Disabling Spring Security leads to Failed to load application context - spring-boot

I am disabling Spring Security for the test profile as below:
spring:
config:
activate:
on-profile: test
autoconfigure:
exclude[0]: org.springframework.boot.actuate.autoconfigure.security.reactive.ReactiveManagementWebSecurityAutoConfiguration
exclude[1]: org.springframework.boot.autoconfigure.security.reactive.ReactiveSecurityAutoConfiguration
Error:
Failed to load ApplicationContext
java.lang.IllegalStateException: Failed to load ApplicationContext
Caused by: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'springSecurityFilterChain' defined in class path resource [org/springframework/boot/autoconfigure/security/oauth2/client/reactive/ReactiveOAuth2ClientConfigurations$ReactiveOAuth2ClientConfiguration$SecurityWebFilterChainConfiguration.class]: Unsatisfied dependency expressed through method 'springSecurityFilterChain' parameter 0; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No qualifying bean of type 'org.springframework.security.config.web.server.ServerHttpSecurity' available: expected at least 1 bean which qualifies as autowire candidate. Dependency annotations: {}

A small clarification that you are not disabling Spring Security, you are disabling the Spring Boot auto-configuration of Spring Security. You can read more about that in the Spring Boot reference documentation.
In your configuration you are disabling the ReactiveSecurityAutoConfiguration, but the ReactiveOAuth2ClientAutoConfiguration is still enabled, presumably because you have a dependency such as spring-boot-starter-oauth2-client.
As described in the error message, the ReactiveOAuth2ClientAutoConfiguration is attempting to create a SecurityWebFilterChain bean, but cannot inject the required ServerHttpSecurity bean, because the ReactiveSecurityAutoConfiguration is disabled.
To fix the error message, you can disable the OAuth 2.0 client auto-configuration as well.
spring:
autoconfigure:
exclude[0]: org.springframework.boot.actuate.autoconfigure.security.reactive.ReactiveManagementWebSecurityAutoConfiguration
exclude[1]: org.springframework.boot.autoconfigure.security.reactive.ReactiveSecurityAutoConfiguration
exclude[2]: org.springframework.boot.autoconfigure.security.oauth2.client.reactive.ReactiveOAuth2ClientAutoConfiguration

I am using the okta-spring-boot-starter and this worked for me:
spring:
autoconfigure:
exclude:
- org.springframework.boot.autoconfigure.security.oauth2.client.reactive.ReactiveOAuth2ClientAutoConfiguration
- org.springframework.boot.autoconfigure.security.oauth2.resource.reactive.ReactiveOAuth2ResourceServerAutoConfiguration
- org.springframework.boot.autoconfigure.security.reactive.ReactiveSecurityAutoConfiguration

Related

Spring Cloud Config Server with GIT Repo configured is not starting up successfully

I am building Spring Cloud Config server with Sprint Boot v2.6.12 and Spring Cloud Config Server v3.1.1. Below is the application.yml configuration,
spring:
application:
name: config-server
main:
allow-bean-definition-overriding: true
cloud:
config:
server:
git:
uri: git#github.aus.thenational.com:demo/case_configuration.git
skip-ssl-validation: true
default-label: master
clone-on-start: true
clone-submodules: true
force-pull: true
refresh-rate: 60
search-paths:
- case/folder1
- case/folder2
Exception we are getting while server startup is as below,
2022-12-21 09:51:10.827 WARN 11524 --- [main] [CID:] ConfigServletWebServerApplicationContext : Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'healthContributorRegistry' defined in class path resource [org/springframework/boot/actuate/autoconfigure/health/HealthEndpointConfiguration.class]: Unsatisfied dependency expressed through method 'healthContributorRegistry' parameter 2; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'configServerHealthIndicator' defined in class path resource [org/springframework/cloud/config/server/config/EnvironmentRepositoryConfiguration$ConfigServerActuatorConfiguration.class]: Unsatisfied dependency expressed through method 'configServerHealthIndicator' parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'searchPathCompositeEnvironmentRepository' defined in class path resource [org/springframework/cloud/config/server/config/CompositeConfiguration.class]: Unsatisfied dependency expressed through method 'searchPathCompositeEnvironmentRepository' parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'defaultEnvironmentRepository' defined in class path resource [org/springframework/cloud/config/server/config/DefaultRepositoryConfiguration.class]: Unsatisfied dependency expressed through method 'defaultEnvironmentRepository' parameter 1; nested exception is org.springframework.beans.factory.BeanNotOfRequiredTypeException: Bean named 'multipleJGitEnvironmentProperties' is expected to be of type 'org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties' but was actually of type 'com.sun.proxy.$Proxy140'
***************************
APPLICATION FAILED TO START
***************************
Description:
The bean 'multipleJGitEnvironmentProperties' could not be injected because it is a JDK dynamic proxy
The bean is of type 'com.sun.proxy.$Proxy140' and implements:
org.springframework.cloud.config.server.support.HttpEnvironmentRepositoryProperties
org.springframework.cloud.config.server.support.EnvironmentRepositoryProperties
org.springframework.aop.SpringProxy
org.springframework.aop.framework.Advised
org.springframework.core.DecoratingProxy
Expected a bean of type 'org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties' which implements:
Action:
Consider injecting the bean as one of its interfaces or forcing the use of CGLib-based proxies by setting proxyTargetClass=true on #EnableAsync and/or #EnableCaching.
I tried configuring http and https proxy settings along with other GIT configurations. But that didnt work.
Expectation is, config server should be up successfully.
Tried to solve the issue by configuring spring AOP related configurations in application.yml , but that didnt work too.
Seems like something something to do with libraries versions.

Vault Integration with Spring boot using APPROLE pull method

I'm new to the Vault. I'm trying to integrate Vault with spring boot using APPROLE as the authentication method. My configuration of bootstrap.yml is as follows:
spring:
application:
name: <application-name>
cloud:
vault:
host: <host-url>
scheme : https
port: <port>
kv-version: 2
namespace: <namespace-name>
authentication: APPROLE
app-role:
role-id: <role-id>
role: <role-name>
app-role-path: <path>
when I'm running using this configuration. I'm getting error
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'vaultTemplate' defined in class path resource [org/springframework/cloud/vault/config/VaultAutoConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.vault.core.VaultTemplate]: Factory method 'vaultTemplate' threw exception; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'vaultSessionManager' defined in class path resource [org/springframework/cloud/vault/config/VaultAutoConfiguration.class]: Unsatisfied dependency expressed through method 'vaultSessionManager' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'clientAuthentication' defined in class path resource [org/springframework/cloud/vault/config/VaultAutoConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.vault.authentication.ClientAuthentication]: Factory method 'clientAuthentication' threw exception; nested exception is java.lang.IllegalArgumentException: Token (spring.cloud.vault.token) must not be empty
I'm wondering why it's asking for TOKEN if I used the authentication method as APPROLE.
Also, is it possible to use full pull mode for APPROLE authentication since secret-id is of dynamic nature and can't be stored in the configuration file?
The sample yaml for spring cloud configuration using APPROLE authentication is described below. There are a few things that are misspelled in the config you have mentioned
cloud:
vault:
uri: https:<vault-uri>
authentication: APPROLE
app-role:
roleId: <roleId>
secretId: <secretId>

How to use the default keycloak.json instead of spring properties

I was following this example to set up keycloak with springboot
https://www.baeldung.com/spring-boot-keycloak
I have used the bellow bean so I can use spring boot properties file.
which all worked fine.
But if I wanted to use the Keycloak.json file instead of spring boot properties, what I did was commented out the KeycloakSpringBootConfigResolver been and included the keycloak.json file in resources/WEB-INF/keycloak.json. but I keep getting the following error.
am I missing something? how do I use the keycloak.json file and where should this file go? or is there some configuration I missed? all the examples show using spring properties and not json file. Any ideas? or if you could point me to an example that uses the default keycloak.json
Initialization of bean failed; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.keycloak.adapters.springboot.KeycloakAutoConfiguration': Unsatisfied dependency expressed through method 'setKeycloakSpringBootProperties' parameter 1; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No qualifying bean of type 'org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver' available: expected at least 1 bean which qualifies as autowire candidate. Dependency annotations: {}
#Bean
public KeycloakSpringBootConfigResolver KeycloakConfigResolver() {
return new KeycloakSpringBootConfigResolver();
}
Add this to your configuration file:
keycloak:
configurationFile: "classpath:keycloak.json"
Put the keycloak.json directly into the resources directory.
Use only keycloak adapter as dependency: org.keycloak:keycloak-spring-security-adapter

Integration Test Started failing post Spring boot 2.2.0 upgrade with Swagger latest version 2.9.2 & HATEOS

Integration Test Started failing post Spring boot 2.2.0 upgrade with Swagger latest version 2.9.2 & HATEOS
java.lang.IllegalStateException: Failed to load ApplicationContext
Caused by: org.springframework.beans.factory.UnsatisfiedDependencyException:
Error creating bean with name 'linkDiscoverers'
defined in class path resource [org/springframework/hateoas/config/HateoasConfiguration.class]:
Unsatisfied dependency expressed through method 'linkDiscoverers' parameter 0;
nested exception is org.springframework.beans.factory.NoUniqueBeanDefinitionException:
No qualifying bean of type 'org.springframework.plugin.core.PluginRegistry<org.springframework.hateoas.client.LinkDiscoverer,
org.springframework.http.MediaType>' available: expected single matching bean but
found 3: relProviderPluginRegistry,linkDiscovererRegistry,entityLinksPluginRegistry
Caused by: org.springframework.beans.factory.NoUniqueBeanDefinitionException:
No qualifying bean of type 'org.springframework.plugin.core.PluginRegistry<org.springframework.hateoas.client.LinkDiscoverer,
org.springframework.http.MediaType>' available: expected single matching bean but found 3:
relProviderPluginRegistry,linkDiscovererRegistry,entityLinksPluginRegistry
The issue with springfox may take while to resolve issue but there is alternative available with latest swagger v3 have similar capabilities of springfox
https://github.com/springdoc/springdoc-openapi.git
Only disabled the SpringFox dependencies, added SpringDoc, and replaced the SpringFox bean, with a SpringDoc bean. Everything is working as expected. All I need to do is to convert a couple of annotations on each rest service so SpringDoc displays everything correctly. SpringDoc does work
I used this and it works for me
<dependency>
<groupId>org.springframework.plugin</groupId>
<artifactId>spring-plugin-core</artifactId>
<version>2.0.0.RELEASE</version>
</dependency

spring boot to Tomcat deployment data source issue

I am building an application with Spring Boot, Neo4j and MongoDB. I have used #Configuration annotation to load database properties from application.properties like this:
#Bean(name = "neoDriver")
#Profile("local")
public Driver getNeoDriver() {
return GraphDatabase.driver(
env.getProperty("datasource.neo4j.uri"),
AuthTokens.basic(env.getProperty("datasource.neo4j.username"), env.getProperty("datasource.neo4j.password")),
Config.build().toConfig());
}
The autowire code is
#Autowired
#Qualifier("neoDriver")
private Driver neoDriver;
when I run the application from IntelliJ, it runs fine; but when I try deploy the war file on Tomcat 8.5, it gives error.
Field neoDriver in com......repository.PositionRepositoryImpl required a bean of type 'org.neo4j.driver.v1.Driver' that could not be found.
Caused by:
org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'Controller': Unsatisfied dependency expressed through field 'positionService'; nested exception is
org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'Service': Unsatisfied dependency expressed through field 'positionRepository'; nested exception is
org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'RepositoryImpl': Unsatisfied dependency expressed through field 'neoDriver'; nested exception is
org.springframework.beans.factory.NoSuchBeanDefinitionException: No qualifying bean of type 'org.neo4j.driver.v1.Driver' available: expected at least 1 bean which qualifies as autowire candidate. Dependency annotations:
{#org.springframework.beans.factory.annotation.Autowired(required=true), #org.springframework.beans.factory.annotation.Qualifier(value=neoDriver)}
Please let me know what did I do wrong when deploying this on Tomcat.
I bet you're not setting spring.profiles.active to local in your Tomcat deployment. Because your bean is marked with the #Profile annotation, so it will only be created if that profile is active.

Resources