Maven cannot compile Spring Security demo project - maven

I have a Maven demo project for which I use some Spring Security features.
I could import the project fine into Eclipse STS and the editor shows no error related to dependencies.
But a Maven command to compile on the command line fails.
I get the following errors:
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-compiler-plugin:3.1:compile (default-compile) on project learnintouch-web: Compilation failure: Compilation failure:
[ERROR] /home/stephane/dev/java/projects/learnintouch-web/src/main/java/com/thalasoft/learnintouch/web/config/WebSecurityConfiguration.java:[7,78] package org.springframework.security.config.annotation.authentication.builders does not exist
[ERROR] /home/stephane/dev/java/projects/learnintouch-web/src/main/java/com/thalasoft/learnintouch/web/config/WebSecurityConfiguration.java:[8,67] package org.springframework.security.config.annotation.web.builders does not exist
[ERROR] /home/stephane/dev/java/projects/learnintouch-web/src/main/java/com/thalasoft/learnintouch/web/config/WebSecurityConfiguration.java:[9,72] package org.springframework.security.config.annotation.web.configuration does not exist
[ERROR] /home/stephane/dev/java/projects/learnintouch-web/src/main/java/com/thalasoft/learnintouch/web/config/WebSecurityConfiguration.java:[10,72] package org.springframework.security.config.annotation.web.configuration does not exist
[ERROR] /home/stephane/dev/java/projects/learnintouch-web/src/main/java/com/thalasoft/learnintouch/web/config/WebSecurityConfiguration.java:[19,47] cannot find symbol
[ERROR] symbol: class WebSecurityConfigurerAdapter
[ERROR] /home/stephane/dev/java/projects/learnintouch-web/src/main/java/com/thalasoft/learnintouch/web/config/WebSecurityConfiguration.java:[15,2] cannot find symbol
[ERROR] symbol: class EnableWebSecurity
[ERROR] /home/stephane/dev/java/projects/learnintouch-web/src/main/java/com/thalasoft/learnintouch/web/config/WebSecurityConfiguration.java:[25,34] cannot find symbol
[ERROR] symbol: class AuthenticationManagerBuilder
[ERROR] location: class com.thalasoft.learnintouch.web.config.WebSecurityConfiguration
[ERROR] /home/stephane/dev/java/projects/learnintouch-web/src/main/java/com/thalasoft/learnintouch/web/config/WebSecurityConfiguration.java:[24,9] method does not override or implement a method from a supertype
Here is in the pom.xml the Spring Security dependencies:
<org.springframework.security.version>3.2.4.RELEASE</org.springframework.security.version>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>${org.springframework.security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>${org.springframework.security.version}</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>${org.springframework.security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
<version>${org.springframework.security.version}</version>
</dependency>

I resolved this by removing this line from pom.xml on the spring-security-config artifact:
<scope>runtime</scope>

You need to add spring security library manually.
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>3.2.4.RELEASE</version>
</dependency>

I could solve this by adding the latest possible compatible versions of springframework.version and springsecurity.version.
Ex:
<properties>
<springframework.version>5.1.1.RELEASE</springframework.version>
<springsecurity.version>5.1.1.RELEASE</springsecurity.version>
</properties>
Also in the dependencies, I added the below:
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>5.1.1.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>5.1.1.RELEASE</version>
</dependency>
Now it worked fine.

I overhauled the dependencies and the build now passes. There was some conflict between Spring dependencies.

I ran into the same issue going through some Spring Security tutorials. This is due to versioning conflicts.
Update your POM to remove the version info for all the Spring dependencies. Then throw in the spring-framework-bom to handle your versioning and it should work.
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-framework-bom</artifactId>
<version>4.0.0.RELEASE</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>

in my case this error was caused by version conflict
had java 8 maven app , changed version to java7 and made mvn eclipse:eclipse
from cmd it was running but from eclipse giving error:
WebSecurityConfigurerAdapter cannot be resolved to a type
after project was showing all jars and work was not easy
security jars were not shown
was giving error : WebSecurityConfigurerAdapter cannot be resolved to a type
right click
from menu choose: configure -> convert to maven project
after right click project and choose properties->java build path :
check for java version ,remove incorrect java version
with button [add library] change to ide's java version
still in properties window choose: java compiler
compiler compliance level group
change to ide's java version
where it is showing incorrect version
that is it

It seems version conflict problem.
I faced same problem and could solve it by changing spring-security version from 3.1.7 to 3.2.4.
Hope it may help someone.

If you have spring boo project add following dependency ,Seems like Spring security jar is missing
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-devtools</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
</dependency>

Related

Why is IntelliJ adding wrong maven dependency in my Spring Boot project?

When I click the import maven dependency in the pop up shown at RequestMapping, intellij adds
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>5.1.10.RELEASE</version>
</dependency>
But it should add this.
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
How can I resolve this? I have auto-import enabled for maven and I have tried both the maven bundled version with IntelliJ and the manually downloaded version.
Changing the dependency manually makes the program run correctly.
Open pom.xml
Remove the below dependency :
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>5.1.10.RELEASE</version>
</dependency>
and add this :
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>

Errors caused by not having declared a dependency

Has anyone successfully got Spring Boot, Spring Data Elasticsearch, and Elasticsearch 5.x to work?
I updated my pom to use spring-data-elasticsearch 3.0.0.RELEASE (just released) which has commit notes in Github saying it supports ES 5.
I was getting some errors which were caused by not having declared a dependency on spring-data-common. After adding without a version, I noticed it was being managed by Spring Boot apparently and pulls in 1.13.7.RELEASE
This causes: java.lang.NoClassDefFoundError: org/springframework/data/mapping/model/Property
I then bumped up spring-data-common to 2.0.0.RELEASE thinking the newest releases of everything should be compatible. That causes an AbstractMethodError exception when the repository is wired.
Can anyone give any tips? Here are the dependencies from my POM
Managed versions from Parent POM:
<spring-boot.version>1.5.7.RELEASE</spring-boot.version>
<spring-cloud.version>Dalston.RELEASE</spring-cloud.version>
From POM from the child module where things don't work
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-config</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-tomcat</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.data</groupId>
<artifactId>spring-data-commons</artifactId>
<!-- <version>2.0.0.RELEASE</version> -->
</dependency>
<dependency>
<groupId>org.springframework.data</groupId>
<artifactId>spring-data-elasticsearch</artifactId>
<version>3.0.0.RELEASE</version>
</dependency>
<dependency>
<groupId>org.elasticsearch</groupId>
<artifactId>elasticsearch</artifactId>
<version>5.5.0</version>
</dependency>
<dependency>
<groupId>org.elasticsearch.client</groupId>
<artifactId>transport</artifactId>
<version>5.5.0</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
</dependency>
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
</dependency>
</dependencies>
Whomever edited the title made an inaccurate description. As originally stated, the issue is a "dependency hell". There wasn't missing dependencies but rather a ton of transitive dependencies that all needed versions to be coordinated in magic nonobvious/undocumented ways. – JvmSd121
I once migrated the spring-data-elasticsearch (with ES 2.x) project to use ES 5.x.
I lost the source but I still have the jar here
You guys put me on the right track. I upgraded as follows:
Spring Core (and related): 5.0.0.RELEASE
Spring Boot: 2.0.0.M4
Spring Cloud: Finchley.M2
With those in place, the managed versions get updated as follows:
spring-data-commons: 2.0.0.RC3 (from release-train KAY-RC3)
spring-data-elasticsearch: 3.0.0.RC3 (from release-train KAY-RC3)
elasticsearch and transport: 5.5.2 (meets my 5.x requirement)
We had managed versions of Jackson in our parent pom for other child modules which caused incompatible versions to be pulled in. I overrode those in our Spring Boot projects to the version ${jackson.version} defined in Spring as follows:
spring-jackson-version=2.9.1
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
<version>${spring-jackson.version}</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
<version>${spring-jackson.version}</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
<version>${spring-jackson.version}</version>
</dependency>
I'm getting another error from my repo which I think is self-inflicted due to my data model. All the classpath errors seem to have gone away. I'll give another update if I find anything further. What a cf!
Thanks for the tips.

Maven dependency with type = pom

I declare in the parent POM
<dependencyManagement>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>${commons-lang3.version}</version>
<scope>compile</scope>
</dependency>
</dependencyManagement>
Further, the child pom use
<dependencies>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
</dependency>
</dependencies>
All work fine? but when I use such dependency with type = pom
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.jboss.spec</groupId>
<artifactId>jboss-javaee-7.0</artifactId>
<version>${jboss-javaee-7.0.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencyManagement>
I have error
[ERROR] The build could not read 1 project -> [Help 1]
[ERROR]
[ERROR] The project by.services:by.utils:1.0.2 (D:\Work\V2_Change_Maven_Structure\by.utils\pom.xml) has 1 error
[ERROR] 'dependencies.dependency.version' for org.jboss.spec:jboss-javaee-7.0:jar is missing. # line 18, column 21
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
How to declare a dependency in dependencyManagement with type = pom
$ {Jboss-javaee-7.0.version} announced
If I bear jboss-javaee-7.0 in the root, then runs
The clarification here is that when you do not define <type> on your </dependency> within </dependencyManagement> it defults to jar
<dependencyManagement>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>${commons-lang3.version}</version>
<scope>compile</scope>
<type>jar<type> <!--default value-->
</dependency>
</dependencyManagement>
and hence the module uses that jar while using it as
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
</dependency>
The type of dependency. This defaults to jar. While it usually
represents the extension on the filename of the dependency, that is not always the case. A type can be mapped to a different extension and a classifier. The type often corresponds to the packaging used, though this is also not always the case.
Some examples are jar, war, ejb-client and test-jar
New types can be defined by plugins that set extensions to true, so this is not a complete list.
But next when you explicitly declare the parent pom to have the type as
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.jboss.spec</groupId>
<artifactId>jboss-javaee-7.0</artifactId>
<version>${jboss-javaee-7.0.version}</version>
<type>pom</type><!--override the default value-->
<scope>import</scope>
</dependency>
</dependencyManagement>
the child module now either can inherit the dependency with the same <type> as
<dependency>
<groupId>org.jboss.spec</groupId>
<artifactId>jboss-javaee-7.0</artifactId>
<type>pom</type><!--inherited-->
</dependency>
OR if you want to utilize the jar of the project which is a different <type>, you can explicitly mention the dependency as :
<dependency>
<groupId>org.jboss.spec</groupId>
<artifactId>jboss-javaee-7.0</artifactId>
<version>${jboss-javaee-7.0.version}</version>
<type>jar</type> <!--different from parent-->
</dependency>
You are trying to import jboss-javaee-7.0 jar in your child project, there is no such jar, it is of type pom which you already importing in your parent.
You need to import dependencies of jboss-javaee-7.0 in your child project, some thing like.
<dependency>
<groupId>org.jboss.spec.javax.ws.rs</groupId>
<artifactId>jboss-jaxrs-api_2.0_spec</artifactId>
</dependency>
You can get more information about importing dependencies

Junit Test Error: No field 'segmentmask' found in class 'java.util.concurrent.ConcurrentHashMap'

Trying to run an Arquillian test with PowerMockRule in a Maven project to be able to mock static classes.
However, when I'm building the maven project, I get the following error in the test:
Tests in error:
myTest(com.package.myTest): Could not call java.util.concurrent.ConcurrentHashMap.readObject() : No field 'segmentmask' found in class 'java.util.concurrent.ConcurrentHashMap'
I have no idea about the cause of this and how to go about fixing it. Any advice would be appreciated, thank you.
EDIT: Apparently the problem is caused by XStream class loader which is needed in using PowerMockRule. But I haven't found a fix.
This is indeed caused by an x-stream issue (which is fixed in 1.4.8):
http://x-stream.github.io/jira/761/
So if you use maven for dependency managing you might want to do something like this in your dependency management:
<dependency>
<groupId>org.powermock</groupId>
<artifactId>powermock-classloading-xstream</artifactId>
<version>${powermock.version}</version>
<scope>test</scope>
<exclusions>
<exclusion>
<groupId>com.thoughtworks.xstream</groupId>
<artifactId>xstream</artifactId>
</exclusion>
</exclusions>
</dependency>
<!-- Should be removed as soon as xstream is updated in powermock -->
<dependency>
<groupId>com.thoughtworks.xstream</groupId>
<artifactId>xstream</artifactId>
<version>1.4.8</version>
<scope>test</scope>
</dependency>
And then where you use powermock:
<dependency>
<groupId>org.powermock</groupId>
<artifactId>powermock-classloading-xstream</artifactId>
<scope>test</scope>
</dependency>
<!-- Should be removed as soon as powermock has the latest version of xstream -->
<dependency>
<groupId>com.thoughtworks.xstream</groupId>
<artifactId>xstream</artifactId>
<scope>test</scope>
</dependency>
At least, until powermock starts to use the new x-stream version.

Can't find spring class WebSecurityConfigurerAdapter - which jar is it in?

Which jar contains the following Spring class:
org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
spring-security-config-<VERSION>.jar
This should work:
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>version</version>
</dependency>
Previous one is old, use this one
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
It is in Spring-Security-Config jar
For Gradle add the following line in dependencies -
implementation group: 'org.springframework.security', name: 'spring-security-config', version: '5.3.0.RELEASE'
I had the same issue even after adding the spring-security-config. I fixed the problem adding the following dependencies:
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>${spring-security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>${spring-security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>${spring-security.version}</version>
</dependency>
To avoid also getting the "deprecated" warning you can add:
<properties>
<spring-security.version>5.3.4.RELEASE</spring-security.version>
<spring.version>5.2.8.RELEASE</spring.version>
</properties>
Updated Answer for 2022:
WebSecurityConfigurerAdapter has been deprecated in Spring Security 5.7.0-M2 to encourage security configuration in components. The official blog explains how to achieve the same functionality through other alternatives such as SecurityFilterChain.
you can change the project parent version in pom.xml because WebSecurityConfigurerAdapter is a deprecated (from spring boot 2.7.x)
so try to modify :
parent
groupId org.springframework.boot /groupId
artifactId spring-boot-starter-parent /artifactId
version 2.7.5.RELEASE /version
/parent

Resources