CustomUserDetailsService can't do @Autowired

[TomBlank]

I'm trying to do my own CustomUserDetailsService and looking up the database via my DAO. Unfortunately, I can not do @Autowired within this Service.

Here is my code.

PHP Code:

@Service
@Transactional(readOnly = true)
public class CustomUserDetailsService implements UserDetailsService {

    @Autowired
    private PersonDAO personDAO;

    public UserDetails loadUserByUsername(String email) throws UsernameNotFoundException {

        UserDetails user = null;
        Person person = null;
        
        try {
            // It fails here!!!!
            person = personDAO.getPerson( email );
            
            user = new SecurityUser( person, person.getFirstName()+" "+person.getLastName(), 
                    person.getPassword().toLowerCase(), getGrantedAuthorities( person.getRoleList() ) );
            
            return user;
            
        } catch (Exception e) {
            System.out.println( "Exception message: "+e.getMessage() );
            System.out.println( "Exception cause: "+e.getCause() );
            throw new RuntimeException(e);
        }
    }
    
    
    public static List<GrantedAuthority> getGrantedAuthorities(List<Role> roles) {
        List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
        for( Role role : roles ) {
            authorities.add( new SimpleGrantedAuthority( role.getRoleName() ));
        }
        return authorities;
    }
} 


The security.xml file:

PHP Code:

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
                        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">

    <debug />

    <global-method-security pre-post-annotations="enabled" />

    <http use-expressions="true">
        <intercept-url pattern="/account/**" access="hasRole('ROLE_USER')" />
        
        <form-login login-page="/auth/login" 
                    authentication-failure-url="/auth/denied" 
                    default-target-url="/" />

        <access-denied-handler error-page="/auth/denied" />

        <logout invalidate-session="true"
                logout-success-url="/auth/logout"
                logout-url="/logout"
                delete-cookies="JSESSIONID" />
                
        <remember-me />
        
        <session-management invalid-session-url="/">
            <concurrency-control max-sessions="1" error-if-maximum-exceeded="true" />
        </session-management>

    </http>

    <beans:bean id="passwordEncoder" class="org.springframework.security.authentication.encoding.Md5PasswordEncoder" />
    
    <authentication-manager>
        <authentication-provider user-service-ref="customUserDetailsService">
            <password-encoder ref="passwordEncoder"/>
        </authentication-provider>
    </authentication-manager>
    

</beans:beans>

The Problem is, that all my services in my Controller classes are working fine and I'm connecting to the DB, but not if I'm trying to get a user from my CustomUserDetailsService.java. This is really weird.... It seems like my PersonDAO is not initialized at all.

If the function loadUserByUsername(email) is called I'm catching the Exception with the output: null.
I would appreciate any hints or suggestions!

Thanks in advance.

[Marten Deinum]

And why should it work? I see nothing in your configuration to drive annotation based configuration. I would expect a component-scan annotation or xml defined userdetailsservice with a context:annotation-config . But neither is showing.

[TomBlank]

Sorry, you are right. I should point out other definitions as well.

I have a another applicationContext.xml file where my

PHP Code:

<context:component-scan base-package="com.company" /> 


is already defined.

And here is my Java Configuration file:

PHP Code:

@Configuration
@EnableWebMvc
@EnableTransactionManagement
@EnableScheduling
public class AppConfig  extends WebMvcConfigurerAdapter {

    private static Log log = LogFactory.getLog( AppConfig.class );
    
    public void addResourceHandlers( ResourceHandlerRegistry registry ) {
        registry.addResourceHandler( "/resources/**" ).addResourceLocations( "/resources/" );
    }
    
    @Bean
    public ViewResolver viewResolver() {
        InternalResourceViewResolver resolver = new InternalResourceViewResolver();
        resolver.setViewClass( JstlView.class );
        resolver.setPrefix( "/WEB-INF/jsp/" );
        resolver.setSuffix( ".jsp" );
        return resolver;
    }
    
    @Bean
    public MessageSource messageSource() {
        ReloadableResourceBundleMessageSource messageSource = new ReloadableResourceBundleMessageSource();
        messageSource.setBasename("/WEB-INF/messages/messages");
        return messageSource;
    }

    @Bean
    public TilesConfigurer tilesConfigurer() {
        TilesConfigurer configurer = new TilesConfigurer();
        configurer.setDefinitions(new String[] {
            "/WEB-INF/jsp/layout/layouts.xml",
            "/WEB-INF/jsp/*/views.xml"                
        });
        configurer.setCheckRefresh(true);
        return configurer;
    }
    
    @Bean
    public UrlBasedViewResolver urlBasedViewResolver() {
        UrlBasedViewResolver viewResolver = new UrlBasedViewResolver();
        viewResolver.setViewClass( TilesView.class );
        viewResolver.setOrder( 2 );
        return viewResolver;
    }
    
    @Bean
    public ControllerClassNameHandlerMapping controllerClassNameHandlerMapping() {
        ControllerClassNameHandlerMapping hm = new ControllerClassNameHandlerMapping();
        hm.setDefaultHandler( new UrlFilenameViewController() );
        return hm;
    }
    
} 


If I call any other controller, where I do @Autowired, it's working fine. Only within CustomUserDetailsService.java I'm having this problem. Is it maybe related to the fact that my security-context.xml is configured outsite of my AppConfig.java file?

I know it sounds strange, but I have no explanation for it. Funny though, that the same configuration with spring-security-core-3.1.0.RC2 and spring-framework 3.1.0.M2 it was working, but not with the latest stable RELEASES of spring framework together with spring security....

[Marten Deinum]

Assuming you have a ContextLoaderListener and a DispatcherServlet I really hope you aren't loading things twice! I would expect the AppConfig to be loaded by the dispatcher servlet. Also bean(factory)postprocessor (which is what makes the @Autowire work) work only in the application context which they are defined in.

Some minor tips on your appconfig JstlView is by default for tiles use the TilesViewResolver this saves you a couple of lines .

[TomBlank]

Thanks for the hint! I changed it to TilesViewResolver.

Speaking of the DispatcherServlet and ContextLoaderListener. To be honest, I never understood it 100%. If you could take a look on my web.xml, that would be great.

PHP Code:

<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
    
    <display-name>gwitty</display-name>
    
    
    <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    </listener>
    
    <listener>
        <listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
    </listener>
    
    <context-param>
        <param-name>webAppRootKey</param-name>
        <param-value>company.root</param-value>
    </context-param>
  
    <context-param>
        <param-name>log4jConfigLocation</param-name>
        <param-value>classpath:log4j.xml</param-value>
    </context-param>
    
    <context-param>
        <param-name>log4jExposeWebAppRoot</param-name>
        <param-value>false</param-value>
    </context-param>
    
    <context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>/WEB-INF/spring/*.xml</param-value>
    </context-param>
    
    
    <!-- Reads request input using UTF-8 encoding -->
    <filter>
        <filter-name>characterEncodingFilter</filter-name>
        <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
        <init-param>
            <param-name>encoding</param-name>
            <param-value>UTF-8</param-value>
        </init-param>
        <init-param>
            <param-name>forceEncoding</param-name>
            <param-value>true</param-value>
        </init-param>
    </filter>
    
    
    <filter>
        <filter-name>UrlRewriteFilter</filter-name>
        <filter-class>org.tuckey.web.filters.urlrewrite.UrlRewriteFilter</filter-class>
    </filter>
 

    <filter>
        <filter-name>hibernateFilter</filter-name>
        <filter-class>org.springframework.orm.hibernate3.support.OpenSessionInViewFilter</filter-class>
        <init-param>
            <param-name>singleSession</param-name>
            <param-value>true</param-value>
        </init-param>
    </filter>
    
    
    <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>

    <filter-mapping>
      <filter-name>springSecurityFilterChain</filter-name>
      <url-pattern>/*</url-pattern>
    </filter-mapping>
    
    
    <filter-mapping>
        <filter-name>hibernateFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

    <filter-mapping>
        <filter-name>characterEncodingFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

    <filter-mapping>
        <filter-name>UrlRewriteFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>    
    
    
    
    
    <servlet>
        <servlet-name>spring</servlet-name>
        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
        <init-param>
            <param-name>contextConfigLocation</param-name>
            <param-value></param-value>
        </init-param>
        <load-on-startup>1</load-on-startup>
    </servlet>
    
    <!-- H2 Database Console for managing the app's database -->
    <servlet>
        <servlet-name>H2Console</servlet-name>
        <servlet-class>org.h2.server.web.WebServlet</servlet-class>
        <init-param>
            <param-name>-webAllowOthers</param-name>
            <param-value>true</param-value>
        </init-param>
        <load-on-startup>2</load-on-startup>
    </servlet>


    <servlet-mapping>
        <servlet-name>spring</servlet-name>
        <url-pattern>/home/*</url-pattern>
    </servlet-mapping>
    
    <servlet-mapping>
        <servlet-name>spring</servlet-name>
        <url-pattern>/</url-pattern>
    </servlet-mapping>
    
    <error-page>
        <error-code>404</error-code>
        <location>/404</location>
    </error-page>

    
    <!-- Default page to serve -->
    <welcome-file-list>
        <welcome-file>/welcome</welcome-file>
    </welcome-file-list>
 
</web-app> 


[Marten Deinum]

Well judging by your configuration all is loaded by the ContextLoaderListener, your DispatcherServlet doesn't load anything (empty contextConfigLocation initialization parameter).

However that should also make your configuration work. Can you zip all configuration related files (java, xml and web.xml) that might help clarifying things.