spring security jdbc throws null pointer -

i trying use spring-security 4.0.0.m1 spring-boot 1.0.2.release h2 , spring-data-jpa.1.5.2. able create user in securityconfig.configure method, when extract out own class, nullpointer exception. step jdbcdaosupport.java , see getjdbctemplate() returns null jdbctemplate.

here config:

@configuration @enablewebmvcsecurity @enableglobalmethodsecurity(prepostenabled = false) public class securityconfig extends websecurityconfigureradapter {      @autowired     private datasource datasource;      @autowired     userservice userservice;      @override     protected void configure(httpsecurity http) throws exception {          http                 .authorizerequests()                 .antmatchers( "/resources/**" ).permitall()                 .antmatchers( "/css/**" ).permitall();          http                 .formlogin().failureurl( "/login?error" )                 .defaultsuccessurl( "/" )                 .loginpage( "/login" )                 .permitall()                 .and()                 .logout().logoutrequestmatcher( new antpathrequestmatcher( "/logout" ) ).logoutsuccessurl( "/login" )                 .permitall();          http                 .authorizerequests().anyrequest().authenticated();     }      @override     protected void configure(authenticationmanagerbuilder auth) throws exception {         auth                 .jdbcauthentication()                 .datasource( datasource );     }      @bean     @override     public authenticationmanager authenticationmanager() throws exception {         return super.authenticationmanagerbean();     } } 

my main configuration class has datasource defined, know work:

@bean public datasource datasource() {     return new embeddeddatabasebuilder().settype( embeddeddatabasetype.h2 ).setname( "ofac" )             .addscript( "classpath:h2.sql" ).build(); } 

i have user service adding users such:

@component public class userservice {      @autowired     private authenticationmanagerbuilder authenticationmanagerbuilder;      @autowired     private javax.sql.datasource datasource;      @postconstruct()     public void initusers() throws exception {         addnewuser( "admin", "password", "admin" );     }       public void addnewuser(string username, string plainpassword, string role) {      list<grantedauthority> authorities = new arraylist<grantedauthority>();     authorities.add( new simplegrantedauthority( role ) );     passwordencoder encoder = new bcryptpasswordencoder();      userdetails hasheduser = new user( username, encoder.encode( plainpassword ), authorities );      jdbcuserdetailsmanager userdetailsservice = (jdbcuserdetailsmanager) authenticationmanagerbuilder.getdefaultuserdetailsservice();     try {         if ( userdetailsservice.userexists( hasheduser.getusername() ) ) {             userdetailsservice.deleteuser( hasheduser.getusername() );         }         // , finally, create user         userdetailsservice.createuser( hasheduser );     } catch ( exception ex ) {         ex.printstacktrace();     }  } } 

i have breakpoint on userservice.initusers , when line:

authenticationmanagerbuilder.jdbcauthentication().getuserdetailsservice().userexists( hasheduser.getusername() )  

is invoked, can see authenticationmanagerbuilder.jdbcauthentication() returns null jdbctemplate. online documentation seems indicate work, not seem wire expecting.

does know might wrong?

update: changed project no longer have securityconfig, instead have a:

@order(securityproperties.access_override_order) @configuration public class applicationsecurity extends websecurityconfigureradapter {      @override     protected void configure(httpsecurity http) throws exception {         http                 .authorizerequests()                 .antmatchers( "/resources/**" ).permitall()                 .antmatchers( "/css/**" ).permitall();          http                 .formlogin().failureurl( "/login?error" )                 .defaultsuccessurl( "/" )                 .loginpage( "/login" )                 .permitall()                 .and()                 .logout().logoutrequestmatcher( new antpathrequestmatcher( "/logout" ) ).logoutsuccessurl( "/login" )                 .permitall();          http                 .authorizerequests().anyrequest().authenticated();     } } 

and a:

@order(ordered.highest_precedence) @configuration public class authenticationsecurity extends globalauthenticationconfigureradapter {       @autowired     private datasource datasource;      @override     public void init(authenticationmanagerbuilder auth) throws exception {         auth                 .jdbcauthentication()                 .datasource( datasource );     } } 

but in userservice, null userdetailsservice here:

jdbcuserdetailsmanager userdetailsservice = (jdbcuserdetailsmanager) authenticationmanagerbuilder.getdefaultuserdetailsservice(); 

i have not figured out how create user after startup. thought userdetailsservice, doesn't provide functionality. thought maybe jdbcuserdetailsmanager needed, far haven't been able wire 1 works.

the authenticationmanagerbuilder may not have been initialized when injected object. spring security uses various markers signal initialization order, e.g. try extending globalauthenticationconfigureradapter in the method security sample.