[
https://issues.apache.org/jira/browse/CAMEL-19969?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17773427#comment-17773427
]
Andrea Cosentino commented on CAMEL-19969:
------------------------------------------
This is because Spring Boot is not the only runtime consuming the main camel
project. So the dependencies are coming from a parent POM in Camel main
project. But SB brings its own set of dependencies and to be in sync with the
Spring Boot version we are using, we need to override through
dependencyManagement.
We can improve the documentation for sure.
Let me bring in [~davsclaus] and [~essobedo] too.
> camel-spring-boot-starter brings incompatible dependencies with spring
> security
> -------------------------------------------------------------------------------
>
> Key: CAMEL-19969
> URL: https://issues.apache.org/jira/browse/CAMEL-19969
> Project: Camel
> Issue Type: Bug
> Affects Versions: 3.21.1
> Reporter: Ruslan Hryn
> Assignee: Andrea Cosentino
> Priority: Minor
>
> camel-spring-boot-starter brings incompatible dependencies with spring boot
> and spring security.
> The camel starter is compatible with Spring Boot 2.7.16 according to the
> documentation.
> But the starter contains spring-security-config v 5.8.7 which is not
> compatible with Spring Boot 2.7.16 bom because this version of Spring Boot
> uses spring-security-config v 5.7.11
> This incompatibility of dependencies are causing crash during the start of
> apps when using spring security
> Here is the reproducer [https://github.com/RuslanHryn/camel-deps-issue]
> Run AppTest
> Here is crash log
> {code:java}
> Caused by: org.springframework.beans.factory.BeanCreationException: Error
> creating bean with name
> 'org.springframework.security.config.annotation.web.configuration.HttpSecurityConfiguration.httpSecurity'
> defined in class path resource
> [org/springframework/security/config/annotation/web/configuration/HttpSecurityConfiguration.class]:
> Bean instantiation via factory method failed; nested exception is
> org.springframework.beans.BeanInstantiationException: Failed to instantiate
> [org.springframework.security.config.annotation.web.builders.HttpSecurity]:
> Factory method 'httpSecurity' threw exception; nested exception is
> java.lang.NoSuchMethodError: 'void
> org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.setSecurityContextHolderStrategy(org.springframework.security.core.context.SecurityContextHolderStrategy)'
> at
> org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:653)
> at
> org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:481)
> at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1352)
> at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1195)
> at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:582)
> at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:542)
> at
> org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:353)
> at
> org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:208)
> at
> org.springframework.beans.factory.config.DependencyDescriptor.resolveCandidate(DependencyDescriptor.java:276)
> at
> org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1391)
> at
> org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1311)
> at
> org.springframework.beans.factory.support.ConstructorResolver.resolveAutowiredArgument(ConstructorResolver.java:911)
> at
> org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:788)
> ... 107 more
> Caused by: org.springframework.beans.BeanInstantiationException: Failed to
> instantiate
> [org.springframework.security.config.annotation.web.builders.HttpSecurity]:
> Factory method 'httpSecurity' threw exception; nested exception is
> java.lang.NoSuchMethodError: 'void
> org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.setSecurityContextHolderStrategy(org.springframework.security.core.context.SecurityContextHolderStrategy)'
> at
> org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:185)
> at
> org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:648)
> ... 119 more
> Caused by: java.lang.NoSuchMethodError: 'void
> org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.setSecurityContextHolderStrategy(org.springframework.security.core.context.SecurityContextHolderStrategy)'
> at
> org.springframework.security.config.annotation.web.configuration.HttpSecurityConfiguration.httpSecurity(HttpSecurityConfiguration.java:112)
> at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native
> Method)
> at
> java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
> at
> java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.base/java.lang.reflect.Method.invoke(Method.java:568)
> at
> org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:154)
> ... 120 more {code}
> Please downgrade the version of spring-security-config from 5.8.7 to 5.7.11
> to be compatible with Spring Boot Spring Boot 2.7.16
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
