Spring Security DelegatingFilterProxy unendliche Rekursion

Question

Ich habe diese Ausnahme nach der ersten Anfrage (auf der Homepage) nach dem Start der Web-App.

java.lang.StackOverflowError: null 
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) ~[spring-web-4.3.7.RELEASE.jar:4.3.7.RELEASE] 
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262) ~[spring-web-4.3.7.RELEASE.jar:4.3.7.RELEASE] 
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) ~[spring-web-4.3.7.RELEASE.jar:4.3.7.RELEASE] 
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262) ~[spring-web-4.3.7.RELEASE.jar:4.3.7.RELEASE] 
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) ~[spring-web-4.3.7.RELEASE.jar:4.3.7.RELEASE] 
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262) ~[spring-web-4.3.7.RELEASE.jar:4.3.7.RELEASE] 
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) ~[spring-web-4.3.7.RELEASE.jar:4.3.7.RELEASE... 

web.xml enthält DelegatingFilterProxy

<filter> 
    <filter-name>springSecurityFilterChain</filter-name> 
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> 
</filter> 

<filter-mapping> 
    <filter-name>springSecurityFilterChain</filter-name> 
    <url-pattern>/*</url-pattern> 
</filter-mapping> 

applicationContext.xml enthält auch bean mit der ID "springSecurityFilterChain"

<context:component-scan base-package="controllers, services, hibernate.dao" /> 
<bean id="springSecurityFilterChain" class="org.springframework.web.filter.DelegatingFilterProxy"/> 

security.xml

<?xml version="1.0" encoding="UTF-8"?> 
<beans:beans xmlns="http://www.springframework.org/schema/security" 
     xmlns:beans="http://www.springframework.org/schema/beans" 
     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
     xsi:schemaLocation=" 
     http://www.springframework.org/schema/beans 
     http://www.springframework.org/schema/beans/spring-beans-4.3.xsd 
     http://www.springframework.org/schema/security 
     http://www.springframework.org/schema/security/spring-security-4.2.xsd"> 
<http auto-config="true" use-expressions="true"> 
    <intercept-url pattern="/admin**" access="hasRole('ROLE_ADMIN')" /> 

    <!-- access denied page --> 
    <access-denied-handler error-page="/403" /> 
    <form-login 
      login-page="/login" 
      default-target-url="/home" 
      authentication-failure-url="/login?error" 
      username-parameter="username" 
      password-parameter="password" /> 
    <logout logout-success-url="/login?logout" /> 
    <!-- enable csrf protection --> 
    <csrf /> 
</http> 

<authentication-manager> 
    <authentication-provider user-service-ref="userDetailsService" > 
     <password-encoder hash="md5" /> 
    </authentication-provider> 
</authentication-manager> 

irgendwelche Ideen?

Answer 1

Das Versuchen,

web.xml

<?xml version="1.0" encoding="UTF-8"?> 
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
xmlns="http://xmlns.jcp.org/xml/ns/javaee" 
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd" 
id="WebApp_ID" version="3.1"> 
<display-name>SpringWebSecurity</display-name> 

<servlet> 
    <servlet-name>myservlet</servlet-name> 
    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> 
    <init-param> 
     <param-name>contextConfigLocation</param-name> 
     <param-value> 
WEB-INF/myservlet-servlet.xml 
</param-value> 
    </init-param> 
    <load-on-startup>1</load-on-startup> 
</servlet> 

<servlet-mapping> 
    <servlet-name>myservlet</servlet-name> 
    <url-pattern>/</url-pattern> 
</servlet-mapping> 


<context-param> 
    <param-name>contextConfigLocation</param-name> 
    <param-value>WEB-INF/myservlet-servlet.xml 
WEB-INF/security-context.xml 
WEB-INF/applicationContext.xml 
</param-value> 
</context-param> 
    <listener> 
    <listener- class>org.springframework.web.context.ContextLoaderListener</listener-class> 
    </listener> 


<!-- Bellow filters are for spring security --> 
<filter> 
    <filter-name>springSecurityFilterChain</filter-name> 
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> 
</filter> 
<filter-mapping> 
    <filter-name>springSecurityFilterChain</filter-name> 
    <url-pattern>/*</url-pattern> 
</filter-mapping> 

</web-app> 

dann Ihr myservlet-servlet.xml etwas ähnliches sein sollte unter

<?xml version="1.0" encoding="UTF-8"?> 
<beans xmlns="http://www.springframework.org/schema/beans" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:aop="http://www.springframework.org/schema/aop" 
xmlns:context="http://www.springframework.org/schema/context" 
xmlns:jdbc="http://www.springframework.org/schema/jdbc" xmlns:lang="http://www.springframework.org/schema/lang" 
xmlns:mvc="http://www.springframework.org/schema/mvc" xmlns:tx="http://www.springframework.org/schema/tx" 
xsi:schemaLocation="http://www.springframework.org/schema/jdbc http://www.springframework.org/schema/jdbc/spring-jdbc-4.3.xsd 
    http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.3.xsd 
    http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd 
    http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.3.xsd 
    http://www.springframework.org/schema/lang http://www.springframework.org/schema/lang/spring-lang-4.3.xsd 
    http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-4.3.xsd 
    http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.3.xsd"> 



<context:component-scan base-package="kumar.amit.safims.controller"> 

</context:component-scan> 


<!-- Put this to handle all static resources eg:. css,js,images etc --> 
<mvc:resources location="/resources/" mapping="/resources/**" /> 
<mvc:annotation-driven /> 
<context:annotation-config /> 


<bean 
class="org.springframework.web.servlet.view.InternalResourceViewResolver"> 
    <property name="prefix" value="/WEB-INF/views/jsp/" /> 
    <property name="suffix" value=".jsp" /> 

</bean> 



</bean> 
</beans> 

HINWEIS: 10

Ihre applicationContext.xml sollte unten ähnlich sein hier nichts Besonderes, wenn Sie Ihre eigenen Bohnen hier haben, müssen NO schreiben oder ERWÄHNT springSecurityFilterChain, HIER

<?xml version="1.0" encoding="UTF-8"?> 
<beans xmlns="http://www.springframework.org/schema/beans" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context" 
xmlns:tx="http://www.springframework.org/schema/tx" xmlns:jdbc="http://www.springframework.org/schema/jdbc" 
xsi:schemaLocation="http://www.springframework.org/schema/jdbc http://www.springframework.org/schema/jdbc/spring-jdbc-4.3.xsd 
    http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd 
    http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.3.xsd 
    http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.3.xsd"> 

<context:component-scan base-package="kumar.amit.safims" /> 


<context:annotation-config /> 

<!-- To make @Transaction work add this --> 
<tx:annotation-driven /> 

<!-- Write all your beans here which are not part of view layers --> 
<!-- Initialization for data source --> 
<bean id="dataSource" 
    class="org.springframework.jdbc.datasource.DriverManagerDataSource"> 
    <property name="driverClassName" value="org.mariadb.jdbc.Driver" /> 
    <property name="url" value="jdbc:mariadb://localhost:3306/safims" /> 
    <property name="username" value="root" /> 
    <property name="password" value="hariOm2" /> 
</bean> 
</beans> 

und schließlich der Sicherheitskontext, Sie einen beliebigen Namen dazu geben kann, habe ich sicherheits context.xml gegeben, aber stellen Sie sicher, dass Sie diesen Namen in web.xml wie unten erwähnt:

<context-param> 
    <param-name>contextConfigLocation</param-name> 
    <param-value>WEB-INF/myservlet-servlet.xml 
WEB-INF/security-context.xml 
WEB-INF/applicationContext.xml 
</param-value> 
</context-param> 
<listener> 
    <listener- class>org.springframework.web.context.ContextLoaderListener</listener-class> 
</listener> 

Hinweis: Ihre xmlns Namespace in Ihrer Datei Sicherheit chnage oder Kopieren Sie pase meine Datei und ändern Sie dann entsprechend Ihrer Notwendigkeit. sicherheits context.xml Datei wird wie unten sein:

<?xml version="1.0" encoding="UTF-8"?> 
<beans xmlns="http://www.springframework.org/schema/beans" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:security="http://www.springframework.org/schema/security" 
xmlns:context="http://www.springframework.org/schema/context" 
xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd 
    http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd 
    http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.3.xsd"> 


<context:component-scan base-package="kumar.amit.safims.service.security"> 

</context:component-scan> 

<!-- Add this bean here to make use of expression at view or jsp level and 
    nothing else --> 
<bean 
    class="org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler" /> 

<security:http auto-config="true" use-expressions="true"> 

    <!-- To get the default login form just disable the http-basic auth --> 
    <!-- <security:http-basic/> --> 
    <security:form-login login-page="/login" 
     login-processing-url="/login" username-parameter="customEmail" 
     password-parameter="customPassword" default-target-url="/postLogin" 
     always-use-default-target="true" authentication-failure-url="/login?error=true" /> 

    <!-- for logout functionality --> 
    <security:logout logout-url="/logout" 
     invalidate-session="true" logout-success-url="/login?logout=true" /> 

    <security:intercept-url pattern="/server" access="hasRole('ROLE_ADMIN') " /> 
    <security:intercept-url pattern="/driverLicense" access="hasRole('ROLE_FACULTY') OR hasRole('ROLE_ADMIN') " /> 
    <security:intercept-url pattern="/user/*" access="hasRole('ROLE_FACULTY') OR hasRole('ROLE_ADMIN')" /> 
    <security:intercept-url pattern="/resources/**" access="permitAll" /> 
    <security:intercept-url pattern="/**" access="hasRole('ROLE_ANONYMOUS') OR hasRole('ROLE_ADMIN') OR hasRole('ROLE_FACULTY') OR hasRole('ROLE_STUDENT')" /> 

</security:http> 


<security:authentication-manager> 
    <security:authentication-provider 
     user-service-ref="customUserDetailsService" /> 
</security:authentication-manager> 
</beans> 

HINWEIS: für jede Klärung frei fühlen. Happy Coding, Prost !!!!!!

Answer 2

versuchen Sie dies: Entfernen Sie zuerst diese Zeile aus der Datei applicationContext.xml, denn wenn Sie ... tag verwenden Spring Security erstellt einen selbst, also müssen Sie explizit hinzufügen, wie Sie es getan haben.

<bean id="springSecurityFilterChain" class="org.springframework.web.filter.DelegatingFilterProxy"/> 

HINWEIS: Bessere Klarheit bieten Ihnen Sicherheitskontext Datei Frühling