Spring Security XML configuration can not find my dataSource beans definition

Question

My WEB-INF/web.xml does the following -

1) Loads my servlet context - WEB-INF/spring-web-servlet.xml

2) Loads my spring security config file - WEB-INF/spring-security.xml

3) Adds a springSecurityFilterChain filter to intercept incoming URLs

web.xml

<!-- Load spring-web-service.xml Servlet Definition -->

<servlet>
  <servlet-name>spring-web</servlet-name>
  <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
  <load-on-startup>1</load-on-startup>
  <!-- Programmatically add the property sources for the current Spring Profile -->
  <init-param>
    <param-name>contextInitializerClasses</param-name>
    <param-value>com.galapagos.context.CustomEnvironmentApplicationContextInitializer</param-value>
  </init-param>
</servlet>

<servlet-mapping>
  <servlet-name>spring-web</servlet-name>
  <url-pattern>/</url-pattern>
</servlet-mapping>

<listener>
  <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>

<!-- Loads Spring Security config file -->

<context-param>
  <param-name>contextConfigLocation</param-name>
  <param-value>/WEB-INF/spring-security.xml</param-value>
</context-param>

<!-- Spring Security - Intercept incoming requests for authentication -->

<filter>
  <filter-name>springSecurityFilterChain</filter-name>
  <filter-class>org.springframework.web.filter.DelegatingFilterProxy
  </filter-class>
</filter>

<filter-mapping>
  <filter-name>springSecurityFilterChain</filter-name>
  <url-pattern>/*</url-pattern>
</filter-mapping>

spring-web-servlet.xml

The servlet context is what actually defines my dataSource bean that connects to my DB (it also loads properties beforehand)

...

<!-- Load Properties -->

<beans:bean
  class="org.springframework.context.support.PropertySourcesPlaceholderConfigurer">
</beans:bean>

<!-- Database / JDBC -->

<beans:bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource">
  <beans:property name="driverClassName" value="${jdbc.driverClassName}" />
  <beans:property name="url" value="${jdbc.url}" />
  <beans:property name="username" value="${jdbc.username}" />
  <beans:property name="password" value="${jdbc.password}" />
</beans:bean>

...

spring-security.xml

The issue is that the second file that web.xml calls out to (my WEB-INF/spring-security.xml file) also uses a database connection because it looks for roles and credentials stored in the DB

<http auto-config="true" use-expressions="true">
  <intercept-url pattern="/admin**" access="hasRole('ROLE_ADMIN')" />

  <!-- access denied page -->
  <access-denied-handler error-page="/403" />

  <form-login
    login-page="/login"
    default-target-url="/"
    authentication-failure-url="/login?error"
    username-parameter="email"
    password-parameter="password" />
  <logout logout-success-url="/login?logout"  />

  <!-- enable csrf protection -->
  <csrf/>
</http>

<!-- Select users and user_roles from database -->
<authentication-manager>
  <authentication-provider>
  <jdbc-user-service
    data-source-ref="dataSource"
    users-by-username-query="SELECT email, password FROM users WHERE email=?"
    authorities-by-username-query="SELECT email, role FROM user_roles WHERE email=?" />
  </authentication-provider>
</authentication-manager>

When running I get the error -

Cannot resolve reference to bean 'dataSource' while setting bean property 'dataSource'; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'dataSource' is defined

My best guess is because dataSource is defined in the first XML config ( WEB-INF/spring-web-servlet.xml ), it's not available for use in the latter ( WEB-INF/spring-security.xml )

Is this right?

And if so what's the best way to define a dataSource bean so that all the individual XML files can call it as needed? I assume I might add several other components that also require DB access at some point.

Thanks!

Answer 1

In web.xml try changing this

contextConfigLocation /WEB-INF/spring-security.xml, WEB-INF/spring-web-servlet.xml This will help you.