Remove Tomcat 2(Security Issue)
Issue-ID: AAF-420
Change-Id: Ibb080432f8c7faa7b923b1f4c1e4542d3ad0d693
Signed-off-by: Instrumental <jonathan.gathman@att.com>
diff --git a/cadi/servlet-sample/pom.xml b/cadi/servlet-sample/pom.xml
index de527c5..0da47f2 100644
--- a/cadi/servlet-sample/pom.xml
+++ b/cadi/servlet-sample/pom.xml
@@ -10,11 +10,6 @@
<name>CADI Servlet Sample (Test Only)</name>
<artifactId>aaf-cadi-servlet-sample</artifactId>
<packaging>jar</packaging>
- <properties>
- <!-- Jetty Version set by oParent -->
- <tomcat.version>8.5.23</tomcat.version>
- </properties>
-
<dependencies>
<!-- needs to be first to avoid jar signer implications for servlet api -->
<dependency>
@@ -23,39 +18,6 @@
<version>${project.jettyVersion}</version>
</dependency>
- <!-- Tomcat Embedded has security flaws. not worth it for a sample
- <dependency>
- <groupId>org.apache.tomcat.embed</groupId>
- <artifactId>tomcat-embed-jasper</artifactId>
- <version>${tomcat.version}</version>
- </dependency>
- -->
- <dependency>
- <groupId>org.apache.tomcat.embed</groupId>
- <artifactId>tomcat-embed-core</artifactId>
- <version>${tomcat.version}</version>
- </dependency>
- <dependency>
- <groupId>org.apache.tomcat.embed</groupId>
- <artifactId>tomcat-embed-jasper</artifactId>
- <version>${tomcat.version}</version>
- </dependency>
- <dependency>
- <groupId>org.apache.tomcat</groupId>
- <artifactId>tomcat-jasper</artifactId>
- <version>${tomcat.version}</version>
- </dependency>
- <dependency>
- <groupId>org.apache.tomcat</groupId>
- <artifactId>tomcat-jasper-el</artifactId>
- <version>${tomcat.version}</version>
- </dependency>
- <dependency>
- <groupId>org.apache.tomcat</groupId>
- <artifactId>tomcat-jsp-api</artifactId>
- <version>${tomcat.version}</version>
- </dependency>
-
<dependency>
<groupId>org.onap.aaf.authz</groupId>
<artifactId>aaf-cadi-aaf</artifactId>