我在spring security中為xframe-options的http標簽下添加了headers標簽,如下所示:
<http auto-config="true" use-expressions="true">
<攔截-url pattern="/rateWebService" access="hasRole('ROLE_ADMIN')" />
<攔截-url pattern="/**"/span> access="permitAll"/span> />
< form-login login-page="/loginA2B"/span> login-processing-url="/j_spring_security_check"/span> default-target-url="/rateWebService"/span> authentication-failure-url="/loginA2B? valid=false" />
<logout 注銷-url="/j_spring_security_logout" 注銷-成功-url="/logout" />
<headers>
<frame-options policy="SAMEORIGIN"/>
</headers>
</http>
一個例外被拋出,表示spring security schema不能識別headers標簽。我正在使用spring security 3(在xml中具有所有必要的模式位置,我相信鑒于headers是http的一個子標簽)。是我做錯了什么,還是spring security 3不支持設定頭檔案。
org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException。來自ServletContext資源[/WEB-INF/security.xml]的XML檔案中的86行無效;嵌套例外是org.xml.sax.SAXParseException;lineNumber。86; columnNumber: 12; cvc-complex-type.2.4.a。發現以元素'headers'開始的無效內容。'{"http://www.springframework.org/schema/security":intercept-url, "http://www.springframework.org/schema/security":access-denied-handler, "http://www.springframework.org/schema/security":form-login, "http://www.springframework.org/schema/security":openid-login, "http://www.springframework.org/schema/security":x509, "http://www.springframework.org/schema/security": http-basic, "http://www.springframework. org/schema/security":logout, "http://www.springframework.org/schema/security":session-management, "http://www.springframework.org/schema/security":remember-me, "http://www.springframework.org/schema/security":anonymous, "http://www.springframework.org/schema/security":port-mappings, "http://www.springframework.org/schema/security":custom-filter, "http://www.springframework.org/schema/security":request-cache}'是預期。
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:396)
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:334)
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:302)
at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:174)
at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:209)
at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:180)
at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:125)
at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:94)
at org.springframework.context.support.AbstractRefreshableApplicationContext.refreshBeanFactory(AbstractRefreshableApplicationContext.java:131)
at org.springframework.context.support.AbstractApplicationContext.getFreshBeanFactory(AbstractApplicationContext.java:522)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:436)
at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:384)
at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:283)
at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:111)
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4206)
at org.apache.catalina.core.StandardContext.start(StandardContext.java:4705)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1057)
at org.apache.catalina.core.StandardHost.start(StandardHost.java:840)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1057)
at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:463)
at org.apache.catalina.core.StandardService.start(StandardService.java:525)
at org.apache.catalina.core.StandardServer.start(StandardServer.java:754)
at org.apache.catalina.startup.Catalina.start(Catalina.java:595)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(未知來源)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(未知來源)
在java.lang.reflect.Method.invoke(未知來源)。
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
在org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)
原因是:org.xml.sax.SAXParseException; lineNumber: 86; columnNumber: 12; cvc-complex-type.2.4.a。發現以元素'headers'開始的無效內容。'{"http://www.springframework.org/schema/security":intercept-url, "http://www.springframework.org/schema/security":access-denied-handler, "http://www.springframework.org/schema/security":form-login, "http://www.springframework.org/schema/security":openid-login, "http://www.springframework.org/schema/security":x509, "http://www.springframework.org/schema/security": http-basic, "http://www.springframework. org/schema/security":logout, "http://www.springframework.org/schema/security":session-management, "http://www.springframework.org/schema/security":remember-me, "http://www.springframework.org/schema/security":anonymous, "http://www.springframework.org/schema/security":port-mappings, "http://www.springframework.org/schema/security":custom-filter, "http://www.springframework.org/schema/security":require-cache}'是預期的。
at org.apache.xerces.util.ErrorHandlerWrapper.createSAXParseException(未知來源)
at org.apache.xerces.util.ErrorHandlerWrapper.error(未知來源)
在org.apache.xerces.impl.XMLErrorReporter.reportError(未知來源)
在org.apache.xerces.impl.XMLErrorReporter.reportError(未知來源)。
at org.apache.xerces.impl.xs.XMLSchemaValidator$XSIErrorReporter.reportError(未知來源)
at org.apache.xerces.impl.xs.XMLSchemaValidator.reportSchemaError(未知來源)
at org.apache.xerces.impl.xs.XMLSchemaValidator.handleStartElement(未知來源)
at org.apache.xerces.impl.xs.XMLSchemaValidator.startElement(未知來源)
at org.apache.xerces.impl.XMLNSDocumentScannerImpl.scanStartElement(未知來源)
at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(未知來源)
at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(未知來源)
at org.apache.xerces.parsers.XML11Configuration.parse(未知來源)
at org.apache.xerces.parsers.XML11Configuration.parse(未知來源)
at org.apache.xerces.parsers.XMLParser.parse(未知來源)
at org.apache.xerces.parsers.DOMParser.parse(未知來源)
在org.apache.xerces.jaxp.DocumentBuilderImpl.parse(未知來源)。
at org.springframework.beans.factory.xml.DefaultDocumentLoader.loadDocument(DefaultDocumentLoader.java:75)
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:388)
... 28 more
uj5u.com熱心網友回復:
頭檔案支持是在Spring Security 3.2中添加的,你說你使用的是3.1,它不包含頭檔案支持。
警告:Spring Security 3.2 已經很久沒有更新了,并且已經被許多版本所取代了。它也不再被支持,所以我強烈建議升級到5.x系列(被支持)。
轉載請註明出處,本文鏈接:https://www.uj5u.com/qiye/307776.html
標籤: