I am building a Spring Boot application with Spring Security (spring-boot-starter-web and spring-boot-starter-security). I receive the following error from my application during boot:
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'springSecurityFilterChain' defined in class path resource [org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is java.lang.IllegalStateException: org.springframework.security.config.annotation.ObjectPostProcessor is a required bean. Ensure you have used @EnableWebSecurity and @Configuration
at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:625) ~[spring-beans-5.1.2.RELEASE.jar:5.1.2.RELEASE]
at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:455) ~[spring-beans-5.1.2.RELEASE.jar:5.1.2.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1288) ~[spring-beans-5.1.2.RELEASE.jar:5.1.2.RELEASE]
...
My application class consists of the following:
@SpringBootApplication
public class CustomPropertiesApplication {
public static void main(String[] args) {
SpringApplication.run(CustomPropertiesApplication.class, args);
}
}
The bean in this next class appears to be the issue. If it's excluded then the application will boot without error.
@Configuration
@EnableWebSecurity
public class MyConfig extends WebSecurityConfigurerAdapter {
@Bean
public CustomPropertyPlaceholderConfigurer propertyConfigurer(ApplicationContext context) {
return new CustomPropertyPlaceholderConfigurer();
}
}
Right now this CustomPropertyPlaceholderConfigurer class does nothing, I have some legacy classes that are similar, but in trying to troubleshoot this issue I eliminated everything else from my test application.
public class CustomPropertyPlaceholderConfigurer extends PropertyPlaceholderConfigurer {
}
I'm at a loss of what to try next. I've looked for details in Spring Security and Spring Boot about building a custom property placeholder configurer, but I didn't find anything useful.
Versions: Spring Boot - 2.1.0.RELEASE | Spring Security - 5.1.1.RELEASE | JDK 1.8
Also, I realize this app doesn't really do anything, there is a much larger application that has much more complicated logic, and this sample app here is just to replicate my issue to make it small for stackoverflow.
I see now that the answer was right in my output logs and I just failed to see it.
o.s.c.a.ConfigurationClassEnhancer : @Bean method MyConfig.propertyConfigurer is non-static and returns an object assignable to Spring's BeanFactoryPostProcessor interface. This will result in a failure to process annotations such as @Autowired, @Resource and @PostConstruct within the method's declaring @Configuration class. Add the 'static' modifier to this method to avoid these container lifecycle issues; see @Bean javadoc for complete details.
Adding static to my bean fixed the issue.