0

i tried start my spring boot application in debian following:

java -jar my-app-backend-0.0.1-SNAPHOST.jar

and i have error:

o.s.b.web.embedded.tomcat.TomcatStarter : Error starting Tomcat context. Exception: org.springframework.beans.factory.BeanCreationException. Message: Error creating bean with name 'securityConfig': Invocation of init method failed; nested exception is java.io.FileNotFoundException: class path resource [secret.key] cannot be resolved to absolute file path because it does not reside in the file system: jar:file:/home/my-app-backend-0.0.1-SNAPSHOT.jar!/BOOT-INF/classes!/secret.key

What is the problem?

pom.xml

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>

    <groupId>com.findme</groupId>
    <artifactId>my-app-backend</artifactId>
    <version>0.0.1-SNAPSHOT</version>
    <packaging>jar</packaging>

    <name>my-app-backend</name>
    <description>Demo project for Spring Boot</description>

    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>2.0.0.RELEASE</version>
        <relativePath/> <!-- lookup parent from repository -->
    </parent>

    <properties>
        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
        <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
        <java.version>1.8</java.version>
    </properties>

    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-data-jpa</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>

        <dependency>
            <groupId>org.postgresql</groupId>
            <artifactId>postgresql</artifactId>
            <scope>runtime</scope>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>
        <dependency>
            <groupId>com.auth0</groupId>
            <artifactId>java-jwt</artifactId>
            <version>3.2.0</version>
        </dependency>
    </dependencies>

    <build>
        <plugins>
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
            </plugin>
        </plugins>
    </build>


</project>

SecurityConfig.java

package com.findme.myappbackend.security;

import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.core.io.Resource;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

import javax.annotation.PostConstruct;
import java.io.IOException;
import java.nio.file.Files;

@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Value("${jwt.secret}")
    private Resource secretFile;
    private String key;

    @PostConstruct
    public void expandSecret() throws IOException {
        key = new String(Files.readAllBytes(secretFile.getFile().toPath()));
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .cors().and()
                .csrf().disable()
                .authorizeRequests()
                .antMatchers(HttpMethod.POST, "/login").permitAll()
                .anyRequest().authenticated()
                .and()
                .addFilterBefore(jwtAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
    }

    @Bean
    public JwtAuthenticationFilter jwtAuthenticationFilter() {
        return new JwtAuthenticationFilter(key);
    }
}
Bartosz20188
  • 47
  • 1
  • 2
  • 10
  • I think the error message stated pretty clear, this is not a tomcat problem but your package problem. Spring is looking for a file when initializing your `securityConfig` bean but fail to find the resource. – ST. Kee Jun 12 '18 at 07:32
  • I checked maven dependencies and it's good in my opinion. – Bartosz20188 Jun 12 '18 at 08:22
  • I edit post and add pom.xml file – Bartosz20188 Jun 12 '18 at 08:23
  • where do you place your `secret.key` file, i think that is the problem – ST. Kee Jun 12 '18 at 08:41
  • Ok thanks. Could you look on my SecurityConfig.java file ? I added in post. – Bartosz20188 Jun 12 '18 at 08:57
  • Okay, you have `${jwt.secret}` property injected to your `secretFile` object. Which I believe was set to `secret.key` in your properties file. You could try to place your `secret.key` under `src/main/resources/` directory. maven will package resource directory into its classpath. Hope it help :) – ST. Kee Jun 12 '18 at 09:01
  • Thanks. However I I have this file in /src/main/resources/secret.key . – Bartosz20188 Jun 12 '18 at 09:25
  • could you show also the properties file? I don't see a problem in your current setup. It will also help if you extract your jar file and show me the file hierarchy – ST. Kee Jun 12 '18 at 09:29
  • just found [this answer](https://stackoverflow.com/a/25873705/5978100) stated that file reside in jar file should not be access with `resource.getFile()` but using `resource.getInputStream()` do the job – ST. Kee Jun 12 '18 at 09:33
  • application.properties file : `jwt.secret=classpath:secret.key` – Bartosz20188 Jun 12 '18 at 09:43
  • As mention in my last comment, you could try use `getInputStream()` instead, `getFile()` method is not for file reside in jar file. `common-utils` can convert inputStream to byte array – ST. Kee Jun 12 '18 at 09:46

0 Answers0