JavaSpring从2.5.6迁移到4.3.6
我有一个使用Spring2.5.6运行的应用程序,它使用JDK1.6。我更改为版本4.3.6以使用JDK1.8
已经更改了一些方法和导入
没有更多的编译错误
但是,当我尝试使用Jetty启动应用程序时,出现了以下错误:
[WARNING] Nested in org.springframework.beans.factory.parsing.BeanDefinitionParsingException: Configuration problem: Failed to import bean definitions from URL location [classpath:spring-security-config.xml]
Offending resource: class path resource [beanRefFacory.xml]; nested exception is org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException: Line 18 in XML document from class path resource [spring-security-config.xml] is invalid; nested exception is org.xml.sax.SAXParseException; lineNumber: 18; columnNumber: 58; cvc-complex-type.2.4.c: O curinga correspondente é restrito, mas nenhuma declaração pode ser encontrada para o elemento 'security:http'.:
org.xml.sax.SAXParseException; lineNumber: 18; columnNumber: 58; cvc-complex-type.2.4.c: O curinga correspondente é restrito, mas nenhuma declaração pode ser encontrada para o elemento 'security:http'.
at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:198)
at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.error(ErrorHandlerWrapper.java:134)
at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:437)
at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:368)
at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:325)
at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator$XSIErrorReporter.reportError(XMLSchemaValidator.java:458)
at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.reportSchemaError(XMLSchemaValidator.java:3237)
at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.handleStartElement(XMLSchemaValidator.java:1917)
at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.startElement(XMLSchemaValidator.java:746)
at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.scanStartElement(XMLNSDocumentScannerImpl.java:379)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDriver.next(XMLDocumentFragmentScannerImpl.java:2786)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(XMLDocumentScannerImpl.java:606)
at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.next(XMLNSDocumentScannerImpl.java:117)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:510)
at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:848)
at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:777)
at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:141)
at com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.java:243)
at com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(DocumentBuilderImpl.java:347)
at org.springframework.beans.factory.xml.DefaultDocumentLoader.loadDocument(DefaultDocumentLoader.java:76)
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadDocument(XmlBeanDefinitionReader.java:429)
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:391)
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:336)
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:304)
at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:181)
at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:217)
at org.springframework.beans.factory.xml.DefaultBeanDefinitionDocumentReader.importBeanDefinitionResource(DefaultBeanDefinitionDocumentReader.java:227)
at org.springframework.beans.factory.xml.DefaultBeanDefinitionDocumentReader.parseDefaultElement(DefaultBeanDefinitionDocumentReader.java:184)
at org.springframework.beans.factory.xml.DefaultBeanDefinitionDocumentReader.parseBeanDefinitions(DefaultBeanDefinitionDocumentReader.java:169)
at org.springframework.beans.factory.xml.DefaultBeanDefinitionDocumentReader.doRegisterBeanDefinitions(DefaultBeanDefinitionDocumentReader.java:142)
at org.springframework.beans.factory.xml.DefaultBeanDefinitionDocumentReader.registerBeanDefinitions(DefaultBeanDefinitionDocumentReader.java:94)
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.registerBeanDefinitions(XmlBeanDefinitionReader.java:508)
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:392)
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:336)
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:304)
at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:181)
at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:217)
at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:188)
at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:125)
at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:94)
at org.springframework.context.support.AbstractRefreshableApplicationContext.refreshBeanFactory(AbstractRefreshableApplicationContext.java:129)
at org.springframework.context.support.AbstractApplicationContext.obtainFreshBeanFactory(AbstractApplicationContext.java:613)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:514)
at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:444)
at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:326)
at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:107)
at org.mortbay.jetty.handler.ContextHandler.startContext(ContextHandler.java:548)
at org.mortbay.jetty.servlet.Context.startContext(Context.java:136)
at org.mortbay.jetty.webapp.WebAppContext.startContext(WebAppContext.java:1250)
at org.mortbay.jetty.handler.ContextHandler.doStart(ContextHandler.java:517)
at org.mortbay.jetty.webapp.WebAppContext.doStart(WebAppContext.java:467)
at org.mortbay.jetty.plugin.Jetty6PluginWebAppContext.doStart(Jetty6PluginWebAppContext.java:115)
at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
at org.mortbay.jetty.handler.HandlerCollection.doStart(HandlerCollection.java:152)
at org.mortbay.jetty.handler.ContextHandlerCollection.doStart(ContextHandlerCollection.java:156)
at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
at org.mortbay.jetty.handler.HandlerCollection.doStart(HandlerCollection.java:152)
at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
at org.mortbay.jetty.handler.HandlerWrapper.doStart(HandlerWrapper.java:130)
at org.mortbay.jetty.Server.doStart(Server.java:224)
at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
at org.mortbay.jetty.plugin.Jetty6PluginServer.start(Jetty6PluginServer.java:132)
at org.mortbay.jetty.plugin.AbstractJettyMojo.startJetty(AbstractJettyMojo.java:441)
at org.mortbay.jetty.plugin.AbstractJettyMojo.execute(AbstractJettyMojo.java:383)
at org.mortbay.jetty.plugin.AbstractJettyRunMojo.execute(AbstractJettyRunMojo.java:210)
at org.mortbay.jetty.plugin.Jetty6RunMojo.execute(Jetty6RunMojo.java:184)
at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:134)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:207)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:153)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:145)
at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:116)
at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:80)
at org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build(SingleThreadedBuilder.java:51)
at org.apache.maven.lifecycle.internal.LifecycleStarter.execute(LifecycleStarter.java:128)
at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:307)
at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:193)
at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:106)
at org.apache.maven.cli.MavenCli.execute(MavenCli.java:863)
at org.apache.maven.cli.MavenCli.doMain(MavenCli.java:288)
at org.apache.maven.cli.MavenCli.main(MavenCli.java:199)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced(Launcher.java:289)
at org.codehaus.plexus.classworlds.launcher.Launcher.launch(Launcher.java:229)
at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode(Launcher.java:415)
at org.codehaus.plexus.classworlds.launcher.Launcher.main(Launcher.java:356)
有人能帮我吗
编辑: 这是我的spring安全配置。xml(在迁移过程中未更改):
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
xmlns:lang="http://www.springframework.org/schema/lang" xmlns:p="http://www.springframework.org/schema/p"
xmlns:util="http://www.springframework.org/schema/util" xmlns:camel="http://activemq.apache.org/camel/schema/spring"
xmlns:jee="http://www.springframework.org/schema/jee" xmlns:tx="http://www.springframework.org/schema/tx"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.2.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/lang http://www.springframework.org/schema/lang/spring-lang.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd
http://activemq.apache.org/camel/schema/spring http://activemq.apache.org/camel/schema/spring/camel-spring.xsd
http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee-2.0.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.5.xsd">
<security:http entry-point-ref="myAuthenticationEntryPoint"
auto-config="false" session-fixation-protection="none">
<security:intercept-url pattern="/login.iface"
filters="none" />
<security:intercept-url pattern="/img/**"
filters="none" />
<security:intercept-url pattern="/css/**"
filters="none" />
<security:intercept-url pattern="/scripts/**"
filters="none" />
<security:intercept-url pattern="/app/**"
access="IS_AUTHENTICATED_FULLY" />
<!-- <security:form-login login-page="/login.iface" default-target-url="/app/index.iface"
authentication-failure-url="/login.iface?login_error=true" /> -->
<security:logout logout-success-url="/login.jspx" />
</security:http>
<!-- Utilize 192.168.236.111 quando for testar local <security:ldap-server
url="${SOME.PROPERTY}" id="LDAPServer" /> -->
<bean id="memcachedLogin"
class="br.com.tpd.cac.thinkcat.memcached.MemCachedResourcesImpl">
<constructor-arg value="${SOME.PROPERTY}" />
<property name="timetoSet" value="${SOME.PROPERTY}" />
<property name="sessionTimeout" value="${SOME.PROPERTY}" />
</bean>
<!-- ************************************************************* *** Customized
LDAP Security Authentication/Authorization *** ************************************************************* -->
<bean id="contextSource"
class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
<constructor-arg value="${SOME.PROPERTY}" />
</bean>
<bean id="poolingContextSource"
class="org.springframework.ldap.pool.factory.PoolingContextSource"
destroy-method="close">
<property name="contextSource" ref="contextSource" />
<property name="dirContextValidator" ref="dirContextValidator" />
<property name="minIdle" value="${SOME.PROPERTY}" />
<property name="maxIdle" value="${SOME.PROPERTY}" />
<property name="maxActive" value="${SOME.PROPERTY}" />
<property name="maxTotal" value="${SOME.PROPERTY}" />
<property name="maxWait" value="${SOME.PROPERTY}" />
<property name="testOnBorrow" value="${SOME.PROPERTY}" />
<property name="testWhileIdle" value="${SOME.PROPERTY}" />
<property name="timeBetweenEvictionRunsMillis"
value="${SOME.PROPERTY}" />
<property name="minEvictableIdleTimeMillis"
value="${SOME.PROPERTY}" />
<property name="numTestsPerEvictionRun"
value="${SOME.PROPERTY}" />
</bean>
<bean id="dirContextValidator"
class="org.springframework.ldap.pool.validation.DefaultDirContextValidator" />
<bean id="ldapAuthProvider"
class="org.springframework.security.providers.ldap.LdapAuthenticationProvider">
<security:custom-authentication-provider />
<constructor-arg>
<bean
class="org.springframework.security.providers.ldap.authenticator.BindAuthenticator">
<constructor-arg ref="contextSource" />
<property name="userDnPatterns">
<!-- <list><value>uid={0},ou=people,dc=portalsigres,dc=com</value></list> -->
<list>
<value>${SOME.PROPERTY}</value>
</list>
</property>
</bean>
</constructor-arg>
<constructor-arg>
<bean id="ThinkCATWebLdapUserDetails" class="br.com.tpd.cac.thinkcat.security.ldap.LdapUserDetails">
<constructor-arg ref="contextSource" />
<constructor-arg value="${SOME.PROPERTY}" />
</bean>
</constructor-arg>
</bean>
<!-- ************************************************************* *** Customized
LDAP Security Authentication/Authorization *** ************************************************************* -->
<!-- LDAP TEMPLATE -->
<bean id="LDAPTemplateContext" class="net.sf.ldaptemplate.support.LdapContextSource">
<property name="url" value="${SOME.PROPERTY}" />
<property name="base" value="${SOME.PROPERTY}" />
<property name="userName" value="${SOME.PROPERTY}" />
<property name="password" value="${SOME.PROPERTY}" />
<property name="dirObjectFactory"
value="org.springframework.ldap.core.support.DefaultDirObjectFactory" />
<!-- Dont use sun ldap pool. Use poolContextSource instead -->
<property name="pooled" value="false" />
</bean>
<bean id="ldapTemplate" class="net.sf.ldaptemplate.LdapTemplate">
<constructor-arg ref="LDAPTemplateContext" />
</bean>
<bean id="sessionRegistry"
class="org.springframework.security.concurrent.SessionRegistryImpl" />
<bean id="defaultConcurrentSessionController"
class="br.com.tpd.cac.thinkcat.security.acesso.DMConcurrentSessionController">
<property name="sessionRegistry" ref="sessionRegistry" />
<property name="exceptionIfMaximumExceeded" value="${SOME.PROPERTY}" />
<property name="cache" ref="memcachedLogin" />
</bean>
<bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager">
<property name="providers">
<list>
<ref local="ldapAuthProvider" />
</list>
</property>
<property name="sessionController" ref="defaultConcurrentSessionController" />
</bean>
<bean id="sucessfulAuthenticationCallbackImpl"
class="br.com.tpd.cac.thinkcat.security.acesso.SuccessfulAuthenticationCallbackImpl">
<property name="sessionTimeout" value="${SOME.PROPERTY}" />
<property name="cache" ref="memcachedLogin" />
</bean>
<bean id="myAuthenticationEntryPoint"
class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint">
<property name="loginFormUrl" value="/login.iface" />
</bean>
<bean id="authenticationProcessingFilter"
class="br.com.tpd.cac.thinkcat.security.acesso.DMAuthenticationProcessingFilter">
<security:custom-filter position="AUTHENTICATION_PROCESSING_FILTER" />
<property name="defaultTargetUrl" value="/app/index.iface" />
<property name="authenticationManager" ref="authenticationManager" />
<property name="authenticationFailureUrl" value="/login.iface?login_error=true" />
<property name="allowSessionCreation" value="true" />
<property name="callback" ref="sucessfulAuthenticationCallbackImpl" />
<property name="rememberMeServices" ref="rememberMeServices" />
</bean>
<bean id="rememberMeAuthenticationManager"
class="br.com.tpd.cac.thinkcat.security.acesso.RememberMeAuthenticationManager">
<property name="providers">
<list>
<ref local="ldapAuthProvider" />
</list>
</property>
</bean>
<bean id="rememberMeProcessingFilter"
class="br.com.tpd.cac.thinkcat.security.acesso.RememberMeAuthFilter">
<security:custom-filter position="REMEMBER_ME_FILTER" />
<property name="authenticationManager" ref="rememberMeAuthenticationManager" />
<property name="rememberMeServices" ref="rememberMeServices" />
<property name="cache" ref="memcachedLogin" />
<property name="bloqueioMultiploAcesso" value="${SOME.PROPERTY}" />
</bean>
<bean id="pdrUserDetails"
class="br.com.tpd.cac.thinkcat.security.ldap.PDRUserDetailsService" />
<bean id="rememberMeServices"
class="br.com.tpd.cac.thinkcat.security.acesso.TokenBasedRememberMeServices">
<property name="userDetailsService" ref="pdrUserDetails" />
<property name="key" value="DM_REMEMBERME_KEY" />
<property name="sessionTimeout" value="${SOME.PROPERTY}" />
<property name="cache" ref="memcachedLogin" />
</bean>
<bean id="rememberMeAuthenticationProvider"
class="org.springframework.security.providers.rememberme.RememberMeAuthenticationProvider">
<security:custom-authentication-provider />
<property name="key" value="whatever" />
</bean>
</beans>
# 1 楼答案
初步答复
这是您的
http
元素:在现代Spring安全版本(4.x)中,
session-fixation-attribute
不再受http
的支持;相反,它是在session-management
:https://docs.spring.io/spring-security/site/docs/4.2.x/reference/html/appendix-namespace.html#nsa-session-management-attributes上配置的下面是它的外观:
这只是部分答案。如果您有其他问题,请更新问题
更新
我已经使用了您的XML,现在Spring Security能够解析它了。以下是我得到的:
我改变的是:
<ref>
:将local
替换为bean
属性session-fixation-protection
(如上所述)<custom-authentication-provider>
元素AUTHENTICATION_PROCESSING_FILTER
重命名为FORM_LOGIN_FILTER
<custom-filter>
个元素filters="none"
的<intercept-url>
删除它并添加带有security="none"
的<http>
元素(这是推荐的方法)RememberMeAuthenticationProvider
的包名Spring成功地解析了这一点。上下文启动失败,因为它找不到我没有的某个自定义类(
br.com.tpd.cac.thinkcat.security.acesso.TokenBasedRememberMeServices
)。它可能需要进一步的工作,但至少不会再出现神秘的错误消息还有一件事:我使用了SpringSecurity3.1.4来处理它,而不是Spring4.3。我今天没时间了。所以这又是一个部分答案,我写它希望它能帮助你