DEVHIDE
Login Or Sign up

Found 3 beans for type interface org.springframework.security.authentication.AuthenticationManager, but none marked as primary

51 Views Asked by At

I am getting below error when I start my application. I am not sure how I set primary bean here.

AnnotationConfigServletWebServerApplicationContext | Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration': Unsatisfied dependency expressed through field 'httpSecurity': Error creating bean with name 'org.springframework.security.config.annotation.web.configuration.HttpSecurityConfiguration.httpSecurity' defined in org.springframework.security.config.annotation.web.configuration.HttpSecurityConfiguration: Failed to instantiate [org.springframework.security.config.annotation.web.builders.HttpSecurity]: Factory method 'httpSecurity' threw exception with message: Found 3 beans for type interface org.springframework.security.authentication.AuthenticationManager, but none marked as primary

This is typically happening when I am upgrading my app to Tomcat 10 and spring 6.

Below are those 3 bean names which are logged: org.springframework.security.authenticationManager : org.springframework.security.authentication.ProviderManager org.springframework.security.config.authentication.AuthenticationManagerFactoryBean#0 : org.springframework.security.authentication.ProviderManager org.springframework.security.config.http.HttpSecurityBeanDefinitionParser$ChildAuthenticationManagerFactoryBean#0 : org.springframework.security.authentication.ProviderManager

Below is my Spring-security-context.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:security="http://www.springframework.org/schema/security"
       xmlns:context="http://www.springframework.org/schema/context"
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd http://www.springframework.org/schema/context https://www.springframework.org/schema/context/spring-context.xsd">

    <context:property-placeholder/>

    <security:global-method-security pre-post-annotations="enabled"/>

    <security:authentication-manager alias="authenticationManager">
        <security:authentication-provider ref="authProvider"/>
    </security:authentication-manager>

    <bean id="http403ForbiddenEntryPoint"
          class="org.springframework.security.web.authentication.Http403ForbiddenEntryPoint"/>

    <bean id="authProvider" class="com.abc.security.AuthenticationProvider" primary="true"/>

    <bean id="validateSessionService" class="com.abc.authserviceclient.ValidateSessionService">
        <constructor-arg name="serviceUrl" value="${security.session.service.url}"/>
    </bean>

    <bean id="preauthFilter" class="com.abc.security.AuthenticationFilter">
        <constructor-arg name="productID" value="${security.productId}"/>
        <constructor-arg name="appURL" value="${security.appURL}"/>
        <constructor-arg name="requestValidation" ref="requestValidation"/>
        <property name="authenticationManager" ref="authenticationManager"/>
    </bean>

    <security:http auto-config="false" create-session="stateless" entry-point-ref="http403ForbiddenEntryPoint">
        <security:csrf token-repository-ref="csrfTokenRepository" disabled="true"/>

        <security:intercept-url pattern="/metrics/healthcheck" access="permitAll"/>
        <security:intercept-url pattern="/validation/healthcheck" access="permitAll"/>
        <security:intercept-url pattern="/actuator/info" access="permitAll"/>
        <security:intercept-url pattern="/actuator/health" access="permitAll"/>
        <security:intercept-url pattern="/error" access="permitAll"/>
        <security:intercept-url pattern="/" access="isAuthenticated()"/>

        <security:custom-filter position="PRE_AUTH_FILTER" ref="preauthFilter"/>
        <security:custom-filter before="CSRF_FILTER" ref="csrfHeaderPreFilter"/>
        <security:custom-filter after="CSRF_FILTER" ref="csrfHeaderFilter"/>
    </security:http>

    <bean id="requestValidation"
          class="com.abc.security.validation.MockedRequestValidation"/>
    <bean id="csrfHeaderFilter" class="com.abc.security.validation.MockedCsrfHeaderFilter">
<!--        <constructor-arg name="csrfDisabled" value="true"/>-->
    </bean>
    <bean id="csrfHeaderPreFilter"
          class="com.abc.security.validation.MockedCsrfHeaderPreFilter">
<!--        <constructor-arg name="cookieCsrfTokenRepository" ref="csrfTokenRepository"/>-->
<!--        <constructor-arg name="csrfDisabled" value="true"/>-->
    </bean>

    <bean id="csrfTokenRepository" class="org.springframework.security.web.csrf.CookieCsrfTokenRepository">
        <property name="headerName" value="X-XSRF-TOKEN"/>
        <property name="cookieHttpOnly" value="false"/>
    </bean>
    <bean id="certificateExtractor"
          class="com.abc.security.certificate.MockCertificateExtractor"/>

</beans>
spring spring-mvc spring-security tomcat6 java-17
Original Q&A
0

There are 0 best solutions below

Related Questions in SPRING

Related Questions in SPRING-MVC

Related Questions in SPRING-SECURITY

Related Questions in TOMCAT6

Related Questions in JAVA-17

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs

Popular Questions

.

Copyright © 2021 Jogjafile Inc.