Description of problem: There is incorrect spring-security-acl artifact for version 2.0.8.RELEASE in Maven Central. We can use the Spring Security 2.0.8.RELEASE, but this particular jar needs to be downgraded to 2.0.7.RELEASE. I did the diff between sources of spring-security-acl:2.0.7.RELEASE and spring-security-acl:2.0.8.RELEASE and there is no change at all, so this solution should be safe. This will require modification of com.redhat.jboss.wfk.boms:spring-2.5-bom. Related Spring Jira issue: https://jira.springsource.org/browse/SEC-2125 Version-Release number of selected component (if applicable): WFK 2.3.0-SNAPSHOT EAP 6.1.0 2.5.6.SEC03 Spring Security 2.0.8.RELEASE How reproducible: Always. Description of problem: Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
downgraded in http://git.app.eng.bos.redhat.com/?p=wfk/distribution.git;a=commitdiff;h=84e3a61c5cff1ee81c8d6cfadc140ab5bf7c2a20
Verified in WFK 2.3.0.ER1.