検索
検索

Application does not start with Spring Boot 1.2.1 + Spring Security + Servlet 2.5

debugcn 投稿 Dev
2
Jérémy Buget

I have a Spring Boot application with Spring Security starter that works well in "modern" (i.e. Servlet 3.0+) J2E servers such as Tomcat 7 or Jetty 8.

My problem is that I have to run the application in a Weblogic 10.3 server (the Production one), that implements Servlet 2.5 specification and does not support Servlet 3.0+, according to here and here.

I've seen that an effort is made aside the official Spring Boot project to support legacy server / apps, a.k.a. the Spring Boot Legacy project that works well... until I activate the spring-boot-starter-security dependency :-S

And effectively, there is an open issue on the Spring Boot Legacy tracker.

I reproduce exactly the same error on a Tomcat 6 (Servlet 2.5) server (see below).

So, does anyone already succeeded in making Spring Boot + Spring Security + Servlet 2.5 based server work together ?

2015-02-03 23:17:12.208 ERROR 2662 --- [on(4)-127.0.0.1] o.s.boot.SpringApplication               : Application startup failed

org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'securityFilterChainRegistration' defined in class path resource [org/springframework/boot/autoconfigure/security/SpringBootWebSecurityConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.boot.context.embedded.FilterRegistrationBean]: Factory method 'securityFilterChainRegistration' threw exception; nested exception is java.lang.NoClassDefFoundError: javax/servlet/DispatcherType
    at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:599)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1111)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1006)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:504)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:476)
    at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:303)
    at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230)
    at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:299)
    at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:194)
    at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:762)
    at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:757)
    at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:480)
    at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:691)
    at org.springframework.boot.SpringApplication.run(SpringApplication.java:321)
    at org.springframework.boot.builder.SpringApplicationBuilder.run(SpringApplicationBuilder.java:139)
    at org.springframework.boot.legacy.context.web.SpringBootContextLoaderListener.initWebApplicationContext(SpringBootContextLoaderListener.java:61)
    at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:106)
    at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4210)
    at org.apache.catalina.core.StandardContext.start(StandardContext.java:4709)
    at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:802)
    at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:779)
    at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:583)
    at org.apache.catalina.startup.HostConfig.manageApp(HostConfig.java:1429)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:601)
    at org.apache.tomcat.util.modeler.BaseModelMBean.invoke(BaseModelMBean.java:297)
    at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:819)
    at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:792)
    at org.apache.catalina.mbeans.MBeanFactory.createStandardContext(MBeanFactory.java:631)
    at org.apache.catalina.mbeans.MBeanFactory.createStandardContext(MBeanFactory.java:568)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:601)
    at org.apache.tomcat.util.modeler.BaseModelMBean.invoke(BaseModelMBean.java:295)
    at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:819)
    at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:792)
    at javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1486)
    at javax.management.remote.rmi.RMIConnectionImpl.access$300(RMIConnectionImpl.java:96)
    at javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1327)
    at javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1419)
    at javax.management.remote.rmi.RMIConnectionImpl.invoke(RMIConnectionImpl.java:847)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:601)
    at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:322)
    at sun.rmi.transport.Transport$1.run(Transport.java:177)
    at sun.rmi.transport.Transport$1.run(Transport.java:174)
    at java.security.AccessController.doPrivileged(Native Method)
    at sun.rmi.transport.Transport.serviceCall(Transport.java:173)
    at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:553)
    at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:808)
    at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:667)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:722)

Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.boot.context.embedded.FilterRegistrationBean]: Factory method 'securityFilterChainRegistration' threw exception; nested exception is java.lang.NoClassDefFoundError: javax/servlet/DispatcherType
    at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:189)
    at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:588)
    ... 58 common frames omitted

Caused by: java.lang.NoClassDefFoundError: javax/servlet/DispatcherType
    at org.springframework.boot.autoconfigure.security.SpringBootWebSecurityConfiguration.securityFilterChainRegistration(SpringBootWebSecurityConfiguration.java:109)
    at org.springframework.boot.autoconfigure.security.SpringBootWebSecurityConfiguration$$EnhancerBySpringCGLIB$$300a37f.CGLIB$securityFilterChainRegistration$1(<generated>)
    at org.springframework.boot.autoconfigure.security.SpringBootWebSecurityConfiguration$$EnhancerBySpringCGLIB$$300a37f$$FastClassBySpringCGLIB$$6b869afe.invoke(<generated>)
    at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228)
    at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:309)
    at org.springframework.boot.autoconfigure.security.SpringBootWebSecurityConfiguration$$EnhancerBySpringCGLIB$$300a37f.securityFilterChainRegistration(<generated>)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:601)
    at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:162)
    ... 59 common frames omitted

Caused by: java.lang.ClassNotFoundException: javax.servlet.DispatcherType
    at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1680)
    at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1526)
    ... 70 common frames omitted

Thanks.

Jérémy Buget

I finally found a viable solution. I post it, if it can help someone else.

The problem effectively came from Spring Security. I found this documentation from the Spring Security reference documentation that help me a bit.

Finally, the things I do to make my application running on a Tomcat 6 (Servlet 2.5) or Tomcat 7 (Servlet 3.0) were :

  • in pom.xml (again), keep the dependency to spring-boot-legacy
  • in pom.xml, replace the dependency to spring-boot-starter-security by the ones of Spring Security (spring-security-web and spring-security-config)
  • add the @EnableWebMvcSecurity annotation on my security configuration class
  • in web.xml, add the filter springSecurityFilterChain with filter class org.springframework.web.filter.DelegatingFilterProxy

These are my dependencies in pom.xml :

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
    ...
    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>1.2.1.RELEASE</version>
    </parent>
    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-legacy</artifactId>
            <version>1.0.1.RELEASE</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-web</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-config</artifactId>
        </dependency>
        ...
    </dependencies>
    ...
</project>

This is my web.xml :

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">

    <context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>com.acme.Application</param-value>
    </context-param>

    <listener>
        <listener-class>org.springframework.boot.legacy.context.web.SpringBootContextLoaderListener</listener-class>
    </listener>

    <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
        <dispatcher>ERROR</dispatcher>
        <dispatcher>REQUEST</dispatcher>
    </filter-mapping>

    <servlet>
        <servlet-name>appServlet</servlet-name>
        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
        <init-param>
            <param-name>contextAttribute</param-name>
            <param-value>org.springframework.web.context.WebApplicationContext.ROOT</param-value>
        </init-param>
        <load-on-startup>1</load-on-startup>
    </servlet>

    <servlet-mapping>
        <servlet-name>appServlet</servlet-name>
        <url-pattern>/</url-pattern>
    </servlet-mapping>

</web-app>

And this is my Spring Security configuration :

@Configuration
@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
@EnableWebMvcSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

        @Inject
        private AuthenticationProvider authenticationProvider;

        @Inject
        protected void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
            auth.authenticationProvider(authenticationProvider);
        }

        @Override
        protected void configure(HttpSecurity http) throws Exception {
            http
                .antMatcher("/api/**")
                .authorizeRequests().anyRequest()
                .fullyAuthenticated().and().httpBasic();
        }
}

この記事はインターネットから収集されたものであり、転載の際にはソースを示してください。

侵害の場合は、連絡してください[email protected]

編集
0

コメントを追加

0
サインイン

関連記事

分類Dev

Application does not start with Spring Boot 1.2.1 + Spring Security + Servlet 2.5

分類Dev

Spring Boot 2、Spring Security 5、@ WithMockUser

分類Dev

Migrating from Spring Boot Oauth2 to Spring Security 5

分類Dev

Spring Boot + Spring Boot Security Start Error

分類Dev

Spring BootとOAuth 2によるSpring Security

分類Dev

Intelij Spring Boot 2 application.properties

分類Dev

Spring boot 2.0.3 + Security + Oauth2 autoconfigure

分類Dev

Spring boot single application with 2 controllers on 2 different hosts

分類Dev

Grails3.1.0_M2-Spring-Security-Core3.0.0.M1エラー

分類Dev

Spring Boot + JWT Oauth2:Spring5とSpring <5

分類Dev

Angular 2、Spring Boot、Spring Security、ログインフォーム

分類Dev

Angular 2、Spring Boot、Spring Security、ログインフォーム

分類Dev

Log4j2 JSP Taglib not working in Spring-boot Embedded Servlet Containers

分類Dev

Spring Boot 2 Hibernate Search

分類Dev

Spring Batch not seeing H2 DataSource bean in Spring Boot application

分類Dev

Servlet Filter as Component Spring Boot

分類Dev

Servlet Filter as Component Spring Boot

分類Dev

Spring Boot SecurityのOAuth2ClientでのSSO

分類Dev

Spring Boot Security OAuth2 Get Access_token from Cookie

分類Dev

Spring Boot Security OAuth2:WebSecurityConfigurerAdapter:302 / errorにリダイレクト

分類Dev

Keycloak 4.0.0 Beta 2 with Spring Boot 2

分類Dev

Keycloak 4.0.0 Beta 2 with Spring Boot 2

分類Dev

Spring Boot 2.0 M6(Spring Security 5.0)のoAuth2RESTクライアント

分類Dev

OAuth2LoginAuthenticationFilter Spring Security

分類Dev

Spring Security 4 and JSF 2 integration

分類Dev

Spring Security OAuth2 | InsufficientAuthenticationException

分類Dev

Spring Security 4 and JSF 2 integration

分類Dev

Spring Security OAuth2:InsufficientAuthenticationException

分類Dev

Spring boot application intellij

Related 関連記事

  1. 1

    Application does not start with Spring Boot 1.2.1 + Spring Security + Servlet 2.5

  2. 2

    Spring Boot 2、Spring Security 5、@ WithMockUser

  3. 3

    Migrating from Spring Boot Oauth2 to Spring Security 5

  4. 4

    Spring Boot + Spring Boot Security Start Error

  5. 5

    Spring BootとOAuth 2によるSpring Security

  6. 6

    Intelij Spring Boot 2 application.properties

  7. 7

    Spring boot 2.0.3 + Security + Oauth2 autoconfigure

  8. 8

    Spring boot single application with 2 controllers on 2 different hosts

  9. 9

    Grails3.1.0_M2-Spring-Security-Core3.0.0.M1エラー

  10. 10

    Spring Boot + JWT Oauth2:Spring5とSpring <5

  11. 11

    Angular 2、Spring Boot、Spring Security、ログインフォーム

  12. 12

    Angular 2、Spring Boot、Spring Security、ログインフォーム

  13. 13

    Log4j2 JSP Taglib not working in Spring-boot Embedded Servlet Containers

  14. 14

    Spring Boot 2 Hibernate Search

  15. 15

    Spring Batch not seeing H2 DataSource bean in Spring Boot application

  16. 16

    Servlet Filter as Component Spring Boot

  17. 17

    Servlet Filter as Component Spring Boot

  18. 18

    Spring Boot SecurityのOAuth2ClientでのSSO

  19. 19

    Spring Boot Security OAuth2 Get Access_token from Cookie

  20. 20

    Spring Boot Security OAuth2:WebSecurityConfigurerAdapter:302 / errorにリダイレクト

  21. 21

    Keycloak 4.0.0 Beta 2 with Spring Boot 2

  22. 22

    Keycloak 4.0.0 Beta 2 with Spring Boot 2

  23. 23

    Spring Boot 2.0 M6(Spring Security 5.0)のoAuth2RESTクライアント

  24. 24

    OAuth2LoginAuthenticationFilter Spring Security

  25. 25

    Spring Security 4 and JSF 2 integration

  26. 26

    Spring Security OAuth2 | InsufficientAuthenticationException

  27. 27

    Spring Security 4 and JSF 2 integration

  28. 28

    Spring Security OAuth2:InsufficientAuthenticationException

  29. 29

    Spring boot application intellij

ホットタグ

アーカイブ