Remove dependencies with vulnerabilities

More details: #7 (closed)

provider/legal-azure/pom.xml

@@ -31,12 +31,12 @@
         <azure.appservice.plan />
         <azure.appservice.appname />
         <azure.appservice.subscription />
-        <osdu.corelibazure.version>0.8.0-rc1</osdu.corelibazure.version>
+        <osdu.corelibazure.version>0.9.0-rc3</osdu.corelibazure.version>
         <osdu.legal-core.version>0.9.0-SNAPSHOT</osdu.legal-core.version>
         <javax.inject.version>1</javax.inject.version>
         <javax.servlet-api.version>4.0.1</javax.servlet-api.version>
         <woodstox-core.version>5.3.0</woodstox-core.version>
-        <tomcat-embed-core.version>9.0.40</tomcat-embed-core.version>
+        <json-smart.version>2.4.6</json-smart.version>
     </properties>
 
     <dependencyManagement>
@@ -53,6 +53,15 @@
     </dependencyManagement>
 
     <dependencies>
+        <!--
+        Many dependencies contain library with vulnerabilities: net.minidev:json-smart:jar:2.3
+        because of that we need to enforce the higher version
+        -->
+        <dependency>
+            <groupId>net.minidev</groupId>
+            <artifactId>json-smart</artifactId>
+            <version>${json-smart.version}</version>
+        </dependency>
         <dependency>
             <groupId>org.opengroup.osdu</groupId>
             <artifactId>os-core-common</artifactId>
@@ -75,8 +84,8 @@
         </dependency>
 
         <dependency>
-            <groupId>com.microsoft.azure</groupId>
-            <artifactId>azure-active-directory-spring-boot-starter</artifactId>
+            <groupId>com.azure.spring</groupId>
+            <artifactId>azure-spring-boot-starter-active-directory</artifactId>
             <exclusions>
                 <exclusion>
                     <groupId>org.springframework.boot</groupId>
@@ -110,12 +119,6 @@
             <groupId>org.opengroup.osdu</groupId>
             <artifactId>core-lib-azure</artifactId>
             <version>${osdu.corelibazure.version}</version>
-            <exclusions>
-                <exclusion>
-                    <groupId>org.simpleframework</groupId>
-                    <artifactId>simple-xml</artifactId>
-                </exclusion>
-            </exclusions>
         </dependency>
         <dependency>
             <groupId>org.projectlombok</groupId>
@@ -128,11 +131,6 @@
             <artifactId>woodstox-core</artifactId>
             <version>${woodstox-core.version}</version>
         </dependency>
-        <dependency>
-            <groupId>org.apache.tomcat.embed</groupId>
-            <artifactId>tomcat-embed-core</artifactId>
-            <version>${tomcat-embed-core.version}</version>
-        </dependency>
 
         <!-- test -->
         <dependency>