Announcement Announcement Module
Collapse
No announcement yet.
3.1.0.RC2 to 3.1.0.RELEASE Multiple http problem Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • 3.1.0.RC2 to 3.1.0.RELEASE Multiple http problem

    I'm using Spring Security 3.1.0.RC2 with the follow configuration with no problem:

    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <beans xmlns="http://www.springframework.org/schema/beans"
    	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    	xmlns:sec="http://www.springframework.org/schema/security"
    	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
    		http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd ">
    	
    	<sec:http pattern="/scripts/**" security="none"/>
    	<sec:http pattern="/styles/**" security="none"/>
    	<sec:http pattern="/images/**" security="none"/>
    	<sec:http pattern="/a4j/**" security="none"/>
    	<sec:http pattern="/primefaces_resource/**" security="none"/>
    
    	<sec:http pattern="\A/lcservice.*\Z" request-matcher="regex">
    		<sec:intercept-url pattern="\A/lcservice\?wsdl\Z" access="IS_AUTHENTICATED_ANONYMOUSLY" requires-channel="http"/>
    		<sec:intercept-url pattern="\A/lcservice\?xsd=1\Z" access="IS_AUTHENTICATED_ANONYMOUSLY" requires-channel="http"/>
    		<sec:intercept-url pattern="\A/lcservice.*\Z" access="ROLE_SYSTEM_CALLCENTER" requires-channel="http"/>
    		<sec:http-basic/>
    	</sec:http>
    
    	<sec:http auto-config="true" access-denied-page="/login.xhtml">
    		<sec:form-login login-page="/login.xhtml" login-processing-url="/loginProcess.xhtml"
    			default-target-url="/main.xhtml" authentication-failure-url="/login.xhtml?error=loginError"/>
    		<sec:logout logout-url="/logout.xhtml" logout-success-url="/login.xhtml" />
    		<sec:remember-me key="pst-lc-key"/>
    		<sec:intercept-url pattern="/userdetails.xhtml*" requires-channel="https"/>
    		<sec:intercept-url pattern="/users.xhtml*" requires-channel="https"/>
    		<sec:intercept-url pattern="/login.xhtml*" access="IS_AUTHENTICATED_ANONYMOUSLY" requires-channel="https"/>
    		<sec:intercept-url pattern="/loginProcess.xhtml" access="IS_AUTHENTICATED_ANONYMOUSLY" requires-channel="https"/>
    		<sec:intercept-url pattern="/**" access="ROLE_AUTH" requires-channel="http"/>
    	</sec:http>
    	
    	<sec:authentication-manager alias="authenticationManager">
    		<sec:authentication-provider user-service-ref="userDetailsManager"/>
    	</sec:authentication-manager>
    	
    	<bean id="userDetailsManager" class="br.com.pst.lc.services.manager.security.UserDetailsManagerImpl" autowire="byName"/>
    	
    	<bean id="authenticationListener" class="br.com.pst.lc.web.listener.AuthenticationListener"/>
    </beans>
    When I change from 3.1.0.RC2 to 3.1.0.RELEASE my application don't startup with the follow exception:

    Code:
    INFO: 17:29:47,419 ERROR ContextLoader:307 - Context initialization failed
    org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.filterChains': Cannot resolve reference to bean 'org.springframework.security.web.DefaultSecurityFilterChain#5' while setting bean property 'sourceList' with key [5]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.DefaultSecurityFilterChain#5': Cannot create inner bean '(inner bean)' of type [org.springframework.security.web.authentication.www.BasicAuthenticationFilter] while setting constructor argument with key [2]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)#34': Cannot resolve reference to bean 'org.springframework.security.authentication.ProviderManager#0' while setting bean property 'authenticationManager'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authentication.ProviderManager#0': Cannot resolve reference to bean 'org.springframework.security.config.authentication.AuthenticationManagerFactoryBean#0' while setting constructor argument; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.config.authentication.AuthenticationManagerFactoryBean#0': FactoryBean threw exception on object creation; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authenticationManager': Cannot resolve reference to bean 'org.springframework.security.authentication.dao.DaoAuthenticationProvider#0' while setting constructor argument with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authentication.dao.DaoAuthenticationProvider#0': Cannot resolve reference to bean 'userDetailsManager' while setting bean property 'userDetailsService'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'userDetailsManager': Injection of autowired dependencies failed; nested exception is org.springframework.beans.factory.BeanCreationException: Could not autowire field: private org.springframework.security.authentication.AuthenticationManager br.com.pst.lc.services.manager.security.UserDetailsManagerImpl.authenticationManager; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.config.authentication.AuthenticationManagerFactoryBean#0': FactoryBean threw exception on object creation; nested exception is org.springframework.beans.factory.BeanCurrentlyInCreationException: Error creating bean with name 'org.springframework.security.authenticationManager': Requested bean is currently in creation: Is there an unresolvable circular reference?
    	at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:328)
    What I need to change from 3.1.0.RC2 to 3.1.0.RELEASE ?

    Thx for any help.
    Last edited by lpborges; Dec 29th, 2011, 05:32 AM.

  • #2
    No clue on this yet.
    I tested with 3.1.0.RC3 and no problem, just with 3.1.0.RELEASE that I got the error.
    If I remove the sec:http that contain the sec:http-basic I got no errors.

    But with 3.1.0.RC2 and 3.1.0.RC3 I got problems with remember-me (don't work).

    Comment


    • #3
      Wow! I am lucky to know the new release of 3.1.0.RC2 to 3.1.0.RELEASE Multiple http problem, I heard so much about Spring security and I use to have it maybe next year because I'm still in the process of searching effective security for my PC.

      Comment


      • #4
        I found the problem.
        My UserDetailsManagerImpl class has a @Autowired at AuthenticationManager, after removed the @Autowired the circular reference is stoped.
        I just don't know why I don't have this problem with the others Spring Security versions.

        Comment

        Working...
        X