13
package ro.contabilitateexpert.AccountExpert.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.BeanIds;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private UserDetailsService userDetailsService;

    @Bean(BeanIds.AUTHENTICATION_MANAGER)
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

    @Override
    public void configure(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.csrf().disable().authorizeRequests()
                .antMatchers("/api/auth/**")
                .permitAll()
                .anyRequest()
                .authenticated();
    }

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
        authenticationManagerBuilder.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
    }

    @Bean
    PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }
}

I have the following error : Error creating bean with name 'securityConfig': Requested bean is currently in creation: Is there an unresolvable circular reference?

How can i solve it?

Simion Georgian
  • 285
  • 1
  • 2
  • 7

5 Answers5

14

More detailed solution:

code before:

@Autowired
public void configureGlobal(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
    authenticationManagerBuilder.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
}

changing @Autowired and function name

@Override
public void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
    authenticationManagerBuilder.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
}
Konzerra
  • 161
  • 1
  • 2
13

After i changed to configure instead of configureGlobal with @Overrides and deleted @Autowired Added @Configuration Now the code is working,

Thanks to Alexey Veleshko

Simion Georgian
  • 285
  • 1
  • 2
  • 7
  • 3
    Your answer could be improved with additional supporting information. Please [edit] to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers [in the help center](/help/how-to-answer). – Community Jan 05 '22 at 18:52
  • 6
    Pretty useless answer since one can not understand nor reproduce what you have done. – mmo Mar 24 '22 at 13:20
  • Can you post the code when it works too please? – Roger C S Wernersson Apr 06 '22 at 08:45
1
package ro.contabilitateexpert.AccountExpert.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.BeanIds;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private UserDetailsService userDetailsService;

    @Bean(BeanIds.AUTHENTICATION_MANAGER)
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

    @Override
    public void configure(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.csrf().disable().authorizeRequests()
                .antMatchers("/api/auth/**")
                .permitAll()
                .anyRequest()
                .authenticated();
    }

    @Override
    public void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
        authenticationManagerBuilder.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
    }

    @Bean
    PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }
}

I edited the code; this should work. What did I do? I changed the name of the configureGlobal method to configure and used the @Override annotation instead of @Autowired. The @Autowired method, configureGlobal, somehow was also using the SecurityConfig bean, which was internally being created (of course, it was being created; what do we think made the call to the configureGlobal method)

Brijesh Lakkad
  • 611
  • 10
  • 13
0

When migrating spring and other dependencies, including spring security, I have encountered this issue.

Description:

The dependencies of some of the beans in the application context form a cycle:

   FrameworkContextFilter defined in class path resource [com/company/frame/autoconfigure/web/servlet/WebMvcAutoConfiguration.class]
      ↓
   mvcHandlerMappingIntrospector defined in class path resource [org/springframework/boot/autoconfigure/web/servlet/WebMvcAutoConfiguration$EnableWebMvcConfiguration.class]
      ↓
   org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerEndpointsConfiguration (field private java.util.List org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerEndpointsConfiguration.configurers)
      ↓
   oauthConfig.AuthorizationServerConfiguration (field org.springframework.security.authentication.AuthenticationManager com.company.frame.config.OauthConfig$AuthorizationServerConfiguration.authenticationManager)
┌─────┐
|  securityConfig (field private org.springframework.security.crypto.password.PasswordEncoder com.company.frame.config.SecurityConfig.passwordEncoder)
└─────┘

Following is the solution which survived my troubleshooting.

@Autowired private PasswordEncoder passwordEncoder;
    | 
    V
@Autowired @Lazy private PasswordEncoder passwordEncoder;

and

@Autowired
  public void configureGlobal(AuthenticationManagerBuilder auth)
    |
    V 
@Override
  public void configure(AuthenticationManagerBuilder auth)
sarath
  • 767
  • 12
  • 19
-1

spring.main.allow-circular-references=true add this property in application.properties file

or add below in application.yaml file spring: main: allow-circular-references: true

Hamdhan Azeez T
  • 429
  • 4
  • 9
  • You could do so, but you should definitely avoid doing such stuff. Allowing circular dependencies brings inconsistency to your system. – Javali Jan 02 '23 at 12:27