Announcement Announcement Module
Collapse
No announcement yet.
security configuration problem Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • security configuration problem

    I am trying to implement Spring Security 2.0 using MyEclipse 6.01GA

    I have this in my applicaitonContext.xml (removed "www" for forum) :

    <?xml version="1.0" encoding="UTF-8"?>
    <beans
    xmlns="xxx.springframework.org/schema/beans"
    xmlns:beans="xxx.springframework.org/schema/beans"
    xmlns:xsi="xxx..w3.org/2001/XMLSchema-instance"
    xmlns:tx="xxx.springframework.org/schema/tx"
    xsi:schemaLocation="xxx.springframework.org/schema/beans xxx..springframework.org/schema/beans/spring-beans-2.0.xsd
    xxx..springframework.org/schema/security xxx..springframework.org/schema/security/spring-security-2.0.xsd">

    <import resource="springSecurity.xml"/>
    ...
    </beans>


    And in my springSecurity.xml I have this:

    <?xml version="1.0" encoding="UTF-8"?>
    <beans:beans xmlns="xxx.springframework.org/schema/security"
    xmlns:beans="xxx.springframework.org/schema/beans">

    <http auto-config="true" session-fixation-protection="none">
    <intercept-url pattern="/**" access="ROLE_USER" />
    </http>
    </beans:beans>



    and it all looks fine until I start up tomcat when I get this:

    Offending resource: ServletContext resource [/WEB-INF/applicationContext.xml]; nested exception is org.springframework.beans.factory.xml.XmlBeanDefin itionStoreException: Line 3 in XML document from ServletContext resource [/WEB-INF/springSecurity.xml] is invalid; nested exception is org.xml.sax.SAXParseException: cvc-elt.1: Cannot find the declaration of element 'beans:beans'.
    Caused by: org.springframework.beans.factory.xml.XmlBeanDefin itionStoreException: Line 3 in XML document from ServletContext resource [/WEB-INF/springSecurity.xml] is invalid; nested exception is org.xml.sax.SAXParseException: cvc-elt.1: Cannot find the declaration of element 'beans:beans'.


    When I edit the XML I don't get any validation errors, only on startup. Can anyone point out what I am doing wrong? I am using the Spring reference tutorial for guidance.

  • #2
    Does the tutorial app run OK without any changes?

    Comment


    • #3
      I am trying to use the tutorial inside an existing spring application I have. I just replaced the old acegi xml with the new spring security 2.0. I cut & paste the code out of the reference doc, so I don't think it is a typo. However, I am now wondering if it is a spring versioning problem. I am using a spring.jar from the project, but didn't think that could be related since this appears to be a schema validation issue.

      Comment


      • #4
        You need to define your schema locations. I get a similar error if I remove my schema locations.

        Just use this. This is cut and pasted from the Spring Security Samples Tutuorial file 'WEB-INF/applicationContext-security.xml'.

        Code:
        <beans:beans xmlns="http://www.springframework.org/schema/security"
        
            xmlns:beans="http://www.springframework.org/schema/beans"
        
            xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        
            xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
        
                                http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.1.xsd">

        Comment


        • #5
          something isn't right..

          Thanks David -

          I tried putting it in my applicationContext file, but the that resulted in many errors such as the import and bean declarations not being found. I thought maybe it should to go into my springSecurity file since that is where I was declaring security and that didn't give me any compile errors. However, when I startup I get:

          2008-06-10 06:04:51,588 ERROR [org.springframework.web.context.ContextLoader] - <Context initialization failed>
          org.springframework.beans.factory.parsing.BeanDefi nitionParsingException: Configuration problem: Failed to import bean definitions from relative location [springSecurity.xml]
          Offending resource: ServletContext resource [/WEB-INF/applicationContext.xml]; nested exception is org.springframework.beans.factory.parsing.BeanDefi nitionParsingException: Configuration problem: Unable to locate Spring NamespaceHandler for XML schema namespace xxx.springframework.org/schema/security]
          Offending resource: ServletContext resource [/WEB-INF/springSecurity.xml]

          I put the "xxx.springframework.org/schema/security" into my browser and am able to see the directories, and putting in "xxx.springframework.org/schema/beans/spring-beans-2.0.xsd" gives me the XML.

          Comment


          • #6
            You are best to start from a working configuration (correct jar files, schemas etc) and progress from there in stages, rather than trying to cut and paste things into an existing configuration. Start with the tutorial sample (working) and the jars that it includes, then expand from there a step at a time.

            Comment


            • #7
              another note

              Here is my entire springSecurity.xml referenced from my applicationContext.xml:

              <?xml version="1.0" encoding="UTF-8"?>

              <!-- <beans:beans xmlns="xxx.springframework.org/schema/security"
              xmlns:beans="xxx.springframework.org/schema/beans">-->

              <beans:beans xmlns="xxx.springframework.org/schema/security"
              xmlns:beans="xxx.springframework.org/schema/beans"
              xmlns:xsi="xxx.w3.org/2001/XMLSchema-instance"
              xsi:schemaLocation="xxx.springframework.org/schema/beans xxx.springframework.org/schema/beans/spring-beans-2.0.xsd
              xxx.springframework.org/schema/security xxx.springframework.org/schema/security/spring-security-2.0.1.xsd">

              <http auto-config="true" session-fixation-protection="none">
              <intercept-url pattern="/**" access="ROLE_USER" />
              </http>

              <authentication-provider>
              <user-service>
              <user name="jimi" password="jimispassword"
              authorities="ROLE_USER, ROLE_ADMIN" />
              <user name="bob" password="bobspassword"
              authorities="ROLE_USER" />
              </user-service>
              </authentication-provider>

              </beans:beans>

              The closing "</beans:beans>" shows an error that the "tag is missing closing bracket" but as you can see, it is not.

              Comment


              • #8
                You know, I cut and pasted the XML header from the Spring Security example, but the XSDs in the schema location are specifying the version. Do these match the Spring and Spring Security versions you are using? Newer versions should still have the older XSDs, but you might as well make the versions match or remove the version number and it should just use the newest XSD available.

                If you aren't too far along on developing your app, using an example webapp that is working as a base for your project is good idea. As Luke suggested above. There's the Spring security tutorial webapp or I posted a Spring Security webapp example if that helps too. The Simple Spring Security Webapp example has Spring Security securing the webapp and also only allowing an admin to see a delete link or execute the delete method using JDBC user authentication. The entire project is available in subversion.

                Comment


                • #9
                  got it

                  Thank you everyone for your help. I took your advice and got the example running solo and then used that xml in my own project. The correct xml turned out to be:

                  <b:beans xmlns="xxx.springframework.org/schema/security"
                  xmlns:b="xxx.springframework.org/schema/beans"
                  xmlns:xsi="xxx.w3.org/2001/XMLSchema-instance"
                  xsi:schemaLocation="xxx.springframework.org/schema/beans xxx.springframework.org/schema/beans/spring-beans-2.0.xsd
                  xxx.springframework.org/schema/security xxx.springframework.org/schema/security/spring-security-2.0.1.xsd">

                  </b:beans>

                  I did this after upgrading to Spring 3.5.4 and Spring Security 2.0.2 so I am not sure why that worked this time. But I am grateful for all the help!

                  Comment


                  • #10
                    In case someone else runs into this problem...


                    I had the same problem for a few hours - turns out I was missing the spring-security-core jar file. I guess I was thinking that spring-security-core-tiger was
                    all I needed as I was running JDK6+. Tiger depends on core, though.

                    Comment


                    • #11
                      same problem

                      i am having the same problem...

                      Unable to locate Spring NamespaceHandler for XML schema namespace [http://www.springframework.org/schema/security]

                      i have added spring-security-2.0.4

                      but still the same error....

                      any ideas...

                      Comment


                      • #12
                        this is my working security 2.0.4 xml

                        PHP Code:

                        <beans xmlns="http://www.springframework.org/schema/beans"
                               
                        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                               
                        xmlns:security="http://www.springframework.org/schema/security"
                               
                        xsi:schemaLocation="http://www.springframework.org/schema/beans
                                                   http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
                                                   http://www.springframework.org/schema/security
                                                   http://www.springframework.org/schema/security/spring-security-2.0.xsd"

                        Kind regards

                        Armando

                        Comment


                        • #13
                          my security setting

                          <beans xmlns="http://www.springframework.org/schema/beans"
                          xmlns:security="http://www.springframework.org/schema/security"
                          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                          xmlns: p="http://www.springframework.org/schema/p"
                          xmlns:aop="http://www.springframework.org/schema/aop"
                          xmlns:tx="http://www.springframework.org/schema/tx"


                          xsi:schemaLocation="http://www.springframework.org/schema/beans
                          [url]http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
                          http://www.springframework.org/schema/aop
                          http://www.springframework.org/schema/aop/spring-aop-2.5.xsd
                          http://www.springframework.org/schema/tx
                          http://www.springframework.org/schema/tx/spring-tx-2.5.xsd
                          http://www.springframework.org/schema/security
                          http://www.springframework.org/schema/security/spring-security-2.0.4.xsd">
                          ..still get the same error

                          org.springframework.beans.factory.parsing.BeanDefi nitionParsingException: Configuration problem: Unable to locate Spring NamespaceHandler for XML schema namespace [http://www.springframework.org/schema/security]


                          this is my library structure:
                          Libraries:
                          -Spring Framework 2.5-spring-2.5.jar
                          -Meta-INF
                          spring.handler
                          Code:
                          http\://www.springframework.org/schema/aop=org.springframework.aop.config.AopNamespaceHandler
                          http\://www.springframework.org/schema/context=org.springframework.context.config.ContextNamespaceHandler
                          http\://www.springframework.org/schema/jee=org.springframework.ejb.config.JeeNamespaceHandler
                          http\://www.springframework.org/schema/jms=org.springframework.jms.config.JmsNamespaceHandler
                          http\://www.springframework.org/schema/lang=org.springframework.scripting.config.LangNamespaceHandler
                          http\://www.springframework.org/schema/p=org.springframework.beans.factory.xml.SimplePropertyNamespaceHandler
                          http\://www.springframework.org/schema/tx=org.springframework.transaction.config.TxNamespaceHandler
                          http\://www.springframework.org/schema/util=org.springframework.beans.factory.xml.UtilNamespaceHandler
                          spring.schemas
                          Code:
                          http\://www.springframework.org/schema/aop/spring-aop-2.0.xsd=org/springframework/aop/config/spring-aop-2.0.xsd
                          http\://www.springframework.org/schema/aop/spring-aop-2.5.xsd=org/springframework/aop/config/spring-aop-2.5.xsd
                          http\://www.springframework.org/schema/aop/spring-aop.xsd=org/springframework/aop/config/spring-aop-2.5.xsd
                          http\://www.springframework.org/schema/beans/spring-beans-2.0.xsd=org/springframework/beans/factory/xml/spring-beans-2.0.xsd
                          http\://www.springframework.org/schema/beans/spring-beans-2.5.xsd=org/springframework/beans/factory/xml/spring-beans-2.5.xsd
                          http\://www.springframework.org/schema/beans/spring-beans.xsd=org/springframework/beans/factory/xml/spring-beans-2.5.xsd
                          http\://www.springframework.org/schema/context/spring-context-2.5.xsd=org/springframework/context/config/spring-context-2.5.xsd
                          http\://www.springframework.org/schema/context/spring-context.xsd=org/springframework/context/config/spring-context-2.5.xsd
                          http\://www.springframework.org/schema/jee/spring-jee-2.0.xsd=org/springframework/ejb/config/spring-jee-2.0.xsd
                          http\://www.springframework.org/schema/jee/spring-jee-2.5.xsd=org/springframework/ejb/config/spring-jee-2.5.xsd
                          http\://www.springframework.org/schema/jee/spring-jee.xsd=org/springframework/ejb/config/spring-jee-2.5.xsd
                          http\://www.springframework.org/schema/jms/spring-jms-2.5.xsd=org/springframework/jms/config/spring-jms-2.5.xsd
                          http\://www.springframework.org/schema/jms/spring-jms.xsd=org/springframework/jms/config/spring-jms-2.5.xsd
                          http\://www.springframework.org/schema/lang/spring-lang-2.0.xsd=org/springframework/scripting/config/spring-lang-2.0.xsd
                          http\://www.springframework.org/schema/lang/spring-lang-2.5.xsd=org/springframework/scripting/config/spring-lang-2.5.xsd
                          http\://www.springframework.org/schema/lang/spring-lang.xsd=org/springframework/scripting/config/spring-lang-2.5.xsd
                          http\://www.springframework.org/schema/tx/spring-tx-2.0.xsd=org/springframework/transaction/config/spring-tx-2.0.xsd
                          http\://www.springframework.org/schema/tx/spring-tx-2.5.xsd=org/springframework/transaction/config/spring-tx-2.5.xsd
                          http\://www.springframework.org/schema/tx/spring-tx.xsd=org/springframework/transaction/config/spring-tx-2.5.xsd
                          http\://www.springframework.org/schema/tool/spring-tool-2.0.xsd=org/springframework/beans/factory/xml/spring-tool-2.0.xsd
                          http\://www.springframework.org/schema/tool/spring-tool-2.5.xsd=org/springframework/beans/factory/xml/spring-tool-2.5.xsd
                          http\://www.springframework.org/schema/tool/spring-tool.xsd=org/springframework/beans/factory/xml/spring-tool-2.5.xsd
                          http\://www.springframework.org/schema/util/spring-util-2.0.xsd=org/springframework/beans/factory/xml/spring-util-2.0.xsd
                          http\://www.springframework.org/schema/util/spring-util-2.5.xsd=org/springframework/beans/factory/xml/spring-util-2.5.xsd
                          http\://www.springframework.org/schema/util/spring-util.xsd=org/springframework/beans/factory/xml/spring-util-2.5.xsd
                          i think problem lies within spring.hander and spring.schemas as both of them are missing security interfaces..anybody know how to solve this
                          Last edited by as1; Feb 28th, 2009, 07:12 AM. Reason: adding further info

                          Comment


                          • #14
                            Please follow the suggestions already made in this thread:

                            1. Make sure you have the spring-security-core jar on your classpath (and core-tiger if you are using Java 1.5 features), in addition to the standard spring jars.

                            2. Use the basic sample application as a starting point for your configuration.

                            Comment


                            • #15
                              one error solved...

                              it worked after adding core-tiger..thanks for yor help

                              Comment

                              Working...
                              X