Home > Enterprise >  Dispatcher Servlet can't find Secuirty Configuration
Dispatcher Servlet can't find Secuirty Configuration

Time:04-13

Hi I have a problem with Spring Security confgiuration within my Spring MVC project.

I have configured the SecurityConfig class where there is the configuration of the various AuthenticationManager and AtuhenticationProvider (I use a DaoAuthenticationProvider but it is not important)

I don't understand why when I start the application the filter doesn't work. The application works but it seems that the Servlet dispatcher does not consider the configuration. I also add the configuration class to the getRootConfigClasses method.

I just don't understand why it doesn't work....? Can anyone help me out?

AppInitializer class that implement AbstractAnnotationConfigDispatcherServletInitializer

@Configuration
public class AppInitializer extends AbstractAnnotationConfigDispatcherServletInitializer {

    @Override
    protected Class<?>[] getRootConfigClasses() {
        return new Class[] { AppContext.class, SecurityConfig.class};
    }

    @Override
    protected Class<?>[] getServletConfigClasses() {
        return new Class[] { WebMvcConfig.class };
    }

    @Override
    protected String[] getServletMappings() {
        return new String[] { "/" };
    }
 
}

WebMvcConfig class that implement WebMvcConfigurer

@Configuration
@ComponentScan(basePackages = { "com.einaudi.lwe" })
@EnableWebMvc
public class WebMvcConfig implements WebMvcConfigurer{

    @Bean
    public InternalResourceViewResolver resolver() {
        InternalResourceViewResolver resolver = new InternalResourceViewResolver();
        resolver.setViewClass(JstlView.class);
        resolver.setPrefix("/WEB-INF/views/");
        resolver.setSuffix(".jsp");
        return resolver;
    }

    @Override
    public void addResourceHandlers(ResourceHandlerRegistry registry) {
        registry
                .addResourceHandler("/resources/**")
                .addResourceLocations("/resources/");
    }
}

AppContext for configure repository Bean to communicate with Db

@Configuration
@ComponentScan(basePackages = { "com.einaudi.lwe" })
@EnableTransactionManagement(proxyTargetClass = true)
@PropertySource("classpath:database.properties")
public class AppContext {

    @Autowired 
    private Environment environment;

    @Bean
    public LocalSessionFactoryBean sessionFactory() {
        //Oggetto che server a Hibernate per settare proprietà del ORM
        LocalSessionFactoryBean sessionFactory = new LocalSessionFactoryBean();
        sessionFactory.setDataSource(dataSource());
        sessionFactory.setPackagesToScan(new String[] { "com.einaudi.lwe.data.entity" });
        sessionFactory.setHibernateProperties(hibernateProperties());
        return sessionFactory;
    }

    @Bean
    public DataSource dataSource() {
        //Oggetti provenienti da spring per settare i jdbc
        DriverManagerDataSource dataSource = new DriverManagerDataSource();
        dataSource.setDriverClassName(environment.getRequiredProperty("jdbc.driverClassName"));
        dataSource.setUrl(environment.getRequiredProperty("jdbc.url"));
        dataSource.setUsername(environment.getRequiredProperty("jdbc.username"));
        dataSource.setPassword(environment.getRequiredProperty("jdbc.password"));
        return dataSource;
    }

    private Properties hibernateProperties() {
        Properties properties = new Properties();
        properties.put("hibernate.dialect", environment.getRequiredProperty("hibernate.dialect"));
        properties.put("hibernate.show_sql", environment.getRequiredProperty("hibernate.show_sql"));
        properties.put("hibernate.format_sql", environment.getRequiredProperty("hibernate.format_sql"));
        properties.put("hibernate.hbm2ddl.auto", environment.getRequiredProperty("hibernate.hbm2ddl.auto"));
        return properties;
    }

    @Bean
    public HibernateTransactionManager getTransactionManager() {
        //Oggetto di transaction manager di Hibenate (Il transaction manager è quell'oggetto necessario alla gestione delle transazioni tra un applicativo e un DBMS)
        //Le transazioni sono operazioni attue al garantire delle proprietà di consistenza dei dati.
        HibernateTransactionManager transactionManager = new HibernateTransactionManager();
        transactionManager.setSessionFactory(sessionFactory().getObject());
        return transactionManager;
    }


}

SecurityConfig class that implement WebSecurityConfigurerAdapter

@Configuration
@EnableWebSecurity 
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private LweUserService lweUserService;

    @Bean
    public DaoAuthenticationProvider daoAuthenticationProvider(){
        DaoAuthenticationProvider provider =
                new DaoAuthenticationProvider();
        provider.setPasswordEncoder(encoder());
        provider.setUserDetailsService(lweUserService);
        return provider;
    }

    @Bean
    public static PasswordEncoder encoder() {
        return new BCryptPasswordEncoder();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.authenticationProvider(daoAuthenticationProvider());
    }
    @Override
    protected void configure(HttpSecurity http) throws Exception {
            http.authorizeRequests()
                    .antMatchers("/student/**").hasRole("STUDENT")
                    .antMatchers("/instructor/**").hasRole("INSTRUCTOR")
                    .antMatchers("/**").permitAll()
                    .and()
                    .formLogin()
                    .loginPage("/loginUser")
                    .loginProcessingUrl("/user_login")
                    .failureUrl("/loginUser?error=loginError")
                    .defaultSuccessUrl("/userPage")
    
                    .and()
                    .logout()
                    .logoutUrl("/user_logout")
                    .logoutSuccessUrl("/protectedLinks")
                    .deleteCookies("JSESSIONID")
    
                    .and()
                    .exceptionHandling()
                    .accessDeniedPage("/403")
    
                    .and()
                    .csrf().disable();
    }
}

I use tomcat 8.5.78

CodePudding user response:

try removing the @configuration from the AppInitializer class

public class AppInitializer extends AbstractAnnotationConfigDispatcherServletInitializer {

@Override
protected Class<?>[] getRootConfigClasses() {
    return new Class[] { AppContext.class, SecurityConfig.class};
}

@Override
protected Class<?>[] getServletConfigClasses() {
    return new Class[] { WebMvcConfig.class };
}

@Override
protected String[] getServletMappings() {
    return new String[] { "/" };
}

}

refer this for detail information click here

CodePudding user response:

I suggest you to use application.properties file under resources folder for establishing DB connection. Further instead of using WebMvcConfig class you can just give @EnableWebMvc annotation in SecurityConfig class. It should work as because the spring boot will automatically set the prefix and postfix and maps to the available view page. This had worked for my project.

  • Related