1
votes

I would like to use Flyway as preferred way of database migration handling in my Spring Boot project (using current V1.2.1.RELEASE).

This is working fine so far however the integration with Spring Security using a JDBC DataSource seems to override the Flyway mechanism.

Following simple scenario:

  • Spring Boot 1.2.1
  • PostgreSQL 9.4.1
  • Flyway migration scripts for users, groups and authorities according to Spring Security documentation

Problem: The Flyway migration scripts are not executed at startup as expected.

Maybe cause: It seems that Flyway is only executed at startup if the using Spring Boot project is also using JPA at least. Since Spring Security is based on plain JDBC, I've tried to temporary use the JDBC based database initialization scheme as described in Spring Boot docs (Chapter 68.3) which works, but (as documented) this way is like the 'poor man approach' and I'd really like to use Flyway also for these tables containing the User/Group/Authorities information.

1
The use of flyway has nothing to do with JPA or whatever technology being present (at least it shouldn't if it does it is a bug). Post the configuration you have tried and which doesn't work, also explain a little more what doesn't work.M. Deinum
It seems that the security context is initialized before Flyway migration can take place: Error creating bean with name 'securityFilterChainRegistration': org.postgresql.util.PSQLException: ERROR: relation "users" does not exist According to the logs and the DB no Flyway migration happened. If I temporarily disable my custom WebSecurityConfigurerAdapter, the Flyway migration which creates the required tables for users and groups is executed at application startup as expected. So my guess is some kind of ordering problem when the spring app context is createdMichael Forstner

1 Answers

2
votes

Ok, after some further investigation I've found the problem:

Indeed, in a standard Spring Boot project the security context is initialized before any Flyway based migration takes place.

Normally this is not a big issue, but I've also used the AuthenticationManagerBuilder for creating a default admin user. This seems to be the wrong approach for creating such an initial user account.