Consistent sap security versions

[StefanHenke]

Fixes failing outbound tests due to sap security lib update

[beckermarc]

Where did this inconsistency come from?

[rjayasinghe]

Where did this inconsistency come from?

And would we need to apply this to our other sample apps?

[StefanHenke]

Where did this inconsistency come from?

And would we need to apply this to our other sample apps?

In the tests the exception "Caused by: java.lang.ClassNotFoundException: com.sap.cloud.security.token.IdTokenExtension" was thrown which related to the known change in the sec lib: SAP/cloud-security-services-integration-library#1889

I suspected our upgrade to sec lib version 3.6.8 to create inconsistent versions xtravels. I started the outbound tests again to see the result of the adding the seclib pom to the dependency management.

[beckermarc]

Hm, I checked the state before this PR and only found version 3.6.5. It doesn't seem to be inconsistent versioning. Is a component requiring this new API and therefore has implicitly increased the minimum Security Lib version? Do you still have the full stack trace, where the error came from?

[beckermarc]

Okay, it seems like this error only occurs with our cds-services main. We updated the security lib there now. However the AMS library here in xtravels still seems to pull in an older version of some dependencies.

[StefanHenke]

Okay, it seems like this error only occurs with our cds-services main. We updated the security lib there now. However the AMS library here in xtravels still seems to pull in an older version of some dependencies.

That is not the reason I initially suspected, but makes sense. The latest run succeeded now. Anyways, adding the seclib bom follows our recommendation. So, I think it is okay to do.