spring-security-saml2-core calling Backbase?

Question

After I upgrade the following dependency from 1.0.3 to 1.0.4, I get an error which doesn't make a sense to me.

<dependency>
  <groupId>org.springframework.security.extensions</groupId>
  <artifactId>spring-security-saml2-core</artifactId>
  <version>1.0.4.RELEASE</version>
</dependency>

The following is a build error:

[ERROR] Failed to execute goal on project saml-data-1.5.10m: Could not resolve dependencies for project com.abc.iam:saml-data-1.5.10m:jar:0.0.1-SNAPSHOT: Failed to collect dependencies at org.springframework.security.extensions:spring-security-saml2-core:jar:1.0.4.RELEASE -> ca.juliusdavies:not-yet-commons-ssl:jar:0.3.17: Failed to read artifact descriptor for ca.juliusdavies:not-yet-commons-ssl:jar:0.3.17: Could not transfer artifact ca.juliusdavies:not-yet-commons-ssl:pom:0.3.17 from/to Backbase Artifact Repository (https://repo.backbase.com/repo/): Access denied to: https://repo.backbase.com/repo/ca/juliusdavies/not-yet-commons-ssl/0.3.17/not-yet-commons-ssl-0.3.17.pom , ReasonPhrase:403. -> [Help 1]

I have a look at the Backbase repository. The 0.3.17 isn't there. I have contacted Backbase people. They say that they don't have any knowledge on this problem.

How to solve this problem?

Answer 1

First remove the part in your settings.xml to connect with Backbase repo and try to build the project. This will download all required dependencies for SAML extension from maven repository ( including the one you are getting error for). Then revert the changes to connect with backbase repo and build again.

Answer 2

Just an FYI for anyone else that comes across this...

The Not-Yet-Commons-SSL site appears to be gone. I've forked the project and released a new version with fixes for Java 9+. It now handles PKCS12 files correctly, so TrustMaterial no longer throws a NPE.

You can find the project here: Not-Going-To-Be-Commons-SSL