1. 首页
  2. 问答
  3. 尝试使用会话管理时出错

尝试使用会话管理时出错

2017-10-20 56 views
3

我试图将session-management放入我的security-application.xml文件中。尝试使用会话管理时出错

错误:

Invalid content was found starting with element 'session-management'. One of '{"http://www.springframework.org/schema/security":intercept-url,

enter image description here

我试图把在其他地方,但没有成功。

建议?

------------------------ UPDATE ONE -------------------- ----

我想:

<security:session-management invalid-session-url="/logonTimeOut.jsp"> 
      <security:concurrency-control expired-url="/logonTimeOut.jsp"/> 
     </security:session-management>

,它仍然没有工作。

来源

2017-10-20 Drew1208

+0

看起来像一个XML架构验证错误给我。你能否把整个XML和整个错误信息添加到你的问题中?特别是名称空间声明将很重要。例如。 ''xmlns:security = ...' – Oresztesz

回答

1

我想你的XML配置不正确.Change XML配置这样

<?xml version="1.0" encoding="UTF-8"?> 
<beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans" 
    xsi:schemaLocation=" 
     http://www.springframework.org/schema/security 
     http://www.springframework.org/schema/security/spring-security-4.2.xsd 
     http://www.springframework.org/schema/beans 
     http://www.springframework.org/schema/beans/spring-beans-4.3.xsd" 
> 

    <http create-session="always" use-expressions="true"> 
     <intercept-url pattern="/anonymous*" access="isAnonymous()"/> 
     <intercept-url pattern="/login*" access="permitAll"/> 
     <intercept-url pattern="/**" access="isAuthenticated()"/> 

     <csrf disabled="true"/> 

     <form-login login-page='/login.html' authentication-success-handler-ref="myAuthenticationSuccessHandler" authentication-failure-url="/login.html?error=true"/> 

     <logout delete-cookies="JSESSIONID"/> 
     <remember-me key="uniqueAndSecret" token-validity-seconds="86400"/> 

     <session-management invalid-session-url="/invalidSession.html"> 
      <concurrency-control max-sessions="2" expired-url="/sessionExpired.html"/> 
     </session-management> 

    </http> 

    <beans:bean id="myAuthenticationSuccessHandler" class="org.baeldung.security.MySimpleUrlAuthenticationSuccessHandler"/> 

    <authentication-manager> 
     <authentication-provider> 
      <user-service> 
       <user name="user1" password="user1Pass" authorities="ROLE_USER"/> 
       <user name="admin1" password="admin1Pass" authorities="ROLE_ADMIN"/> 
      </user-service> 
     </authentication-provider> 
    </authentication-manager> 

</beans:beans>

来源

2017-10-22 19:48:34

+0

这不起作用,所以我尝试了'\t \t \t ''仍然不会进入该页面。 – Drew1208

+0

我还需要启用CSRF – Drew1208

+0

删除此

相关问题

 相关问题