org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0': Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: Unsupported configuration attributes: [ ROLE_USER]: java.lang.IllegalArgumentException: Unsupported configuration attributes: [ ROLE_USER]

Spring JIRA | Florent Ramiere | 7 years ago
  1. 0

    The "extra" space in access definition is not supported, it should be allowed. If this is the desired behavior, the xsd should be updated to reflect the constraint. {code:xml} <security:intercept-url pattern="/app/*.action" access="ROLE_ANONYMOUS, ROLE_USER" /> {code:xml} it produces {noformat} 2010-02-02 00:17:40.500:WARN::Nested in org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0': Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: Unsupported configuration attributes: [ ROLE_USER]: java.lang.IllegalArgumentException: Unsupported configuration attributes: [ ROLE_USER] at org.springframework.security.access.intercept.AbstractSecurityInterceptor.afterPropertiesSet(AbstractSecurityInterceptor.java:153) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1460) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1398) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:512) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:450) at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:290) at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222) at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:287) at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:189) at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:557) at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:842) at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:416) {noformat}

    Spring JIRA | 7 years ago | Florent Ramiere
    org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0': Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: Unsupported configuration attributes: [ ROLE_USER]: java.lang.IllegalArgumentException: Unsupported configuration attributes: [ ROLE_USER]
  2. 0

    The "extra" space in access definition is not supported, it should be allowed. If this is the desired behavior, the xsd should be updated to reflect the constraint. {code:xml} <security:intercept-url pattern="/app/*.action" access="ROLE_ANONYMOUS, ROLE_USER" /> {code:xml} it produces {noformat} 2010-02-02 00:17:40.500:WARN::Nested in org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0': Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: Unsupported configuration attributes: [ ROLE_USER]: java.lang.IllegalArgumentException: Unsupported configuration attributes: [ ROLE_USER] at org.springframework.security.access.intercept.AbstractSecurityInterceptor.afterPropertiesSet(AbstractSecurityInterceptor.java:153) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1460) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1398) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:512) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:450) at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:290) at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222) at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:287) at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:189) at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:557) at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:842) at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:416) {noformat}

    Spring JIRA | 7 years ago | Florent Ramiere
    org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0': Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: Unsupported configuration attributes: [ ROLE_USER]: java.lang.IllegalArgumentException: Unsupported configuration attributes: [ ROLE_USER]
  3. 0

    I've been trying to get the latest source code of oauth2 to work and have paid careful attention to how the sparklr2 sample app works. I am using expressions for my {{<http:/>}} configuration and that doesn't play nicely with the configuration sparklr2 has. If you change the sparkl2 configuration to use expressions and then add hasRole() or hasAnyRole() to the configuration, it fails with: {noformat} 2011-10-25 17:10:25.495:WARN:/sparklr:unavailable org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.filterChains': Cannot resolve reference to bean 'org.springframework.security.web.DefaultSecurityFilterChain#0' while setting bean property 'sourceList' with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.DefaultSecurityFilterChain#0': Cannot resolve reference to bean 'org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0' while setting constructor argument with key [9]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0': Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: Unsupported configuration attributes: [hasAnyRole('ROLE_USER','DENY_OAUTH'), hasRole('IS_AUTHENTICATED_ANONYMOUSLY'), hasAnyRole('ROLE_CLIENT','SCOPE_TRUST'), hasAnyRole('ROLE_USER','SCOPE_TRUST'), hasRole(ROLE_USER), hasAnyRole('IS_AUTHENTICATED_ANONYMOUSLY','DENY_OAUTH'), hasAnyRole('ROLE_USER','SCOPE_READ'), hasAnyRole('ROLE_USER','SCOPE_READ')] at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:328) {noformat} That's why it's not working for my web app either.

    Spring JIRA | 5 years ago | Bjorn Harvold
    org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.filterChains': Cannot resolve reference to bean 'org.springframework.security.web.DefaultSecurityFilterChain#0' while setting bean property 'sourceList' with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.DefaultSecurityFilterChain#0': Cannot resolve reference to bean 'org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0' while setting constructor argument with key [9]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0': Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: Unsupported configuration attributes: [hasAnyRole('ROLE_USER','DENY_OAUTH'), hasRole('IS_AUTHENTICATED_ANONYMOUSLY'), hasAnyRole('ROLE_CLIENT','SCOPE_TRUST'), hasAnyRole('ROLE_USER','SCOPE_TRUST'), hasRole(ROLE_USER), hasAnyRole('IS_AUTHENTICATED_ANONYMOUSLY','DENY_OAUTH'), hasAnyRole('ROLE_USER','SCOPE_READ'), hasAnyRole('ROLE_USER','SCOPE_READ')]
  4. Speed up your debug routine!

    Automated exception search integrated into your IDE

  5. 0

    Using expressions for <security:http fails in latest oauth2 codebase - Spring Forum

    spring.io | 1 year ago
    org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.filterChains': Cannot resolve reference to bean 'org.springframework.security.web.DefaultSecurityFilterChain#0' while setting bean property 'sourceList' with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.DefaultSecurityFilterChain#0': Cannot resolve reference to bean 'org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0' while setting constructor argument with key [9]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0': Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: Unsupported configuration attributes: [hasAnyRole('ROLE_USER','DENY_OAUTH'), hasRole('IS_AUTHENTICATED_ANONYMOUSLY'), hasAnyRole('ROLE_CLIENT','SCOPE_TRUST'), hasAnyRole('ROLE_USER','SCOPE_TRUST'), hasRole(ROLE_USER), hasAnyRole('IS_AUTHENTICATED_ANONYMOUSLY','DENY_OAUTH'), hasAnyRole('ROLE_USER','SCOPE_READ'), hasAnyRole('ROLE_USER','SCOPE_READ')]
  6. 0

    I've been trying to get the latest source code of oauth2 to work and have paid careful attention to how the sparklr2 sample app works. I am using expressions for my {{<http:/>}} configuration and that doesn't play nicely with the configuration sparklr2 has. If you change the sparkl2 configuration to use expressions and then add hasRole() or hasAnyRole() to the configuration, it fails with: {noformat} 2011-10-25 17:10:25.495:WARN:/sparklr:unavailable org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.filterChains': Cannot resolve reference to bean 'org.springframework.security.web.DefaultSecurityFilterChain#0' while setting bean property 'sourceList' with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.DefaultSecurityFilterChain#0': Cannot resolve reference to bean 'org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0' while setting constructor argument with key [9]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0': Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: Unsupported configuration attributes: [hasAnyRole('ROLE_USER','DENY_OAUTH'), hasRole('IS_AUTHENTICATED_ANONYMOUSLY'), hasAnyRole('ROLE_CLIENT','SCOPE_TRUST'), hasAnyRole('ROLE_USER','SCOPE_TRUST'), hasRole(ROLE_USER), hasAnyRole('IS_AUTHENTICATED_ANONYMOUSLY','DENY_OAUTH'), hasAnyRole('ROLE_USER','SCOPE_READ'), hasAnyRole('ROLE_USER','SCOPE_READ')] at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:328) {noformat} That's why it's not working for my web app either.

    Spring JIRA | 5 years ago | Bjorn Harvold
    org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.filterChains': Cannot resolve reference to bean 'org.springframework.security.web.DefaultSecurityFilterChain#0' while setting bean property 'sourceList' with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.DefaultSecurityFilterChain#0': Cannot resolve reference to bean 'org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0' while setting constructor argument with key [9]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0': Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: Unsupported configuration attributes: [hasAnyRole('ROLE_USER','DENY_OAUTH'), hasRole('IS_AUTHENTICATED_ANONYMOUSLY'), hasAnyRole('ROLE_CLIENT','SCOPE_TRUST'), hasAnyRole('ROLE_USER','SCOPE_TRUST'), hasRole(ROLE_USER), hasAnyRole('IS_AUTHENTICATED_ANONYMOUSLY','DENY_OAUTH'), hasAnyRole('ROLE_USER','SCOPE_READ'), hasAnyRole('ROLE_USER','SCOPE_READ')]

    Not finding the right solution?
    Take a tour to get the most out of Samebug.

    Tired of useless tips?

    Automated exception search integrated into your IDE

    Root Cause Analysis

    1. org.springframework.beans.factory.BeanCreationException

      Error creating bean with name 'org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0': Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: Unsupported configuration attributes: [ ROLE_USER]: java.lang.IllegalArgumentException: Unsupported configuration attributes: [ ROLE_USER]

      at org.springframework.security.access.intercept.AbstractSecurityInterceptor.afterPropertiesSet()
    2. spring-security-core
      AbstractSecurityInterceptor.afterPropertiesSet
      1. org.springframework.security.access.intercept.AbstractSecurityInterceptor.afterPropertiesSet(AbstractSecurityInterceptor.java:153)
      1 frame
    3. Spring Beans
      DefaultListableBeanFactory.preInstantiateSingletons
      1. org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1460)
      2. org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1398)
      3. org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:512)
      4. org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:450)
      5. org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:290)
      6. org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
      7. org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:287)
      8. org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:189)
      9. org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:557)
      9 frames
    4. Spring Context
      AbstractApplicationContext.refresh
      1. org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:842)
      2. org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:416)
      2 frames