Hi, I've created a review to upgrade the spring security libraries and its dependencies:
https://reviews.apache.org/r/51728/ This will affect a bunch of packaged jars and also trigger changes in the license and notice files. My question is whether we should hold off this upgrade after GEODE1.0 is released or do it now. It would be nice to use the latest spring security libraries in our developer rest security work (the latest is 4.1.3, and we are using 3.1.7), but we can do without the upgrade as well. -- Cheers Jinmei
