I think some module in spring-boot-starter-security is conflict with log4j, but I don't know which one.
my gradle dependence is as following:
compile("org.springframework.boot:spring-boot-starter-thymeleaf")
compile("org.springframework.boot:spring-boot-starter-security"){
exclude module: "spring-boot-starter-logging"
}
compile "org.apache.logging.log4j:log4j-api"
compile "org.apache.logging.log4j:log4j-core"
compile "org.apache.logging.log4j:log4j-slf4j-impl"
compile('org.apache.poi:poi:3.10.1')
compile('org.apache.poi:poi-ooxml:3.10.1')
testCompile("junit:junit")
Same solution for maven:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
<version>1.5.1.RELEASE</version>
<exclusions>
<exclusion>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
</exclusion>
</exclusions>
</dependency>