Bug 903218

Summary: Spring-2.5-bom references openid4java-consumer that is dependent on guice that is not available in Maven Central
Product: [Retired] JBoss Enterprise WFK Platform 2 Reporter: Tomas Repel <trepel>
Component: SpringAssignee: Marek Novotny <mnovotny>
Status: CLOSED CURRENTRELEASE QA Contact: Tomas Repel <trepel>
Severity: medium Docs Contact:
Priority: medium    
Version: 2.1.0CC: kpiwko, mnovotny
Target Milestone: CR2   
Target Release: 2.2.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-05-14 14:50:08 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Tomas Repel 2013-01-23 14:12:15 UTC 
Description of problem:

The com.redhat.jboss.wfk.boms:spring-2.5-bom:2.2.0-redhat-1 bom references org.openid4java:openid4java-consumer:0.9.6. This transitively depends on com.google.code.guice:guice:2.0 that is not available in Maven Central.

Possible workaround could be to use org.openid4java:openid4java:0.9.7 instead. This uses com.google.inject:guice:2.0 that can be downloaded from Maven Central.

How reproducible:

Always

Steps to Reproduce:
1. use spring-2.5-bom and openid4java-consumer in some maven project
2. mvn clean package
  
Actual results:

Failed to read artifact descriptor for com.google.code.guice:guice:jar:2.0: Could not transfer artifact com.google.code.guice:guice:pom:2.0 from/to guice (http://guice-maven.googlecode.com/svn/trunk): Access denied to: http://guice-maven.googlecode.com/svn/trunk/com/google/code/guice/guice/2.0/guice-2.0.pom -> [Help 1]

Expected results:

It passes.
Comment 1 Karel Piwko 2013-01-23 16:18:23 UTC 
Note this is a regression from previous release caused by a third party (OpenId4Java). It is broken for WFK 2.1.0 version as well.
Comment 3 Tomas Repel 2013-02-25 17:02:11 UTC 
Verified in WFK 2.2.0.ER1.
Comment 4 Tomas Repel 2013-04-08 16:17:50 UTC 
Unfortunately, I did a poor job when verifying this issue, in spring 2.5 bom the artifact `openid4java-consumer` has to be renamed to `openid4java` because since version 0.9.7 there is no `openid4java-consumer` in maven central. And also the `<type>pom</type>` has to be removed.
Comment 5 Marek Novotny 2013-04-09 07:38:15 UTC 
I fixed the artifactId. There were also a problem with exclusion, which removed the openid4java from spring-security-openid dependency hierarchy. This was not correct so I removed the exclusion as we are trying to overwrite version and not to remove openid from dependency tree.
Comment 6 Marek Novotny 2013-04-09 07:38:18 UTC 
I fixed the artifactId. There were also a problem with exclusion, which removed the openid4java from spring-security-openid dependency hierarchy. This was not correct so I removed the exclusion as we are trying to overwrite version and not to remove openid from dependency tree.
Comment 7 Tomas Repel 2013-04-10 16:01:17 UTC 
Verified in WFK 2.2.0.CR2.  Hopefully it is really ok this time, thanks Marek for quick fix.
Comment 8 Karel Piwko 2013-05-14 14:50:08 UTC 
Closed as CURRENTRELEASE, part of WFK 2.2.0 distributables.