0

I'm working on a webapp which using spring MVC and spring Security. When i start my tomcat server on local, i have the following error:

23-Feb-2021 16:27:52.883 GRAVE [RMI TCP Connection(3)-127.0.0.1] org.apache.catalina.core.StandardContext.filterStart Exception au démarrage du filtre [springSecurityFilterChain]
org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'springSecurityFilterChain' available

I see a lot of solutions but with xml configs, but I don't use any xml, I want to do everything via java classes. Can you help me?

This is my WebConfig.java:


import com.shieldsolutions.velocity.view.VelocityConfigurer;
import com.shieldsolutions.velocity.view.VelocityViewResolver;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

@EnableWebMvc
@Configuration
@ComponentScan(basePackages = "junia.projet.web.controller")
public class WebConfig implements WebMvcConfigurer {
    @Override
    public void addResourceHandlers(ResourceHandlerRegistry registry) {
        registry.addResourceHandler("/webjars/**").addResourceLocations("/webjars/");
    }

    @Bean
    public VelocityConfigurer velocityConfigurer(){
        VelocityConfigurer velocityConfigurer= new VelocityConfigurer();
        velocityConfigurer.setResourceLoaderPath("/WEB-INF/velocity");
        return velocityConfigurer;};

    @Bean
    public VelocityViewResolver velocityViewResolver(){
        VelocityViewResolver velocityViewResolver=new VelocityViewResolver();
        velocityViewResolver.setSuffix(".vm");
        return velocityViewResolver;};

    @Override
    public void addViewControllers(ViewControllerRegistry registry) {
        //login n'a pas de controller pour l'intercepter donc il faut configurer ici le lancement du template
        registry.addViewController("/").setViewName("login");
        registry.addViewController("/login").setViewName("login");
    }
}

my SecurityConfig.jave:


import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter{

    @Bean
    public UserDetailsService userDetailsService() {
        InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
        String password = passwordEncoder().encode("user");
        System.out.print("password " + password);
        manager.createUser(User.withUsername("user").password(password).roles("USER").build());
        return manager;
    }
    @Bean
    public NoOpPasswordEncoder passwordEncoder() {
        return (NoOpPasswordEncoder) NoOpPasswordEncoder.getInstance();
    }



    @Override
    protected void configure(HttpSecurity http) throws Exception {
        //permet à tous d'accéder à la page login
        http.authorizeRequests().antMatchers("/login").permitAll();
        //redirige tout le comde vers login s'il n'y a pas eu d'authentification
        http.authorizeRequests().anyRequest().authenticated().and().formLogin().loginPage("/login").and().logout().permitAll();
        http.csrf().disable();
    }

}

my SpringSecurityInitializer.java


import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer;

public class SpringSecurityInitializer extends AbstractSecurityWebApplicationInitializer {
    //enregistrement automatique des filtres pour chaque URL
}

and my Initializer:


import junia.projet.core.config.AppConfig;
import junia.projet.core.config.DBConfig;
import junia.projet.web.config.SecurityConfig;
import junia.projet.web.config.WebConfig;
import org.springframework.web.servlet.support.AbstractAnnotationConfigDispatcherServletInitializer;

public class Initializer extends AbstractAnnotationConfigDispatcherServletInitializer {

   @Override
   protected Class<?>[] getRootConfigClasses() {

       return new Class<?>[] { AppConfig.class, DBConfig.class };
   }

   @Override
   protected Class<?>[] getServletConfigClasses() {
       return new Class<?>[] { WebConfig.class, SecurityConfig.class};
   }

   @Override
   protected String[] getServletMappings() {
       return new String[] {"/"};
   }
}

Thank you for your help!

Gab
  • 1
  • please refer, https://stackoverflow.com/a/41569392/8700934 – Lakshan Feb 23 '21 at 16:15
  • I strongly suggest a read of the [official documentation](https://docs.spring.io/spring-security/site/docs/5.4.5/reference/html5/#abstractsecuritywebapplicationinitializer). – M. Deinum Feb 23 '21 at 19:33

1 Answers1

0

I solved my mistake and it's a bit of a silly mistake as usual. In Initializer.java the SecurityConfig class should be put in getRootConfigClasses and not in getServletConfigClasses.

Gab
  • 1
  • You can also configure the DelegatingFilterProxy to look for it in web app context instead (`contextAttribute` property). Many times it's more appropriate to have security config there. – Aníbal Aug 30 '22 at 16:14