我正在尝试配置NTLM身份验证,但收到错误:
cvc-complex-type.2.4.c:匹配的通配符是严格的,但是找不到元素’http’的声明。
我阅读了很多类似错误的主题,但是找不到解决我问题的方法。
我的导致错误的security.xml文件是:
<beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd" > <http access-denied-page="forms/error403.jsp" entry-point-ref="ntlmEntryPoint" servlet-api-provision="false"> <intercept-url pattern="forms/error403.jsp" filters="none"/> <intercept-url pattern="forms/**" access="ROLE_GUEST,ROLE_OPERATOR,ROLE_ADMIN" /> <custom-filter position="PRE_AUTH_FILTER"/> </http> <authentication-manager alias="mainAuthenticationManager"/> <authentication-provider user-service-ref='userDetailsService' /> <beans:bean id="userDetailsService" class="service.UserInfoService"> <beans:property name="dataSource" ref="dataSource" /> <beans:property name="usersByUsernameQuery" value="select distinct name, ' ' as password, 1 as enabled from TMP_SPRING_USERS where name=?" /> <beans:property name="authoritiesByUsernameQuery" value="select name, role from TMP_SPRING_USERS where name=?" /> </beans:bean> <beans:bean id="ntlmEntryPoint" class="org.springframework.security.ui.ntlm.NtlmProcessingFilterEntryPoint"> <beans:property name="authenticationFailureUrl" value="forms/error403.html" /> </beans:bean> <beans:bean id="exceptionTranslationFilter" class="org.springframework.security.ui.ExceptionTranslationFilter"> <beans:property name="authenticationEntryPoint" ref="ntlmEntryPoint" /> </beans:bean> <beans:bean id="ntlmFilter" class="org.springframework.security.ui.ntlm.NtlmProcessingFilter"> <custom-filter position="NTLM_FILTER" /> <beans:property name="authenticationManager" ref="mainAuthenticationManager" /> <beans:property name="retryOnAuthFailure" value="true" /> <beans:property name="stripDomain" value="true"/> <beans:property name="domainController" value="company.com" /> <beans:property name="jcifsProperties"> <beans:props> <beans:prop key="jcifs.smb.lmCompatibility">0</beans:prop> <beans:prop key="jcifs.smb.client.useExtendedSecurity">false</beans:prop> <beans:prop key="jcifs.smb.client.domain">COMPANY</beans:prop> <beans:prop key="jcifs.smb.client.username">somenycuser</beans:prop> <beans:prop key="jcifs.smb.client.password">AReallyLoooongRandomPassword</beans:prop> </beans:props> </beans:property> </beans:bean> </beans:beans>
因为从3.X版本开始,Spring Security不再包含NTLM扩展,所以我从http://aloiscochard.blogspot.com/2010/03/spring-security-ntlm-3.html文章中使用了它。
请帮我。
问题解决了,我忘了添加spring-security-config.jar。我也更改了一些设置。正确的security.xml是:
<beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.4.xsd" > <http access-denied-page="forms/error403.jsp" entry-point-ref="ntlmEntryPoint" servlet-api-provision="false"> <intercept-url pattern="/**" access="ROLE_GUEST,ROLE_OPERATOR,ROLE_ADMIN" /> <custom-filter position="PRE_AUTH_FILTER" ref="ntlmFilter"/> </http> <authentication-manager alias="mainAuthenticationManager"> <authentication-provider user-service-ref="userDetailsService" /> </authentication-manager> <beans:bean id="userDetailsService" class="service.UserInfoService"> <beans:property name="dataSource" ref="dataSource" /> <beans:property name="usersByUsernameQuery" value="select distinct name, ' ' as password, 1 as enabled from TMP_SPRING_USERS where name=?" /> <beans:property name="authoritiesByUsernameQuery" value="select name, role from TMP_SPRING_USERS where name=?" /> </beans:bean> <beans:bean id="ntlmEntryPoint" class="org.springframework.security.ui.ntlm.NtlmAuthenticationFilterEntryPoint"> <beans:property name="authenticationFailureUrl" value="forms/error403.html" /> </beans:bean> <beans:bean id="ntlmFilter" class="org.springframework.security.ui.ntlm.NtlmAuthenticationFilter"> <beans:property name="authenticationManager" ref="mainAuthenticationManager" /> <beans:property name="retryOnAuthFailure" value="true" /> <beans:property name="stripDomain" value="true"/> <beans:property name="domainController" value="company.com" /> <beans:property name="jcifsProperties"> <beans:props> <beans:prop key="jcifs.smb.lmCompatibility">0</beans:prop> <beans:prop key="jcifs.smb.client.useExtendedSecurity">false</beans:prop> <beans:prop key="jcifs.smb.client.domain">COMPANY</beans:prop> <beans:prop key="jcifs.smb.client.username">somenycuser</beans:prop> <beans:prop key="jcifs.smb.client.password">AReallyLoooongRandomPassword</beans:prop> </beans:props> </beans:property> </beans:bean> </beans:beans>