CODEWITHSUNDEEP
springspring-security
JEEDEV
JEEDEV

Reputation: 45

Spring security authentication Filter Exception

I'm trying to integrate spring security to my application after configuration i'm blocked in this error I'm trying to implement Spring 3 Security in a project, but I can not get rid of the following error: 

  GRAVE: Servlet.service() for servlet [Faces Servlet] in context with path [/Gelt]  
  threw exception [L''exécution du filtre (Filter) a lancé une exception] with root 
 cause java.lang.NoSuchMethodError: org.springframework.security.access.intercept.AbstractSecurityInterceptor.finallyInvocation(Lorg/springframework/security/access/intercept/InterceptorStatusToken;)V
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:120)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:84)

spring-security.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
         xmlns:beans="http://www.springframework.org/schema/beans"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xmlns:p="http://www.springframework.org/schema/p"
         xmlns:util="http://www.springframework.org/schema/util"
         xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd
http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util-3.1.xsd">

<http use-expressions="true">
    <intercept-url pattern="/pages/centres.jsf" access="hasAnyRole('ROLE_USER','ROLE_ADMIN')" />
    <intercept-url pattern="/pages/services.jsf" access="hasAnyRole('ROLE_USER','ROLE_ADMIN')" />
    <intercept-url pattern="/pages/medecins.jsf" access="hasAnyRole('ROLE_USER','ROLE_ADMIN')" />
    <intercept-url pattern="/pages/fiches.jsf" access="hasAnyRole('ROLE_USER','ROLE_ADMIN')" />
    <intercept-url pattern="/pages/users.jsf" access="hasRole('ROLE_ADMIN')" />
    <!--
    <access-denied-handler error-page="/403.jsf" />-->
    <!-- access denied page
    <access-denied-handler error-page="/403.jsf" />-->
    <form-login />  

    <logout logout-success-url="/index.jsf" />                  

</http>

<authentication-manager alias="authenticationManager">
    <authentication-provider>
        <jdbc-user-service data-source-ref="dataSource"
                           users-by-username-query="SELECT username , password , idrole FROM user U where U.username=?"
                           authorities-by-username-query="SELECT U.username as username, R.role as role FROM user U, role R WHERE U.idrole=R.idrole and U.username=?"
        />
    </authentication-provider>
</authentication-manager>

<beans:bean id="LoginBean" name="LoginBean" class="com.mdsoft.gelt.bean.LoginBean" scope="prototype">
    <beans:property name="authenticationManager" ref="authenticationManager"></beans:property>
</beans:bean>

pom.xml

        <!-- Spring Security -->
    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-web</artifactId>
        <version>3.1.5.RELEASE</version>
    </dependency>
    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-config</artifactId>
        <version>3.1.5.RELEASE</version>
    </dependency>
    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-taglibs</artifactId>
        <version>3.1.5.RELEASE</version>
    </dependency>
    <dependency>
        <groupId>org.springframework.webflow</groupId>
        <artifactId>spring-faces</artifactId>
        <version>2.3.1.RELEASE</version>
    </dependency>
    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-core</artifactId>
        <version>3.1.1.RELEASE</version>
        <type>jar</type>
    </dependency>

web.xml

<?xml version="1.0" encoding="UTF-8"?>
 <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
     xmlns="http://java.sun.com/xml/ns/javaee"
     xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
     xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns  
     /javaee/web-app_2_5.xsd"
     id="WebApp_ID"
     version="2.5">

<display-name>GELT</display-name>
<!-- Spring Security Facelets Tag Library -->
<context-param>
    <param-name>javax.faces.FACELETS_LIBRARIES</param-name>
    <param-value>/WEB-INF/springsecurity.taglib.xml</param-value>
</context-param> 

<!-- Spring Context Configuration' s Path definition -->
<context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>
        /WEB-INF/applicationContext.xml
        /WEB-INF/spring-security.xml
    </param-value>
</context-param>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>

<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- The Bootstrap listener to start up and shut down Spring's root WebApplicationContext. It is registered to Servlet Container -->
<listener>
    <listener-class>
        org.springframework.web.context.ContextLoaderListener
    </listener-class>
</listener>
<listener>
    <listener-class>
        org.springframework.web.context.request.RequestContextListener
    </listener-class>
</listener>

<!-- Project Stage Level -->

<context-param> 
    <param-name>javax.faces.STATE_SAVING_METHOD</param-name> 
    <param-value>client</param-value> 
</context-param>

<!-- Welcome Page -->
<welcome-file-list>
    <welcome-file>/index.jsf</welcome-file>
</welcome-file-list>

<!-- JSF Servlet is defined to container -->
<servlet>
    <servlet-name>Faces Servlet</servlet-name>
    <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
    <load-on-startup>1</load-on-startup>
</servlet>
<!-- Mapping with servlet and url for the http requests. -->
<servlet-mapping>
    <servlet-name>Faces Servlet</servlet-name>
    <url-pattern>*.jsf</url-pattern>
</servlet-mapping>
<servlet-mapping>
    <servlet-name>Faces Servlet</servlet-name>
    <url-pattern>*.faces</url-pattern>
</servlet-mapping>

please help me thanks for your helps regards

Upvotes: 0

Views: 1218

Answers (1)

Alan Hay
Alan Hay

Reputation: 23246

You typically see such errors when your code is compiled against one version of a library but another version of the library is on the classpath at runtime.

If we look at the method in question we can see it does not exist in v3.1.1 of Spring Security

http://docs.spring.io/autorepo/docs/spring-security/3.1.1.RELEASE/apidocs/org/springframework/security/access/intercept/AbstractSecurityInterceptor.html

but was present in v3.1.5

http://docs.spring.io/autorepo/docs/spring-security/3.1.5.RELEASE/apidocs/org/springframework/security/access/intercept/AbstractSecurityInterceptor.html

I note the mismatch in your POM between spring-security-core (3.1.1) and the web and config modules (3.1.5). So we can guess that you code is compiled against 3.1.1 (look at the Maven dependency hierarchy) to confirm but that 3.1.5 is being used at runtime (look in WEB-INF/lib folder of your deployed web app to confirm 3.1.5 is present - this is being pull in as a transitive dependency of web and config modules).

Suggested fix is then to update your POM to point core module to 3.1.5.

   <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-core</artifactId>
        <version>3.1.5.RELEASE</version>
        <type>jar</type>
    </dependency>

Upvotes: 2

Related Questions