匹配的通配符是严格的,但找不到元素 'oauth:authorization-server' 的声明

Posted

技术标签:

【中文标题】匹配的通配符是严格的,但找不到元素 \'oauth:authorization-server\' 的声明【英文标题】:The matching wildcard is strict, but no declaration can be found for element 'oauth:authorization-server'匹配的通配符是严格的,但找不到元素 'oauth:authorization-server' 的声明 【发布时间】:2015-12-05 17:50:47 【问题描述】:

我正在使用 spring security oAuth2 这是我的spring-security.xml

<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
    xmlns:context="http://www.springframework.org/schema/context"
    xmlns:sec="http://www.springframework.org/schema/security" xmlns:mvc="http://www.springframework.org/schema/mvc"
    xsi:schemaLocation="http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd
        http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.2.xsd
        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd 
        http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.2.xsd
        http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.2.xsd ">

pom.xml

<properties>
        <spring.version>4.2.0.RELEASE</spring.version>
        <log4j.version>1.2.17</log4j.version>
        <jdk.version>1.7</jdk.version>
        <context.path>mobapp</context.path>
        <spring.security.version>4.0.2.RELEASE</spring.security.version>
</properties>

<dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-web</artifactId>
        <version>$spring.version</version>
</dependency>
<dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-webmvc</artifactId>
        <version>$spring.version</version>
</dependency>
<dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-beans</artifactId>
        <version>$spring.version</version>
</dependency>
<!-- Spring Security -->
<dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-web</artifactId>
        <version>$spring.security.version</version>
</dependency>
<dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-config</artifactId>
        <version>$spring.security.version</version>
</dependency>
<dependency>
        <groupId>org.springframework.security.oauth</groupId>
        <artifactId>spring-security-oauth2</artifactId>
        <version>1.0.0.RELEASE</version>
</dependency>
<dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-context-support</artifactId>
        <version>$spring.version</version>
</dependency>    
<dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-context</artifactId>
        <version>$spring.version</version>
</dependency>

如果我的系统连接到互联网,它可以正常工作,否则会显示此错误:

SEVERE: Exception sending context initialized event to listener instance of class org.springframework.web.context.ContextLoaderListener
org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException: Line 117 in XML document from ServletContext resource [/WEB-INF/config/spring-security.xml] is invalid; nested exception is org.xml.sax.SAXParseException; lineNumber: 117; columnNumber: 51; cvc-complex-type.2.4.c: The matching wildcard is strict, but no declaration can be found for element 'oauth:authorization-server'.
    at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:399)
    at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:336)
    at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:304)
    at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:181)
    at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:217)
    at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:188)
    at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:125)

【问题讨论】:

【参考方案1】:

您遇到的问题是由于从类路径上的 jar 文件加载的 xsd 架构缺少所述元素。

在我看来,一个好的做法是从标题中省略版本号,例如 xsi:schemaLocation="http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2.xsd

而不是

xsi:schemaLocation="http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd

通过这种方式,您可以确保根据文件中的模式验证 xml,因为模式被打包在 jar 中,并且版本号被剥离。否则,模式是从 Internet 加载的,如果存在不匹配,您在编译时看不到它。

话虽如此,您似乎包含了旧版本的 oauth 依赖项,请尝试使用例如

 <dependency>
        <groupId>org.springframework.security.oauth</groupId>
        <artifactId>spring-security-oauth2</artifactId>
        <version>2.0.7.RELEASE</version>
    </dependency>

【讨论】:

以上是关于匹配的通配符是严格的,但找不到元素 'oauth:authorization-server' 的声明的主要内容,如果未能解决你的问题,请参考以下文章

匹配的通配符是严格的,但找不到元素“context:component-scan”的声明

cvc-complex-type.2.4.c:匹配通配符是严格的,但找不到元素“mongo:mongo”的声明。 [11]

cvc-complex-type.2.4.c:匹配通配符是严格的,但找不到元素“mvc:annotation-driven”的声明

org.xml.sax.SAXParseException; cvc-complex-type.2.4.c:匹配的通配符是严格的,但找不到元素“mvc:resources”的声明

匹配的通配符是严格的,但是在servlet.xml中找不到多个元素的声明

解密:通配符的匹配很全面, 但无法找到元素 ‘context:annotation-config‘ 的声明