0

I am trying to configure my application which should support https only, and I have added the following configuration in the securityContext.xml file:

<bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
<property name="targetClass" value="org.apache.commons.httpclient.protocol.Protocol"/>
<property name="targetMethod" value="registerProtocol"/>
<property name="arguments">
<list>
<value>https</value>
<bean class="org.apache.commons.httpclient.protocol.Protocol">
<constructor-arg value="https"/>
<constructor-arg>
<bean class="org.springframework.security.saml.trust.httpclient.TLSProtocolSocketFactory"/>
</constructor-arg>
<constructor-arg value="443"/>
</bean>
</list>
</property>
</bean>

While running the server I am getting the following exception:

Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.apache.commons.httpclient.protocol.Pr otocol#59a20678' defined in ServletContext resource [/WEB-INF/securityContext.xml]: Cannot create inner bean 'org.springframework.security.s aml.trust.httpclient.TLSProtocolSocketFactory#5658808' of type [org.springframework.security.saml.trust.httpclient.TLSProtocolSocketFactory] while setting constructor argument; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with n ame 'org.springframework.security.saml.trust.httpclient.TLSProtocolSocketFactory#5658808' defined in ServletContext resource [/WEB-INF/secur ityContext.xml]: Instantiation of bean failed; nested exception is org.springframework.beans.BeanInstantiationException: Could not instantia te bean class [org.springframework.security.saml.trust.httpclient.TLSProtocolSocketFactory]: No default constructor found; nested exception is java.lang.NoSuchMethodException: org.springframework.security.saml.trust.httpclient.TLSProtocolSocketFactory.() at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:281) at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:12 0) at org.springframework.beans.factory.support.ConstructorResolver.resolveConstructorArguments(ConstructorResolver.java:630) at org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:148) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFacto ry.java:1035) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactor y.java:939) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java :485) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:4 56) at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:270) ... 24 more Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.saml.trust.h ttpclient.TLSProtocolSocketFactory#5658808' defined in ServletContext resource [/WEB-INF/securityContext.xml]: Instantiation of bean failed; nested exception is org.springframework.beans.BeanInstantiationException: Could not instantiate bean class [org.springframework.security.sa ml.trust.httpclient.TLSProtocolSocketFactory]: No default constructor found; nested exception is java.lang.NoSuchMethodException: org.spring framework.security.saml.trust.httpclient.TLSProtocolSocketFactory.() at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateBean(AbstractAutowireCapableBeanFactory.j ava:997) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactor y.java:943) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java :485) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:4 56) at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:270) ... 32 more Caused by: org.springframework.beans.BeanInstantiationException: Could not instantiate bean class [org.springframework.security.saml.trust.h ttpclient.TLSProtocolSocketFactory]: No default constructor found; nested exception is java.lang.NoSuchMethodException: org.springframework. security.saml.trust.httpclient.TLSProtocolSocketFactory.() at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:72) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateBean(AbstractAutowireCapableBeanFactory.j ava:990) ... 36 more Caused by: java.lang.NoSuchMethodException: org.springframework.security.saml.trust.httpclient.TLSProtocolSocketFactory.() at java.lang.Class.getConstructor0(Class.java:2971) at java.lang.Class.getDeclaredConstructor(Class.java:2165) at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:67) ... 37 more Error listenerStart

Could you please guide me on how to rectify this issue.? I am having the latest trunk.

Kannan
  • 87
  • 3
  • 8

1 Answers1

0

The TLSProtocolSocketFactory requires multiple arguments for its constructor which you are not specifying, that's why your configuration fails.

If you want Spring SAML to auto-configure the TLSProtocolSocketFactory just follow instructions in the manual (chapter 7.2.3) and include the following bean instead of your MethodInvokingFactoryBean:

<bean class="org.springframework.security.saml.trust.httpclient.TLSProtocolConfigurer"/>

If you don't want to use the TLSProtocolConfigurer the other way is to include the following bean which should have the same effect:

<bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
    <property name="targetClass" value="org.apache.commons.httpclient.protocol.Protocol"/>
    <property name="targetMethod" value="registerProtocol"/>
    <property name="arguments">
        <list>
            <value>https</value>
            <bean class="org.apache.commons.httpclient.protocol.Protocol">
                <constructor-arg value="https"/>
                <constructor-arg>
                    <bean class="org.springframework.security.saml.trust.httpclient.TLSProtocolSocketFactory">
                        <constructor-arg ref="keyManager"/>
                        <constructor-arg><null/></constructor-arg>
                        <constructor-arg value="default"/>
                    </bean>
                </constructor-arg>
                <constructor-arg value="443"/>
            </bean>
        </list>
    </property>
</bean>
Vladimír Schäfer
  • 15,375
  • 2
  • 51
  • 71
  • Thanks man. Could you please send me an sample on how to specify X509KeyManager and X509TrustManager. It will be of great help. And also if you have any javascript authentication client for testing this, kindly share it with me. Many Thanks – Kannan Oct 13 '14 at 04:39
  • I've updated the answer for the latest Spring SAML version - the KeyManager is now constructed internally in TLSProtocolSocketFactory, so you don't need to provide it anymore. If you have additional questions, please open them separately. – Vladimír Schäfer Oct 13 '14 at 07:49