aboutsummaryrefslogtreecommitdiffstats
path: root/controlloop/common
diff options
context:
space:
mode:
authorJim Hahn <jrh3@att.com>2019-02-08 10:15:45 -0500
committerJim Hahn <jrh3@att.com>2019-02-08 10:21:40 -0500
commit9f778302220d8acec8d75b18108054b32b4358c6 (patch)
tree6eeddecc66fcceb861494231b65f9090da189110 /controlloop/common
parent0c1084282ae62cbe9d5b054057aed1b759dc82cd (diff)
Consolidate xacml dependencies
The xacml dependency appeared in multiple drools-applications pom files, with different exclusion lists. The dependencies have been consolidated into a single pom, with a combined exclusion list. Added comment to the exclusion list. Change-Id: I2a5a66619b376879b44c5e0ce064d7e52c4482bf Issue-ID: POLICY-1429 Signed-off-by: Jim Hahn <jrh3@att.com>
Diffstat (limited to 'controlloop/common')
-rw-r--r--controlloop/common/controller-casablanca/pom.xml14
-rw-r--r--controlloop/common/eventmanager/pom.xml19
-rw-r--r--controlloop/common/feature-controlloop-management/pom.xml35
-rw-r--r--controlloop/common/guard/pom.xml48
4 files changed, 36 insertions, 80 deletions
diff --git a/controlloop/common/controller-casablanca/pom.xml b/controlloop/common/controller-casablanca/pom.xml
index 076938616..bd724ba4d 100644
--- a/controlloop/common/controller-casablanca/pom.xml
+++ b/controlloop/common/controller-casablanca/pom.xml
@@ -193,20 +193,6 @@
<scope>provided</scope>
</dependency>
<dependency>
- <groupId>com.att.research.xacml</groupId>
- <artifactId>xacml-pdp</artifactId>
- <version>1.0.2</version>
- <exclusions>
- <!-- The LDAP PIP uses velocity which pulls this insecure jar in. We
- are not using that PIP and can safely exclude this jar to resolve CLM issue.
- -->
- <exclusion>
- <groupId>commons-collections</groupId>
- <artifactId>commons-collections</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
- <dependency>
<groupId>org.onap.policy.drools-pdp</groupId>
<artifactId>policy-management</artifactId>
<version>${version.policy.drools-pdp}</version>
diff --git a/controlloop/common/eventmanager/pom.xml b/controlloop/common/eventmanager/pom.xml
index 94f9689dc..32cda44d4 100644
--- a/controlloop/common/eventmanager/pom.xml
+++ b/controlloop/common/eventmanager/pom.xml
@@ -42,25 +42,6 @@
<scope>provided</scope>
</dependency>
<dependency>
- <groupId>com.att.research.xacml</groupId>
- <artifactId>xacml</artifactId>
- <version>1.0.2</version>
- <scope>provided</scope>
- <exclusions>
- <!-- The LDAP PIP uses velocity which pulls this insecure jar in. We
- are not using that PIP and can safely exclude this jar to resolve CLM issue.
- -->
- <exclusion>
- <groupId>commons-collections</groupId>
- <artifactId>commons-collections</artifactId>
- </exclusion>
- <exclusion>
- <groupId>com.fasterxml.jackson.core</groupId>
- <artifactId>jackson-databind</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
- <dependency>
<groupId>org.onap.policy.drools-applications.controlloop.common.actors</groupId>
<artifactId>actorServiceProvider</artifactId>
<version>${project.version}</version>
diff --git a/controlloop/common/feature-controlloop-management/pom.xml b/controlloop/common/feature-controlloop-management/pom.xml
index ed145ac6a..e4c2d3504 100644
--- a/controlloop/common/feature-controlloop-management/pom.xml
+++ b/controlloop/common/feature-controlloop-management/pom.xml
@@ -248,41 +248,6 @@
</exclusions>
</dependency>
<dependency>
- <groupId>com.att.research.xacml</groupId>
- <artifactId>xacml-pdp</artifactId>
- <version>1.0.2</version>
- <exclusions>
- <exclusion>
- <artifactId>commons-codec</artifactId>
- <groupId>commons-codec</groupId>
- </exclusion>
- <exclusion>
- <artifactId>commons-logging</artifactId>
- <groupId>commons-logging</groupId>
- </exclusion>
- <exclusion>
- <artifactId>guava</artifactId>
- <groupId>com.google.guava</groupId>
- </exclusion>
- <exclusion>
- <artifactId>commons-lang3</artifactId>
- <groupId>org.apache.commons</groupId>
- </exclusion>
- <exclusion>
- <artifactId>jackson-databind</artifactId>
- <groupId>com.fasterxml.jackson.core</groupId>
- </exclusion>
- <exclusion>
- <artifactId>commons-collections</artifactId>
- <groupId>commons-collections</groupId>
- </exclusion>
- <exclusion>
- <artifactId>commons-lang</artifactId>
- <groupId>commons-lang</groupId>
- </exclusion>
- </exclusions>
- </dependency>
- <dependency>
<groupId>org.onap.policy.drools-pdp</groupId>
<artifactId>policy-management</artifactId>
<version>${version.policy.drools-pdp}</version>
diff --git a/controlloop/common/guard/pom.xml b/controlloop/common/guard/pom.xml
index 7dc85d778..d1beed58d 100644
--- a/controlloop/common/guard/pom.xml
+++ b/controlloop/common/guard/pom.xml
@@ -36,18 +36,42 @@
<scope>provided</scope>
</dependency>
<dependency>
- <groupId>com.att.research.xacml</groupId>
- <artifactId>xacml-pdp</artifactId>
- <version>1.0.2</version>
- <exclusions>
- <!-- The LDAP PIP uses velocity which pulls this insecure jar in. We
- are not using that PIP and can safely exclude this jar to resolve CLM issue.
- -->
- <exclusion>
- <groupId>commons-collections</groupId>
- <artifactId>commons-collections</artifactId>
- </exclusion>
- </exclusions>
+ <groupId>com.att.research.xacml</groupId>
+ <artifactId>xacml-pdp</artifactId>
+ <version>1.0.2</version>
+ <exclusions>
+ <!--
+ Exclude jars with an older version or that are insecure and not needed.
+ -->
+ <exclusion>
+ <artifactId>commons-codec</artifactId>
+ <groupId>commons-codec</groupId>
+ </exclusion>
+ <exclusion>
+ <artifactId>commons-logging</artifactId>
+ <groupId>commons-logging</groupId>
+ </exclusion>
+ <exclusion>
+ <artifactId>guava</artifactId>
+ <groupId>com.google.guava</groupId>
+ </exclusion>
+ <exclusion>
+ <artifactId>commons-lang3</artifactId>
+ <groupId>org.apache.commons</groupId>
+ </exclusion>
+ <exclusion>
+ <artifactId>jackson-databind</artifactId>
+ <groupId>com.fasterxml.jackson.core</groupId>
+ </exclusion>
+ <exclusion>
+ <artifactId>commons-collections</artifactId>
+ <groupId>commons-collections</groupId>
+ </exclusion>
+ <exclusion>
+ <artifactId>commons-lang</artifactId>
+ <groupId>commons-lang</groupId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>junit</groupId>