SpringBootWebXmlServlet failed to preload on startup in Web application: "/"

1
votes

I am trying to integrate an old weblogic application to use Okta SSO saml2.0 flow. I have successfully integrated the app with spring boot using @ServletCompenentScan and was able to successfully use spring security for basic authentication. However when adding SAML specific configurations to the SecurityConfiguration the app fails on deployment. For okta saml, I'm following this tutorial https://developer.okta.com/blog/2017/03/16/spring-boot-saml. Weblogic version is 12.2.1.3.0

The app deploys fine with the base spring security without the Okta Dependency.

Stacktrace

<Jun 12, 2018 4:50:58,129 PM CDT> <Error> <HTTP> <BEA-101216> <Servlet: "SpringBootWebXmlServlet" failed to preload on startup in Web application: "/".
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'springSecurityFilterChain' defined in class path resource [org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is java.lang.IncompatibleClassChangeError: Implementing class
        at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:587)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1254)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1103)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:541)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:501)
        Truncated. see log file for complete stacktrace
Caused By: org.springframework.beans.BeanInstantiationException: Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is java.lang.IncompatibleClassChangeError: Implementing class
        at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:185)
        at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:579)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1254)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1103)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:541)
        Truncated. see log file for complete stacktrace
Caused By: java.lang.IncompatibleClassChangeError: Implementing class
        at java.lang.ClassLoader.defineClass1(Native Method)
        at java.lang.ClassLoader.defineClass(ClassLoader.java:763)
        at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
        at weblogic.utils.classloaders.GenericClassLoader.defineClassInternal(GenericClassLoader.java:1113)
        at weblogic.utils.classloaders.GenericClassLoader.defineClass(GenericClassLoader.java:1046)
        Truncated. see log file for complete stacktrace

>


Pom Dependencies


<dependencies>
    <dependency>
        <!-- Import dependency management from Spring Boot -->
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-dependencies</artifactId>
        <version>1.1.5.RELEASE</version>
        <type>pom</type>
        <scope>import</scope>
    </dependency>
    <dependency>
        <groupId>org.apache.geronimo.specs</groupId>
        <artifactId>geronimo-j2ee_1.4_spec</artifactId>
        <scope>provided</scope>
    </dependency>
    <dependency>
        <groupId>weblogic</groupId>
        <artifactId>wls-api</artifactId>
        <scope>provided</scope>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-web</artifactId>
        <version>2.0.2.RELEASE</version>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-tomcat</artifactId>
        <version>2.0.2.RELEASE</version>
        <scope>provided</scope>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-security</artifactId>
        <version>2.0.2.RELEASE</version>
    </dependency>
    <dependency>
        <groupId>org.springframework.security.extensions</groupId>
        <artifactId>spring-security-saml-dsl</artifactId>
        <version>1.0.0.M3</version>
    </dependency>
</dependencies>


    SecurityConfiguration.java



    @EnableWebSecurity
    @Configuration
    public class SecurityConfiguration extends WebSecurityConfigurerAdapter{
        @Override
        protected void configure(final HttpSecurity http) throws Exception {
            super.configure(http);
            http
                .authorizeRequests()
                    .antMatchers("/saml*").permitAll()
                    .anyRequest().authenticated()
                    .and()
                .apply(saml())
                    .serviceProvider()
                        .keyStore()
                            .storeFilePath("...")
                            .password("...")
                            .keyname("...")
                            .keyPassword("...")
                            .and()
                        .protocol("https")
                        .hostname(String.format("%s:%s", "...", "..."))
                        .basePath("/")
                        .and()
                    .identityProvider()
                    .metadataFilePath("...");
        }
    }
1
javaspring-bootsaml-2.0weblogic12cokta
Here's a related question: stackoverflow.com/questions/10474976/….Matt Raible

1 Answers

0
votes

I have found the answer to my problem thanks to Matt's provided link.

There were conflicting dependencies being pulled in so I had to specify the preferred ones in the weblogic.xml
Heres the code.
<?xml version="1.0" encoding="UTF-8"?>
<wls:weblogic-web-app
    xmlns:wls="http://xmlns.oracle.com/weblogic/weblogic-web-app"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
    http://java.sun.com/xml/ns/javaee/ejb-jar_3_0.xsd
    http://xmlns.oracle.com/weblogic/weblogic-web-app
    http://xmlns.oracle.com/weblogic/weblogic-web-app/1.4/weblogic-web-app.xsd">
    <wls:container-descriptor>
        <wls:prefer-application-packages>
            <wls:package-name>com.fasterxml.jackson.*</wls:package-name>
            <wls:package-name>org.slf4j.*</wls:package-name>
            <wls:package-name>org.springframework.*</wls:package-name>
            <wls:package-name>org.bouncycastle.*</wls:package-name>
            <wls:package-name>antlr.*</wls:package-name>
            <wls:package-name>org.opensaml.*</wls:package-name>
            <wls:package-name>org.apache.xerces.*</wls:package-name>
            <wls:package-name>org.apache.xalan.*</wls:package-name>
        </wls:prefer-application-packages>
    </wls:container-descriptor>
</wls:weblogic-web-app>