Spring security custom filter initialization

Question

I am getting this error when i add filter-chain-proxy bean. I think I must create a bean with named securityContextPersistenceFilterWithASCTrue but there is no such a bean shown at examples. Is there any solution?

SEVERE: Context initialization failed org.springframework.beans.factory.BeanCreationException: Error creating bean with name 
'filterChainProxy' defined in ServletContext resource [/WEB-INF/spring-security.xml]:     Cannot resolve reference to bean 'securityContextPersistenceFilterWithASCTrue' while     setting bean property 'filterChainMap' with key [Root bean: class     [org.springframework.security.web.util.AnyRequestMatcher]; scope=; abstract=false;     lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false;        factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null]     with key [0]; nested exception is     org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named      'securityContextPersistenceFilterWithASCTrue' is defined

here is my Spring-config;

<beans:beans xmlns="http://www.springframework.org/schema/security"
         xmlns:beans="http://www.springframework.org/schema/beans" 
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">



<http auto-config='true' use-expressions="true">
    <intercept-url pattern="/login" access="permitAll"/>
    <intercept-url pattern="/ajaxErrorPage" access="permitAll"/>
    <intercept-url pattern="/pages/*" access="hasRole('admin')" />
    <intercept-url pattern="/j_spring_security_check" access="permitAll"/>        
    <logout logout-success-url="/login.xhtml" />
    <form-login login-page="/login.xhtml"
                login-processing-url="/j_spring_security_check"                                                       
                default-target-url="/pages/index.xhtml"
                always-use-default-target="true"                                                        
                authentication-failure-url="/login.xhtml"/>
</http>


<!--Authentication Manager Details -->    
<authentication-manager alias="authenticationManager">
    <authentication-provider user-service-ref="customUserDetailsService">
        <!--            <password-encoder hash="md5"/>-->
    </authentication-provider>
</authentication-manager>


<beans:bean id="filterChainProxy" 
  class="org.springframework.security.web.FilterChainProxy">
<filter-chain-map>     
 <filter-chain pattern="/**" filters="
       securityContextPersistenceFilterWithASCTrue,
       formLoginFilter,
       exceptionTranslationFilter,
       filterSecurityInterceptor,
       customAjaxControlFilter" />
</filter-chain-map>
</beans:bean>


</beans:beans>

Answer 1

When using namespace configuration ( <http auto-config ...> ) , the filter chain proxy is automatically created based on what you configured with the security namespace (, etc) .

Otherwise, if you want to explicitly define the filter-chain-proxy, you'll have to put namespace configuration aside and configure each and every beans spring security would automatically create for you if you were using that namespace configuration.

In your case, I guess you could just remove the "filterChainProxy" bean configuration, keeping the configuration you did for form-login.