Spring Security not mapping requests to controllers - Java Config

Question

I am creating a spring security application using Spring 4.0.2.RELEASE and Spring Security 3.2.3.RELEASE using entirely java configuration, no xml. The configuration for security seems to be working correctly and is generating the login page correctly and authenticating. However I get 404 errors for all of my pages.

I have controllers and jsp pages set up for each page. When I run the application, I see log messages showing that the controllers were mapped

Mapped "{[/ || /welcome] ... onto ... WelcomeController.welcome()

However, when I try to hit one of those URLs, I get the login page, then on sucessfull login get a 404 and I see nothing in the log.

Below you will find my controller, my 2 configuration classes, and my 2 initializes.

WelcomeController.java

@Controller
public class WelcomeController {
    @RequestMapping(value = {"/", "/welcome"})
    public ModelAndView welcome() {
        System.out.println("welcome invoked");
        ModelAndView modelAndView = new ModelAndView();
        modelAndView.setViewName("welcome");
        return modelAndView;
    }
}

Below You will find my configuration files

WebConfig.java

@EnableWebMvc
@Configuration
@ComponentScan({ "com.myproject.pagegen.controller" })
public class WebConfig extends WebMvcConfigurerAdapter {

    @Bean
    public ViewResolver viewResolver() {
        InternalResourceViewResolver resolver 
                = new InternalResourceViewResolver();
        resolver .setViewClass(JstlView.class);
        resolver.setPrefix("/WEB-INF/jsp/");
        resolver.setSuffix(".jsp");
        return resolver;
    }

SecurityConfig.java

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(AuthenticationManagerBuilder auth)
        throws Exception {
            auth.inMemoryAuthentication()
            .withUser("user").password("password").roles("USER");
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
            .antMatchers("/").hasRole("USER")
            .antMatchers("/welcome").hasRole("USER")
            .anyRequest().anonymous()
            .and().formLogin();
    }

    @Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

WebAppInitializer.java

public class WebAppInitializer 
    extends AbstractAnnotationConfigDispatcherServletInitializer {

    @Override
    protected Class[] getRootConfigClasses() {
        return new Class[] { WebConfig.class, SecurityConfig.class };
    }

    @Override
    protected Class[] getServletConfigClasses() {
        return null;
    }

    @Override
    protected String[] getServletMappings() {
        return new String[] { "/" };
    }

SecurityWebAppInitializer.java

public class SecurityWebAppInitializer 
    extends AbstractSecurityWebApplicationInitializer { }

UPDATE:

I did find something interesting. If I changed my servletMapping to /* instead of /, I would then get a log message showing that the controller was invoked, but it would have no mapping for the jsp. It seems like it is trying to map the jsp url to the controllers.

welcome invoked
org.springframework.web.servlet.PageNotFound noHandlerFound
WARNING: No mapping found for HTTP request with URI [/ROOT/WEB-INF/jsp/welcome.jsp] in DispatcherServlet with name 'dispatcher'

user3846169 · Accepted Answer

I had a similar issue when running a project using Eclipse and Tomcat. Try running the application using Spring Tool Suite and use the VMware vFabric tc server.

I also got it to work in Eclipse and Tomcat by manually updating the version of Tomcat installed. Try the latest version 7.0.54 https://tomcat.apache.org/download-70.cgi

Spring Security not mapping requests to controllers - Java Config

Answers (2)

Related Questions