- cvc-elt.1:找不到元素&bean的声明'

时间:2015-04-11 08:09:00

标签: spring spring-security oauth-2.0

我正在使用Spring 4.1.4,在创建oauth安全配置文件时出现了这个错误。到目前为止,我完成了:

mvn clean, mvn编译, 选中的spring-beans jar在classpath中,

  

此行找到多个注释:      - Class' org.springframework.security.core.authority.AuthorityUtils'是抽象的      - cvc-elt.1:找不到元素' bean的声明。

有谁能帮我理解这个问题?

这是我的oauth配置文件代码:

 <?xml version="1.0" encoding="UTF-8"?>
<beans xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:oauth2="http://www.springframework.org/schema/security/oauth2"
    xmlns:beans="http://www.springframework.org/schema/beans"
    xmlns:security="http://www.springframework.org/schema/security"
    xsi:schemaLocation="http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2.xsd         http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd       http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.1.xsd">

    <!-- Defination of oAuth Service -->
    <http pattern="/oauth/token" create-session="stateless"
        authentication-manager-ref="clientAuthenticationManager"
        xmlns="http://www.springframework.org/schema/security">
        <intercept-url pattern="/oauth/token" access="IS_AUTHENTICATED_FULLY" />
        <anonymus enabled="false" />
        <http-basic entry-point-ref="clientAuthenticationEntryPoint" /> <!-- Include this only if you need to authentication client via request parameter -->
        <custom-filter ref="clientCredentialsTokenEndpointFilter"
            after="BASIC_AUTH_FILTER" />
        <access-denied-handler ref="oauthAccessDeniedHandler" />
    </http>

    <!-- Protected Resources -->
    <http pattern="/employee/**" create-session="never"
        entry-point-ref="oauthAuthenticationEntryPoint"
        access-denied-manger-ref="accessDecisionManager"
        xmlns="http://www.springframework.org/schema/security">
        <anonymus enabled="false" />
        <intercept-url pattern="/employee/**" access="ROLE_USER" />
        <custom-filter ref="resouceServerFilter" after="PRE_AUTH_FILTER" />
        <access-denied-handler ref="oauthAccessDeniedHandler" />
    </http>
    <bean id="oauthAuthenticationEntryPoint"
        class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint">
        <property name="realmName" value="dstest" />
    </bean>

    <bean id="clientAuthenticationEntryPoint"
        class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint">
        <property name="realmName" value="dstest/client" />
        <property name="typeName" value="Basic" />
    </bean>

    <bean id="oauthAccessDeniedHandler"
        class="org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler" />

    <bean id="clientCredentialsTokenEndpointFilter"
        class="org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter">
        <property name="authenticationManager" ref="clientAuthenticationManager" />
    </bean>

    <bean id="accessDecisionManager" class="org.springframework.security.access.vote.UnanimousBased"
        xmlns="http://www.springframework.org/schema/beans">
        <constructor-arg>
            <list>
                <bean class="org.springframework.security.oauth2.provider.vote.ScopeVoter" />
                <bean class="org.springframework.security.access.vote.RoleVoter" />
                <bean class="org.springframework.security.access.vote.AuthenticatedVoter" />
            </list>
        </constructor-arg>
    </bean>

    <!-- Authentication in config file -->

    <authentication-manager id="clientAuthenticationManager"
        xmlns="http://www.springframework.org/schema/security">
        <authentication-provider user-service-ref="clientDetailsUserService" />
    </authentication-manager>

    <authentication-manager id="authenticationManager"
        xmlns="http://www.springframework.org/schema/security">
        <authentication-provider>
            <user-service id="userDetailsService">
                <user name="admin" password="password" authorities="ROLE_USER" />
            </user-service>
        </authentication-provider>
    </authentication-manager>

    <bean id="clientDetailsUserService"
        class="org.springframework.security.oauth2.provider.client.ClientDetailsUserDetailsService">
        <constructor-arg ref="clientDetails" />
    </bean>

    <!-- Token Store -->
    <bean id="tokenStore"
        class="org.springframework.security.oauth2.provider.token.InMemoryTokenStore" />

    <bean id="tokenServices"
        class="org.springframework.security.oauth2.provider.token.DefaultTokenServices">
        <property name="tokenStore" ref="tokenStore" />
        <property name="supportRefreshToken" value="true" />
        <property name="clientDetailsService" ref="clientDetails" /> <!-- VIV -->
        <property name="accessTokenValiditySeconds" value="10" />
    </bean>

    <bean id="userApprovalHandler"
        class="org.springframework.security.oauth2.provider.approval.TokenServicesUserApprovalHandler">
        <property name="tokenServices" ref="tokenServices" />
    </bean>

    <!-- Token Management -->
    <oauth2:authorization-server
        client-details-service-ref="clientDetails" token-services-ref="tokenServices"
        user-approval-handler-ref="userApprovalHandler">
        <oauth2:authorization-code />
        <oauth2:implicit />
        <oauth2:refresh-token />
        <oauth2:client-credentials />
        <oauth2:password />
    </oauth2:authorization-server>

    <oauth2:resource-server id="resourceServerFilter"
        resouce-id="dstest" token-services-ref="tokenServices" />

    <!-- Client Defination -->
    <oauth2:client-details-service id="clientDetails">
        <oauth2:client client-id="my-trusted-client"
            authorized-grant-types="password,authorization_code,refresh_token,implicit,redirect"
            authorities="ROLE_CLIENT,ROLE_TRUSTED_CLIENT" redirect-uri="/web"
            scope="read,write,trust" access-token-validity="30"
            refresh-token-validity="600" />
    </oauth2:client-details-service>

    <security:global-method-security
        pre-post-annotations="enabled" proxy-target-class="true">
        <security:expression-handler ref="oauthExpressionHandler" />
    </security:global-method-security>
    <oauth2:expression-handler id="oauthExpressionHandler" />
    <oauth2:web-expression-handler id="oauthWebExpressionHandler" />

</beans>

0 个答案:

没有答案