Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade to Spring Security 6, requiring Java 17 and Gradle 7.3 minimum #78

Closed
wants to merge 1 commit into from
Closed

Upgrade to Spring Security 6, requiring Java 17 and Gradle 7.3 minimum #78

wants to merge 1 commit into from

Conversation

adrogon
Copy link

@adrogon adrogon commented Nov 26, 2022
edited
Loading

Upgrades the library to be compatible with Spring Security 6.

  • Requires Java 17
  • Upgrades Gradle to latest, 7.6 (minimum supported is 7.3)
  • Upgrades Servlet API to 6, up from 2.5 (From Java EE to Jakarta EE)
  • Upgrades other libraries to latest version
  • Changes the CI pipeline to use the convenience images from CircleCI, and upgrade to OpenJDK 17

Please notice jcenter() was added to the list of repositories. It is deprecated, but so is Bintray.

@adrogon adrogon requested a review from a team as a code owner November 26, 2022 12:49
@adrogon adrogon force-pushed the Spring6 branch 3 times, most recently from c7006a1 to e190269 Compare November 26, 2022 15:48
@AlexanderNZ
Copy link

I'm currently blocked on updating to spring boot 3 and this PR would solve that blocker. Appreciate it's only been open two days but it would be great to get some feedback on timelines for review and merging of this PR.

@jimmyjames jimmyjames added the needs investigation An issue that has more questions to answer or otherwise needs work to fully understand the issue label Dec 5, 2022
@epiard13
Copy link

epiard13 commented Jan 9, 2023
edited
Loading

Upgrades the library to be compatible with Spring Security 6.

  • Requires Java 17
  • Upgrades Gradle to latest, 7.6 (minimum supported is 7.3)
  • Upgrades Servlet API to 6, up from 2.5 (From Java EE to Jakarta EE)
  • Upgrades other libraries to latest version
  • Changes the CI pipeline to use the convenience images from CircleCI, and upgrade to OpenJDK 17

Please notice jcenter() was added to the list of repositories. It is deprecated, but so is Bintray.

@adrogon Do you need to add a different Auth0 reviewer? It doesn't look like the current reviewer exists....
@jimmyjames Please advise...

@adrogon
Copy link
Author

adrogon commented Jan 9, 2023

@epiard13 I don't know if Auth0 intends to maintain this library going forward. It was already disclaimed to not use it for Spring Security 5 anymore, so maybe it won't support Spring Security 6 at all?
But if they want to, well this PR is the beginning of an answer.

Please notice there is already a more recent version of Spring Security, but I'll wait for more information before updating this branch.

@jimmyjames
Copy link
Contributor

Hey all, as noted we recommend using Spring Security directly now, as the framework has very good OAuth2 and OIDC support. If we do decide to update this library for Spring 6, this PR can be a good starting point, so thank you!

With regards to Spring Security 6, we will be updating our quickstarts and samples for Spring 6. Until published, we've captured an issue with steps to take to integrate authorization into your application using Spring Security 6. If you have questions or run into issues with Spring 6, please chime in there. Thanks!

@jimmyjames jimmyjames closed this Feb 13, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
needs investigation An issue that has more questions to answer or otherwise needs work to fully understand the issue
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@adrogon @AlexanderNZ @epiard13 @jimmyjames