No bean named 'filterChainProxy' is defined

[tdgOrd]

Hi,

I've been trying to get Spring Security to work in my web application. Unfortunately no luck so far.

First of all my config:

web.xml

Code:

    <context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>
            WEB-INF/security-context.xml
        </param-value>
    </context-param>

    <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    </listener>

    <filter>
        <filter-name>filterChainProxy</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>

    <filter-mapping>
        <filter-name>filterChainProxy</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

security-context.xml

Code:

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:security="http://www.springframework.org/schema/security"
       xsi:schemaLocation="http://www.springframework.org/schema/beans
       http://www.springframework.org/schema/beans/spring-beans.xsd
       http://www.springframework.org/schema/security
       http://www.springframework.org/schema/security/spring-security.xsd">

    <security:http auto-config="true"  >
        <security:form-login login-page="/login.html" default-target-url="/user/welcome.html"/>
    </security:http>

    <security:authentication-manager>
        <security:authentication-provider>
            <security:user-service id="userDetailsService">
                <security:user password="password" name="username" authorities="ROLE_USER" />
            </security:user-service>
        </security:authentication-provider>
    </security:authentication-manager>
</beans>

dispatcher-servlet.xml

Code:

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
       xmlns:security="http://www.springframework.org/schema/security"
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.4.xsd">

    <context:component-scan base-package="be.test.social.controller,
        be.test.social.service,
        be.test.social.dao"/>
    <context:annotation-config/>

    <security:global-method-security secured-annotations="enabled"/>

    <bean id="viewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver">
        <property name="order" value="1" />
    </bean>

    <!--<import resource="social-security.xml"/>-->
</beans>

I always get the same error when I start tomcat:

Code:

SEVERE: Exception starting filter filterChainProxy
org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'filterChainProxy' is defined

I'm using Tomcat7, Spring 3.1.0 and Spring Security 3.1.0

Any help is appreciated

Regards,
Tim

[Rob Winch]

See http://static.springsource.org/sprin...etting-started

[tdgOrd]

Erm, thx..
I still have no idea what I did wrong, but throwing away my entire config and starting from scratch seems to have done the trick...

[Rob Winch]

I think you may have gotten one of the problems that you have been looking at too long. I know we can all get those, so let me see if I can highlight the problem which was explained in the link I provided

This provides a hook into the Spring Security web infrastructure. DelegatingFilterProxy is a Spring Framework class which delegates to a filter implementation which is defined as a Spring bean in your application context. In this case, the bean is named “springSecurityFilterChain”, which is an internal infrastructure bean created by the namespace to handle web security. Note that you should not use this bean name yourself. Once you've added this to your web.xml, you're ready to start editing your application context file. Web security services are configured using the <http> element.

In short, Spring Security's <http> element creates a bean by the name of springSecurityFilterChain that does a lot of the work for you. The problem was that the web.xml was referring to filterChainProxy instead of springSecurityFilterChain. Since it was the wrong filter name, the DelegatingFilterProxy could not find the bean that does all the work. When you change the name of the filter to springSecurityFilterChain, Spring looks up that bean and delegates all the work to it. This is why you saw the message "No bean named 'filterChainProxy' is defined" (Spring was looking for the bean by the incorrect name defined in the web.xml).

PS: Sorry for the indirect answer previously, but I often try to guide users to where answers can be found rather than give answers. This usually benefits everyone a bit more so that they can find the answer rather than relying on the forums to figure it out.

HTH,

[tdgOrd]

Thanks for the explanation! I kinda figured out that was your intention

I've now also figured out the cause of the problem: I'm using JetBrains IntelliJ and hadn't configured Spring Security yet. IntelliJ displayed a nice helpful bar at the top of the file telling me as much and offered to add the security filter. Doing so causes the DelegatingFilterProxy to be created with the name filterChainProxy.

The one bit of information I missed/misinterpreted/overlooked (both in the link above as well as in the other places I looked) is the fact that the <security:http> tag generates a bean with the specific name "springSecurityFilterChain"

Regards,
Tim.