Announcement Announcement Module
Collapse
No announcement yet.
Spring SAML implementation: cannot resolve reference to bean Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Spring SAML implementation: cannot resolve reference to bean

    On my Vaadin application project I want to integrate spring-security-SAML extension. I downloaded source code from spring security extension page. Based on manual I packaged extension using mvn package and deployed it on local maven repository using mvn deploy command. Everything goes right. A compiled extension appeared on the maven repository. So I included it into project pom.xml file as dependency like this:
    Code:
        <dependency>
            <groupId>org.springframework.security.extensions</groupId>
            <artifactId>spring-security-saml2-core</artifactId>
            <version>1.0.0-RC1-SNAPSHOT</version>
        </dependency>
    After that I updated maven project and found spring-security-saml2-core-1.0.0-RC1-SNAPSHOT.jar inside maven dependency directory (I am using eclipse IDE with Maven). The next thing what I did, was appLicationContext.xml file editing. applicationContext.xml file is included throught the web.xml and it is in resources/META-INF folder. So I added lines below to appLicationContext.xml file:

    Code:
     <beans xmlns="http://www.springframework.org/schema/beans"
           xmlns:security="http://www.springframework.org/schema/security"
           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
           xmlns:context="http://www.springframework.org/schema/context"
           xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schem...-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schem...curity-3.0.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
    
        <context:annotation-config />
        <context:component-scan base-package="org.springframework.security.saml"/>
    
        <security:http entry-point-ref="samlEntryPoint">
            <security:intercept-url pattern="/*" access="IS_AUTHENTICATED_FULLY"/>
            <security:custom-filter before="FIRST" ref="metadataGeneratorFilter"/>
            <security:custom-filter after="BASIC_AUTH_FILTER" ref="samlFilter"/>
        </security:http>
    
        <security:authentication-manager alias="authenticationManager">
            <security:authentication-provider ref="samlAuthenticationProvider"/>
        </security:authentication-manager>
    
        <bean id="samlAuthenticationProvider" class="org.springframework.security.saml.SAMLAuthenticationProvider">      
    
        </bean> 
    
        <bean id="samlEntryPoint" class="org.springframework.security.saml.SAMLEntryPoint">
            <property name="defaultProfileOptions">
                <bean class="org.springframework.security.saml.websso.WebSSOProfileOptions">
                    <property name="includeScoping" value="false"/>
                </bean>
            </property>
        </bean>
    
        <bean id="metadataGeneratorFilter" class="org.springframework.security.saml.metadata.MetadataGeneratorFilter">
        <constructor-arg>
            <bean class="org.springframework.security.saml.metadata.MetadataGenerator"/>
        </constructor-arg>
    </bean>
    After such changes on the file, I compiled my project into war archive and tried to deploy it on the glassfish server. But then I got an error:

    Error occurred during deployment: Exception while loading the app : java.lang.IllegalStateException: ContainerBase.addChild: start: org.apache.catalina.LifecycleException: org.springframework.beans.factory.BeanCreationExce ption: Error creating bean with name 'org.springframework.security.authentication.Provi derManager#0': Cannot create inner bean '(inner bean)' of type [org.springframework.security.config.authentication .AuthenticationManagerFactoryBean] while setting bean property 'parent'; nested exception is org.springframework.beans.factory.BeanCreationExce ption: Error creating bean with name '(inner bean)': FactoryBean threw exception on object creation; nested exception is org.springframework.beans.factory.BeanCreationExce ption: Error creating bean with name 'org.springframework.security.authenticationManage r': Cannot resolve reference to bean 'samlAuthenticationProvider' while setting bean property 'providers' with key [0]; nested exception is org.springframework.beans.factory.
    It looks like that org.springframework.security.saml.SAMLAuthenticati onProvider could not be found or resolved on the war archive. But I checked it manually and found it on the WEB-INF/lib folder spring-security-saml2-core-1.0.0-RC1-SNAPSHOT.jar. Also I checked inside jar archive and found SAMLAuthenticationProvider.class. Does anyone can help me to solve my problem. Maybe there are people that has experience with Spring security and saml extension.

  • #2
    Hi,

    I believe that the deployment exception is not complete, but has more to it - likely stating that the bean cannot be created due to some other unsatisfied dependency. E.g. SAMLAuthenticationProvider requires bean WebSSOProfileConsumer which is auto-wired and missing in your applicationContext.xml.

    The best way is to take the securityContext.xml from the saml2-sample module, update it to your liking (e.g. changing metadata) and including it as a whole in your project. That will guarantee that no parts are missing. In the future there might be a separate SAML Extension configuration schema for Spring which would simplify this process.

    Vladimír Schäfer

    Comment


    • #3
      Originally posted by vsch View Post
      Hi,

      I believe that the deployment exception is not complete, but has more to it - likely stating that the bean cannot be created due to some other unsatisfied dependency. E.g. SAMLAuthenticationProvider requires bean WebSSOProfileConsumer which is auto-wired and missing in your applicationContext.xml.

      The best way is to take the securityContext.xml from the saml2-sample module, update it to your liking (e.g. changing metadata) and including it as a whole in your project. That will guarantee that no parts are missing. In the future there might be a separate SAML Extension configuration schema for Spring which would simplify this process.

      Vladimír Schäfer
      Yes I mastered it by my self. Just copied all the stuff from example securityContext.xml to my Vaadin project. And everything deployed perfectly. Bu I have another question that I will post in other topic

      Comment

      Working...
      X