[YADE-582] WebDAV interface broken. NoClassDefFoundError: org/jdom/input/DOMBuilder - SOS JIRA

XML

Word

Printable

Details

Type: Fix
Status: Released (View Workflow)
Priority: Minor
Resolution: Fixed
Affects Version/s: 1.13.10
Fix Version/s: 1.13.13
Component/s: YADE Client, YADE JITL Jobs
Labels:
None

Description

Current Situation

The YADE WebDAV interface uses the underlying webdavclient4j library.

The webdavclient4j library makes use of JDOM 1.1

The following error occurs:

Exception in thread "main" java.lang.NoClassDefFoundError: org/jdom/input/DOMBuilder
    at org.apache.webdav.lib.BaseProperty.getPropertyAsString(BaseProperty.java:129)
....

This problem is due to the fact that JDOM has been removed from JobScheduler including YADE starting from release 1.13.10 with ~~JS-1940~~.
- JDOM 1.1 is hit by vulnerability CVE-2021-33814

Desired Behavior

The webdavclient4j is replaced by a more modern implementation that works without reference to JDOM:

Workaround

Download the JDOM 1.1 library from e.g. the maven repository - jdom-1.1.jar.
JobScheduler Controller/Master/Agent
- Copy the jar file to the SCHEDULER_HOME/lib/patches directory.
- Restart JobScheduler Controller/Master/Agent.
YADE Client
- Copy the downloaded file jdom-1.1.jar to the <yade>/lib/3rd-party directory.

Attachments

Activity

People

Assignee:: Robert Ehrlich

Reporter:: Robert Ehrlich

Approver:: Kanika Agrawal

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 02 February 2022 14:51

Updated:: 07 April 2022 00:41

Resolved:: 17 March 2022 13:54