i am getting maven build error for my spring boot project i added spring security in my pom.xml but complete maven build
Dependency:
<!-- https://mvnrepository.com/artifact/org.springframework.security/spring-security-web -->
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>5.5.0-M1</version>
</dependency>
Error:
[WARNING] Could not transfer metadata net.minidev:json-smart/maven-metadata.xml from/to
SpringFramework (https://maven.springframework.org/milestone/): Authorization failed for
https://maven.springframework.org/milestone/net/minidev/json-smart/maven-metadata.xml 403
Forbidden
[WARNING] The POM for org.springframework.security:spring-security-web:jar:5.5.0-M1 is
missing, no dependency information available
[WARNING] The POM for org.springframework.security:spring-security-config:jar:5.5.0-M1 is
missing, no dependency information available
[WARNING] The POM for org.springframework.security:spring-security-core:jar:5.5.0-M1 is
missing, no dependency information available
[ERROR] Failed to execute goal on project gtt-v2-sample-track-salesorders-service: Could not
resolve dependencies for project com.sap.gtt.v2:gtt-v2-sample-track-salesorders-
service:jar:1.0.0: The following artifacts could not be resolved:
org.springframework.security:spring-security-web:jar:5.5.0-M1,
org.springframework.security:spring-security-config:jar:5.5.0-M1,
org.springframework.security:spring-security-core:jar:5.5.0-M1: Failure to find
org.springframework.security:spring-security-web:jar:5.5.0-M1 in
https://maven.springframework.org/milestone/ was cached in the local repository, resolution
will not be reattempted until the update interval of SpringFramework has elapsed or updates are forced -> [Help 1]
do i need to change anything, how to resolve issue
CodePudding user response:
change the version of the spring boot
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>5.5.0</version>
</dependency>
to this
CodePudding user response:
There are some vulnerabilities for version 5.5.0 and 5.5.1. See the details here: https://mvnrepository.com/artifact/org.springframework.security/spring-security-web/5.5.1
Please use the suggested version 5.6.2 (which doesn't have those vulnerabilities) in your code.
Change the version and then run mvn -U clean install to update the spring dependency version. If you are behind a proxy, ensure that you have the proxy details added in your settings.xml as mentioned here