Getting error org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'springSecurityFilterChain' is defined

java spring login spring-security

76,401

Solution 1

From the DelegatingFilterProxy docs:

Notice that the filter is actually a DelegatingFilterProxy, and not the class that will actually implement the logic of the filter. What DelegatingFilterProxy does is delegate the Filter's methods through to a bean which is obtained from the Spring application context. This enables the bean to benefit from the Spring web application context lifecycle support and configuration flexibility. The bean must implement javax.servlet.Filter and it must have the same name as that in the filter-name element. Read the Javadoc for DelegatingFilterProxy for more information

You need to define a bean named springSecurityFilterChain that implements javax.servlet.Filter in your application context.

From Getting Started with Security Namespace Configuration:

If you are familiar with pre-namespace versions of the framework, you can probably already guess roughly what's going on here. The <http> element is responsible for creating a FilterChainProxy and the filter beans which it uses. Common problems like incorrect filter ordering are no longer an issue as the filter positions are predefined.

So you need at least A Minimal <http> Configuration

Solution 2

Sean Patrick Floyd is absolutely right but I think it is worth mention one solution, which took to much time for me.

You simply add @ImportResource annotation.

@Configuration
@EnableWebMvc
@ComponentScan(basePackages = {"org.company"})
@ImportResource({"classpath:security.xml"})
public class CompanyWebMvcConfiguration extends WebMvcConfigurerAdapter {
}

security.xml:

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
             xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
             xsi:schemaLocation="http://www.springframework.org/schema/beans
    http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
    http://www.springframework.org/schema/security
    http://www.springframework.org/schema/security/spring-security-3.1.xsd">


    <http use-expressions="true">
        <access-denied-handler error-page="/error"/>
    </http>

Solution 3

In Java configuration, you can use the following annotations:

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity
public class MySecurityConfig extends WebSecurityConfigurerAdapter {

}

That will import the org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration configuration class which defines the springSecurityFilterChain bean.

Solution 4

Please provide spring security file with minimal configuration

http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.3.xsd">

<http auto-config='true'>
    <intercept-url pattern="/**" access="ROLE_USER" />
</http>

View more solutions

76,401

Author by

Jacob

Downvote, at no time in the past or hitherto; not ever.

Updated on March 01, 2020

Comments

Jacob about 4 years

I am running NTLM using Spring Security, I am getting the following error

org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'springSecurityFilterChain' is defined

How can I resolve this error?

I have the following defined in web.xml

<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>

<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

Update 1

I resolved that error, now I am getting

org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'filterSecurityInterceptor' is defined

and I have the following

<bean id="springSecurityFilterChain" class="org.acegisecurity.util.FilterChainProxy">
    <property name="filterInvocationDefinitionSource">
    <value>
    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
    PATTERN_TYPE_APACHE_ANT
    /**=httpSessionContextIntegrationFilter, exceptionTranslationFilter, ntlmFilter, filterSecurityInterceptor
    </value>
    </property>
    </bean>`

I changed my applicationContext.xml as follows because like @Sean Patrick Floyd mentioned some elements were old and dead and buried. However I have other errors now which needs to be fixed :-)

Thanks

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:security="http://www.springframework.org/schema/security"
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd   http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.2.xsd">
  <!--<authentication-manager alias="_authenticationManager"></authentication-manager>-->
  <security:authentication-provider>
    <security:user-service>
      <security:user name="testuser" password="PASSWORD" authorities="ROLE_USER, ROLE_ADMIN"/>
      <security:user name="administrator" password="PASSWORD" authorities="ROLE_USER,ROLE_ADMIN"/>
    </security:user-service>
  </security:authentication-provider>
  <bean id="userDetailsAuthenticationProvider"
        class="com.icesoft.icefaces.security.UserDetailsAuthenticationProvider">
    <security:custom-authentication-provider/>
  </bean>
  <bean id="ntlmEntryPoint"
        class="org.springframework.security.ui.ntlm.NtlmProcessingFilterEntryPoint">
    <property name="authenticationFailureUrl" value="/accessDenied.jspx"/>
  </bean>
  <bean id="ntlmFilter" class="org.springframework.security.ui.ntlm.NtlmProcessingFilter">
    <security:custom-filter position="NTLM_FILTER"/>
    <property name="stripDomain" value="true"/>
    <property name="defaultDomain" value="domain"/>
    <property name="netbiosWINS" value="domain"/>
    <property name="authenticationManager" ref="_authenticationManager"/>
  </bean>
  <bean id="exceptionTranslationFilter"
        class="org.springframework.security.ui.ExceptionTranslationFilter">
    <property name="authenticationEntryPoint" ref="ntlmEntryPoint"/>
  </bean>
  <security:http access-decision-manager-ref="accessDecisionManager"
                 entry-point-ref="ntlmEntryPoint">
    <security:intercept-url pattern="/accessDenied.jspx" filters="none"/>
    <security:intercept-url pattern="/**" access="ROLE_USER"/>
  </security:http>
  <bean id="accessDecisionManager" class="org.springframework.security.vote.UnanimousBased">
    <property name="allowIfAllAbstainDecisions" value="false"/>
    <property name="decisionVoters">
      <list>
        <bean id="roleVoter" class="org.springframework.security.vote.RoleVoter"/>
      </list>
    </property>
  </bean>
</beans>

Ritesh about 13 years

See here. static.springsource.org/spring-security/site/docs/3.0.x/…. The springSecurityFilterChain is an internal infrastructure bean that is automatically provided by Spring Security.
Sean Patrick Floyd about 13 years

@Ritesh you misread the docs. It is automatically created only if you use the <http> tag from the mvc namespace
Ritesh about 13 years

@Polappan Can you update your question to show what you did to fix the problem to run NTLM with spring security?
Samuel almost 9 years

Is there a way to do this in pure Java configuration?