I am trying to implement OAuth2 AuthorizationServer as described in this article but I keep getting the error below. For a spring security config:

import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.core.annotation.Order; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; @Configuration @Order(1) class SecurityConfig extends WebSecurityConfigurerAdapter { @Value("${user.oauth.user.username}") private String username; @Value("${user.oauth.user.password}") private String password; @Override protected void configure(HttpSecurity http) throws Exception { http.requestMatchers() .antMatchers("/login", "/oauth/authorize") .and() .authorizeRequests() .anyRequest().authenticated() .and() .formLogin().permitAll(); } @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth.inMemoryAuthentication() .withUser(username) .password(passwordEncoder().encode(password)) .roles("USER"); } @Bean public BCryptPasswordEncoder passwordEncoder() { return new BCryptPasswordEncoder(); } } 

I keep getting this error:

[ERROR] Failed to execute goal org.apache.maven.plugins:maven-compiler-plugin:3.8.0:compile (default-compile) on project auth-service: Compilation failure [ERROR] /home/mcs/auth-service/src/main/java/com/example/authservice/config/SecurityConfig.java:[14,1] cannot access javax.servlet.Filter [ERROR] class file for javax.servlet.Filter not found 

What does it mean and what seems to be wrong?

My pom.xml generated form start.spring.io using the latest M2 release for Spring Boot:

 <?xml version="1.0" encoding="UTF-8"?> <project xmlns="" xmlns:xsi="" xsi:schemaLocation=" "> <modelVersion>4.0.0</modelVersion> <parent> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-parent</artifactId> <version>2.2.0.M2</version> <relativePath/> <!-- lookup parent from repository --> </parent> <groupId>com.example</groupId> <artifactId>auth-service</artifactId> <version>0.0.1-SNAPSHOT</version> <name>auth-service</name> <description>Authorization service</description> <properties> <java.version>11</java.version> </properties> <dependencies> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId> </dependency> <dependency> <groupId>com.okta.spring</groupId> <artifactId>okta-spring-boot-starter</artifactId> <version>1.1.0</version> </dependency> <dependency> <groupId>org.springframework.security.oauth</groupId> <artifactId>spring-security-oauth2</artifactId> <version>2.3.5.RELEASE</version> </dependency> <dependency> <groupId>org.projectlombok</groupId> <artifactId>lombok</artifactId> <version>2.6.7</version> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-test</artifactId> <scope>test</scope> </dependency> <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-test</artifactId> <scope>test</scope> </dependency> </dependencies> <build> <plugins> <plugin> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-maven-plugin</artifactId> </plugin> </plugins> </build> <repositories> <repository> <id>spring-snapshots</id> <name>Spring Snapshots</name> <url> <snapshots> <enabled>true</enabled> </snapshots> </repository> <repository> <id>spring-milestones</id> <name>Spring Milestones</name> <url> </repository> </repositories> <pluginRepositories> <pluginRepository> <id>spring-snapshots</id> <name>Spring Snapshots</name> <url> <snapshots> <enabled>true</enabled> </snapshots> </pluginRepository> <pluginRepository> <id>spring-milestones</id> <name>Spring Milestones</name> <url> </pluginRepository> </pluginRepositories> </project> 

7 Answers

The article which you have shared asks you to add web dependency which i dont see in your pom.xml file. Add the below dependency which should solve the javax.servlet error

<dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> </dependency> 

If you check within the spring-boot-starter-web pom file you will see a dependency to javax.servlet-api - 3.1.0.

1

I faced the same issue but fixed after adding dependency spring-boot-starter-web

<dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> <version>2.4.2</version> </dependency> 
1

Look at the version of the servlet api that spring is dependent on then in Gradle include:

 compileOnly("javax.servlet:javax.servlet-api:X") 

Where X is the version of servlet-api spring is dependent on.

The error message you are seeing (cannot access javax.servlet.Filter) suggests that there is a problem with the classpath and that the Servlet API is missing.

<dependency> <groupId>javax.servlet</groupId> <artifactId>javax.servlet-api</artifactId> <version>4.0.1</version> <scope>provided</scope> </dependency> 

Once you have added the Servlet API to your classpath, you should be able to compile your code successfully.

For those using gradle just add and you are good to go

 implementation 'org.springframework.boot:spring-boot-starter-web' 

Check your dependency hierarchy tree. Does it contain javax servlet api. If not, choose a relevant version from here and add it to your pom.xml

While this is a different problem, it has the same error message so if you get here and were trying to get WebFlux to work and you see this error

public class PreAuthorizeSecurityConfigAdapter extends WebSecurityConfigurerAdapter { ^ class file for javax.servlet.Filter not found 

It's probably that WebFlux does not support your usecase. I was trying to get @PreAuthorize(hasPermission(...)) but after much googling found WebFlux doesn't support it and that you should just use your own bean like this instead:

@PreAuthorize("@somePermissionEvaluatorBean.hasPermission(authentication, ...") 

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge that you have read and understand our privacy policy and code of conduct.