Red Hat Bugzilla – Bug 1022679
Missing dependencies on Picketlink-core 18.104.22.168.Final-redhat-2
Last modified: 2013-12-15 11:48:48 EST
Description of problem:
EAP 6.2.0.Beta -with-security BOM uses PL 22.214.171.124.Final-redhat-2.
picketlink-core has org.jboss.security:jbossxacml:2.0.8.Final declared on compile scope: http://maven.repository.redhat.com/techpreview/eap6/6.2.0.Beta/maven-repository/org/picketlink/picketlink-core/126.96.36.199.Final-redhat-2/picketlink-core-188.8.131.52.Final-redhat-2.pom
It also declares org.jboss.security:jboss-negotiation-common:2.2.5.Final-redhat-2 which has org.jboss.web:jbossweb:7.0.16.Final http://maven.repository.redhat.com/techpreview/eap6/6.2.0.Beta/maven-repository/org/jboss/security/jboss-negotiation-common/2.2.5.Final-redhat-2/jboss-negotiation-common-2.2.5.Final-redhat-2.pom
These GAVs are not present on MavenCentral and it's only present on JBoss Nexus Server
Version-Release number of selected component (if applicable): PL 184.108.40.206.Final-redhat-2
Steps to Reproduce:
1. Checkout and compile: https://github.com/jboss-developer/jboss-eap-quickstarts/tree/master/picketlink-sts
Actual results: Could not resolve dependencies for project org.jboss.quickstarts.eap:jboss-picketlink-sts:war:6.2.0-redhat-SNAPSHOT: Failed to collect dependencies for [org.picketlink:picketlink-core:jar:220.127.116.11.Final-redhat-2 (provided)]: Failed to read artifact descriptor for org.jboss.security:jbossxacml:jar:2.0.8.Final
Expected results: BUILD SUCCESS
Peter - I am wondering if we can make the scope of xacml dependency to provided or excluded in the quickstart build.
Darran Lofthouse <firstname.lastname@example.org> updated the status of jira SECURITY-760 to Resolved
What is the current status of this bug? I'm still getting Jenkins build errors.
jbossxacml excluded from quickstart build.
Verified in 6.2.0.ER7-quickstarts