 = class #22; // java/lang/Object
const #3 = class #23; // java/security/Principal
const #4 = class #24; // java/io/Serializable
const #5 = Asciz getAuthorities;
const #6 = Asciz ()Ljava/util/Collection;;
const #7 = Asciz Signature;
const #8 = Asciz ()Ljava/util/Collection<+Lorg/springframework/security/core/GrantedAuthority;>;;
const #9 = Asciz getCredentials;
const #10 = Asciz ()Ljava/lang/Object;;
const #11 = Asciz getDetails;
const #12 = Asciz getPrincipal;
const #13 = Asciz isAuthenticated;
const #14 = Asciz ()Z;
const #15 = Asciz setAuthenticated;
const #16 = Asciz (Z)V;
const #17 = Asciz Exceptions;
const #18 = class #25; // java/lang/IllegalArgumentException
const #19 = Asciz SourceFile;
const #20 = Asciz Authentication.java;
const #21 = Asciz org/springframework/security/core/Authentication;
const #22 = Asciz java/lang/Object;
const #23 = Asciz java/security/Principal;
const #24 = Asciz java/io/Serializable;
const #25 = Asciz java/lang/IllegalArgumentException;
{
public abstract java.util.Collection getAuthorities();
Signature: length = 0x2
00 08
public abstract java.lang.Object getCredentials();
public abstract java.lang.Object getDetails();
public abstract java.lang.Object getPrincipal();
public abstract boolean isAuthenticated();
public abstract void setAuthenticated(boolean) throws java.lang.IllegalArgumentException;
Exceptions:
throws java.lang.IllegalArgumentException
}
org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal org.apache.maven.plugins:maven-compiler-plugin:2.3.2:compile (default-compile) on project insight-dashboard: Compilation failure
/opt/hudson/workspace/jobs/insight-continuous-jvm1.5/workspace/core/dashboard/src/main/java/com/springsource/insight/dashboard/util/RequireAdminTag.java:[11,-1] cannot access org.springframework.security.core.Authentication
bad class file: /opt/hudson/.m2/repository/org/springframework/security/spring-security-core/3.1.1.RELEASE/spring-security-core-3.1.1.RELEASE.jar(org/springframework/security/core/Authentication.class)
class file has wrong version 50.0, should be 49.0
The text was updated successfully, but these errors were encountered: