Using the service layer in custom authentication-provider ( Spring security 3.2)

Question

I dont understand why i cant use the the service layer(file: Userservice ) in the authentication-provider (file: userDetailsService ). In result i had the error below, but when i used Repository layer(file: Repository) all are fine.

i would like to encapsulate the Repository layer(Spring data Jpa) and use only Service layer for all needs.why is not possible in this case ?

Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.DefaultSecurityFilterChain#1': Cannot resolve reference to bean 'org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter#0' while setting constructor argument with key [3]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter#0': Cannot resolve reference to bean 'org.springframework.security.authentication.ProviderManager#0' while setting bean property 'authenticationManager'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authentication.ProviderManager#0': Cannot resolve reference to bean 'org.springframework.security.config.authentication.AuthenticationManagerFactoryBean#0' while setting constructor argument; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.config.authentication.AuthenticationManagerFactoryBean#0': FactoryBean threw exception on object creation; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authenticationManager': Cannot resolve reference to bean 'daoAuthenticationProvider' while setting constructor argument with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'daoAuthenticationProvider' defined in class path resource [spring/applicationContext/applicationContext-security.xml]: Cannot resolve reference to bean 'authService' while setting bean property 'userDetailsService'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'authService': Injection of autowired dependencies failed; nested exception is org.springframework.beans.factory.BeanCreationException: Could not autowire field: com.dubovskiyM.mvc.service.User_service com.dubovskiyM.mvc.security.AuthServiceImpl.user_service; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No qualifying bean of type [com.dubovskiyM.mvc.service.User_service] found for dependency: expected at least 1 bean which qualifies as autowire candidate for this dependency. Dependency annotations: {@org.springframework.beans.factory.annotation.Autowired(required=true)}

userDetailsService

@Service
public class AuthServiceImpl implements UserDetailsService {

    private final Logger log = LoggerFactory.getLogger(getClass());
    @Autowired
    User_service user_service;

    @Transactional
    @Override
    public UserDetails loadUserByUsername(String username)
            throws UsernameNotFoundException {
        log.trace("START-------------------------------------");
        Signup details = user_service.findByLogin(username);
        log.trace(details.getLogin()+"---------------------"+details.getPassword());
        Collection<SimpleGrantedAuthority> authorities = new ArrayList<SimpleGrantedAuthority>();
        SimpleGrantedAuthority userAuthority = new SimpleGrantedAuthority(
                "ROLE_USER");
        SimpleGrantedAuthority adminAuthority = new SimpleGrantedAuthority(
                "ROLE_ADMIN");
        if (details.getRole() == 1)
            authorities.add(userAuthority);
        else if (details.getRole() == 2) {
            authorities.add(userAuthority);
            authorities.add(adminAuthority);
        }
        UserDetails user = new User(details.getLogin(),
                details.getPassword(), true, true, true, true, authorities);
        return user;
    }

}

Security.xml

<beans:beans xmlns="http://www.springframework.org/schema/security"
             xmlns:beans="http://www.springframework.org/schema/beans"
             xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
             xsi:schemaLocation="http://www.springframework.org/schema/beans
    http://www.springframework.org/schema/beans/spring-beans.xsd
    http://www.springframework.org/schema/security
    http://www.springframework.org/schema/security/spring-security.xsd">



    <http pattern="/resources/**" security="none" />
    <http auto-config="true" use-expressions="true">
        <intercept-url pattern="/"
                       access="permitAll"/>
        <intercept-url pattern="/login"
                       access="permitAll"/>
        <intercept-url pattern="/logout"
                       access="permitAll"/>
        <intercept-url pattern="/errors/**"
                       access="permitAll"/>
        <intercept-url pattern="/com/dubovskiyM/mvc"
                       access="hasRole('ROLE_USER')"/>
        <access-denied-handler error-page="/errors/403"/>
        <form-login login-page="/login"
                    login-processing-url="/j_spring_security_check"
                    username-parameter="j_username"
                    password-parameter="j_password"
                    authentication-failure-url="/login/form?error"
                    default-target-url="/default"/>
    </http>

    <authentication-manager>
        <authentication-provider ref="daoAuthenticationProvider">
        </authentication-provider>
    </authentication-manager>

    <beans:bean id="daoAuthenticationProvider"
                class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
        <beans:property name="userDetailsService" ref="authService" />
        <!--<beans:property name="passwordEncoder" ref="passwordEncoder" />-->
    </beans:bean>

    <beans:bean id="authService"
                class="com.dubovskiyM.mvc.security.AuthServiceImpl" />

    <!--<beans:bean id="passwordEncoder"
                class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder" />-->


</beans:beans>

User_service

@Service
@Transactional
public class User_service   {

@Autowired
private User_repository user_repository;


@Transactional(readOnly = false)
public void save(Signup signup){
    user_repository.save(signup);
}


@Transactional(readOnly = true)
public Signup findByLogin(String login){
Signup signup = user_repository.findByLogin(login);
return signup;
}

@Transactional(readOnly = true)
public Signup findByLoginAndPassword(String login,String password){
    Signup signup = user_repository.findByLoginAndPassword(login, password);
    return signup;
}

}

Repository

@Repository
public interface User_repository extends JpaRepository<Signup,Long>  {

    Signup findByLogin(String login);
    Signup findByLoginAndPassword(String login,String password);

}

servet.xml

<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:mvc="http://www.springframework.org/schema/mvc"
       xmlns:context="http://www.springframework.org/schema/context" xmlns:tx="http://www.springframework.org/schema/tx"
       xmlns:jpa="http://www.springframework.org/schema/data/jpa"
       xsi:schemaLocation="http://www.springframework.org/schema/beans
    http://www.springframework.org/schema/beans/spring-beans.xsd
    http://www.springframework.org/schema/mvc
    http://www.springframework.org/schema/mvc/spring-mvc.xsd
    http://www.springframework.org/schema/context
    http://www.springframework.org/schema/context/spring-context.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd http://www.springframework.org/schema/data/jpa http://www.springframework.org/schema/data/jpa/spring-jpa.xsd">
    <!-- Scan for components under this package -->
    <!-- Scan for components under this package expept Repository -->
    <context:component-scan base-package="com.dubovskiyM.mvc">
        <context:exclude-filter expression="org.springframework.stereotype.Repository" type="annotation"/>
    </context:component-scan>
<!--    &lt;!&ndash; Ensures that any resource requests not handled by Spring MVC mappings will be delegated back to the Servlet container &ndash;&gt;
    <mvc:default-servlet-handler />-->
    <!--Enable jpa for repository access-->
</beans>

score 2 · Answer 1 · answered Jun 09 '14 at 20:59

2

The problem is that spring have no knowledge of User_service bean.

User_service bean is not declared in your context configuration neither you enable a classpath scan of component annotated classes. (given your posted configurations)

Try to turn on component scan with the following xml declaration (possibly defining a stereotype attribute:

<context:component-scan base-package="your.package" />

or declare your bean in context configuration.

Hope this helps!

answered Jun 09 '14 at 20:59

gipinani

14,038
12
56
85

There were turn on component scan in webContent(aded web config). But i cant understand the reason of error above. – Mikhail Jun 09 '14 at 21:22
@Mikhail Do not declare your service bean in servlet context. Servlet context could access application context, but not viceversa, so that beans are not accessible from security config. Instead declare it in your application context. – gipinani Jun 09 '14 at 21:28

Using the service layer in custom authentication-provider ( Spring security 3.2)

1 Answers1