我是Spring安全新手,我正在尝试将它应用于一个有效的spring-mvc项目。 错误是:
cvc-complex-type.2.4.c: The matching wildcard is strict,
but no declaration can be found for element http.
弹簧security.xml文件:
<beans:beans
xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd
http://www.springframework.org/schema/context/spring-context.xsd">
<http auto-config='true'>
<intercept-url pattern="/**" access="ROLE_USER" />
</http>
<authentication-manager>
<authentication-provider>
<user-service>
<user name="matt3o" password="secret" authorities="ROLE_USER" />
<user name="admin" password="admin" authorities="ROLE_USER,ROLE_ADMIN" />
</user-service>
</authentication-provider>
我在pom.xml中添加了spring-security依赖。
如果我删除
<http auto-config='true'>
<intercept-url pattern="/**" access="ROLE_USER" />
</http>
错误是相同的但是:
no declaration can be found for element authentication-manager.
看起来命名空间不起作用。
答案 0 :(得分:0)
xml的默认命名空间是http://www.springframework.org/schema/beans
,但它应该是http://www.springframework.org/schema/security
。您还必须在xsi:schemaLocation
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd
您必须配置用户提供凭据的方式。最简单的是
基于表单的登录
用户使用html表单输入凭据。要使用表单登录,请在<form-login />
标记内放置<http>
,这会为您提供默认登录页面,您可以在以后替换它们。
基本身份验证。
用户使用浏览器的登录对话框。要在<http-basic />
标记内使用基本放置<http>
。
所以你的最终spring-security.xml
应该是。
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd
http://www.springframework.org/schema/context/spring-context.xsd">
<http auto-config='true'>
<intercept-url pattern="/logged" access="ROLE_USER"/>
<!-- Replace the below with http-basic tag for basic authentication -->
<form-login/>
</http>
<authentication-manager>
<authentication-provider>
<user-service>
<user name="matt3o" password="secret" authorities="ROLE_USER" />
<user name="admin" password="admin" authorities="ROLE_USER,ROLE_ADMIN" />
</user-service>
</authentication-provider>
</authentication-manager>
</beans:beans>
注意:不要忘记在classpath中添加spring-security-config.jar。