6

I have some issues with Spring security authentication. Everywhere in my application everything works great (CRUD operations work well), but login attempt fails.

Here's my code (I marked below with comments where userDAO is null which is cause of failed authentication):

@Service
public class UserServiceImpl implements UserService, UserDetailsService {

    @Autowired
    UserDAO userDAO;

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        User user = userDAO.getUserByUsername(username); //userDAO == null Causing NPE
        if (user == null)
            throw new UsernameNotFoundException("Oops!");

        List<SimpleGrantedAuthority> authorities = Arrays.asList(new SimpleGrantedAuthority(user.getRole()));

        return new org.springframework.security.core.userdetails
                .User(user.getLogin(), user.getPassword(), authorities);
    }

@Override
    public List<User> getUsers() {
        return userDAO.getUsers();//userDAO !=null
    }
//rest of code skipped

My SecurityConfig looks like this

@Configuration
@EnableWebMvcSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {

 UserServiceImpl userService = new UserServiceImpl();

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userService);
    }
//rest of code skipped

I marked where i get NPE and i have no idea how to solve this. Whole Configuration is JavaBased and you can check it out out here for more details HERE

EDIT: getUsers() is invoked this way in controller:

@Controller
public class LoginController {
    @Autowired
    UserService userService;

 @RequestMapping(value = "/dashboard")
    public ModelAndView userDashboard(){
        ModelAndView modelAndView = new ModelAndView("Dashboard");
        List<User> userList = userService.getUsers();
        modelAndView.addObject("users", userList);
        return modelAndView;
    }

And in this case (when invoking userService.getUsers()) userDAO is not null

Tried to fix it like Bohuslav Burghardt suggested and i got

 method userDetailsService in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder cannot be applied to given types;
  required: T
  found: com.gi.service.UserService
  reason: inferred type does not conform to upper bound(s)
    inferred: com.gi.service.UserService
    upper bound(s): org.springframework.security.core.userdetails.UserDetailsService

in line auth.userDetailsService(userService);

dawidklos
  • 902
  • 1
  • 9
  • 32

2 Answers2

7

This is the part that is incorrect:

UserServiceImpl userService = new UserServiceImpl();

When you instantiate the service yourself, its autowired dependencies will always be null. You must let the Spring container instantiate it (already done by marking the service with @Service) and then inject it in your security configuration class like this:

public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Autowired
    private UserDetailsService userService;
}
Bohuslav Burghardt
  • 33,626
  • 7
  • 114
  • 109
  • When I tried to fix it your way it showed Error:(24, 13) java: method userDetailsService in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder cannot be applied to given types; required: T found: com.gi.service.UserService reason: inferred type does not conform to upper bound(s) inferred: com.gi.service.UserService upper bound(s): org.springframework.security.core.userdetails.UserDetailsService – dawidklos Mar 29 '15 at 22:50
  • 1
    @d__k You can fix it in one of three ways: 1) Autowire the service as private UserDetailsService userService, 2) make your UserService interface extend the UserDetailsService interface and then have your implementation classs implement just UserService or 3) Cast UserService to UserDetailsService in the configuration class – Bohuslav Burghardt Mar 29 '15 at 22:55
  • Tried both ways and got: ` No qualifying bean of type [com.gi.service.UserService] found for dependency: expected at least 1 bean which qualifies as autowire candidate for this dependency.` – dawidklos Mar 29 '15 at 22:59
  • you can always check out my code on github for wide perspective – dawidklos Mar 29 '15 at 23:10
3

Problem solved with this piece of code from Bohuslav

public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Autowired
    private UserService userService;
}

Also missing 

@ComponentScan("com.gi")

before 

public class SecurityConfig extends WebSecurityConfigurerAdapter {

lack of which caused 

Error:(24, 13) java: method userDetailsService in class org.springframework.security.config.annotation.authentication.builders.Authentic‌​ationManagerBuilder cannot be applied to given types; required: T found: com.gi.service.UserService reason: inferred type does not conform to upper bound(s) inferred: com.gi.service.UserService upper bound(s): org.springframework.security.core.userdetails.UserDetailsService
dawidklos
  • 902
  • 1
  • 9
  • 32