-
Notifications
You must be signed in to change notification settings - Fork 648
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ClassNotFoundException: PasswordEncoder #23
Comments
Thanks for the report. This is due to the fact that Spring Boot's spring-boot-starter-security is excluding spring-security-crypto spring-projects/spring-boot@33a5c31 It will be resolved once spring-projects/spring-boot#26588 is closed. @jzheaux Do our tests catch this problem if we are running against our SNAPSHOTs? |
@rwinch Thank you very much for the update. As a quick question (and my apologies for jamming two issues into one): do you think I should open a separate issue regarding the UserDetailsServiceAutoConfiguration question or do you consider it expected behavior? |
That is a separate issue. I'd consider creating an issue with spring boot for it |
@rwinch Thank you very much for your feedback, I have openend spring-projects/spring-boot#26766 with Spring Boot. |
Is the current workaround still valid? (import statement mentioned by @SamuelBucheliZ) I got the same issue when trying to run https://github.com/spring-projects/spring-security-samples/tree/main/servlet/spring-boot/java/oauth2/webclient I'd love love to run the sample application way before June 21 (as mentioned in !26588) in order to understand spring boot oauth2 a bit more. Btw. If anyone knows of a good, working and non-deprecated guide on how to integrate an OAuth2 OIDC application provider (with ADFS(sic!)) in a spring boot web client, I'd be grateful for reading it :) |
@rwinch the tests transitively include |
You can play with the samples on the For example this works for me: git checkout tags/5.5.0 -b 5.5.0
./gradlew :servlet:spring-boot:java:hello-security:bootRun |
Looking at https://github.com/spring-projects/spring-security-samples/tree/main/servlet/spring-boot/java/oauth2/resource-server/multi-tenancy I currently see the following two issues.
Running Application Fails with ClassNotFoundException for org.springframework.security.crypto.password.PasswordEncoder
At the moment, running
fails (for me) with
It seems this behavior can be easily fixed adding
to the dependencies block in
build.gradle
.In case it seems this problem affects also other people, I would suggest adjusting the example to include this additional dependency.
Update: I also just noticed, that I have the same problem with https://github.com/spring-projects/spring-security-samples/tree/main/servlet/spring-boot/java/oauth2/resource-server/hello-security
InMemoryUserDetailsManager is Auto-Configured
Once the problem above is fixed, the application starts. However, in the log output I see
In my opinion, this is somewhat unexpected, as I would expect the same behavior as in the "simple", non-multi-tenant case (e.g., https://github.com/spring-projects/spring-security-samples/tree/main/servlet/spring-boot/java/oauth2/resource-server/hello-security ), where the auto-configuration is not activated (I think due to the presence of a JwtDecoder bean, but I have not fully investigated this).
I would therefore suggest to explicitly disable this auto-configuration in the multi-tenant example. Unfortunately, I'm not quite sure what the best way is to achieve this. The easiest is probably just excluding the configuration via
in
OAuth2ResourceServerApplication
. However, I haven't checked whether this leads to any undesirable side-effects.Related: spring-projects/spring-security#9767
The text was updated successfully, but these errors were encountered: