My WEB-INF/web.xml
does the following -
1) Loads my servlet context - WEB-INF/spring-web-servlet.xml
2) Loads my spring security config file - WEB-INF/spring-security.xml
3) Adds a springSecurityFilterChain
filter to intercept incoming URLs
web.xml
<!-- Load spring-web-service.xml Servlet Definition -->
<servlet>
<servlet-name>spring-web</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
<!-- Programmatically add the property sources for the current Spring Profile -->
<init-param>
<param-name>contextInitializerClasses</param-name>
<param-value>com.galapagos.context.CustomEnvironmentApplicationContextInitializer</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>spring-web</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!-- Loads Spring Security config file -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring-security.xml</param-value>
</context-param>
<!-- Spring Security - Intercept incoming requests for authentication -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy
</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
spring-web-servlet.xml
The servlet context is what actually defines my dataSource
bean that connects to my DB (it also loads properties beforehand)
...
<!-- Load Properties -->
<beans:bean
class="org.springframework.context.support.PropertySourcesPlaceholderConfigurer">
</beans:bean>
<!-- Database / JDBC -->
<beans:bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource">
<beans:property name="driverClassName" value="${jdbc.driverClassName}" />
<beans:property name="url" value="${jdbc.url}" />
<beans:property name="username" value="${jdbc.username}" />
<beans:property name="password" value="${jdbc.password}" />
</beans:bean>
...
spring-security.xml
The issue is that the second file that web.xml
calls out to (my WEB-INF/spring-security.xml
file) also uses a database connection because it looks for roles and credentials stored in the DB
<http auto-config="true" use-expressions="true">
<intercept-url pattern="/admin**" access="hasRole('ROLE_ADMIN')" />
<!-- access denied page -->
<access-denied-handler error-page="/403" />
<form-login
login-page="/login"
default-target-url="/"
authentication-failure-url="/login?error"
username-parameter="email"
password-parameter="password" />
<logout logout-success-url="/login?logout" />
<!-- enable csrf protection -->
<csrf/>
</http>
<!-- Select users and user_roles from database -->
<authentication-manager>
<authentication-provider>
<jdbc-user-service
data-source-ref="dataSource"
users-by-username-query="SELECT email, password FROM users WHERE email=?"
authorities-by-username-query="SELECT email, role FROM user_roles WHERE email=?" />
</authentication-provider>
</authentication-manager>
When running I get the error -
Cannot resolve reference to bean 'dataSource' while setting bean property 'dataSource'; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'dataSource' is defined
My best guess is because dataSource
is defined in the first XML config ( WEB-INF/spring-web-servlet.xml
), it's not available for use in the latter ( WEB-INF/spring-security.xml
)
Is this right?
And if so what's the best way to define a dataSource
bean so that all the individual XML files can call it as needed? I assume I might add several other components that also require DB access at some point.
Thanks!
In web.xml try changing this
contextConfigLocation /WEB-INF/spring-security.xml, WEB-INF/spring-web-servlet.xml This will help you.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.