I am somewhat new to spring security and I am trying to migrate an existing application from security 2.0.4 to 3.1 and I am getting the following error message:
org.springframework.beans.factory.BeanCreationException:
Error creating bean with name 'org.springframework.security.authentication.dao.DaoAuthenticationProvider#0': Initialization of bean failed;
nested exception is org.springframework.beans.ConversionNotSupportedException:
Failed to convert property value of type org.springframework.security.authentication.dao.DaoAuthenticationProvider'
to required type 'org.springframework.security.core.userdetails.UserDetailsService' for property 'userDetailsService';
nested exception is java.lang.IllegalStateException: Cannot convert value of type [org.springframework.security.authentication.dao.DaoAuthenticationProvider]
to required type [org.springframework.security.core.userdetails.UserDetailsService]
for property 'userDetailsService': no matching editors or conversion strategy found
I feel like I am missing something obvious but I can’t for the life of me see it.
This is my applicationContextSecurity.xml file
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.1.xsd">
<beans:bean id="daoAuthenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
<beans:property name="userDetailsService" ref="employeeServiceFacade"/>
<beans:property name="passwordEncoder" ref="passwordEncoderDecoder"/>
<beans:property name="hideUserNotFoundExceptions" value="false" />
</beans:bean>
<authentication-manager alias="authenticationManager">
<authentication-provider user-service-ref="daoAuthenticationProvider"/>
</authentication-manager>
<global-method-security secured-annotations="disabled"/>
<beans:bean id="customAuthenticationEntryPoint" class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
<beans:property name="loginFormUrl" value="/login.action"/>
</beans:bean>
<beans:bean id="customAuthenticationProcessingFilter" class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
<beans:property name="authenticationFailureHandler" ref="failureHandler" />
<beans:property name="authenticationSuccessHandler" ref="successHandler" />
<beans:property name="authenticationManager" ref="authenticationManager"/>
<beans:property name="allowSessionCreation" value="true" />
<beans:property name="sessionAuthenticationStrategy" ref="sas"/>
</beans:bean>
<beans:bean id="successHandler" class="com.es.tms.web.security.RoleBasedTargetUrlResolver" >
<beans:property name="defaultTargetUrl" value="/timesheet/searchTimeEntries.action" /> <!-- which is the default value -->
<beans:property name="roleNameToUrlMap">
<util:map>
<beans:entry key="ROLE_ASSISTANT" value="/billing/viewBillings.action"/>
<beans:entry key="ROLE_BILLING" value="/expenses/viewToAPApproveExpenses.action"/>
<beans:entry key="ROLE_PAYROLL" value="/payroll/viewPayroll.action"/>
<beans:entry key="ROLE_OFFICEASSISTANTEXPENSES" value="/expenses/searchExpenseEntries.action"/>
<beans:entry key="ROLE_ADMIN_LEVEL1" value="/administration/searchEmployees.action"/>
<beans:entry key="ROLE_ADMIN" value="/administration/searchEmployees.action"/>
<beans:entry key="ROLE_ADMIN_ASSISTANT" value="/administration/searchEmployees.action"/>
<beans:entry key="ROLE_ACCOUNT_MANAGER" value="/administration/searchEmployees.action"/>
<beans:entry key="ROLE_HR" value="/administration/searchEmployees.action"/>
<beans:entry key="ROLE_RECRUITER_MANAGER" value="/administration/searchEmployees.action"/>
</util:map>
</beans:property>
<beans:constructor-arg ref="defaultTargetUrlResolver" />
</beans:bean>
<beans:bean id="defaultTargetUrlResolver" class="org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler" />
<beans:bean id="failureHandler" class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler" >
<beans:property name="defaultFailureUrl" value="/login.action?login_error=true" />
</beans:bean>
<beans:bean id="sas" class="org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy">
<beans:property name="migrateSessionAttributes" value="true" />
</beans:bean>
<!-- Non Secured patterns -->
<http security="none" pattern="/images/**" />
<http security="none" pattern="/styles/**" />
<http security="none" pattern="/scripts/**" />
<http security="none" pattern="/common/**" />
<http auto-config="false" entry-point-ref="customAuthenticationEntryPoint" access-denied-page="/forbidden.jsp">
<custom-filter position="FORM_LOGIN_FILTER" ref="customAuthenticationProcessingFilter" />
<!-- SECURITY URLs -->
<intercept-url pattern="/login.action*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/index.jsp*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/error*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<logout logout-success-url="/login.action"/>
<anonymous username="Guest" granted-authority="ROLE_ANONYMOUS"/>
<remember-me/>
</http>
<authentication-manager>
<authentication-provider user-service-ref="employeeServiceFacade">
<password-encoder ref="passwordEncoderDecoder"/>
</authentication-provider>
</authentication-manager>
<beans:bean id="passwordEncoderDecoder" class="com.es.tms.util.CustomPasswordEncoder"/>
<beans:bean id="employeeServiceFacade" class="com.es.tms.service.security.EmployeeServiceFacade">
<beans:property name="coreService" ref="coreService"/>
<beans:property name="hireStatusCodes" value="O:SOP's have not been completed#P:Survey has not been completed" />
</beans:bean>
</beans:beans>
Also this is my web.xml file:
<?xml version="1.0" encoding="UTF-8"?>
<web-app id="stanplus" version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<display-name>TMS</display-name>
<!-- Define the basename for a resource bundle for I18N -->
<context-param>
<param-name>javax.servlet.jsp.jstl.fmt.localizationContext</param-name>
<param-value>app_resources</param-value>
</context-param>
<!-- Fallback locale if no bundles found for browser's preferred locale -->
<!-- Force a single locale using param-name 'javax.servlet.jsp.jstl.fmt.locale' -->
<context-param>
<param-name>javax.servlet.jsp.jstl.fmt.fallbackLocale</param-name>
<param-value>en</param-value>
</context-param>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/applicationContextMail.xml
/WEB-INF/applicationContextDao.xml
/WEB-INF/applicationContextService.xml
/WEB-INF/applicationContextWeb.xml
/WEB-INF/applicationContextReports.xml
/WEB-INF/applicationContextQuartz.xml
/WEB-INF/applicationContextSecurity.xml
</param-value>
</context-param>
<!-- Filters -->
<filter>
<filter-name>encodingFilter</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
<init-param>
<param-name>forceEncoding</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter>
<filter-name>sitemesh</filter-name>
<filter-class>com.opensymphony.module.sitemesh.filter.PageFilter</filter-class>
</filter>
<filter>
<filter-name>struts-cleanup</filter-name>
<filter-class>org.apache.struts2.dispatcher.ActionContextCleanUp</filter-class>
</filter>
<filter>
<filter-name>struts</filter-name>
<filter-class>org.apache.struts2.dispatcher.FilterDispatcher</filter-class>
</filter>
<filter>
<filter-name>lazyLoadingFilter</filter-name>
<filter-class>org.springframework.orm.jpa.support.OpenEntityManagerInViewFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>encodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>lazyLoadingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>struts-cleanup</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
<filter-mapping>
<filter-name>sitemesh</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
<dispatcher>INCLUDE</dispatcher>
</filter-mapping>
<filter-mapping>
<filter-name>struts</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
<!-- Listeners -->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>net.sf.navigator.menu.MenuContextListener</listener-class>
</listener>
<!-- Servlets -->
<servlet>
<servlet-name>jspSupportServlet</servlet-name>
<servlet-class>org.apache.struts2.views.JspSupportServlet</servlet-class>
<load-on-startup>5</load-on-startup>
</servlet>
<!-- Welcome file lists -->
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<error-page>
<exception-type>java.lang.Throwable</exception-type>
<location>/error.jsp</location>
</error-page>
</web-app>
Any help would be much appreciated.
Thanks,
Steve
Update:
Ok I looked at this example and I did see that I had my authentication manager incorrect. So I fixed that but now I can’t’ seem to get by this error:
org.springframework.beans.factory.BeanCreationException:
Error creating bean with name 'daoAuthenticationProvider'
defined in ServletContext resource [/WEB-INF/applicationContextSecurity.xml]:
Cannot resolve reference to bean 'employeeServiceFacade' while setting bean property 'userDetailsService';
nested exception is org.springframework.beans.factory.BeanCreationException:
Error creating bean with name 'employeeServiceFacade'
defined in ServletContext resource [/WEB-INF/applicationContextSecurity.xml]:
Initialization of bean failed; nested exception is
org.springframework.beans.factory.BeanInitializationException:
Property 'coreService' is required for bean 'employeeServiceFacade'
I have not changed my coreServie in this upgrade but it almost looks like it has not been initialized? Any thoughts?
My coreService is set in the applicationContextService.xml file.
I have an applicationContextService.xml file that contains this bean. When I walk through it at startup in debug I see that the service is initialized, but for some reason still thinks it is not set. I took the @Required annotation off of the coreService in the EmployeeServiceFacade class and now it seems to be working. Don’t understand why but I can at least run my app now. Thanks for the responses it at least got me looking in the right direction.