Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

The matching wildcard is strict, but no declaration can be found for element 'bean'

I am trying to integrate a Spring Security project with CAS server for authentication by configuring the CAS client. Before applying it to my web app I tried it to the Spring Security sample project.

I added the CAS plugins as indicated here https://wiki.jasig.org/display/CASC/Configuring+the+JA-SIG+CAS+Client+for+Java+using+Spring adapting it to the case.

When I run or debug the sample web app I receive the error I mentioned on the title which is referred to the line

 <bean id="springSecurityFilterChain" class="org.springframework.security.web.FilterChainProxy">

of the following spring-security.xml:

 <beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd

http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.2.xsd
   http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.2.xsd">

<!-- enable use-expressions -->
<http auto-config="true" use-expressions="true">
    <intercept-url pattern="/admin**" access="hasRole('ROLE_ADMIN')" />

    <!-- access denied page -->
    <access-denied-handler error-page="/403" />
    <form-login 
        login-page="/login" 
        default-target-url="/welcome" 
        authentication-failure-url="/login?error" 
        username-parameter="username"
        password-parameter="password" />
    <logout logout-success-url="/login?logout"  />
    <!-- enable csrf protection -->
    <csrf/>
</http>

<!-- Select users and user_roles from database -->
<authentication-manager>
    <authentication-provider>
        <jdbc-user-service id="userService" data-source-ref="dataSource"
            users-by-username-query=
                "select username,password, enabled from users where username=?"
            authorities-by-username-query=
                "select username, role from user_roles where username =?  " />
    </authentication-provider>
</authentication-manager>

    <bean id="springSecurityFilterChain" class="org.springframework.security.web.FilterChainProxy">
    <security:filter-chain-map path-type="ant">
        <security:filter-chain pattern="/" filters="casValidationFilter, wrappingFilter" />
        <security:filter-chain pattern="/secure/receptor" filters="casValidationFilter" />
        <security:filter-chain pattern="/j_spring_security_logout" filters="logoutFilter,etf,fsi" />
        <security:filter-chain pattern="/**" filters="casAuthenticationFilter, casValidationFilter, wrappingFilter, sif,j2eePreAuthFilter,logoutFilter,etf,fsi"/>
    </security:filter-chain-map>
</bean>
<bean id="sif" class="org.springframework.security.web.context.SecurityContextPersistenceFilter"/>
<bean id="preAuthAuthProvider" class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider">
    <property name="preAuthenticatedUserDetailsService">
        <bean id="userDetailsServiceWrapper" class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper">
            <property name="userDetailsService" ref="userService"/>
        </bean>
    </property>
</bean>

<bean id="preAuthEntryPoint" class="org.springframework.security.web.authentication.Http403ForbiddenEntryPoint" />

<bean id="j2eePreAuthFilter" class="org.springframework.security.web.authentication.preauth.j2ee.J2eePreAuthenticatedProcessingFilter">
    <property name="authenticationManager" ref="authenticationManager"/>
    <property name="authenticationDetailsSource">
        <bean class="org.springframework.security.web.authentication.WebAuthenticationDetailsSource" />
    </property>
</bean>

<bean id="logoutFilter" class="org.springframework.security.web.authentication.logout.LogoutFilter">
    <constructor-arg value="/"/>
    <constructor-arg>
        <list>
            <bean class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler"/>
        </list>
    </constructor-arg>
</bean>

<bean id="servletContext" class="org.springframework.web.context.support.ServletContextFactoryBean"/>

<bean id="etf" class="org.springframework.security.web.access.ExceptionTranslationFilter">
    <property name="authenticationEntryPoint" ref="preAuthEntryPoint"/>
</bean>

<bean id="httpRequestAccessDecisionManager" class="org.springframework.security.access.vote.AffirmativeBased">
    <property name="allowIfAllAbstainDecisions" value="false"/>
    <property name="decisionVoters">
        <list>
            <ref bean="roleVoter"/>
        </list>
    </property>
</bean>
<bean id="fsi" class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor">
    <property name="authenticationManager" ref="authenticationManager"/>
    <property name="accessDecisionManager" ref="httpRequestAccessDecisionManager"/>
    <property name="securityMetadataSource">
        <security:filter-invocation-definition-source>
            <security:intercept-url pattern="/**" access="ROLE_ANONYMOUS,ROLE_USER"/>
        </security:filter-invocation-definition-source>
    </property>
</bean>
<bean id="roleVoter" class="org.springframework.security.access.vote.RoleVoter"/>

<bean id="securityContextHolderAwareRequestFilter" class="org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter"/>
<bean class="org.jasig.cas.client.validation.Saml11TicketValidator" id="ticketValidator">
    <constructor-arg index="0" value={cas.login} />

    <!--<property name="proxyGrantingTicketStorage" ref="proxyGrantingTicketStorage" />-->
    <!--<property name="proxyCallbackUrl" value="http://localhost:8080/ui/" />-->
</bean>
<bean id="proxyGrantingTicketStorage" class="org.jasig.cas.client.proxy.ProxyGrantingTicketStorageImpl" />
<bean id="casAuthenticationFilter" class="org.jasig.cas.client.authentication.AuthenticationFilter">
    <property name="casServerLoginUrl" value={cas.login.url} />
    <property name="serverName" value={cas.login.url} />
</bean>
<bean id="casValidationFilter" class="org.jasig.cas.client.validation.Saml11TicketValidationFilter">
    <property name="serverName" value="http://localhost:8080/ui" />
    <property name="exceptionOnValidationFailure" value="true" />
    <!--<property name="proxyGrantingTicketStorage" ref="proxyGrantingTicketStorage" />-->
    <property name="redirectAfterValidation" value="true" />
    <property name="ticketValidator" ref="ticketValidator" />
    <!--<property name="proxyReceptorUrl" value="/secure/receptor" />-->
</bean>
<bean id="wrappingFilter" class="org.jasig.cas.client.util.HttpServletRequestWrapperFilter" />

</beans:beans>

Any help is appreciated.

like image 549
user2008973 Avatar asked Jun 17 '14 09:06

user2008973


1 Answers

You need to add XSD in schema location as well.

xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd"
like image 151
Suneer Avatar answered Nov 17 '22 12:11

Suneer