“匹配的通配符是严格的,但找不到元素'http'的声明”错误
Posted
技术标签:
【中文标题】“匹配的通配符是严格的,但找不到元素\'http\'的声明”错误【英文标题】:"The matching wildcard is strict, but no declaration can be found for element 'http'" Error“匹配的通配符是严格的,但找不到元素'http'的声明”错误 【发布时间】:2012-05-20 15:41:01 【问题描述】:我正在尝试配置 NTLM 身份验证,但收到错误:
cvc-complex-type.2.4.c:匹配通配符是严格的,但是没有 可以找到元素“http”的声明。
我阅读了很多类似错误的主题,但我找不到解决问题的方法。
导致错误的我的security.xml文件是:
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd" >
<http access-denied-page="forms/error403.jsp" entry-point-ref="ntlmEntryPoint" servlet-api-provision="false">
<intercept-url pattern="forms/error403.jsp" filters="none"/>
<intercept-url pattern="forms/**" access="ROLE_GUEST,ROLE_OPERATOR,ROLE_ADMIN" />
<custom-filter position="PRE_AUTH_FILTER"/>
</http>
<authentication-manager alias="mainAuthenticationManager"/>
<authentication-provider user-service-ref='userDetailsService' />
<beans:bean id="userDetailsService"
class="service.UserInfoService">
<beans:property name="dataSource" ref="dataSource" />
<beans:property name="usersByUsernameQuery" value="select distinct name, ' ' as password, 1 as enabled from TMP_SPRING_USERS where name=?" />
<beans:property name="authoritiesByUsernameQuery" value="select name, role from TMP_SPRING_USERS where name=?" />
</beans:bean>
<beans:bean id="ntlmEntryPoint"
class="org.springframework.security.ui.ntlm.NtlmProcessingFilterEntryPoint">
<beans:property name="authenticationFailureUrl" value="forms/error403.html" />
</beans:bean>
<beans:bean id="exceptionTranslationFilter"
class="org.springframework.security.ui.ExceptionTranslationFilter">
<beans:property name="authenticationEntryPoint" ref="ntlmEntryPoint" />
</beans:bean>
<beans:bean id="ntlmFilter"
class="org.springframework.security.ui.ntlm.NtlmProcessingFilter">
<custom-filter position="NTLM_FILTER" />
<beans:property name="authenticationManager" ref="mainAuthenticationManager" />
<beans:property name="retryOnAuthFailure" value="true" />
<beans:property name="stripDomain" value="true"/>
<beans:property name="domainController" value="company.com" />
<beans:property name="jcifsProperties">
<beans:props>
<beans:prop key="jcifs.smb.lmCompatibility">0</beans:prop>
<beans:prop key="jcifs.smb.client.useExtendedSecurity">false</beans:prop>
<beans:prop key="jcifs.smb.client.domain">COMPANY</beans:prop>
<beans:prop key="jcifs.smb.client.username">somenycuser</beans:prop>
<beans:prop key="jcifs.smb.client.password">AReallyLoooongRandomPassword</beans:prop>
</beans:props>
</beans:property>
</beans:bean>
</beans:beans>
由于 Spring Security 从 3.X 版本开始不再包含 NTLM 扩展,因此我在 http://aloiscochard.blogspot.com/2010/03/spring-security-ntlm-3.html 文章中使用它。
请帮帮我。
【问题讨论】:
如果您在 Spring Security 5.2 或更高版本上发生这种情况,请仔细检查您的schemaLocation 是否指向 HTTPS URL (https://www.springframework.org/schema/security/spring-security.xsd) - 我花了半个小时才弄清楚原因我的旧 http:// URL 不再有效
【参考方案1】:
问题解决了,忘记添加spring-security-config.jar了。我也更改了一些设置。正确的security.xml是::
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.0.4.xsd" >
<http access-denied-page="forms/error403.jsp" entry-point-ref="ntlmEntryPoint" servlet-api-provision="false">
<intercept-url pattern="/**" access="ROLE_GUEST,ROLE_OPERATOR,ROLE_ADMIN" />
<custom-filter position="PRE_AUTH_FILTER" ref="ntlmFilter"/>
</http>
<authentication-manager alias="mainAuthenticationManager">
<authentication-provider user-service-ref="userDetailsService" />
</authentication-manager>
<beans:bean id="userDetailsService"
class="service.UserInfoService">
<beans:property name="dataSource" ref="dataSource" />
<beans:property name="usersByUsernameQuery" value="select distinct name, ' ' as password, 1 as enabled from TMP_SPRING_USERS where name=?" />
<beans:property name="authoritiesByUsernameQuery" value="select name, role from TMP_SPRING_USERS where name=?" />
</beans:bean>
<beans:bean id="ntlmEntryPoint"
class="org.springframework.security.ui.ntlm.NtlmAuthenticationFilterEntryPoint">
<beans:property name="authenticationFailureUrl" value="forms/error403.html" />
</beans:bean>
<beans:bean id="ntlmFilter"
class="org.springframework.security.ui.ntlm.NtlmAuthenticationFilter">
<beans:property name="authenticationManager" ref="mainAuthenticationManager" />
<beans:property name="retryOnAuthFailure" value="true" />
<beans:property name="stripDomain" value="true"/>
<beans:property name="domainController" value="company.com" />
<beans:property name="jcifsProperties">
<beans:props>
<beans:prop key="jcifs.smb.lmCompatibility">0</beans:prop>
<beans:prop key="jcifs.smb.client.useExtendedSecurity">false</beans:prop>
<beans:prop key="jcifs.smb.client.domain">COMPANY</beans:prop>
<beans:prop key="jcifs.smb.client.username">somenycuser</beans:prop>
<beans:prop key="jcifs.smb.client.password">AReallyLoooongRandomPassword</beans:prop>
</beans:props>
</beans:property>
</beans:bean>
</beans:beans>
【讨论】:
以上是关于“匹配的通配符是严格的,但找不到元素'http'的声明”错误的主要内容,如果未能解决你的问题,请参考以下文章