rest-http Spring Security configuration problem
jmdopereiro opened this issue · comments
When I run rest-http project with gradle (gretty appRun or appStart tasks) I'm getting java.lang.NoClassDefFoundError: org/springframework/security/authentication/encoding/PasswordEncoder
Here is the whole stack trace:
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.filterChains': Cannot resolve reference to bean 'org.springframework.security.web.DefaultSecurityFilterChain#0' while setting bean property 'sourceList' with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.DefaultSecurityFilterChain#0': Cannot resolve reference to bean 'org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter#0' while setting constructor argument with key [5]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter#0': Cannot resolve reference to bean 'org.springframework.security.authentication.ProviderManager#0' while setting bean property 'authenticationManager'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authentication.ProviderManager#0': Cannot resolve reference to bean 'org.springframework.security.config.authentication.AuthenticationManagerFactoryBean#0' while setting constructor argument; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.config.authentication.AuthenticationManagerFactoryBean#0': FactoryBean threw exception on object creation; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authenticationManager': Cannot resolve reference to bean 'org.springframework.security.authentication.dao.DaoAuthenticationProvider#0' while setting constructor argument with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authentication.dao.DaoAuthenticationProvider#0': Cannot resolve reference to bean 'passwordEncoder' while setting bean property 'passwordEncoder'; nested exception is org.springframework.beans.factory.CannotLoadBeanClassException: Error loading class [org.jasypt.spring.security3.PasswordEncoder] for bean with name 'passwordEncoder' defined in ServletContext resource [/WEB-INF/config/security-config.xml]: problem with class file or dependent class; nested exception is java.lang.NoClassDefFoundError: org/springframework/security/authentication/encoding/PasswordEncoder
Seems an incompatibility between jasypt and Spring Security.
If I disable security (removing the security-config.xml import entry in web-application-config.xml context) everything is fine.
Thanks
I have just pushed the fix do not use Jasypt for password encoding.
Thank you for that! I saw you also fixed the log4j exception.
I've been able, to run the endpoint successfully from Postman with Basic Authentication, but the RestHttpClientTest is getting 401 Unauthorized (not sure why as postman works with the same credentials) and if I access the endpoint from the browser I get another exception.
Thanks again
Have just fixed the test case: 7fdfaed
There is no idea about browser: we definitely need to provide credentials to make it working.