Authkey role service filters broken on 2.16+

After defining an AuthKEY REST Role Service, we are unable to modify the service or add/modify any geofence rules. GeoServer throws a 500 error:

• Cannot edit any existing AuthKEY REST Role Services through the User Interface

• Cannot add any geofence security rules through the user interface

The error thrown is here: https://gist.github.com/GeoTob/c8ee4e8af6f024dc8b36fb4201838556

We have tested GeoServer 2.16.0 and 2.16.1 with the same result.

We can fix this by downloading net.minidev.asm (https://repo1.maven.org/maven2/net/minidev/asm/1.0.2/) and dropping it into WEB-INF/lib - so it's probably just a missing dependency in one of the build steps.

We’ve asked on the mailing list in November without getting any traction, so hopefully this can be picked up here.