I try to add spring security oauth2 capabilities but getting an error

Development
1

Dear all, I am trying to add spring security oauth2 functionality within a new module. The aim is to authenticate users throught oauth2 external provider. For that, I added these codes in webModule ApplicationContext.xml :`<?xml version="1.0" encoding="UTF-8"?> 

<context:component-scan
	base-package="org.openmrs.module.oauth2login.web.controller" />
<mvc:annotation-driven />

<oauth:client id="oauth2ClientContextFilter" />

<oauth:resource id="sampleResource"
	type="authorization_code" client-id="vanilla"
	client-secret="25e6b209-9565-4648-b387-75b9e5dfd750"
	access-token-uri="${accessTokenUri}"
	user-authorization-uri="${userAuthorizationUri}" />

<security:http auto-config="true" use-expressions="true">
	<!-- <sec:intercept-url pattern="/use**" access="USER" /> -->
	<!-- <security:intercept-url pattern="/userinfo**" access="hasRole('user')" 
		/> -->
	<security:intercept-url pattern="/**"
		access="permitAll" />

	<!-- <security:form-login default-target-url="/index" /> -->
	<security:logout logout-success-url="/"
		logout-url="/logout.do" invalidate-session="true" />

	<security:custom-filter
		ref="oauth2ClientContextFilter" after="EXCEPTION_TRANSLATION_FILTER" />
</security:http>

<security:authentication-manager>
	<security:authentication-provider>
		<security:user-service>
			<security:user name="user" password="user"
				authorities="user" />
		</security:user-service>
	</security:authentication-provider>
</security:authentication-manager>
<context:property-placeholder
	location="classpath:/oauth2.properties" />

<bean id="oauth2loginController"
	class="org.openmrs.module.oauth2login.web.controller.Oauth2loginController">
	<property name="restTemplate">
		<oauth:rest-template resource="sampleResource" />
	</property>
</bean>
<bean
	class="org.openmrs.ui.framework.StandardModuleUiConfiguration">
	<property name="moduleId"
		value="${project.parent.artifactId}" />
</bean>
`

However, when I run the the server I got this error : ERROR - Listener.performWebStartOfModules(669) |2019-02-26 17:41:24,315| Unable to refresh the spring application context. Root Cause was: org.springframework.beans.FatalBeanException: Class [org.springframework.context.config.ContextNamespaceHandler] for namespace [http:/ /www.springframework.org/schema/context] does not implement the [org.springframework.beans.factory.xml.NamespaceHandler] interface at org.springframework.beans.factory.xml.DefaultNamespaceHandlerResolver.resolve(DefaultNamespaceHandlerResolver.java:128) at org.springframework.beans.factory.xml.BeanDefinitionParserDelegate.parseCustomElement(BeanDefinitionParserDelegate.java:1422) at org.springframework.beans.factory.xml.BeanDefinitionParserDelegate.parseCustomElement(BeanDefinitionParserDelegate.java:1417) at org.springframework.beans.factory.xml.DefaultBeanDefinitionDocumentReader.parseBeanDefinitions(DefaultBeanDefinitionDocumentReader .java:174) at org.springframework.beans.factory.xml.DefaultBeanDefinitionDocumentReader.doRegisterBeanDefinitions(DefaultBeanDefinitionDocumentR eader.java:144) at org.springframework.beans.factory.xml.DefaultBeanDefinitionDocumentReader.registerBeanDefinitions(DefaultBeanDefinitionDocumentRea der.java:100) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.registerBeanDefinitions(XmlBeanDefinitionReader.java:510) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:392) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:336) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:304) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:181) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:217) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:188) at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:125) at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:94) at org.springframework.context.support.AbstractRefreshableApplicationContext.refreshBeanFactory(AbstractRefreshableApplicationContext .java:129) at org.springframework.context.support.AbstractApplicationContext.obtainFreshBeanFactory(AbstractApplicationContext.java:537) at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:452) at org.openmrs.module.ModuleUtil.refreshApplicationContext(ModuleUtil.java:894) at org.openmrs.module.web.WebModuleUtil.refreshWAC(WebModuleUtil.java:866) at org.openmrs.web.Listener.performWebStartOfModules(Listener.java:656) at org.openmrs.web.Listener.performWebStartOfModules(Listener.java:635) at org.openmrs.web.Listener.startOpenmrs(Listener.java:266) at org.openmrs.web.WebDaemon$1.run(WebDaemon.java:42) WARN - Listener.performWebStartOfModules(698) |2019-02-26 17:41:24,330|

If I put the exact same codes in openmrs-servlet.xml in the openmrscore, it works.

Do you have any idea ? @mksd

Many Thanks. Amine

2

Can we have a look at the maven dependencies in your pom.xml files?

1 Like
3

@amine my understanding is that things works well until you move some (new) Maven dependencies from a modified Core in development to you custom module (also in development). It would be interesting to see which new dependencies you brought in as @dkayiwa asked.

Anyway Googling around suggests a couple of solutions:

Ref #1 here, search for David H Nebinger’s answer.

check the namespace definitions in your bean xml files, make sure they’re all in sync and all use the version of spring that you’re using.

Ref #2 here.

I suspect you have two copies of Spring on your classpath. The classloader is getting conflicts between them. Track them down, and remove one of them.

Let me know if the above helps.

1 Like
4

You are right, it was a dependencies problem. When I added oauth2 library it comes with others spring librairies which are already included in the core. To resolve the problem I added many exclusions: > 

        <dependency>
            <groupId>org.springframework.security.oauth</groupId>
            <artifactId>spring-security-oauth2</artifactId>
            <version>2.3.5.RELEASE</version>
            <exclusions>
                <exclusion>
                    <groupId>org.springframework</groupId>
                    <artifactId>spring-aop</artifactId>
                </exclusion>
                <exclusion>
                    <groupId>org.springframework</groupId>
                    <artifactId>spring-beans</artifactId>
                </exclusion>
                <exclusion>
                    <groupId>org.springframework</groupId>
                    <artifactId>spring-context</artifactId>
                </exclusion>
                <exclusion>
                    <groupId>org.springframework</groupId>
                    <artifactId>spring-core</artifactId>
                </exclusion>
                <exclusion>
                    <groupId>org.springframework</groupId>
                    <artifactId>spring-tx</artifactId>
                </exclusion>
                <exclusion>
                    <groupId>org.springframework</groupId>
                    <artifactId>spring-web</artifactId>
                </exclusion>
                <exclusion>
                    <groupId>org.springframework</groupId>
                    <artifactId>spring-webmvc</artifactId>
                </exclusion>
                <exclusion>
                    <groupId>org.codehaus.jackson</groupId>
                    <artifactId>jackson-core-asl</artifactId>
                </exclusion>
                <exclusion>
                    <groupId>org.codehaus.jackson</groupId>
                    <artifactId>jackson-mapper-asl</artifactId>
                </exclusion>
                <exclusion>
                    <groupId>aopalliance</groupId>
                    <artifactId>aopalliance</artifactId>
                </exclusion>
            </exclusions>
        </dependency>
        <!--End spring-security-oauth2-->

I found that within another module called openmrs-module-oauth2 and it worked for me.

Thanks again to you all. amine

1 Like