Could not autowire field:private org.springframework.security.crypto.password.PasswordEncoder;

14
votes

I'm migrating to spring security 4.0.1 using java config instead of xml. When I autowire PasswordEncoder, it gives me the following error:

HTTP Status 500 - org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'scopedTarget.UsersComponent': Injection of autowired dependencies failed; nested exception is org.springframework.beans.factory.BeanCreationException: Could not autowire field: private org.springframework.security.crypto.password.PasswordEncoder com.car.component.impl.UsersComponentImpl.passwordEncoder; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No qualifying bean of type [org.springframework.security.crypto.password.PasswordEncoder] found for dependency: expected at least 1 bean which qualifies as autowire candidate for this dependency. Dependency annotations: {@org.springframework.beans.factory.annotation.Autowired(required=true)}

I will post all my config file. I don't know where I am wrong.

web.xml

   <?xml version="1.0" encoding="UTF-8"?>
   <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"       xmlns="http://java.sun.com/xml/ns/javaee"    xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee   http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" version="3.0">


 <context-param>
      <param-name>javax.faces.DEFAULT_SUFFIX</param-name>
      <param-value>.xhtml</param-value>
 </context-param>

 <context-param>
    <param-name>javax.faces.VALIDATE_EMPTY_FIELDS</param-name>
    <param-value>false</param-value>
 </context-param>

 <welcome-file-list>
    <welcome-file>login.xhtml</welcome-file>
 </welcome-file-list>
 <servlet>
    <servlet-name>Faces Servlet</servlet-name>
    <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
    <load-on-startup>1</load-on-startup>
 </servlet>
<servlet-mapping>
    <servlet-name>Faces Servlet</servlet-name>
    <url-pattern>*.xhtml</url-pattern>
</servlet-mapping>

 <context-param>
      <param-name>com.sun.faces.expressionFactory</param-name>
      <param-value>com.sun.el.ExpressionFactoryImpl</param-value>
 </context-param>

<servlet>
    <description>generated-servlet</description>
    <servlet-name>CAR Servlet</servlet-name>
    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
    <init-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>classpath:CAR-web-context.xml</param-value>
    </init-param>
    <load-on-startup>1</load-on-startup>
</servlet>

<listener>
    <listener-class>
        org.springframework.security.web.session.HttpSessionEventPublisher
    </listener-class>
</listener>
<listener>
    <listener-class>
        org.springframework.web.context.request.RequestContextListener</listener-class>
</listener>
<listener>
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>


<filter>
    <description>
        generated-spring-security-session-integration-filter
    </description>
    <filter-name>SpringSecuritySessionIntegrationFilter</filter-name>
    <filter-class>
        org.springframework.security.web.context.SecurityContextPersistenceFilter</filter-class>
</filter>
<filter>
    <description>generated-persistence-filter</description>
    <filter-name>CARFilter</filter-name>
    <filter-class>
        org.springframework.orm.jpa.support.OpenEntityManagerInViewFilter</filter-class>
    <init-param>
        <param-name>entityManagerFactoryBeanName</param-name>
        <param-value>CAR</param-value>
    </init-param>
</filter>
<filter>
    <description>generated-sitemesh-filter</description>
    <filter-name>Sitemesh Filter</filter-name>
    <filter-class>com.opensymphony.module.sitemesh.filter.PageFilter</filter-class>
</filter>

<filter> 
    <filter-name>springSecurityFilterChain</filter-name> 
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    <init-param> 
        <param-name>contextAttribute</param-name> 
        <param-value>org.springframework.web.servlet.FrameworkServlet.CONTEXT.dispatcher‌​</param-value> 
    </init-param>
</filter>

<filter-mapping>
    <filter-name>SpringSecuritySessionIntegrationFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
    <filter-name>HRBFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
    <filter-name>Sitemesh Filter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

<persistence-unit-ref>
    <persistence-unit-ref-name>persistence/CAR</persistence-unit-ref-name>
    <persistence-unit-name>CAR</persistence-unit-name>
  </persistence-unit-ref>

  <persistence-context-ref>
    <persistence-context-ref-name>persistence/CAR</persistence-context-ref-name>
    <persistence-unit-name>CAR</persistence-unit-name>
</persistence-context-ref>

Pom.xml

 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">


<properties>
    <spring.version>4.0.2.RELEASE</spring.version>
    <spring.security.version>3.2.5.RELEASE</spring.security.version>
</properties>

<dependencies>

    <dependency>
        <groupId>org.springframework.security.oauth</groupId>
        <artifactId>spring-security-oauth2</artifactId>
        <version>2.0.7.RELEASE</version>
    </dependency> 

    <dependency>
        <groupId>junit</groupId>
        <artifactId>junit</artifactId>
        <version>3.8.1</version>
        <scope>test</scope>
    </dependency>



    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-aspects</artifactId>
        <version>${spring.version}</version>
    </dependency>

    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-instrument</artifactId>
        <version>${spring.version}</version>
    </dependency>

    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-instrument-tomcat</artifactId>
        <version>${spring.version}</version>
    </dependency>

    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-tx</artifactId>
        <version>${spring.version}</version>
    </dependency>

    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-jms</artifactId>
        <version>${spring.version}</version>
    </dependency>

    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-oxm</artifactId>
        <version>${spring.version}</version>
        <exclusions>
            <exclusion>
                <groupId>commons-lang</groupId>
                <artifactId>commons-lang</artifactId>
            </exclusion>
        </exclusions>
    </dependency>

    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-web</artifactId>
        <version>${spring.version}</version>
    </dependency>

    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-webmvc-portlet</artifactId>
        <version>${spring.version}</version>
    </dependency>

    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-struts</artifactId>
        <version>3.1.1.RELEASE</version>
        <exclusions>
            <exclusion>
                <groupId>xalan</groupId>
                <artifactId>xalan</artifactId>
            </exclusion>
            <exclusion>
                <groupId>oro</groupId>
                <artifactId>oro</artifactId>
            </exclusion>
            <exclusion>
                <groupId>commons-digester</groupId>
                <artifactId>commons-digester</artifactId>
            </exclusion>
        </exclusions>
    </dependency>

    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-core</artifactId>
        <version>${spring.version}</version>
    </dependency>
    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-beans</artifactId>
        <version>${spring.version}</version>
    </dependency>

    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-context</artifactId>
        <version>${spring.version}</version>
    </dependency>
    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-context-support</artifactId>
        <version>${spring.version}</version>
    </dependency>


    <dependency>   <!-- Usata da Hibernate 4 per LocalSessionFactoryBean -->
        <groupId>org.springframework</groupId>
        <artifactId>spring-orm</artifactId>
        <version>3.1.0.RELEASE</version>
    </dependency>


    <dependency>
        <groupId>org.aspectj</groupId>
        <artifactId>aspectjweaver</artifactId>
        <version>1.6.9</version>
    </dependency>

    <dependency>
        <groupId>cglib</groupId>
        <artifactId>cglib-nodep</artifactId>
        <version>2.2</version>
    </dependency>

    <dependency>
        <groupId>commons-pool</groupId>
        <artifactId>commons-pool</artifactId>
        <version>1.5.3</version>
    </dependency>


    <dependency>
        <groupId>commons-collections</groupId>
        <artifactId>commons-collections</artifactId>
        <version>3.2</version>
    </dependency>

    <dependency>
        <groupId>commons-httpclient</groupId>
        <artifactId>commons-httpclient</artifactId>
        <version>3.1</version>
    </dependency>


    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-core</artifactId>
        <version>${spring.security.version}</version>
        <exclusions>
            <exclusion>
                <groupId>org.springframework</groupId>
                <artifactId>spring-aop</artifactId>
            </exclusion>
            <exclusion>
                <groupId>org.springframework</groupId>
                <artifactId>spring-expression</artifactId>
            </exclusion>
            <exclusion>
                <groupId>org.springframework</groupId>
                <artifactId>spring-context</artifactId>
            </exclusion>
            <exclusion>
                <groupId>org.springframework</groupId>
                <artifactId>spring-beans</artifactId>
            </exclusion>

            <exclusion>
                <groupId>org.springframework</groupId>
                <artifactId>spring-core</artifactId>
            </exclusion>

        </exclusions>
    </dependency>

    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-web</artifactId>
        <version>${spring.security.version}</version>
        <exclusions>
            <exclusion>
                <groupId>org.springframework</groupId>
                <artifactId>spring-core</artifactId>
            </exclusion>
            <exclusion>
                <groupId>org.springframework</groupId>
                <artifactId>spring-tx</artifactId>
            </exclusion>
            <exclusion>
                <groupId>org.springframework</groupId>
                <artifactId>spring-web</artifactId>
            </exclusion>
            <exclusion>
                <groupId>org.springframework</groupId>
                <artifactId>spring-aop</artifactId>
            </exclusion>
            <exclusion>
                <groupId>org.springframework</groupId>
                <artifactId>spring-jdbc</artifactId>
            </exclusion>
            <exclusion>
                <groupId>org.springframework</groupId>
                <artifactId>spring-context</artifactId>
            </exclusion>
            <exclusion>
                <groupId>org.springframework</groupId>
                <artifactId>spring-beans</artifactId>
            </exclusion>
            <exclusion>
                <groupId>org.springframework</groupId>
                <artifactId>spring-expression</artifactId>
            </exclusion>
        </exclusions>
    </dependency>

    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-acl</artifactId>
        <version>${spring.security.version}</version>
        <exclusions>
            <exclusion>
                <groupId>org.springframework</groupId>
                <artifactId>spring-aop</artifactId>
            </exclusion>
            <exclusion>
                <groupId>org.springframework</groupId>
                <artifactId>spring-jdbc</artifactId>
            </exclusion>
            <exclusion>
                <groupId>org.springframework</groupId>
                <artifactId>spring-context</artifactId>
            </exclusion>
            <exclusion>
                <groupId>org.springframework</groupId>
                <artifactId>spring-core</artifactId>
            </exclusion>
            <exclusion>
                <groupId>org.springframework</groupId>
                <artifactId>spring-tx</artifactId>
            </exclusion>
        </exclusions>
    </dependency>


    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-aspects</artifactId>
        <version>${spring.security.version}</version>
        <exclusions>
            <exclusion>
                <groupId>org.springframework</groupId>
                <artifactId>spring-beans</artifactId>
            </exclusion>
            <exclusion>
                <groupId>org.springframework</groupId>
                <artifactId>spring-context</artifactId>
            </exclusion>
            <exclusion>
                <groupId>org.springframework</groupId>
                <artifactId>spring-core</artifactId>
            </exclusion>
        </exclusions>
    </dependency>

    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-cas</artifactId>
        <version>${spring.security.version}</version>
    </dependency>

    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-config</artifactId>
        <version>${spring.security.version}</version>
    </dependency>

    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-ldap</artifactId>
        <version>${spring.security.version}</version>
    </dependency>

    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-openid</artifactId>
        <version>${spring.security.version}</version>
        <exclusions>
            <exclusion>
                <groupId>com.google.inject</groupId>
                <artifactId>guice</artifactId>
            </exclusion>
        </exclusions>
    </dependency>

    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-remoting</artifactId>
        <version>${spring.security.version}</version>
    </dependency>

    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-taglibs</artifactId>
        <version>${spring.security.version}</version>
    </dependency>

AppConfig.java

   @Configuration
   public class AppConfig {
   @Bean
   public SuccessHandler successHandler() {
       return new SuccessHandler();
   }

   @Bean
   public FailureHandler failureHandler() {
       return new FailureHandler();
    }
    }

SecurityWebApplicationInitializer.java

  public class SecurityWebApplicationInitializer extends   AbstractSecurityWebApplicationInitializer {

  }

MyConfiguration.java

  @Configuration
  @EnableWebMvc
  @ComponentScan(basePackages = "com.car")
  public class MyConfiguration extends WebMvcConfigurerAdapter {



@Bean(name="HelloWorld")
public ViewResolver viewResolver() {
    InternalResourceViewResolver viewResolver = new InternalResourceViewResolver();
    viewResolver.setViewClass(JstlView.class);
    viewResolver.setPrefix("/web-inf");
    viewResolver.setSuffix(".xhtml");

    return viewResolver;
}

/*
 * Configure ResourceHandlers to serve static resources like CSS/ Javascript etc...
 */
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
    registry.addResourceHandler("/webapp/**").addResourceLocations("/webapp/");
}
}

Login.xhtml

  <!DOCTYPE html>
  <f:view>
   <h:head>
    <meta http-equiv="content-type" content="text/html; charset=UTF-8" />
    </script><script src="js/jquery-1.js"></script>
    <script src="js/adpacks-demo.js" type="text/javascript"></script>
    <script src="js/bsa.js" type="text/javascript"></script>

   </h:head>
<h:body>
    <form id="login" action='#{request.contextPath}/login' method='POST'>
        <h1>Log In</h1>
        <fieldset id="inputs">
            <input id="username" type="text" name="username" placeholder="Username" />
            <input id="password" type="password" name="password" placeholder="Password" />
        </fieldset>
        <fieldset id="actions">
            <input type="hidden" name="${_csrf.parameterName}"  value="${_csrf.token}" />
            <input id="submit" value="Log in" type="submit"  /><a href="">Forgot your password?</a>
        </fieldset>
    </form>
</h:body>

SecurityConfiguration.java

 @Configuration
 @EnableWebSecurity
 public class SecurityConfiguration extends WebSecurityConfigurerAdapter {


    @Autowired
    @Qualifier("userDetailsServiceImpl")
    UserDetailsService userDetailsService;

    @Autowired
    SuccessHandler successHandler;

    @Autowired
    FailureHandler failureHandler;


    @Autowired
     public void configureGlobalSecurity(AuthenticationManagerBuilder auth)   throws Exception {
    ShaPasswordEncoder encoder = new ShaPasswordEncoder();
    auth.userDetailsService(userDetailsService).passwordEncoder(encoder);
    }

@Override
protected void configure(HttpSecurity http) throws Exception {

  http.authorizeRequests()
    .antMatchers("/login.xhtml").permitAll()
    .antMatchers("/pages/**").access("isAuthenticated()")
    .antMatchers("/run**").access("isAuthenticated()")
    .and().formLogin().loginProcessingUrl("/login").loginPage("/login.xhtml")
    .successHandler(successHandler)
    .failureHandler(failureHandler).defaultSuccessUrl("/pages/dashboard.xhtml")
    .usernameParameter("username")
    .passwordParameter("password")
    .and().sessionManagement().maximumSessions(2).maxSessionsPreventsLogin(true);
  }
 }
4
javaspringspring-security
JSF tags, a plain HTML form, registered both org.springframework.web.servlet.DispatcherServlet and javax.faces.webapp.FacesServlet - nasty combination.Tiny
You are trying to use JSF and Spring MVC together which is disallowed. You can however use JSF on top of the Spring platform (Spring and Spring MVC are completely different. Spring is an enormous framework - a Java platform having several modules in it, Spring MVC is merely one of them. Spring DI are usable with JSF but Spring MVC and JSF cannot be used together, since both of them are MVC frameworks).Tiny
Agree with you . I don't need that part of spring mvc. Actually my application was using spring 3.1 and spring security 3.1 ( xml configuration).And was using Spring DI. I need to upgrade it to spring security 4.0 and I've decided to do it in java config. Can you guide me how to do this ?I want to remove the spring mvc part. I am not interested with it.Alina

4 Answers

19
votes

use this bean :

@Bean
PasswordEncoder getEncoder() {
    return new BCryptPasswordEncoder();
}
5
votes

You must make your password encoder a bean:

@Bean
public PasswordEncoder passwordEncoder() {
    return new ShaPasswordEncoder();
}

Then you can autowire it.

2
votes

you can use any of the following 

@Bean
PasswordEncoder getEncoder() {
    return new BCryptPasswordEncoder();
}

OR 

@Bean
public PasswordEncoder passwordEncoder() {
    return new ShaPasswordEncoder();
}
0
votes
@Bean
public PasswordEncoder encoder() {
    return new BCryptPasswordEncoder();
}