Duplicate registration for springSecurityFilterChain when deploying on tomcat outside of eclipse

It looks like you have two instances of the springSecurityFilterChain defined: Once in SecurityConfig.java, and once in spring-security.xml. You only need one of those files.

The filter line in web.xml tells the servlet engine (Tomcat) to load that filter, but the instance of that filter is configured in the Spring context. The problem is the Spring context can't start, because you have two configurations for the springSecurityFilterChain. Take one out, and you will be making progress.

Your configuration in the XML file seems more comprehensive and fine-grained, but I would recommend moving that configuration to the Java file and eliminating the XML file.

Once you remove your duplicate configuration, you may still have errors, but you should be able to find a solution to those on this site, or feel free to post a separate question!

Note: It is also possible to get Spring to automatically register the filter chain for you, so you don't need to define it in web.xml. See here for how to do that:

http://www.mkyong.com/spring-security/spring-security-hello-world-annotation-example/

However, I would recommend getting the current config working first, before throwing that in the mix.

if you have this class

import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer;

public class SpringSecurityInitializer extends AbstractSecurityWebApplicationInitializer {
   //do nothing
}

The above class is equivalent to the following web.xml code

<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy
            </filter-class>
</filter>

<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

Just remove the one you do not want.