SpringSecurity configuration Error "EL1042E:(pos 0): Problem parsing right operand"

[VRB]

Hi
Need help in knowing what's happening behind the secne
I am trying to configure security security 3.1.0 with spring core 3.1.1

I started off with simple configuration
and I am getting error as "Caused by: org.springframework.expression.spel.SpelParseExcep tion: EL1042Epos 0): Problem parsing right operand"

If I remove "<sec:filter-chain-map path-type="ant">
<sec:filter-chain pattern="/**" filters="sif"/>
</sec:filter-chain-map>"
I don't see error

Exception caught while initializing context
org.springframework.beans.factory.BeanCreationExce ption: Error creating bean with name 'filterChainProxy' defined in ServletContext resource [/WEB-INF/applicationContext-security.xml]: Initialization of bean failed; nested exception is org.springframework.expression.spel.SpelParseExcep tion: EL1042Epos 0): Problem parsing right operand
at org.springframework.beans.factory.support.Abstract AutowireCapableBeanFactory.doCreateBean(AbstractAu towireCapableBeanFactory.java:480)
at org.springframework.beans.factory.support.Abstract AutowireCapableBeanFactory$1.run(AbstractAutowireC apableBeanFactory.java:409)
at java.security.AccessController.doPrivileged(Access Controller.java:214)
at org.springframework.beans.factory.support.Abstract AutowireCapableBeanFactory.createBean(AbstractAuto wireCapableBeanFactory.java:380)
at org.springframework.beans.factory.support.Abstract BeanFactory$1.getObject(AbstractBeanFactory.java:2 64)
at org.springframework.beans.factory.support.DefaultS ingletonBeanRegistry.getSingleton(DefaultSingleton BeanRegistry.java:222)
---------------------------------
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:sec="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schem...-beans-3.1.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">

<bean id="filterChainProxy" class="org.springframework.security.web.FilterChai nProxy">
<sec:filter-chain-map path-type="ant">
<sec:filter-chain pattern="/**" filters="sif"/>
</sec:filter-chain-map>
</bean>

<bean id="sif" class="org.springframework.security.web.context.Se curityContextPersistenceFilter"/>

</bean>
----------------------------------------
And in Web.xml

<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/applicationContext-security.xml
</param-value>
</context-param>

<filter>
<filter-name>filterChainProxy</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFil terProxy</filter-class>
</filter>

<filter-mapping>
<filter-name>filterChainProxy</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

<listener>
<listener-class>org.springframework.web.context.ContextLoade rListener</listener-class>
</listener>
-----------------------------------------------

[Rob Winch]

The configuration you posted was invalid XML which resulted in an XML parsing error. I assume this is because this is not exactly the configuration you have. After fixing it, everything ran successfully which makes me think that you have left out some detail that causes your problem.

PS: When posting configuration, logs, code, etc please use the Code tags (i.e. the # button or [ code ] my code [/ code ] with no spaces in code though)

[VRB]

Thanks for the information
Here is the situation
I have 2 web modules in the EAR
1 Module ---> Spring2.5.6 and SpringSecurity 2.0.4
2 Module which is causing the problem --> Spring 3.1.1 and SpringSecurity 3.1.0
If I use filterchain "org.springframework.security.web.FilterChainProxy" I am getting error but not with
org.springframework.security.util.FilterChainProxy
FYI : I am using correct jars

[Rob Winch]

I'm sorry but this is not enough information for me to be of much assistance. Guessing from the error you provided, you should check to make sure that any Spring Expressions you have specified are valid. This includes annotations and your Spring Security xml configuration (if you have use-expressions=true).

[VRB]

Just to give you some info on my application
We have 2 Web Modules in the EAR
Module 1 uses spring 2.5.6 and Spring Security 2.0.4
Module 2 (new) using spring 3.1.1 and spring security 3.1.0

JUST a quick question : Can you we use different version in the modules as I mentioned above in the same EAR ?

Below is the security config for both modules
Web Module 2 - XML

Code:

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:sec="http://www.springframework.org/schema/security"
    xmlns:p="http://www.springframework.org/schema/p"
    xmlns:util="http://www.springframework.org/schema/util"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
    					http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.1.xsd
                        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">

    <bean id="filterChainProxy" class="org.springframework.security.web.FilterChainProxy">
    	<sec:filter-chain-map path-type="ant">
			<sec:filter-chain pattern="/**" filters="securityContext"/>
		</sec:filter-chain-map>
	</bean>
		
	<bean id="securityContext" class="org.springframework.security.web.context.SecurityContextPersistenceFilter"/>
	
</beans>

Web Module 1 - XML (Part)

Code:

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:security="http://www.springframework.org/schema/security"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
                        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.4.xsd">

	<!-- Global filter for Mandates Web application, if you want to add your filter add to the filters below you can also configure url pattern if you need invoke for a specific URL (refer spring doc for more info). -->
    <bean id="filterChainProxy" class="org.springframework.security.util.FilterChainProxy">
        <security:filter-chain-map path-type="ant">
        	<security:filter-chain pattern="/**" filters="httpSessCtxIntFilter,customJ2eePreAuthFilter,execTransFilter,filterSecurityInterceptor,mandatesSecurityFilter"></security:filter-chain>
        </security:filter-chain-map>
    </bean>
    
   <!-- Add your filters here --> 
   <!-- TODO: Delete later This filter may not be needed --> 
   <bean id="mandatesSecurityFilter" class="org.frb.dal.ned.mandates.web.filter.MandatesSecurityFilter" />
   
   <bean id="httpSessCtxIntFilter" class="org.springframework.security.context.HttpSessionContextIntegrationFilter"/>	
   
   <!-- Start Security configuration -->
   	<security:authentication-manager alias="authenticationManager" />

    <bean id="preAuthenticatedAuthenticationProvider" class="org.springframework.security.providers.preauth.PreAuthenticatedAuthenticationProvider">
    	<security:custom-authentication-provider />
        <property name="preAuthenticatedUserDetailsService" ref="preAuthenticatedUserDetailsService"/>
    </bean>
</beans>

[Rob Winch]

JUST a quick question : Can you we use different version in the modules as I mentioned above in the same EAR ?

So long as the jars that are different versions are in the war and not the ear it should work fine.

[VRB]

Thanks Will try that