我是春天的新人,我正在尝试添加
<security:logout invalidate-session="true" success-handler-ref="myLogoutHandler" logout-url="/logout" />
在Spring Security配置中但我收到错误
vc-complex-type.3.2.2: Attribute 'success-handler-ref' is not allowed to appear in element 'security:logout'.
如何解决这个问题?
我的文件看起来像这样
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
<security:global-method-security />
<security:http auto-config="false" entry-point-ref="authenticationProcessingFilterEntryPoint">
<security:intercept-url pattern="/index.jsp" filters="none" />
<security:intercept-url pattern="/*.action" access="ROLE_USER" />
<security:logout logout-success-url="/index.jsp" invalidate-session="true" logout-url="/logout" />
<security:logout invalidate-session="true" success-handler-ref="myLogoutHandler" logout-url="/logout" />
</security:http>
<bean id="authenticationProcessingFilter" class="com.loiane.security.MyAuthenticationProcessingFilter">
<security:custom-filter position="AUTHENTICATION_PROCESSING_FILTER" />
<property name="defaultTargetUrl" value="/main.html" />
<property name="authenticationManager" ref="authenticationManager" />
</bean>
<security:authentication-manager alias="authenticationManager" />
<bean id="authenticationProcessingFilterEntryPoint"
class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint">
<property name="loginFormUrl" value="/index.jsp" />
<property name="forceHttps" value="false" />
</bean>
<!--
Usernames/Passwords are
rod/koala
dianne/emu
scott/wombat
peter/opal
These passwords are from spring security app example
-->
<security:authentication-provider>
<security:password-encoder hash="md5"/>
<security:user-service>
<security:user name="rod" password="a564de63c2d0da68cf47586ee05984d7" authorities="ROLE_SUPERVISOR, ROLE_USER, ROLE_TELLER" />
<security:user name="dianne" password="65d15fe9156f9c4bbffd98085992a44e" authorities="ROLE_USER,ROLE_TELLER" />
<security:user name="scott" password="2b58af6dddbd072ed27ffc86725d7d3a" authorities="ROLE_USER" />
<security:user name="peter" password="22b5c9accc6e1ba628cedc63a72d57f8" authorities="ROLE_USER" />
</security:user-service>
</security:authentication-provider>
</beans>
答案 0 :(得分:0)
您已声明'security:logout'两次(两行不同)。
此外,根据架构,'logout'下不允许'success-handler-ref'。这就是你得到错误的原因。
前一段时间,I've written a short doc about Spring's Logout。这可能有所帮助。
答案 1 :(得分:0)
架构http://www.springframework.org/schema/security/spring-security-2.0.xsd
适用于Spring 2.0版。此版本的Spring Security中不存在属性success-handler-ref
。替换为http://www.springframework.org/schema/security/spring-security-3.2.xsd
。这假设您使用的是Spring Security 3.2。
如果您使用的是Spring Security 2.0,则应考虑更新,因为2.0已过期。