Announcement Announcement Module
Collapse
No announcement yet.
Spring Security 3.2.4 RELEASE with JavaConfig Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Spring Security 3.2.4 RELEASE with JavaConfig

    I have a Spring Security configured in XML that works just fine. Now, I'm trying to have it expressed in JavaConfig only so as to get rid of the XML configuration altogether.

    I've looked at the reference documentation, and at many blogs and support requests, but I still cannot find the solution.

    It gives me the following exception:
    Could not autowire field: private org.springframework.security.web.FilterChainProxy
    com.thalasoft.learnintouch.rest.config.WebTestConf iguration.springSecurityFilterChain;
    I have a security initializer:
    Code:
    @Configuration
    public class SecurityWebApplicationInitializer extends AbstractSecurityWebApplicationInitializer {
    }
    Here is the configuration:
    Code:
    @Configuration
    @EnableWebSecurity
    @ComponentScan(basePackages = { "com.thalasoft.learnintouch.rest" })
    @Import({ WebSecurityInitializer.class })
    public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
    
        @Autowired
        CustomAuthenticationProvider customAuthenticationProvider;
    
        @Bean
        public DelegatingFilterProxy springSecurityFilterChain() {
            DelegatingFilterProxy filterProxy = new DelegatingFilterProxy();
            return filterProxy;
        }
        
    }
    Code:
    @Component
    public class CustomAuthenticationProvider implements AuthenticationProvider {
    
        @Autowired
        AdminService adminService;
    
        @Override
        public Authentication authenticate(Authentication authentication) throws AuthenticationException {
            String login = authentication.getName();
            String password = authentication.getCredentials().toString();
            List<SimpleGrantedAuthority> grantedAuthorities = new ArrayList<SimpleGrantedAuthority>();
            Admin admin = adminService.findByLogin(login);
            if (admin != null) {
                if (adminService.checkPassword(admin, password)) {
                    grantedAuthorities.add(new SimpleGrantedAuthority("ROLE_ADMIN"));
                    return new UsernamePasswordAuthenticationToken(login, password, grantedAuthorities);
                }
            }
            throw new BadCredentialsException("The login " + authentication.getPrincipal() + " and password could not match.");
        }
    
        @Override
        public boolean supports(Class<?> authentication) {
            return authentication.equals(UsernamePasswordAuthenticationToken.class);
        }
    
    }
    My test using the security filter chain:
    Code:
    @RunWith(SpringJUnit4ClassRunner.class)
    @WebAppConfiguration
    @ContextConfiguration( classes = { ApplicationConfiguration.class, WebSecurityConfiguration.class, WebConfiguration.class })
    @Transactional
    public abstract class AbstractControllerTest {
    
        @Autowired
        private WebApplicationContext webApplicationContext;
    
        @Autowired
        private FilterChainProxy springSecurityFilterChain;
        
        protected MockHttpSession session;
    
        protected MockHttpServletRequest request;
    
        protected MockMvc mockMvc;
     
        @Before
        public void setup() {
            this.mockMvc = MockMvcBuilders.webAppContextSetup(this.webApplicationContext).addFilters(this.springSecurityFilterChain).build();
        }
        
    }
    Any help would be very much appreciated :-)

    Kind Regards,

    Stephane Eybert
    Last edited by stephaneeybert; Jun 16th, 2014, 02:17 AM.

  • #2
    I tried dding a constructor to the security initializer but it didn't help and the error message remained the exact same:
    Code:
    @Configuration
    public class WebSecurityInitializer extends AbstractSecurityWebApplicationInitializer {
        
        public WebSecurityInitializer() {
            super(WebSecurityConfiguration.class);
        }
        
    }

    Comment


    • #3
      I tried removing the @Configuration annotation before the security initializer but it didn't help and the error message remained the exact same:
      Code:
      public class WebSecurityInitializer extends AbstractSecurityWebApplicationInitializer {    }

      Comment


      • #4
        I tried removing the import: @Import({ WebSecurityInitializer.class }) from the WebSecurityConfiguration but it didn't help and the error message remained the exact same.

        Comment


        • #5
          I'm running Spring Security 3.2.4.RELEASE and Spring 3.2.9.RELEASE

          Comment


          • #6
            I removed this bean definition from the security configuration and it seems to have solved the issue.
            Code:
                @Bean
                public DelegatingFilterProxy springSecurityFilterChain() {
                    DelegatingFilterProxy filterProxy = new DelegatingFilterProxy();
                    return filterProxy;
                }

            Comment

            Working...
            X