Web Application based on Spring Security crashes during startup (NullPointerException)

Question

My application, which make use of Spring Security, is crashing during the startup. Tracking the execution of the application, I could verify the error is happening in method onStartup from class MainWebAppInitializer:

public class MainWebAppInitializer implements WebApplicationInitializer {

    /**
     * Register and configure all Servlet container components necessary to power the web application.
     */
    @Override
    public void onStartup(final ServletContext sc) throws ServletException {
        // Create the 'root' Spring application context
        final AnnotationConfigWebApplicationContext root = new AnnotationConfigWebApplicationContext();
        root.scan("com.spring.web.config");

        // Manages the lifecycle of the root application context
        sc.addListener(new ContextLoaderListener(root));

        // Handles requests into the application
        final ServletRegistration.Dynamic appServlet = sc.addServlet("horariolivreapp", new DispatcherServlet(new GenericWebApplicationContext()));
        appServlet.setLoadOnStartup(1);
        final Set<String> mappingConflicts = appServlet.addMapping("/");
        if (!mappingConflicts.isEmpty()) {
            throw new IllegalStateException("'appServlet' could not be mapped to '/' due " + "to an existing mapping. This is a known issue under Tomcat versions " + "<= 7.0.14; see https://issues.apache.org/bugzilla/show_bug.cgi?id=51278");
        }
    }

}

More specificly, the error occurs in the line

appServlet.setLoadOnStartup(1)

where a NullPointerException is triggered. Follow it is my configuration files, for reference:

web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   xmlns="http://java.sun.com/xml/ns/javaee" 
   xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
   xsi:schemaLocation="

http://java.sun.com/xml/ns/javaee

      http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" 
   id="WebApp_ID" version="3.0">

   <display-name>HorarioLivre</display-name>

   <!-- Spring MVC -->
   <servlet>
      <servlet-name>horariolivreapp</servlet-name>
      <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
      <load-on-startup>1</load-on-startup>
   </servlet>
   <servlet-mapping>
      <servlet-name>horariolivreapp</servlet-name>
      <url-pattern>*.html</url-pattern>
   </servlet-mapping>

   <context-param>
      <param-name>contextClass</param-name>
      <param-value>org.springframework.web.context.support.AnnotationConfigWebApplicationContext</param-value>
   </context-param>
   <context-param>
      <param-name>contextConfigLocation</param-name>
      <param-value>com.spring.web.config</param-value>
   </context-param>
   <listener>
      <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
   </listener>

   <!-- Spring Security -->
   <filter>
      <filter-name>springSecurityFilterChain</filter-name>
      <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
   </filter>
   <filter-mapping>
      <filter-name>springSecurityFilterChain</filter-name>
      <url-pattern>/*</url-pattern>
   </filter-mapping>

</web-app>

horariolivreap-servlet.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:p="http://www.springframework.org/schema/p"
    xmlns:context="http://www.springframework.org/schema/context"
    xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.0.xsd">

    <context:component-scan base-package="com.horariolivreapp.controller" />
    <bean id="viewResolver"
        class="org.springframework.web.servlet.view.UrlBasedViewResolver">
        <property name="viewClass"
            value="org.springframework.web.servlet.view.JstlView" />
        <property name="prefix" value="/WEB-INF/jsp/" />
        <property name="suffix" value=".jsp" />
    </bean>
</beans>

webSecurityConfig.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security" 
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xmlns:beans="http://www.springframework.org/schema/beans"
  xsi:schemaLocation="

http://www.springframework.org/schema/security


http://www.springframework.org/schema/security/spring-security-3.1.xsd


http://www.springframework.org/schema/beans

      http://www.springframework.org/schema/beans/spring-beans-3.2.xsd">

   <http use-expressions="true">
      <intercept-url pattern="/login*" access="isAnonymous()" />
      <intercept-url pattern="/**" access="isAuthenticated()"/>

      <form-login 
         login-page='/form_login.html' 
         login-processing-url="/usuario_login.html"
         default-target-url="/usuario_start.html" 
         authentication-failure-url="/form_login"
         always-use-default-target="true"/>

      <logout logout-success-url="/login.html" />

   </http>
   <authentication-manager>
      <authentication-provider>
         <user-service>
            <user name="user1" password="user1Pass" authorities="ROLE_USER" />
         </user-service>
      </authentication-provider>
   </authentication-manager>
</beans:beans>

Looking in this files, someone can find the reason for this problem?

UPDATE 1 This is my Controller (DispatcherServlet) class:

package com.horariolivreapp.controller;

import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.ImportResource;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.ModelAndView;

import com.horariolivreapp.core.Sessao;
import com.horariolivreapp.data.UsuarioDAO;
@Controller
public class HorarioLivreController {

    private Sessao sessao;

    @RequestMapping("/cadastra_evento")
    public ModelAndView cadastra_evento() {
        return null;
    }
    @RequestMapping(value="/listagem_evento", method=RequestMethod.GET)
    public ModelAndView listagem_evento() {
        return null;
    }
    @RequestMapping("/cadastra_horario")
    public ModelAndView cadastra_horario() {
        return null;
    }
    @RequestMapping("/listagem_horario")
    public ModelAndView listagem_horario() {
        return null;
    }
    @RequestMapping("/cadastra_usuario")
    public ModelAndView cadastra_usuario() {
        return null;
    }
    @RequestMapping("/listagem_usuario")
    public ModelAndView listagem_usuario() {
        return null;
    }
    @RequestMapping("/cadastra_tipo")
    public ModelAndView cadastra_tipo() {
        return null;
    }
    @RequestMapping("/cadastra_campo")
    public ModelAndView cadastra_campo() {
        return null;
    }
    @RequestMapping("/cadastra_autorizacao")
    public ModelAndView cadastra_autorizacao() {
        return null;
    }
    @RequestMapping("/usuario_perfil")
    public ModelAndView usuario_perfil() {
        return null;
    }
    @RequestMapping("/usuario_config")
    public ModelAndView usuario_config() {
        return null;
    }
    @RequestMapping(value="/usuario_login", method=RequestMethod.POST)
    public ModelAndView usuario_login(@RequestParam("j_username") String username, @RequestParam("j_password") String password) {
        UsuarioDAO usuario = new UsuarioDAO(username, password);
        if(usuario.getUsuario() != null) {
            this.sessao = new Sessao(usuario.getUsuario());
        }
        return new ModelAndView("usuario_start","usuario",usuario.getUsuario());
    }
    @Configuration
    @ImportResource({ "classpath:webSecurityConfig.xml" })
    public class SecSecurityConfig {
       public SecSecurityConfig() {
          super();
       }
    }
}

Answer 1

An NPE at that point means that appServlet is null, which in turn means that sc.addServlet(...) returned null.

The Javadoc for addServlet says this:

"Returns: a ServletRegistration object that may be used to further configure the given servlet, or null if this ServletContext already contains a complete ServletRegistration for a servlet with the given servletName or if the same servlet instance has already been registered with this or another ServletContext in the same container."

Now you are instantiating the Servlet object at that point, so it cannot have previously been registered. But there could be another Servlet with the same name ... and that's the probable immediate cause of the problem.

And in fact, it looks like you have already registered a servlet called "horariolivreapp" by declaring it in the web.xml file.