Reputation: 3082
I am learning spring security from reference material. release 3.1.2.RELEASE. As stated in that I have configured security:http
tag like this
security-context.xml
<security:http auto-config="true">
<security:intercept-url pattern="/**" access="ROLE_USER"/>
</security:http>
web.xml
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath*:*-context.xml</param-value>
</context-param>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<servlet>
<servlet-name>security</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>security</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
security-servlet.xml
<context:component-scan base-package="com.pokuri.security.mvc.controllers"/>
<bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="viewClass" value="org.springframework.web.servlet.view.JstlView"/>
<property name="prefix" value="/WEB-INF/page/"/>
<property name="suffix" value=".jsp"/>
</bean>
But I am getting this exception when I start the application. If I remove security configuration my spring web application working fine. I went through the same kind of questions in stackoverflow. But no luck.
Upvotes: 47
Views: 109156
Reputation: 547
For those who learning spring without xml may be this helps.
I faced the same exception when learning the spring without xml.
Found that i have register the spring security filter by extending the class AbstractSecurityWebApplicationInitializer but did not configure the spring security. To configure the spring security i added below code and it works.
@Configuration
@EnableWebSecurity
public class SpringSecurityConfigInitializer extends
WebSecurityConfigurerAdapter {
@Override
protected void configure(AuthenticationManagerBuilder auth) throws
Exception {
UserBuilder users = User.withDefaultPasswordEncoder();
auth.inMemoryAuthentication().withUser(users.username("test").
password("test123").roles("EMPLOYEE"));
}
}
Above is just sample for my case but the exception was due to the missing configuration.
Upvotes: 0
Reputation: 4266
In case it helps anyone, I had renamed one of my packages but Eclipse doesn't auto-update your @ComponentScan
paths, so make sure you change that too:
@ComponentScan(basePackages = "com.package.spring")
Upvotes: 1
Reputation: 889
I just added the bean definition in applicationContext.xml as Spring asked:
<bean id="springSecurityFilterChain" class="org.springframework.web.filter.DelegatingFilterProxy"/>
Upvotes: 13
Reputation: 487
add this your web.xml
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/root-context.xml, /WEB-INF/spring-security.xml</param-value>
</context-param>
<!-- Creates the Spring Container shared by all Servlets and Filters -->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!-- filter declaration for Spring Security -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
Upvotes: 5
Reputation: 6073
I think that the reason of your problem can be in that your xml configuration file for spring security isn't loaded when you start your web app.
To fix this you should specify all your XML config files in web.xml like that:
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring-security.xml, /WEB-INF/applicationContext.xml</param-value>
</context-param>
If you have your config files in classpath (not WEB-INF folder or it's subfolders) then you can specify list of config files in such way;
...
<param-value>
classpath:applicationContext.xml,
classpath:spitter-security.xml
</param-value>
...
And also you need to add special listener that will load your config files:
<listener>
<listener-class>
org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>
Upvotes: 68