6

I am trying to implement authentication on Spring web service by referring the following link:

http://docs.spring.io/spring-ws/site/reference/html/security.html

Following is the configuration I have added:

    <bean
        class="org.springframework.ws.server.endpoint.mapping.PayloadRootAnnotationMethodEndpointMapping">
        <property name="interceptors">
            <list>
                <ref local="wsServerSecurityInterceptor" />
                <ref local="payloadValidatingIterceptor" />
            </list>
        </property>
    </bean>
    <bean id="wsServerSecurityInterceptor"
        class="org.springframework.ws.soap.security.xwss.XwsSecurityInterceptor">
        <property name="policyConfiguration"
            value="classpath:security/xwss/security-server-policy.xml" />
        <property name="callbackHandlers">
            <list>
                <!-- <ref bean="keyStoreHandlerServer" /> -->
                <ref bean="springSecurityHandler" />
                <ref bean="callbackHandlerServer" />
            </list>
        </property>
    </bean>
    <bean id="springSecurityHandler"
      class="org.springframework.ws.soap.security.xwss.callback.SpringPlainTextPasswordValidationCallbackHandler">
    <property name="authenticationManager" ref="authenticationManager"/>
  </bean>
  <bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager">
      <property name="providers">  
      <list>
    <ref local="authenticationProvider" />
    </list>        
    </property>
  </bean>
  <bean id="authenticationProvider"
   class="org.springframework.security.providers.dao.DaoAuthenticationProvider">
              <property name="userDetailsService" ref="userDetailsService"/>
          </bean>  
   <bean id="userDetailsService" class="com.impl.endpoints.calc.client.JpaUserDetailsService" />

While deploying the war file on server, I get following error:

Exception sending context initialized event to listener instance of class org.springframework.web.context.ContextLoaderListener
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.ws.server.endpoint.mapping.PayloadRootAnnotationMethodEndpointMapping#0' defined in ServletContext resource [/WEB-INF/xws-spring-ws-servlet.xml]: Cannot resolve reference to bean 'wsServerSecurityInterceptor' while setting bean property 'interceptors' with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'wsServerSecurityInterceptor' defined in ServletContext resource [/WEB-INF/xws-spring-ws-servlet.xml]: Cannot resolve reference to bean 'springSecurityHandler' while setting bean property 'callbackHandlers' with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'springSecurityHandler' defined in ServletContext resource [/WEB-INF/xws-spring-ws-servlet.xml]: Initialization of bean failed; nested exception is java.lang.NoClassDefFoundError: org/springframework/security/authentication/AuthenticationManager
    at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:329)
    at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:107)
    at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveManagedList(BeanDefinitionValueResolver.java:353)
    at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:154)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1387)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1128)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:519)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:458)
    at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:295)
    at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:223)

org/springframework/security/authentication/AuthenticationManager is not mentioned anywhere in the configuration or the code. I wonder where exactly the given class is required and what configuration change I need to do to resolve this error.

EDIT:

POM contains following spring security jars:

        <dependency>
        <groupId>
                org.springframework.security
                </groupId>
        <artifactId>spring-security-web</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-core</artifactId>
        <version>2.0.4</version>
    </dependency>

    <dependency>
        <groupId>
                org.springframework.security
                </groupId>
        <artifactId>spring-security-config</artifactId>
    </dependency>

    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-taglibs</artifactId>
        <version>3.1.7.RELEASE</version>
    </dependency>
    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-ldap</artifactId>
        <version>3.1.7.RELEASE</version>
    </dependency>

    <dependency>
        <groupId>org.springframework.ws</groupId>
        <artifactId>spring-ws-security</artifactId>
        <version>2.2.0.RELEASE</version>
        <exclusions>
            <exclusion>
                <groupId>com.sun.xml.wsit</groupId>
                <artifactId>xws-security</artifactId>
            </exclusion>
            <exclusion>
                <groupId>com.sun.xml.wsit</groupId>
                <artifactId>wsit-rt</artifactId>
            </exclusion>
        </exclusions>
    </dependency>
user3619997
  • 197
  • 2
  • 2
  • 12

2 Answers2

8

You are mixing Spring Security 2 and Spring Security 3 in your configuration. Use the same (and the latest) version number for all the Spring Security jars. You have version 2.0.4 for the spring-security-core jar and 3.1.7.RELEASE for other ones. Use the current release version for all the jars, and make sure there aren't different versions in your WEB-INF/lib when you've built the project.

The package names also changed between 2 and 3. Use the API docs if you need to know what package a class is in.

Shaun the Sheep
  • 22,353
  • 1
  • 72
  • 100
  • This answer helped me notice that 'DaoAuthenticationProvider' is now at a different package, 'org.springframework.security.authentication.dao'. Tks – Fabricio Buzeto Apr 10 '15 at 11:48
0

Download org.springframework.security.core.jar and add it ro your classpath.

Jens
  • 67,715
  • 15
  • 98
  • 113
  • I already have spring security core jar in my pom. I have added the list of security jars currently present in the application. – user3619997 Sep 11 '14 at 06:23
  • @user3619997 Can you take a look to your war file if the jar is in `WEB-INF/lib` directory? – Jens Sep 11 '14 at 06:29
  • yes, spring-security-core-2.0.4.jar is present in WEB-INF/lib directory of the WAR file – user3619997 Sep 11 '14 at 06:36
  • @user3619997 And can you verify if the class is in the jar? – Jens Sep 11 '14 at 06:37
  • The class is present as org.springframework.security.AuthenticationManager but in my code it is searching it in org.springframework.security.authentication.AuthenticationManager.I tried to find the jar for the class in this link: http://www.findjar.com/index.x?query=+org.springframework.security.authentication.AuthenticationManager but could not find it. – user3619997 Sep 11 '14 at 06:44
  • @user3619997 then the package name has changed between 2.0.4 and newer versions. So try to change to spring-security 3.x. – Jens Sep 11 '14 at 06:51