I tried to push a PR with the workaround, but it was not accepted because i
couldn't rig up a test (i couldn't come up with a simple enough mock
scenario to repro). My PR is here:
https://github.com/apereo/cas/pull/6290, and shows the very minimal
modification needed and the discussion outlines its impact. Boils down to:
$ git diff HEAD^
diff --git a/gradle/dependencies.gradle b/gradle/dependencies.gradle
index 6e7ada35daf..044c32d82d2 100644
--- a/gradle/dependencies.gradle
+++ b/gradle/dependencies.gradle
@@ -562,9 +562,8 @@ ext.libraries = [
exclude(group: "log4j", module: "log4j")
},
cqengine : [
-
dependencies.create("com.googlecode.cqengine:cqengine:$cqEngineVersion") {
- exclude(group: 'org.xerial', module: "sqlite-jdbc")
- exclude(group: "org.javassist", module: "javassist")
+
dependencies.create("com.googlecode.cqengine:cqengine:$cqEngineVersion:all")
{
+ transitive = false
}
],
maxmind : [
Which stems from this upstream bug report:
https://github.com/npgall/cqengine/issues/307#issuecomment-1437226922
I have been able to build cas local after making that change, then use that
cas as the base for my downstream and it just works.
Hope that helps
Lucas
On Tuesday, March 11, 2025 at 2:00:09 AM UTC-4 Pablo Vidaurri wrote:
> Running intho this ATN version conflict while using OAuth2 with CAS7.
>
> What is the workaround? adding the equivalent of this to gradle build?
>
> <dependency>
> <!-- Add a dependency on CQEngine's shaded jar instead of regular jar,
> and exclude all of CQEngine's transitive dependencies -->
> <groupId>com.googlecode.cqengine</groupId>
> <artifactId>cqengine</artifactId>
> <version>x.x.x</version>
> <classifier>all</classifier>
> <exclusions>
> <exclusion>
> <groupId>*</groupId>
> <artifactId>*</artifactId>
> </exclusion>
> </exclusions>
> </dependency>
>
> On Tuesday, December 31, 2024 at 11:52:55 AM UTC-6 Lucas Theisen wrote:
>
>> Well, i put in a pull request:
>>
>> https://github.com/apereo/cas/pull/6290
>>
>> using the workaround supplied by the upstream (cqengine) maintainer. It
>> seemed like the most appropriate fix for this situation.
>>
>> On Monday, December 30, 2024 at 12:55:23 PM UTC-5 Lucas Theisen wrote:
>>
>>> I just attempted to upgrade from 6.5 to 7.2 because of a bug preventing
>>> the change password workflow from working after adding MFA (this bug
>>> appears to have a fix in 7.2: https://github.com/apereo/cas/commit/
>>> 3010b6c2caf99d3f6f5888cb1aada3576eddc580).
>>>
>>>
>>>
>>> But there appears to be a version conflict in ANTLR dependencies that I
>>> can’t seem to work around. It stems from the fact that hibernate (as of 6)
>>> updated to ANTLR 4.10 (https://github.com/hibernate/
>>> hibernate-orm/discussions/4975) which uses ATN version 4, but cqengine
>>> has not yet done so (https://github.com/npgall/cqengine/issues/307) so
>>> it is still using ATN version 3. When I look at my dependency tree I see:
>>>
>>>
>>> [INFO] +- org.apereo.cas:cas-server-support-audit-jdbc:jar:7.2.0-
>>> RC3:runtime
>>>
>>> [INFO] | \- org.apereo.cas:cas-server-support-jpa-hibernate:jar:7.2.
>>> 0-RC3:runtime
>>>
>>> [INFO] | \- org.hibernate.orm:hibernate-core:jar:6.6.3.Final:runtime
>>>
>>> [INFO] | \- org.antlr:antlr4-runtime:jar:4.13.0:runtime
>>>
>>> [INFO] \- org.apereo.cas:cas-server-support-json-service-registry:
>>> jar:7.2.0-RC3:runtime
>>>
>>> [INFO] \- org.apereo.cas:cas-server-core-services-registry:jar:7.
>>> 2.0-RC3:runtime
>>>
>>> [INFO] \- com.googlecode.cqengine:cqengine:jar:3.6.0:runtime
>>>
>>> [INFO] \- (org.antlr:antlr4-runtime:jar:4.7.2:runtime -
>>> omitted for conflict with 4.13.0)
>>>
>>>
>>>
>>>
>>>
>>> And when I run CAS with both dependencies, the moment my browsers
>>> transitions to the MFA (cas-server-support-gauth-jpa) screen, I see this
>>> error in my logs:
>>>
>>>
>>> java.lang.RuntimeException: jakarta.servlet.ServletException: Request
>>> processing failed:
>>> org.springframework.webflow.execution.ActionExecutionException:
>>> Exception thrown executing org.apereo.cas.gauth.web.flow.
>>> GoogleAuthenticatorPrepareLoginAction@45784074 in state
>>> 'initializeLoginForm' of flow 'mfa-gauth' -- action execution attributes
>>> were 'map[[empty]]'
>>>
>>> at org.apereo.cas.web.support.filters.AbstractSecurityFilter.
>>> throwException(AbstractSecurityFilter.java:42)
>>> ~[cas-server-core-web-api-7.2.0-RC3.jar!/:7.2.0-RC3]
>>>
>>> at org.apereo.cas.web.support.filters.
>>> ResponseHeadersEnforcementFilter.doFilter(ResponseHeadersEnforcementFilter.java:198)
>>>
>>> ~[cas-server-core-web-api-7.2.0-RC3.jar!/:7.2.0-RC3]
>>>
>>> at org.apache.catalina.core.ApplicationFilterChain.
>>> internalDoFilter(ApplicationFilterChain.java:164)
>>> ~[tomcat-embed-core-10.1.33.jar!/:?]
>>>
>>> at org.apache.catalina.core.ApplicationFilterChain.doFilter(
>>> ApplicationFilterChain.java:140) ~[tomcat-embed-core-10.1.33.jar!/:?]
>>>
>>> ...
>>>
>>> Caused by: java.io.InvalidClassException: org.antlr.v4.runtime.atn.ATN;
>>> Could not deserialize ATN with version 4 (expected 3).
>>>
>>>
>>>
>>>
>>>
>>> I am unsure how to proceed here. I am not against attempting to
>>> contribute, but what would the proper contribution be? Would we try to
>>> downgrade to a version of hibernate before 6? Remove cqengine because the
>>> update to ATN 4 does not appear to be forthcoming? Try to workaround the
>>> cqengine by using their shaded jar (https://github.com/npgall/
>>> cqengine/issues/307#issuecomment-1437226922)?
>>>
>>> Lucas
>>>
>>
--
- Website: https://apereo.github.io/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/ea080414-d2b5-4eeb-8dbc-eb28235511a9n%40apereo.org.
