Announcement Announcement Module
Collapse
No announcement yet.
In what order do config files load? My service is not detected Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • In what order do config files load? My service is not detected

    Hi

    This question is related to the inner workings of Spring. Just to be clear, I read the documentation but there probably is a detail that I missed, so I really would appreciate your help.

    I have a MVC app to which I want to add Spring Security. These are my current configuration files

    web.xml
    Code:
    <web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
    
    	<context-param>
    		<param-name>contextConfigLocation</param-name>
    		<param-value>classpath:servlet-context-security.xml</param-value>
    	</context-param>
    
    	<listener>
    		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    	</listener>
    
    	<servlet>
    		<servlet-name>appServlet</servlet-name>
    		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
    		<init-param>
    			<param-name>contextConfigLocation</param-name>
    			<param-value>classpath:servlet-context.xml</param-value>
    		</init-param>
    		<load-on-startup>1</load-on-startup>
    	</servlet>
    
    	<servlet-mapping>
    		<servlet-name>appServlet</servlet-name>
    		<url-pattern>/</url-pattern>
    	</servlet-mapping>
    
    	<welcome-file-list>
    		<welcome-file></welcome-file>
    	</welcome-file-list>
    
    	<filter>
    		<filter-name>springSecurityFilterChain</filter-name>
    		<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    	</filter>
    
    	<filter-mapping>
    		<filter-name>springSecurityFilterChain</filter-name>
    		<url-pattern>/*</url-pattern>
    	</filter-mapping>
    </web-app>
    The root spring container loads the servlet-context-security.xml file

    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <beans:beans xmlns="http://www.springframework.org/schema/security"
    	xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
                            http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">
    
    	<global-method-security pre-post-annotations="enabled">
    	</global-method-security>
    
    	<http auto-config='true' use-expressions="true">
    		<intercept-url pattern="/login.jsp*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
    		<intercept-url pattern="/**" access="ROLE_USER" />
    		<form-login login-page="/login.jsp" />
    	</http>
    
    	<beans:bean id="daoAuthenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider"> 
              <beans:property name="userDetailsService" ref="userDetailsService"/> 
        </beans:bean> 
    
        <beans:bean id="authenticationManager" class="org.springframework.security.authentication.ProviderManager"> 
              <beans:property name="providers"> 
                <beans:list> 
                    <beans:ref local="daoAuthenticationProvider" /> 
                </beans:list> 
              </beans:property> 
        </beans:bean>
    	
    	<authentication-manager>
    		<authentication-provider user-service-ref="userDetailsService">
    		</authentication-provider>
    	</authentication-manager>
    </beans:beans>
    The appServlet loads the servlet-context.xml file

    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <beans:beans xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    	xmlns:jpa="http://www.springframework.org/schema/data/jpa" xmlns:beans="http://www.springframework.org/schema/beans"
    	xmlns:mvc="http://www.springframework.org/schema/mvc"
    	xsi:schemaLocation="http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd
    		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
    		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
    		http://www.springframework.org/schema/data/jpa http://www.springframework.org/schema/data/jpa/spring-jpa.xsd">
    
    	<mvc:annotation-driven />
    
    	<mvc:resources mapping="/resources/**" location="/resources/" />
    
    	<beans:bean
    		class="org.springframework.web.servlet.view.InternalResourceViewResolver">
    		<beans:property name="prefix" value="/WEB-INF/views/" />
    		<beans:property name="suffix" value=".jsp" />
    	</beans:bean>
    
    	<mvc:interceptors>
    		<beans:bean id="localeChangeInterceptor"
    			class="org.springframework.web.servlet.i18n.LocaleChangeInterceptor">
    			<beans:property name="paramName" value="lang" />
    		</beans:bean>
    	</mvc:interceptors>
    
    	<beans:bean id="messageSource"
    		class="org.springframework.context.support.ReloadableResourceBundleMessageSource">
    		<beans:property name="basename" value="classpath:messages" />
    	</beans:bean>
    
    	<beans:bean id="localeResolver"
    		class="org.springframework.web.servlet.i18n.CookieLocaleResolver">
    		<beans:property name="defaultLocale" value="en" />
    	</beans:bean>
    
    	<beans:bean id="validator"
    		class="org.springframework.validation.beanvalidation.LocalValidatorFactoryBean">
    		<beans:property name="validationMessageSource" ref="messageSource" />
    	</beans:bean>
    
    	<beans:import resource="classpath:controllers.xml" />
    
    	<beans:import resource="classpath:infrastructure.xml" />
    
    	<jpa:repositories base-package="com.<myproject>.model.repositories" />
    </beans:beans>
    The servlet-context.xml loads both controllers.xml and infrastructure.xml, which are rather simple.
    controllers.xml

    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <beans xmlns="http://www.springframework.org/schema/beans"
    	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    	xmlns:mvc="http://www.springframework.org/schema/mvc"
    	xmlns:context="http://www.springframework.org/schema/context"
    	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
    		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd
    		http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd">
    
    	<mvc:view-controller path="/" view-name="home"/>
    	
    	<context:component-scan base-package="com.<myproject>" />
    	 
    </beans>
    infrastructure.xml
    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <beans xmlns="http://www.springframework.org/schema/beans"
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jdbc="http://www.springframework.org/schema/jdbc"
        xsi:schemaLocation="http://www.springframework.org/schema/jdbc http://www.springframework.org/schema/jdbc/spring-jdbc-3.0.xsd
        	http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd">
    
        <bean id="entityManagerFactory" class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
            <property name="dataSource" ref="dataSource" />
            <property name="persistenceUnitName" value="mysql-jpa" />
            <property name="jpaVendorAdapter">
                <bean class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter">
                    <property name="generateDdl" value="true" />
                </bean>
            </property>
        </bean>
    
        <bean id="transactionManager" class="org.springframework.orm.jpa.JpaTransactionManager">
            <property name="entityManagerFactory" ref="entityManagerFactory" />
        </bean>
    
        <bean id="dataSource" class="com.mysql.jdbc.jdbc2.optional.MysqlConnectionPoolDataSource">
            <property name="url" value="jdbc:mysql://localhost:3306/mydb" />
            <property name="user" value="<username>" />
            <property name="password" value="<password>" />
        </bean>
    </beans>
    Ok, now you know my setup. This all works except for one part, Spring Security cannot find the "userDetailsService", although it exists like this:

    Code:
    @Service("userDetailsService")
    public class UserDetailsServiceImpl implements UserDetailsService {
    
    	private Logger log = LoggerFactory.getLogger(UserDetailsServiceImpl.class);
    
    	@Autowired
    	CustomerRepository customerRep;
    
    	@Override
    	@Transactional(readOnly = true)
    	public UserDetails loadUserByUsername(String username)
    			throws UsernameNotFoundException {
    		log.debug("Getting user for username " + username);
    		Customer customer = customerRep.findByUsername(username);
    		if(customer == null){
    			throw new UsernameNotFoundException("Username " + username + " not found.");
    		}
    		return customer;
    	}
    }
    In the servlet-context-security.xml file you'll see two beans called daoAuthenticationProvider and authenticationManager, which honestly I do not know what they do, I took them from an example.
    I tried something like this on that file

    Code:
    <beans:bean id="userDetailsService" class="org.<myproject>.services.UserDetailsServiceImpl" />
    This worked, Spring Security used my user details service (my logs proved it) but that service was unable to autowire CustomerRepository, it was null.

    From my reading and experience, I can see that servlet-context-security.xml is loaded right on the root context. servlet-context.xml, which contains the component-scan entry, is only loaded by the servlet. This makes me believe that when security is loaded my services weren't scanned yet. Problem is, I do not know how to circumvent this. I tried placing component-scan on secury.xml but got the error "No matching bean of type [com.<myproject>.model.repositories.CustomerReposit ory] found for dependency...".

    Any tips or explanation or documentation link (which I'm certain i missed) would be much appreciated
Working...
X