0

I'm developing an application that uses JSF (Mojarra) to control de MVC flow, but I also want to integrate Spring Security for its Autehntication and Authorization processes.

However, I'm having a problem where Spring Bean Factory cannot instantiate the classes that I build to do custom login and so on. From there, the system doesn't even go online.

The stacktrace starts with:

java.lang.ClassNotFoundException: com.tfduque.fieldAssist.manager.LoginBean

And then 

org.springframework.beans.factory.CannotLoadBeanClassException: Cannot find class [com.tfduque.fieldAssist.manager.LoginBean] for bean with name 'authenticationEntryPoint' defined in ServletContext resource [/WEB-INF/applicationContext.xml]; nested exception is java.lang.ClassNotFoundException: com.tfduque.fieldAssist.manager.LoginBean

And so on...

(Full stacktrace)

This is how my folders are organized, if it matters: Folder Organization

My application context (for spring security configurations):

<beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans
           http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
           http://www.springframework.org/schema/security
           http://www.springframework.org/schema/security/spring-security-3.1.xsd">



    <http pattern="/login*" security="none" />
    <http pattern="/css/**" security="none" />
    <http pattern="/images/**" security="none" />
    <http pattern="/javascript/**" security="none" />

    <http pattern="/Secured/**" create-session="stateless"
        use-expressions="true">
        <intercept-url pattern="/**" access="isFullyAuthenticated()" />
        <http-basic />
    </http>

    <http auto-config="true" use-expressions="true"
        access-decision-manager-ref="accessDecisionManager">
        <intercept-url pattern="/**" access="isFullyAuthenticated()" />

        <form-login login-page="/login.xhtml" login-processing-url="/j_login"
            authentication-failure-url="/login.xhtml" always-use-default-target="false"
            default-target-url="/" />

        <logout invalidate-session="true" logout-success-url="/login.xhtml"
            logout-url="/j_logout" delete-cookies="JSESSIONID" />

    </http>

    <authentication-manager>
        <authentication-provider user-service-ref="authenticationEntryPoint">
            <password-encoder hash="md5" />
        </authentication-provider>
    </authentication-manager>

    <beans:bean id="appUserDetailsService"
        class="com.tfduque.fieldAssist.security.AppUserDetailsService" />

    <beans:bean id="authenticationEntryPoint"
        class=" com.tfduque.fieldAssist.manager.LoginBean">
        <beans:property name="loginFormUrl" value="/Login.xhtml" />
        <beans:property name="redirectStrategy" ref="jsfRedirectStrategy" />
    </beans:bean>


</beans:beans>

Some of my web.xml configs (btw, I'm also using weld for injection):

<servlet>
        <servlet-name>Faces Servlet</servlet-name>
        <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
        <load-on-startup>1</load-on-startup>
    </servlet>
    <servlet-mapping>
        <servlet-name>Faces Servlet</servlet-name>
        <url-pattern>*.xhtml</url-pattern>
    </servlet-mapping>


    <!-- Listeners -->
    <listener>

        <listener-class>org.jboss.weld.environment.servlet.Listener</listener-class>

    </listener>

    <resource-env-ref>
        <resource-env-ref-name>BeanManager</resource-env-ref-name>
        <resource-env-ref-type>javax.enterprise.inject.spi.BeanManager</resource-env-ref-type>
    </resource-env-ref>

    <!-- Security -->

    <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    </listener>

    <listener>
        <listener-class>
            org.springframework.security.web.session.HttpSessionEventPublisher</listener-class>
    </listener>

    <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>

    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
        <dispatcher>FORWARD</dispatcher>
        <dispatcher>REQUEST</dispatcher>
    </filter-mapping>

Login Bean is annotated like this:

@Named("login")
@RequestScoped
public class LoginBean {


    public String doLogin() throws IOException, ServletException {
       [...]
    }

I think that this is all needed to understand the problem.

Latika Agarwal
  • 973
  • 1
  • 6
  • 11
Tiago Duque
  • 1,956
  • 1
  • 12
  • 31
  • Please post the stacktrace inline. And I think there is lots of relevant info in there. Please analyse it – Kukeltje May 20 '18 at 15:32
  • Yep, it points me out that the BeanFactory cannot find the class. It seems that somehow It is trying to point out to a directory that does not exist maybe. I dont know why. For me, the fodler structure is ok... – Tiago Duque May 20 '18 at 23:56
  • Try with other class which implements this: https://docs.spring.io/spring-security/site/docs/4.2.4.RELEASE/apidocs/org/springframework/security/web/AuthenticationEntryPoint.html And do not annotate it. In spring you can use either xml or annotations for bean declarations, but don't mix them for the same bean. – Aritz May 21 '18 at 10:16
  • I think that's not the case. Login bean is not tagged as service, just a named resource for access from the xhtml pages and parsing by Controller. If not by the spring security thing, it would be working. – Tiago Duque May 21 '18 at 14:29
  • You're telling spring to create a service bean using your `LoginBean` class as an authentication entry point. Apart from this, you use JSF annotations to use this class as a managed bean (`@Named`). Does it make sense to use a single class for both things? – Aritz May 21 '18 at 15:25
  • Its Weld that is managing injection, not spring. So I think so. – Tiago Duque May 21 '18 at 16:01

0 Answers0