Spring Security deployment error

Question

For the last 4 hours I've been trying to solve the issue, but I simply can't see what is wrong with it.. [And it's not even a midnight yet :) ]

I'm having a trouble to deploy a Spring MVC application on Glassfish server.

Here's the output of Glassfish.

cannot Deploy kShop 
deploy is failing=Error occurred during deployment: Exception while loading the app : java.lang.IllegalStateException: ContainerBase.addChild: start: org.apache.catalina.LifecycleException: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.filterChains': Cannot resolve reference to bean 'org.springframework.security.web.DefaultSecurityFilterChain#0' while setting bean property 'sourceList' with key [0];
    nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.DefaultSecurityFilterChain#0': Cannot resolve reference to bean 'org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter#0' while setting constructor argument with key [2];
    nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter#0': Cannot resolve reference to bean 'org.springframework.security.authentication.ProviderManager#0' while setting bean property 'authenticationManager';
    nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authentication.ProviderManager#0': Cannot resolve reference to bean 'org.springframework.security.config.authentication.AuthenticationManagerFactoryBean#0' while setting constructor argument;
    nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.config.authentication.AuthenticationManagerFactoryBean#0': FactoryBean threw exception on object creation;
    nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authenticationManager': Cannot resolve reference to bean 'org.springframework.security.authentication.dao.DaoAuthenticationProvider#0' while setting constructor argument with key [0];
    nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authentication.dao.DaoAuthenticationProvider#0': Cannot resolve reference to bean 'org.springframework.security.provisioning.JdbcUserDetailsManager#0' while setting bean property 'userDetailsService';
    nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.provisioning.JdbcUserDetailsManager#0': Cannot resolve reference to bean 'dataSource' while setting bean property 'dataSource';
    nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'dataSource' is defined.
Please see server.log for more details.

Here's the web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">

    <!-- The definition of the Root Spring Container shared by all Servlets and Filters -->
    <context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>/WEB-INF/spring/kshop-security.xml</param-value>

    </context-param>

    <!-- Creates the Spring Container shared by all Servlets and Filters -->
    <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    </listener>

    <!-- Processes application requests -->
    <servlet>
        <servlet-name>appServlet</servlet-name>
        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
        <init-param>
            <param-name>contextConfigLocation</param-name>
            <param-value>/WEB-INF/spring/appServlet/servlet-context.xml</param-value>
        </init-param>
        <load-on-startup>1</load-on-startup>
    </servlet>

    <servlet-mapping>
        <servlet-name>appServlet</servlet-name>
        <url-pattern>/</url-pattern>
    </servlet-mapping>

    <!-- Spring Security -->  
    <filter>  
        <filter-name>springSecurityFilterChain</filter-name>  
        <filter-class>  
            org.springframework.web.filter.DelegatingFilterProxy  
        </filter-class>  
     </filter>  

    <filter-mapping>  
        <filter-name>springSecurityFilterChain</filter-name>  
        <url-pattern>/*</url-pattern>   
    </filter-mapping>  

</web-app>

The kshop-security.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
    xmlns:security="http://www.springframework.org/schema/security"
    xmlns:p="http://www.springframework.org/schema/p"
    xsi:schemaLocation="http://www.springframework.org/schema/beans
                           http://www.springframework.org/schema/beans/spring-beans.xsd
                           http://www.springframework.org/schema/security
                           http://www.springframework.org/schema/security/spring-security-3.1.xsd">

    <security:http auto-config="true"  use-expressions="true">
        <security:intercept-url pattern="/" access="hasRole('ROLE_USER')" />
        <security:form-login login-page="/login"
            default-target-url="/" authentication-failure-url="/fail2login" />
        <security:logout logout-success-url="/logout" />
    </security:http>

    <security:authentication-manager>
        <security:authentication-provider>
            <!-- <security:user-service> <security:user name="admin" password="password" 
                authorities="ROLE_USER" /> </security:user-service> -->
            <security:jdbc-user-service
                data-source-ref="dataSource"
                users-by-username-query="select username, password, active from users where username=?"
                authorities-by-username-query="select us.username, ur.authority from users us, user_roles ur 
        where us.user_id = ur.user_id and us.username =?  " />
        </security:authentication-provider>
    </security:authentication-manager>

</beans>

And servlet-context.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/mvc"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
    xmlns:context="http://www.springframework.org/schema/context" xmlns:tx="http://www.springframework.org/schema/tx"
    xsi:schemaLocation="http://www.springframework.org/schema/mvc 
        http://www.springframework.org/schema/mvc/spring-mvc.xsd
        http://www.springframework.org/schema/beans 
        http://www.springframework.org/schema/beans/spring-beans.xsd
        http://www.springframework.org/schema/context
        http://www.springframework.org/schema/context/spring-context.xsd
        http://www.springframework.org/schema/tx  
        http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">


    <context:component-scan base-package="org.shahapps.kshop" />
    <context:property-placeholder location="/resources/database.properties" /> 


    <!-- DispatcherServlet Context: defines this servlet's request-processing 
        infrastructure -->

    <!-- Enables the Spring MVC @Controller programming model -->
    <annotation-driven />

    <!-- Handles HTTP GET requests for /resources/** by efficiently serving 
        up static resources in the ${webappRoot}/resources directory -->
    <resources mapping="/resources/**" location="/resources/" />

    <!-- Resolves views selected for rendering by @Controllers to .jsp resources 
        in the /WEB-INF/views directory -->
    <beans:bean
        class="org.springframework.web.servlet.view.InternalResourceViewResolver">
        <beans:property name="prefix" value="/WEB-INF/views/" />
        <beans:property name="suffix" value=".jsp" />
    </beans:bean>


    <beans:bean id="dataSource"
        class="org.springframework.jdbc.datasource.DriverManagerDataSource">
        <beans:property name="driverClassName" value="${database.driver}" />
        <beans:property name="url" value="${database.url}" />
        <beans:property name="username" value="${database.user}" />
        <beans:property name="password" value="${database.password}" />
    </beans:bean>


</beans:beans>

Please help me out here!

Answer 1

This stack trace element gives away the problem

org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'dataSource' is defined.

The root context loaded by the ContextLoaderListener does not have access to the beans declared in the servlet context loaded by the DispatcherServlet. Therefore, the bean named dataSource in servlet-context.xml is not accessible to the authentication-manager in kshop-security.xml.

You will have to reorganize your context so that the beans needed in kshop-security.xml are available to it. This can simply mean moving the dataSource <bean> definition to another root-context.xml file (which you would register to also be loaded by the ContextLoaderListener) or to the kshop-security.xml file directly.

Answer 2

Try changing your dataSource bean to this.

beans:bean id="dataSource" name="dataSource"

You've given it an id "dataSource" but no name "dataSource".

See the last line of your error.

Answer 3

Add your servlet-context.xml to your contextConfigLocations in your web.xml:

 <context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>
        /WEB-INF/spring/servlet-context.xml
        /WEB-INF/spring/kshop-security.xml
    </param-value>
 </context-param>