profile
viewpoint

Ask questionsMigrating OAuth2 from Spring Boot 1.5 to 2.0 Broken

I am migrating from Spring Boot 1.5 to 2.0. When providing a success handler to HttpSecurity, a ClassNotFoundException is thrown for org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter. Here's a simple way to reproduce:

@Configuration
@EnableOAuth2Sso
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http
                .antMatcher("/**").authorizeRequests()
                .antMatchers("/", "/login**", "/")
                .permitAll()
                .anyRequest()
                .authenticated().and().oauth2Login().successHandler(new SecurityHandler());
    }
}

and SecurityHandler:

@Component
public class SecurityHandler implements AuthenticationSuccessHandler {
    @Override
    public void onAuthenticationSuccess(HttpServletRequest var1, HttpServletResponse var2, Authentication var3) throws IOException, ServletException {
    }
}

Everything works fine until you add the successHandler. At that point, Spring fails to boot due to the class not found:

Caused by: java.lang.ClassNotFoundException: org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter
	at java.net.URLClassLoader.findClass(URLClassLoader.java:381) ~[na:1.8.0_121]
	at java.lang.ClassLoader.loadClass(ClassLoader.java:424) ~[na:1.8.0_121]
	at org.springframework.boot.loader.LaunchedURLClassLoader.loadClass(LaunchedURLClassLoader.java:94) ~[patriotic-web.jar:0.0.1-SNAPSHOT]
	at java.lang.ClassLoader.loadClass(ClassLoader.java:357) ~[na:1.8.0_121]
	... 56 common frames omitted
spring-projects/spring-boot

Answer questions don-prog

@philwebb hi! I faced the same problem. OAuth2 worked fine, but when I added(from this answer):

 http.oauth2Login().failureHandler(new CustomAuthenticationFailureHandler());

then I got ClassNotFoundException. After that I added spring-security-oauth2-client and got

Bean method 'clientRegistrationRepository' not loaded because OAuth2 Clients Configured Condition registered clients is not available

Do I need to add these properties, if I already have oauth_client_details table with my clients in my DB and all worked fine until failureHandler()?

useful!

Related questions

Controller annotated with @Timed and active TimedAspect clashes with WebMvcMetricsFilter hot 2
Actuator: NPE in LongTaskTimingHandlerInterceptor hot 2
spring boot Servlet.service() for servlet [dispatcherServlet] in context with path threw exception hot 2
Classloading problems with Spring Boot, JDK11 and Security Manager hot 1
java.lang.NullPointerException: null occurs in HttpExchangeTracer hot 1
Multiple data source projects cannot be started hot 1
Dependency resolution fails with Gradle 5.3.x to 5.6.x hot 1
get error messag Could not fetch the SequenceInformation from the database, hibernate_sequence doesn't exist hot 1
HttpTraceFilter bean missing hot 1
A java.lang.NoClassDefFoundError: ch/qos/logback/classic/spi/ThrowableProxy was thrown when killing my app hot 1
Source file must be provided failure when running spring-boot:repackage from the command-line hot 1
Issue with spring boot v2.1.2 with DocumentBuilderFactory.setFeature(String) hot 1
ErrorPageFilter ignores REST response in case of Exception hot 1
ConfigurationProperties with constructor binding cannot be mocked hot 1
Improve diagnostics when configuration property scanning and component scanning both create a bean for the same class hot 1
Github User Rank List