Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

The bean 'preFilterAuthorizationAdvisor', defined in class path resource could not be registered #13572

Closed
bratkartoffel opened this issue Jul 21, 2023 · 3 comments
Closed

The bean 'preFilterAuthorizationAdvisor', defined in class path resource could not be registered #13572

bratkartoffel opened this issue Jul 21, 2023 · 3 comments
Assignees
@jzheaux
Labels
in: config An issue in spring-security-config type: bug A general bug
Milestone
5.8.6

Comments

@bratkartoffel
Copy link

bratkartoffel commented Jul 21, 2023
edited
Loading

Describe the bug
After upgrading to spring boot 3.1.2 (implicitly upgrading spring-security to 6.1.2), my applicatin no longer starts. The startup fails due to the following message:

Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.support.BeanDefinitionOverrideException: Invalid bean definition with name 'preFilterAuthorizationAdvisor' defined in class path resource [org/springframework/security/config/annotation/method/configuration/PrePostMethodSecurityConfiguration.class]: Cannot register bean definition [Root bean: class [org.springframework.security.config.annotation.method.configuration.PrePostMethodSecurityConfiguration]; scope=; abstract=false; lazyInit=null; autowireMode=3; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=preFilterAuthorizationMethodInterceptor; initMethodNames=null; destroyMethodNames=[(inferred)]; defined in class path resource [org/springframework/security/config/annotation/method/configuration/PrePostMethodSecurityConfiguration.class]] for bean 'preFilterAuthorizationAdvisor' since there is already [Root bean: class [org.springframework.security.config.annotation.method.configuration.PrePostMethodSecurityConfiguration]; scope=; abstract=false; lazyInit=null; autowireMode=3; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null;

First reported here: spring-projects/spring-boot#36481

Downgrading to 6.1.1 works again.

To Reproduce

Expected behavior
The application startups up without errors.

Sample
See To Reproduce section

Thanks,
Simon

@paweleg fyi
@bratkartoffel bratkartoffel added status: waiting-for-triage An issue we've not yet triaged type: bug A general bug labels Jul 21, 2023
@paweleg
Copy link

paweleg commented Jul 21, 2023

Describe the bug After upgrading to spring boot 3.1.2 (implicitly upgrading spring-security to 6.1.2), my applicatin no longer starts. The startup fails due to the following message:

Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.support.BeanDefinitionOverrideException: Invalid bean definition with name 'preFilterAuthorizationAdvisor' defined in class path resource [org/springframework/security/config/annotation/method/configuration/PrePostMethodSecurityConfiguration.class]: Cannot register bean definition [Root bean: class [org.springframework.security.config.annotation.method.configuration.PrePostMethodSecurityConfiguration]; scope=; abstract=false; lazyInit=null; autowireMode=3; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=preFilterAuthorizationMethodInterceptor; initMethodNames=null; destroyMethodNames=[(inferred)]; defined in class path resource [org/springframework/security/config/annotation/method/configuration/PrePostMethodSecurityConfiguration.class]] for bean 'preFilterAuthorizationAdvisor' since there is already [Root bean: class [org.springframework.security.config.annotation.method.configuration.PrePostMethodSecurityConfiguration]; scope=; abstract=false; lazyInit=null; autowireMode=3; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null;

First reported here: spring-projects/spring-boot#36481

Downgrading to 6.1.1 works again.

To Reproduce

Expected behavior The application startups up without errors.

Sample See To Reproduce section

Thanks, Simon

@paweleg fyi

Thanks @bratkartoffel

@jzheaux jzheaux self-assigned this Jul 24, 2023
@jzheaux
Copy link
Contributor

jzheaux commented Jul 24, 2023
edited
Loading

Thanks for the report, @bratkartoffel. This appears to be a regression around having multiple @EnableMethodSecurity annotations. In the sample you provide, @EnableMethodSecurity is declared both in JwtSecurityConfig and SecurityJwtBaseAutoConfiguration.

Since this was possible before, I think it should remain possible, so I'll schedule this for the next release. That said, if you are able to remove one of the two @EnableMethodSecurity usages, I believe that such would alleviate the issue in your codebase. Indeed, when I excluded one of them and replaced it with a configuration class that did not have the extra @EnableMethodSecurity annotation, the tests passed.

@jzheaux jzheaux added in: config An issue in spring-security-config and removed status: waiting-for-triage An issue we've not yet triaged labels Jul 24, 2023
@bratkartoffel
Copy link
Author

Thank you for the analysis. I'll try to implement the workaround for now and test the new release once it's available.

bratkartoffel added a commit to bratkartoffel/security-jwt that referenced this issue Jul 24, 2023
@bratkartoffel
Add workaround for spring-projects/spring-security#13572
92b5abc
@jzheaux jzheaux mentioned this issue Jul 24, 2023
Closed
@jzheaux jzheaux added this to the 5.8.6 milestone Jul 24, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jzheaux jzheaux

Labels
in: config An issue in spring-security-config type: bug A general bug
Projects
None yet
Milestone
5.8.6
Development

No branches or pull requests
3 participants
@bratkartoffel @jzheaux @paweleg