Bug with Spring Security 3.0.2 x Spring 3.0.1 - Proxies not being created

Question

Friends,

I have lost a few days searching the internet for an answer regarding my problem, and haven't found anything that could actually solve it. I have tried several different configurations, but still, to no avail.

Here's my problem:

I have an application that was working fine until I decided to add Spring Security. After I introduced this component, I've been getting these messages while starting tomcat 6.0.24 :

INFO: Bean 'org.springframework.aop.support.DefaultBeanFactoryPointcutAdvisor#0' is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
Mar 10, 2010 3:46:47 PM org.springframework.context.support.AbstractApplicationContext$BeanPostProcessorChecker postProcessAfterInitialization
INFO: Bean 'org.springframework.security.access.method.DelegatingMethodSecurityMetadataSource#0' is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
Mar 10, 2010 3:46:47 PM org.springframework.context.support.AbstractApplicationContext$BeanPostProcessorChecker postProcessAfterInitialization
INFO: Bean 'org.springframework.security.methodSecurityMetadataSourceAdvisor' is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
Mar 10, 2010 3:46:48 PM org.springframework.beans.factory.support.DefaultListableBeanFactory preInstantiateSingletons

Which I wasn't getting. As a result, now all classes, instead of getting a proxy for the business classes, get a POJO that does not commit transactions. I was using a @PersistenceContext annotation and getting the EntityManager injected, but after Spring Security came, I kept getting NPE (the EntityManager was no longer being injected). So I tried extending JpaDaoSupport and getting to the EntityManager in a different way, like this:

getJpaTemplate()
     .execute(new JpaCallback() {
                             public Object doInJpa(final EntityManager em)
                             throws PersistenceException {
                                     // Here, I get an EntityManager...
                             }
                         });  

It works because now I do not get any NPE anymore. But still, it isn't a proxy.

If I comment out the app-security.xml file and do not load its beans, the application works fine. If I do, no proxies are created, and the application does not commit any transaction.

My app-security.xml file is:

[?xml version="1.0" encoding="UTF-8"?]
[beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:security="http://www.springframework.org/schema/security"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="
     http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
          http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd"
]

 [bean id="interfaceDecisionManagerBean" class="com.mot.br.jag.security.InterfaceDecisionManager" /]

 [security:global-method-security 
      access-decision-manager-ref="interfaceDecisionManagerBean"     
 /]

 [security:http auto-config="false" access-decision-manager-ref="interfaceDecisionManagerBean"]
        [security:form-login login-page="/login.html" 
                             login-processing-url="/loginProcess" 
                             default-target-url="/index.jsp" 
                             authentication-failure-url="/login.html?login_error=1" /]

        [security:anonymous /]
        [security:logout logout-url="/logout" logout-success-url="/logoutSuccess.html" /]

     [security:port-mappings]
        [security:port-mapping http="8080" https="8443"/]
     [/security:port-mappings]        
    [/security:http]

    [security:ldap-server
        id="motoLDAP"
        url="[private... ]"
    /]

    [security:authentication-manager]
        [security:ldap-authentication-provider
            server-ref="motoLDAP" 
            user-search-filter="(uid={0})"
              user-search-base="ou=intranet"
        /]

    [/security:authentication-manager]

    [bean id="contextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource"]
  [constructor-arg value="[... private ...]"/]
 [/bean]

 [bean id="userSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch"]
  [constructor-arg index="0" value="ou=intranet"/]
  [constructor-arg index="1" value="(uid={0})"/]
  [constructor-arg index="2" ref="contextSource" /]
 [/bean]  

 [bean id="ldapAuthentication" class="com.mot.br.jag.security.authentication.LDAPAuthentication"]
        [constructor-arg index="0"]
      [bean id="ldapProvider" class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider"]
       [constructor-arg]
           [bean class="org.springframework.security.ldap.authentication.BindAuthenticator"]
               [constructor-arg ref="contextSource" /]
                  [property name="userSearch" ref="userSearch" /]
              [/bean]
          [/constructor-arg]
      [/bean] 
        [/constructor-arg]

        [constructor-arg index="1" ref="userSearch" /]
 [/bean]

[/beans]

My app-persistence.xml is:

[?xml version="1.0" encoding="UTF-8"?]
[beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:aop="http://www.springframework.org/schema/aop"
       xmlns:tx="http://www.springframework.org/schema/tx"
       xmlns:jee="http://www.springframework.org/schema/jee"
       xsi:schemaLocation="
       http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
       http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd
       http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.0.xsd
       http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee-3.0.xsd"]

    [bean class="org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor" /]
    [bean class="org.springframework.dao.annotation.PersistenceExceptionTranslationPostProcessor" /]
    [bean class="org.springframework.aop.aspectj.annotation.AnnotationAwareAspectJAutoProxyCreator" /]  

 [!-- ENTITY MANAGERS --]

    [bean id="interfaceEMF"
        class="org.springframework.orm.jpa.LocalEntityManagerFactoryBean"]
        [property name="persistenceUnitName" value="interfaceDS" /]
    [/bean]

    [!-- TRANSACTION MANAGERS --]

    [bean id="interfaceTM" class="org.springframework.orm.jpa.JpaTransactionManager"]
        [property name="entityManagerFactory" ref="interfaceEMF" /]
    [/bean]

    [!-- TX ADVICES --]

    [tx:advice id="txAdvice" transaction-manager="interfaceTM"]
        [tx:attributes]
            [tx:method name="*" propagation="REQUIRED" rollback-for="Throwable" /]
        [/tx:attributes]
    [/tx:advice]

    [!-- AOP CONFIG --]

    [aop:aspectj-autoproxy /]
    [aop:config]
        [aop:pointcut id="businessMethods" expression="execution(* com.mot.br.jag.business.Business+.*(..))" /]

        [aop:advisor advice-ref="txAdvice" pointcut-ref="businessMethods" /]
    [/aop:config]

[/beans]

I'm running out of ideas... I've read that it's a bug that happens because of the order in which the beans are pre-processed, but I've also read that this bug has already been fixed. I'm sorry if I'm not expressing myself clearly, english is not my first language. I'd be happy to answer any questions, if it guides me in the right direction. :)

Thank you very much in advance, Rodrigo

Answer 1

I would guess that there is a conflict between

<aop:aspectj-autoproxy/>

and

<security:global-method-security ... />

as both involve setting up some sort of proxies for your beans.

Answer 2

This may be caused by JDK dynamic proxies, try

<aop:aspectj-autoproxy  proxy-target-class = "true" /> 

and

<security:global-method-security proxy-target-class = "true" ... />