Fatal编程技术网
  • spring/
  • 如何正确编写spring-security.xml文件?

如何正确编写spring-security.xml文件?

spring spring-security

如何正确编写spring-security.xml文件?,spring,spring-security,Spring,Spring Security,我是SpringSecurity的新手,我正在尝试将它应用到一个正在工作的SpringMVC项目中。 错误是: cvc-complex-type.2.4.c: The matching wildcard is strict, but no declaration can be found for element http. spring-security.xml: <beans:beans xmlns="http://www.springframework.org/schema/sec

我是SpringSecurity的新手,我正在尝试将它应用到一个正在工作的SpringMVC项目中。 错误是:

cvc-complex-type.2.4.c: The matching wildcard is strict,
but no declaration can be found for element http.
spring-security.xml:

<beans:beans 
xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"      
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd
http://www.springframework.org/schema/context/spring-context.xsd">

<http auto-config='true'>
 <intercept-url pattern="/**" access="ROLE_USER" />
</http>

<authentication-manager>
 <authentication-provider>
  <user-service>
    <user name="matt3o" password="secret" authorities="ROLE_USER" />
    <user name="admin" password="admin" authorities="ROLE_USER,ROLE_ADMIN" />
  </user-service>
</authentication-provider>
名称空间似乎不起作用。

xml的默认名称空间是
http://www.springframework.org/schema/beans
但它应该是
http://www.springframework.org/schema/security
。您还必须在
xsi:schemaLocation

http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd
您必须配置用户提供凭据的方式。最简单的是

  • 基于表单的登录

    用户使用html表单输入凭据。要使用表单登录,请将
    放入
    标记中,该标记为您提供默认的登录页面,稍后您可以用自己的页面替换该页面

  • 基本身份验证

    用户使用浏览器的登录对话框。要在
    标记内使用基本put

    • 因此,您的最终
    spring security.xml
    应该是

    <?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
       xmlns:beans="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:context="http://www.springframework.org/schema/context"      
       xsi:schemaLocation="http://www.springframework.org/schema/beans
                           http://www.springframework.org/schema/beans/spring-beans.xsd
                           http://www.springframework.org/schema/context
                           http://www.springframework.org/schema/security
                           http://www.springframework.org/schema/security/spring-security.xsd
                           http://www.springframework.org/schema/context/spring-context.xsd">


  <http auto-config='true'>
    <intercept-url pattern="/logged" access="ROLE_USER"/> 
    <!-- Replace the below with http-basic tag for basic authentication -->
    <form-login/>
  </http>    

  <authentication-manager>
    <authentication-provider>
      <user-service>
        <user name="matt3o" password="secret" authorities="ROLE_USER" />
        <user name="admin" password="admin" authorities="ROLE_USER,ROLE_ADMIN" />
      </user-service>
    </authentication-provider>
  </authentication-manager>

</beans:beans>
    注意:别忘了在类路径中添加spring-security-config.jar。

    好的。非常感谢。我还需要对“http”行进行一些配置吗?匹配的通配符是严格的,但是找不到元素http的声明。第一个问题似乎已经解决了。您必须在类pathYes中添加spring-security-config.jar。是的,我添加了。我在pom.xml中添加了依赖项 
    http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd

    <?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
       xmlns:beans="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:context="http://www.springframework.org/schema/context"      
       xsi:schemaLocation="http://www.springframework.org/schema/beans
                           http://www.springframework.org/schema/beans/spring-beans.xsd
                           http://www.springframework.org/schema/context
                           http://www.springframework.org/schema/security
                           http://www.springframework.org/schema/security/spring-security.xsd
                           http://www.springframework.org/schema/context/spring-context.xsd">


  <http auto-config='true'>
    <intercept-url pattern="/logged" access="ROLE_USER"/> 
    <!-- Replace the below with http-basic tag for basic authentication -->
    <form-login/>
  </http>    

  <authentication-manager>
    <authentication-provider>
      <user-service>
        <user name="matt3o" password="secret" authorities="ROLE_USER" />
        <user name="admin" password="admin" authorities="ROLE_USER,ROLE_ADMIN" />
      </user-service>
    </authentication-provider>
  </authentication-manager>

</beans:beans>