Home  >  Forum  >  Spring
Post New Query

Spring security 4 (annotations) from database not working

Asked on August 29, 2016


I am struggling with Spring for a while and now i have moved on to the security part. I was following some tutorials and I find myself stuck, the security won't work, but I don't receive any errors either.

I have implemented the SecurityConfig class:

@EnableAspectJAutoProxy(proxyTargetClass = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    DataSource dataSource;

    public void configAuthentication(AuthenticationManagerBuilder auth) throws Exception {
        System.out.println("enter configAuthentication");
        .usersByUsernameQuery("select username, password, enabled from [USER] where username=?")
        .authoritiesByUsernameQuery("select username, role from ROLE where username=?");

    protected void configure(HttpSecurity http) throws Exception {
        System.out.println("enter configure");
Also, the implementation of UserDetailsService:
public class MyUserDetailsService implements UserDetailsService {
    private UserDao userDao;

    public UserDetails loadUserByUsername(final String username)
        throws UsernameNotFoundException {
        System.out.println("entered loadUserByUsername");
        laura.bachelordegree.model.User user = userDao.findByUserName(username);
        List<GrantedAuthority> authorities = buildUserAuthority(user.getUserRole());
        System.out.println("found " + authorities.size() + " authorities: " + authorities.toString());
        return buildUserForAuthentication(user, authorities);


    private User buildUserForAuthentication(laura.bachelordegree.model.User user,
        List<GrantedAuthority> authorities) {
        System.out.println("entered buildUserForAuthentication");
        return new User(user.getUsername(), user.getPassword(),
            user.isEnabled(), true, true, true, authorities);

    private List<GrantedAuthority> buildUserAuthority(Set<Role> userRoles) {
        System.out.println("entered buildUserAuthority");
        Set<GrantedAuthority> setAuths = new HashSet<GrantedAuthority>();

        for (Role userRole : userRoles) {
            setAuths.add(new SimpleGrantedAuthority(userRole.getRole()));

        List<GrantedAuthority> Result = new ArrayList<GrantedAuthority>(setAuths);
        System.out.println("found authorities");
        return Result;
The UserDAO implementation contains findByUserName:
public class UserDaoImpl implements UserDao {

    private SessionFactory sessionFactory;

    protected Session getCurrentSession() {
        return sessionFactory.getCurrentSession();

    @SuppressWarnings({ "unchecked", "deprecation" })
    public User findByUserName(String username) {
        System.out.println("entered findByUserName");
        List<User> users = new ArrayList<User>();

        users = sessionFactory.getCurrentSession().createQuery("from User where username=?").setParameter(0, username)
        System.out.println("retrieved number of users: " + users.size());

        if (users.size() > 0) {
            return users.get(0);
        } else {
            return null;
Any idea what else i should configure in order to make it work? I know there are a lot of tutorials out there on security, but that's the problem: there are too many different ways of doing this and i find it difficult to make sense of it.

Replied on August 29, 2016
You need to check for  @EnableGlobalMethodSecurity(securedEnabled=true, prePostEnabled=true)

@EnableAspectJAutoProxy(proxyTargetClass = true)
@EnableGlobalMethodSecurity(securedEnabled=true, prePostEnabled=true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {

You can also refer the URL

Replied on September 04, 2016
Thank for the advice, it worked :)

Write Answer

©2019 concretepage.com | Privacy Policy | Contact Us