From: Lee, Tian (tl5884) <TianL@amdocs.com>
Date: Thu, 3 Jan 2019 11:15:46 +0000 (+0000)
Subject: Upversion Spring Boot for NexusIQ
X-Git-Tag: 2.1.9~2
X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=refs%2Fchanges%2F14%2F75214%2F1;p=aaf%2Fcadi.git

Upversion Spring Boot for NexusIQ

Upversion to latest 2.1.1.RELEASE to fix new NexusIQ security
vulnerabilities

Change-Id: I8d7759d5f5dbdf70b1056bc4b6875caf8c25893d
Issue-ID: AAF-693
Signed-off-by: Lee, Tian (tl5884) <TianL@amdocs.com>
---

diff --git a/sidecar/pom.xml b/sidecar/pom.xml
index 424f29c..dd5ae52 100644
--- a/sidecar/pom.xml
+++ b/sidecar/pom.xml
@@ -15,8 +15,7 @@
 	* limitations under the License. 
 	* ============LICENSE_END==================================================== 
 	* -->
-<project xmlns="http://maven.apache.org/POM/4.0.0"
-	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
 	<parent>
 		<groupId>org.onap.aaf.cadi</groupId>
@@ -53,12 +52,12 @@
 		<!-- Spring boot version 
 		  Must match oParent
 		-->
-	  	<spring.boot.version>2.0.5.RELEASE</spring.boot.version>
-	  	<spring.web.version>3.0.4.RELEASE</spring.web.version>
+		<spring.boot.version>2.1.1.RELEASE</spring.boot.version>
+		<spring.web.version>5.1.3.RELEASE</spring.web.version>
 
 		<docker.location>${basedir}/target</docker.location>
 		<!-- <skipNexusStagingDeployMojo>true</skipNexusStagingDeployMojo> -->
-		
+
 	</properties>
 
 	<dependencyManagement>
@@ -78,49 +77,61 @@
 				<artifactId>javax.servlet-api</artifactId>
 				<version>3.1.0</version>
 			</dependency>
-			
 			<dependency>
-			    <groupId>org.aspectj</groupId>
-			    <artifactId>aspectjrt</artifactId>
-			    <version>1.9.2</version>
+				<groupId>org.aspectj</groupId>
+				<artifactId>aspectjrt</artifactId>
+				<version>1.9.2</version>
 			</dependency>
-			
 			<dependency>
 				<groupId>com.google.code.gson</groupId>
 				<artifactId>gson</artifactId>
 				<version>2.8.5</version>
 			</dependency>
-			
 			<dependency>
 				<groupId>org.apache.commons</groupId>
 				<artifactId>commons-lang3</artifactId>
 				<version>3.8.1</version>
 			</dependency>
-			
 			<dependency>
 				<groupId>org.springframework.boot</groupId>
 				<artifactId>spring-boot-starter-jetty</artifactId>
 				<version>${spring.boot.version}</version>
 			</dependency>
-	
 			<dependency>
 				<groupId>org.springframework.boot</groupId>
 				<artifactId>spring-boot-starter-aop</artifactId>
 				<version>${spring.boot.version}</version>
 			</dependency>
-
 			<dependency>
 				<groupId>org.springframework.boot</groupId>
 				<artifactId>spring-boot-starter-web</artifactId>
 				<version>${spring.boot.version}</version>
 			</dependency>
-	
 			<dependency>
 				<groupId>org.springframework.boot</groupId>
 				<artifactId>spring-boot-starter-test</artifactId>
 				<version>${spring.boot.version}</version>
 			</dependency>
-	
+			<dependency>
+				<groupId>org.springframework</groupId>
+				<artifactId>spring-core</artifactId>
+				<version>${spring.web.version}</version>
+			</dependency>
+			<dependency>
+				<groupId>org.springframework</groupId>
+				<artifactId>spring-expression</artifactId>
+				<version>${spring.web.version}</version>
+			</dependency>
+			<dependency>
+				<groupId>org.springframework</groupId>
+				<artifactId>spring-web</artifactId>
+				<version>${spring.web.version}</version>
+			</dependency>
+			<dependency>
+				<groupId>org.springframework</groupId>
+				<artifactId>spring-webmvc</artifactId>
+				<version>${spring.web.version}</version>
+			</dependency>
 		</dependencies>
 	</dependencyManagement>
 
@@ -136,18 +147,18 @@
 	<build>
 		<pluginManagement>
 			<plugins>
-		
+
 				<plugin>
 					<artifactId>maven-surefire-plugin</artifactId>
 					<version>2.17</version>
 					<configuration>
 						<!-- Suppresses parent pom config of Surefire plugin. Has the affect of 
 						     setting Surefire file includes back to default and re-enables sidecar
-						     unit tests --> 
+						     unit tests -->
 						<includes combine.self="override"></includes>
 					</configuration>
-				</plugin>			
-			
+				</plugin>
+
 				<plugin>
 					<groupId>com.mycila</groupId>
 					<artifactId>license-maven-plugin</artifactId>
diff --git a/sidecar/rproxy/src/main/resources/application.properties b/sidecar/rproxy/src/main/resources/application.properties
index 5c2dffb..0f111dc 100644
--- a/sidecar/rproxy/src/main/resources/application.properties
+++ b/sidecar/rproxy/src/main/resources/application.properties
@@ -7,7 +7,6 @@ server.ssl.protocol=TLS
 server.ssl.enabled-protocols=TLSv1.2
 server.ssl.key-store=${CONFIG_HOME}/auth/tomcat_keystore
 server.ssl.client-auth=want
-
 server.ssl.client-cert=${CONFIG_HOME}/auth/client-cert.p12
 
 server.servlet.contextPath=/
@@ -16,4 +15,6 @@ uri.authorization.configuration-file=${CONFIG_HOME}/auth/uri-authorization.json
 
 logging.config=${CONFIG_HOME}/logback-spring.xml
 
-spring.profiles.default=secure,cadi
\ No newline at end of file
+spring.profiles.default=secure,cadi
+
+spring.main.allow-bean-definition-overriding=true
\ No newline at end of file