Home/ Questions/Q 8442801
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-10T08:56:22+00:00

I have a working 3.0.2 applicationContext-security.xml that uses a custom authenticator <global-method-security pre-post-annotations=disabled> </global-method-security>

  • 0

I have a working 3.0.2 applicationContext-security.xml that uses a custom authenticator

<global-method-security pre-post-annotations="disabled">

</global-method-security>

<http use-expressions="true">

    <intercept-url pattern="/diagnostics/**" access="hasRole('ROLE_USER')" />


    <form-login login-page="/genesis" default-target-url="/diagnostics/start-diagnostics"
      authentication-failure-url="/genesis?authfailed=true"
      authentication-success-handler-ref="customTargetUrlResolver"/>
      <access-denied-handler error-page="/genesis?notauthorized=true"/>

     <logout logout-success-url="/genesis"/> 
    <session-management session-authentication-error-url="/genesis"> 
        <concurrency-control max-sessions="1" expired-url="/genesis?sessionExpired=true"/> 
    </session-management>
</http>

<authentication-manager>
<authentication-provider ref="genesisAuthenticator">
    <jdbc-user-service data-source-ref="dataSource"/>
</authentication-provider>
</authentication-manager>

<beans:bean id="genesisAuthenticator" class="com.blackbox.x.web.security.Authenticator"/>
<beans:bean id="customTargetUrlResolver" class="com.blackbox.x.web.security.StartPageRouter"/>   

</beans:beans>

After upgrading to 3.1.2 my application will not start and I get the error message

“Configuration problem: authentication-provider element cannot have child elements when used with ‘ref’ attribute”. I’m assuming that the problem lies with the

<jdbc-user-service data-source-ref="dataSource"/>

element where data-source-ref points to a definition in my application-context.xml file.

<bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource">
<property name="driverClassName" value="com.mysql.jdbc.Driver"/>
<property name="url" value="jdbc:mysql://localhost:3306/genesis"/>
<property name="username" value="dbuser"/>
<property name="password" value="********"/>

What do I need to do to get this working. Dropping back to 3.0.2 is not really an option.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    If you use a custom AuthenticationProvider implementation you’ll have to configure it in XML in “traditional” Spring way, because <security:authentication-provider ref="yourImpl"> just points to bean which can authenticate whatever in whatever way, and don’t really have to use UserDetailsService at all. In your example you tried to use jdbc-user-service which is just shortcut for creating JdbcDaoImpl bean.

    So what you have to do is to assure that all genesisAuthenticator dependencies are resolved by yourself not Spring Security. That is you should either add @Autowired setUserDetailsService(UserDetailsService userDetailsService) method to your bean or configure it in XML like this (using id attribute):

    <beans:bean id="genesisAuthenticator"
    class="com.blackbox.x.web.security.Authenticator">
  <property name="userDetailsService" ref="jdbcUserService"/>      
</beans:bean>

<jdbc-user-service id="jdbcUserService" data-source-ref="dataSource" />
    • 0