Vaadin 7/Standalone Tomcat 8 - NoSuchMethodError: org.vaadin.spring.security.shared.DefaultVaadinSharedSecurity.getRememberMeServices

[Artgit]

I can't run my Spring Boot/Vaadin application on Standalone Tomcat 8.0.35 with a following exception:

java.lang.NoSuchMethodError: org.vaadin.spring.security.shared.DefaultVaadinSharedSecurity.getRememberMeServices()Lorg/springframework/security/web/authentication/RememberMeServices;
    at org.vaadin.spring.security.shared.DefaultVaadinSharedSecurity.getRememberMeParameter(DefaultVaadinSharedSecurity.java:101)
    at org.vaadin.spring.security.shared.DefaultVaadinSharedSecurity.login(DefaultVaadinSharedSecurity.java:65)
    at org.vaadin.spring.security.shared.DefaultVaadinSharedSecurity.login(DefaultVaadinSharedSecurity.java:164)

The same application perfectly runs on Embedded Tomcat.

This is my Security configuration:

@Configuration
@EnableWebSecurity
@EnableVaadinSharedSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private SocialAuthenticationSuccessHandler socialAuthenticationSuccessHandler;

    @Autowired
    private DBUserDetailsService userDetailsService;

    @Value("${social.postLogin.url}")
    private String postLoginUrl;

    @Override
    public void configure(WebSecurity web) throws Exception {
        // @formatter:off
        web.ignoring()
            .antMatchers("/static/**")
            .antMatchers("/VAADIN/**");
        // @formatter:on
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {

        // @formatter:off

        // Set a custom successHandler on the SocialAuthenticationFilter
        final SpringSocialConfigurer socialConfigurer = new SpringSocialConfigurer();
        socialConfigurer.addObjectPostProcessor(new ObjectPostProcessor<SocialAuthenticationFilter>() {
            @Override
            public <O extends SocialAuthenticationFilter> O postProcess(O socialAuthenticationFilter) {
                socialAuthenticationFilter.setAuthenticationSuccessHandler(socialAuthenticationSuccessHandler);
                socialAuthenticationFilter.setPostLoginUrl(postLoginUrl);
                return socialAuthenticationFilter;
            }
        });

        http
            .csrf().disable() // Use Vaadin's built-in CSRF protection instead
            .sessionManagement().sessionAuthenticationStrategy(sessionAuthenticationStrategy())
        .and()
            .httpBasic().disable()
            .formLogin().disable()
            .rememberMe().rememberMeServices(rememberMeServices()).key("myAppKey")
        .and()
            .logout()
                .addLogoutHandler(new VaadinSessionClosingLogoutHandler()).logoutUrl("/logout")
                .logoutSuccessUrl("/login?logout").permitAll()
        .and()
            .exceptionHandling().authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/login"))
        //Configures url based authorization
        .and()
            .authorizeRequests()
                //Anyone can access the urls
                .antMatchers("/login/**").anonymous()
                .antMatchers("/vaadinServlet/UIDL/**").permitAll()
                .antMatchers("/vaadinServlet/HEARTBEAT/**").permitAll()
                .antMatchers("/auth/**").permitAll()
                .antMatchers("/actuator/health").permitAll()
                .antMatchers("/actuator/**").hasAuthority("PERMISSION_READ_ACTUATOR_DATA")
                //.anyRequest().authenticated()
        //Adds the SocialAuthenticationFilter to Spring Security's filter chain.
        .and()
            // apply the configuration from the socialConfigurer (adds the SocialAuthenticationFilter)
            .apply(socialConfigurer);

        // @formatter:on
    }

    /**
     * The {@link RememberMeServices} must be available as a Spring bean for
     * Vaadin4Spring.
     */
    @Bean
    public RememberMeServices rememberMeServices() {
        return new TokenBasedRememberMeServices("myAppKey", userDetailsService);
    }

    @Bean
    public SessionAuthenticationStrategy sessionAuthenticationStrategy() {
        return new SessionFixationProtectionStrategy();
    }

    @Bean(name = VaadinSharedSecurityConfiguration.VAADIN_AUTHENTICATION_SUCCESS_HANDLER_BEAN)
    VaadinAuthenticationSuccessHandler vaadinAuthenticationSuccessHandler(HttpService httpService, VaadinRedirectStrategy vaadinRedirectStrategy) {
        return new VaadinUrlAuthenticationSuccessHandler(httpService, vaadinRedirectStrategy, "/");
    }

    /**
     * Configures the authentication manager bean which processes authentication
     * requests.
     */
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService).passwordEncoder(new BCryptPasswordEncoder());
    }

    @Override
    @Bean
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

}

In my war file I have vaadin-spring-ext-security-0.0.7.RELEASE.jar

What can be wrong and how to solve this issue ?

[peholmst]

Thanks for the report. What other JAR files do you have in your WAR-file? I suspect this might be some kind of conflict between archives in the classpath.

[Artgit]

aopalliance-1.0.jar asm-5.0.3.jar aspectjrt-1.8.7.jar aspectjweaver-1.8.9.jar atmosphere-runtime-2.2.7.vaadin1.jar cdi-api-2.0-EDR1.jar classmate-1.1.0.jar commons-beanutils-1.9.1.jar commons-collections-3.2.2.jar commons-digester-1.8.1.jar commons-io-2.4.jar commons-lang3-3.4.jar commons-logging-1.1.3.jar commons-validator-1.5.0.jar concurrentlinkedhashmap-lru-1.4.2.jar confirmdialog-2.1.1.jar domain-0.0.1.jar flute-1.3.0.gg2.jar gmetric4j-1.0.7.jar gofullscreen-addon-0.5.3.jar googleanalyticstracker-2.1.0.jar gridstack-addon-0.3.0.jar gson-2.6.2.jar guava-16.0.1.vaadin1.jar guava-18.0.jar hibernate-validator-5.2.4.Final.jar jackson-annotations-2.7.2.jar jackson-core-2.7.2.jar jackson-databind-2.7.2.jar javax.el-api-3.0.0.jar javax.inject-1.jar javax.interceptor-api-1.2.jar javax.transaction-api-1.2.jar jboss-logging-3.2.1.Final.jar jcl-over-slf4j-1.7.21.jar js-1.7R2.jar jsoup-1.8.3.jar jta-1.1.jar jul-to-slf4j-1.7.21.jar log4j-over-slf4j-1.7.21.jar logback-classic-1.1.6.jar logback-core-1.1.6.jar lucene-analyzers-3.6.2.jar lucene-core-3.6.2.jar maddon-1.15.jar markdown4j-2.2-cj-1.0.jar metrics-core-3.1.2.jar metrics-ganglia-3.1.2.jar metrics-graphite-3.1.2.jar neo4j-2.3.3.jar neo4j-advanced-2.3.3.jar neo4j-backup-2.3.3.jar neo4j-cluster-2.3.3.jar neo4j-codegen-2.3.3.jar neo4j-com-2.3.3.jar neo4j-consistency-check-2.3.3.jar neo4j-consistency-check-legacy-2.3.3.jar neo4j-csv-2.3.3.jar neo4j-cypher-2.3.3.jar neo4j-cypher-compiler-1.9_2.11-2.0.5.jar neo4j-cypher-compiler-2.2_2.11-2.2.6.jar neo4j-cypher-compiler-2.3-2.3.3.jar neo4j-cypher-dsl-2.0.1.jar neo4j-cypher-frontend-2.3-2.3.3.jar neo4j-enterprise-2.3.3.jar neo4j-enterprise-kernel-2.3.3.jar neo4j-function-2.3.3.jar neo4j-graph-algo-2.3.3.jar neo4j-graph-matching-2.3.3.jar neo4j-ha-2.3.3.jar neo4j-io-2.3.3.jar neo4j-jmx-2.3.3.jar neo4j-kernel-2.3.3.jar neo4j-logging-2.3.3.jar neo4j-lucene-index-2.3.3.jar neo4j-management-2.3.3.jar neo4j-metrics-2.3.3.jar neo4j-primitive-collections-2.3.3.jar neo4j-query-logging-2.3.3.jar neo4j-udc-2.3.3.jar neo4j-unsafe-2.3.3.jar netty-3.6.3.Final.jar oncrpc-1.0.7.jar opencsv-2.3.jar parboiled-core-1.1.7.jar parboiled-scala_2.11-1.1.7.jar sac-1.3.jar scala-library-2.11.7.jar scala-parser-combinators_2.11-1.0.4.jar scala-reflect-2.11.7.jar slf4j-api-1.7.18.jar snakeyaml-1.16.jar spring-aop-4.2.6.RELEASE.jar spring-aspects-4.2.6.RELEASE.jar spring-beans-4.2.6.RELEASE.jar spring-boot-1.3.5.RELEASE.jar spring-boot-actuator-1.3.5.RELEASE.jar spring-boot-autoconfigure-1.3.5.RELEASE.jar spring-boot-starter-1.3.5.RELEASE.jar spring-boot-starter-actuator-1.3.5.RELEASE.jar spring-boot-starter-logging-1.3.5.RELEASE.jar spring-boot-starter-security-1.3.5.RELEASE.jar spring-boot-starter-social-facebook-1.3.5.RELEASE.jar spring-boot-starter-social-linkedin-1.3.5.RELEASE.jar spring-boot-starter-social-twitter-1.3.5.RELEASE.jar spring-boot-starter-validation-1.3.5.RELEASE.jar spring-boot-starter-web-1.3.5.RELEASE.jar spring-context-4.2.6.RELEASE.jar spring-core-4.2.6.RELEASE.jar spring-data-commons-1.11.4.RELEASE.jar spring-data-neo4j-3.4.4.RELEASE.jar spring-expression-4.2.6.RELEASE.jar spring-security-config-4.0.4.RELEASE.jar spring-security-core-4.0.3.RELEASE.jar spring-security-crypto-3.2.8.RELEASE.jar spring-security-web-4.1.0.RELEASE.jar spring-social-config-1.1.4.RELEASE.jar spring-social-core-1.1.4.RELEASE.jar spring-social-facebook-2.0.3.RELEASE.jar spring-social-github-1.0.0.M4.jar spring-social-google-1.0.0.RELEASE.jar spring-social-linkedin-1.0.2.RELEASE.jar spring-social-security-1.1.4.RELEASE.jar spring-social-twitter-1.1.2.RELEASE.jar spring-social-web-1.1.4.RELEASE.jar spring-tx-4.2.6.RELEASE.jar spring-vaadin-0.0.5.RELEASE.jar spring-vaadin-eventbus-0.0.5.RELEASE.jar spring-vaadin-mvp-0.0.5.RELEASE.jar spring-vaadin-security-0.0.5.RELEASE.jar spring-web-4.2.6.RELEASE.jar spring-webmvc-4.2.6.RELEASE.jar streamhtmlparser-jsilver-0.0.10.vaadin1.jar vaadin-autocompletetextfield-1.0-alpha-4.jar vaadin-client-compiled-7.6.6.jar vaadin-push-7.6.6.jar vaadin-sass-compiler-0.9.13.jar vaadin-server-7.6.6.jar vaadin-shared-7.6.6.jar vaadin-slf4j-jdk14-1.6.1.jar vaadin-spring-1.0.0.jar vaadin-spring-addon-eventbus-0.0.7.RELEASE.jar vaadin-spring-addon-i18n-0.0.7.RELEASE.jar vaadin-spring-addon-sidebar-0.0.7.RELEASE.jar vaadin-spring-boot-1.0.0.jar vaadin-spring-boot-starter-1.0.0.jar vaadin-spring-ext-boot-0.0.7.RELEASE.jar vaadin-spring-ext-core-0.0.7.RELEASE.jar vaadin-spring-ext-security-0.0.7.RELEASE.jar vaadin-themes-7.6.6.jar validation-api-1.1.0.Final.jar yuicompressor-2.4.8.jar

[peholmst]

I notice you're mixing jars from 0.0.5 and 0.0.7, including the security jar. This is the problem.

[Artgit]

I have fixed my classpath and this issue has now been resolved! Thank you!

[peholmst]

You're welcome, I'm glad it works! :-)