Announcement Announcement Module
Collapse
No announcement yet.
CAS Client+ spring security 3.1 got circular references error Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • CAS Client+ spring security 3.1 got circular references error

    Hi, I'm having issue, I want to do multiple authentication 1st with CAS and 2nd with Facebook, so I updated my Spring Security to 3.1, it support multiple <http> and working as expected but when I input CAS configuration in the XML, I just got BeanCurrentlyInCreationException, because circular reference, here we go my spring security xml
    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <beans 
    	xmlns="http://www.springframework.org/schema/beans"
    	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    	xmlns:security="http://www.springframework.org/schema/security"
    	xsi:schemaLocation="  
    		http://www.springframework.org/schema/beans
    		http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
            http://www.springframework.org/schema/security
            http://www.springframework.org/schema/security/spring-security-3.1.xsd">
       
       
    
    	<!-- Start Spring Security Social-->
    
    	<security:global-method-security
    		proxy-target-class="false" >
    	</security:global-method-security>
    	
    	<bean id="accessDecisionManager" class="org.springframework.security.access.vote.UnanimousBased"
    		xmlns="http://www.springframework.org/schema/beans">
    		<constructor-arg>
    			<list>
    				<bean class="org.springframework.security.access.vote.RoleVoter" />
    				<bean class="org.springframework.security.access.vote.AuthenticatedVoter" />
    			</list>
    		</constructor-arg>
    	</bean>
    
    	<!-- CAS HTTP TAG -->
    	<security:http auto-config="true" 
    		use-expressions="true"
    		disable-url-rewriting="true"
    		xmlns="http://www.springframework.org/schema/security" 
    		entry-point-ref="casAuthEntryPoint"
    		pattern="/news/**">
    
    		
    		<intercept-url pattern="/news/**" access="hasRole('ROLE_USER')" />
    
    		<custom-filter ref="casAuthenticationFilter" position="CAS_FILTER" />
    		
    		<custom-filter ref="casSingleSignOutFilter" after="LOGOUT_FILTER"/>
    		
    		<logout logout-url="/logout" invalidate-session="true" logout-success-url="/?logout=true"/>
    		
    	<access-denied-handler ref="o4uAccessDeniedHandler"/>
    	</security:http>
    	
    	<!-- Spring Social HTTP TAG -->
    	<security:http use-expressions="true"
    		           entry-point-ref="springSocialSecurityEntryPoint" 
    		           xmlns="http://www.springframework.org/schema/security"
    		           >
    
    		<intercept-url pattern="/protected/twitter" access="hasRole('ROLE_USER_TWITTER')" />
    		<intercept-url pattern="/protected/facebook" access="hasRole('ROLE_USER_FACEBOOK')" />
    		<intercept-url pattern="/protected/facebookTwitter" access="hasRole('ROLE_USER_FACEBOOK') and hasRole('ROLE_USER_TWITTER')" />
    		<intercept-url pattern="/protected/**" access="hasRole('ROLE_USER')" />
    		
    		<intercept-url pattern="/oauthconnect.jsp" access="hasRole('ROLE_USER')" />
    
            <access-denied-handler ref="springSocialSecurityAccessDeniedHandler"/>
    
    
    		<security:logout logout-url="/logout" />
    
    		<anonymous />
    		<security:custom-filter position="FORM_LOGIN_FILTER"
    			ref="springSocialSecurityAuthenticationFilter" />
    
    	</security:http>
    	
    	<bean id="springSocialSecurityEntryPoint"
      		class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
     		<property name="loginFormUrl" value="/oauthlogin.jsp"/>
    	</bean>
    
    	<!-- End Spring Security Social -->
    
    	<!-- CAS -->
    	<bean id="o4uAccessDeniedHandler" class="com.o4u.commons.security.O4uAccessDeniedHandler">
    		<property name="deactiveUrl" value="#{config['members.deactiveUrl']}"/>
    	</bean>
    	
    	<!-- AUTHENTICATION MANAGER -->
    	<security:authentication-manager alias="authenticationManager">
    		
    		<security:authentication-provider ref="casAuthenticationProvider" />
    	
    	</security:authentication-manager>
    	
    	<bean id="casSingleSignOutFilter" class="org.jasig.cas.client.session.SingleSignOutFilter"/>
        
        <!-- AUTH ENTRY POINT -->
    	<bean id="casAuthEntryPoint"
    		class="org.springframework.security.cas.web.CasAuthenticationEntryPoint">
    		<property name="loginUrl" value="#{config['cas.url']}" />
    		<property name="serviceProperties" ref="casService" />
    	</bean>
    	
    	<bean id="casService"
    		class="org.springframework.security.cas.ServiceProperties">
    		<property name="service"
    			value="#{config['cas.auth']}"></property>
    	</bean>
    
    	<!-- AUTH FILTER -->
    	<bean id="casAuthenticationFilter"
    		class="org.springframework.security.cas.web.CasAuthenticationFilter">
    		<property name="authenticationManager" ref="authenticationManager" /> <!-- Required -->
    		<property name="filterProcessesUrl" value="/auth_check" />
    		<!-- 
    		<beans:property name="authenticationSuccessHandler" ref="authenticationSuccessHandler" />
    		 -->
    	</bean>
    
        <!-- Auth Provider -->
    	<bean id="casAuthenticationProvider"
    		class="org.springframework.security.cas.authentication.CasAuthenticationProvider">
    		<property name="ticketValidator" ref="casTicketValidator" /> <!-- Required -->
    		<!-- <beans:property name="ticketValidator" ref="samlTicketValidator"/> -->
    		<property name="serviceProperties" ref="casService" /> <!-- Required -->
    		<property name="key" value="olleh4u-cas" /> <!-- Required -->
    		<property name="authenticationUserDetailsService"
    			ref="authenticationUserDetailsService" />
    	</bean>
    	
    	<!-- CAS Ticket Validator -->
    	<bean id="casTicketValidator"
    		class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
    		<!-- Constructor: public Cas20ServiceTicketValidator(final String casServerUrlPrefix) -->
    		<constructor-arg value="#{config['cas.url']}" />
    	</bean>
    		
    	<!-- AUTH USER DETAIL SERVICE -->	
    	<bean id="authenticationUserDetailsService" class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper">
    		<property name="userDetailsService" ref="jdbcUserDetailsManager"/>
    	</bean>
    	
    	<!-- JDBC USER DETAIL MANAGER -->	
    	<bean id="jdbcUserDetailsManager"
    		class="org.springframework.security.provisioning.JdbcUserDetailsManager">
    		<property name="authenticationManager" ref="authenticationManager" />
    		<property name="dataSource" ref="dataSource-members" />
    		<property name="enableGroups" value="true" />
    		<property name="enableAuthorities" value="false" />
    	</bean>
    	
    	
    	<!-- SAML Ticket Validator
    	<beans:bean id="samlTicketValidator" class="org.jasig.cas.client.validation.Saml11TicketValidator">
    		<beans:constructor-arg value="#{config['cas.url']}" />
    	</beans:bean>
     	 -->
    	<!-- END CAS -->
    
    	<bean id="passwordEncoder"
    		class="org.springframework.security.authentication.encoding.Md5PasswordEncoder" />
    </beans>

    Got error
    Code:
    Caused by: org.springframework.beans.factory.BeanCurrentlyInCreationException: Error creating bean with name 'org.springframework.security.authenticationManager': Requested bean is currently in creation: Is there an unresolvable circular reference?
    	at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.beforeSingletonCreation(DefaultSingletonBeanRegistry.java:300)
    	at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:219)
    	at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:291)
    	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:193)
    	at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:322)
    I'm using cas-client-core-3.1.10.jar and spring security version 3.1.2 Release, can anyone help?

  • #2
    Hi,

    It's fairly strange as your configuration looks correct.
    Can you turn on DEBUG logs on org.springframework and post your logs (as a file) ?
    Thanks,
    Jérôme

    Comment


    • #3
      Hi, Mister Jérôme, thank you for your respond, I'm very proud with CAS Developer..
      Before this error I'm using CAS with spring security version 3.0 and it's okay and no problem,
      but when I try to update Spring Security to 3.1, I got this error..
      I don't know if I miss something..
      I want to update my spring security because I want to using multiple <http> tag

      this is my tomcat log

      http://olleh4u.com/resources/uploads/image/tomcat.log

      Comment


      • #4
        OK. I think I see the problem :
        the authenticationManager bean is built with the casAuthenticationProvider bean which is built with the authenticationUserDetailsService bean which is built with the jdbcUserDetailsManager bean which is built with the authenticationManager bean -> circular reference

        I may be naive, but can't you use a JdbcDaoImpl bean to inject as userDetailsService in the authenticationUserDetailsService bean and create a new separate jdbcUserDetailsManager bean ?

        Comment


        • #5
          Sorry for the late reply, maybe I'll try that out, I just confuse, why I don't get this circular reference error when using CAS client + Spring security version 3.0, but this error just happen when I use higher version of spring security, maybe I'm missing some update log...

          Comment

          Working...
          X