Spring Security Error: cvc-complex-type.2.4.c: The matching wildcard is strict, but no declaration can be found for element 'http'
13,775
Solution 1
Make sure that spring-security-config-3.1.1.RELEASE.jar is in your classpath too.
Solution 2
Adding @Johannes Tuikkala's comment as a separate answer. So that it gets better visibility.
For me the issue was that xsd urls were http, when changed to https, it started working. E.g. http://www.springframework.org/schema/security https://www.springframework.org/schema/security/spring-security.xsd
Author by
whitecollar
Updated on June 04, 2022Comments
-
whitecollar almost 2 years
I am working on a Google App Engine and I am trying to integrate Spring Security to the project, but I keep getting the below as soon as I run the Google App Engine application:
15-Jul-2013 13:09:13 com.google.apphosting.utils.jetty.JettyLogger warn WARNING: Nested in org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException: Line 16 in XML document from ServletContext resource [/WEB-INF/spring-security.xml] is invalid; nested exception is org.xml.sax.SAXParseException: cvc-complex-type.2.4.c: The matching wildcard is strict, but no declaration can be found for element 'http'.: org.xml.sax.SAXParseException: cvc-complex-type.2.4.c: The matching wildcard is strict, but no declaration can be found for element 'http'. at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:195) at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.error(ErrorHandlerWrapper.java:131) at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:384) at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:318) at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator$XSIErrorReporter.reportError(XMLSchemaValidator.java:423) at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.reportSchemaError(XMLSchemaValidator.java:3188) at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.handleStartElement(XMLSchemaValidator.java:1933) at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.startElement(XMLSchemaValidator.java:711) at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.scanStartElement(XMLNSDocumentScannerImpl.java:400) at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDriver.next(XMLDocumentFragmentScannerImpl.java:2756) at com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(XMLDocumentScannerImpl.java:647) at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.next(XMLNSDocumentScannerImpl.java:140) at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:511) at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:808) at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:737) at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:119) at com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.java:232) at com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(DocumentBuilderImpl.java:284) at org.springframework.beans.factory.xml.DefaultDocumentLoader.loadDocument(DefaultDocumentLoader.java:75) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:388) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:334) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:302) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:174) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:209) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:180) at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:125) at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:94) at org.springframework.context.support.AbstractRefreshableApplicationContext.refreshBeanFactory(AbstractRefreshableApplicationContext.java:131) at org.springframework.context.support.AbstractApplicationContext.obtainFreshBeanFactory(AbstractApplicationContext.java:522) at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:436) at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:385) at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:284) at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:111) at org.mortbay.jetty.handler.ContextHandler.startContext(ContextHandler.java:548) at org.mortbay.jetty.servlet.Context.startContext(Context.java:136) at org.mortbay.jetty.webapp.WebAppContext.startContext(WebAppContext.java:1250) at org.mortbay.jetty.handler.ContextHandler.doStart(ContextHandler.java:517) at org.mortbay.jetty.webapp.WebAppContext.doStart(WebAppContext.java:467) at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50) at org.mortbay.jetty.handler.HandlerWrapper.doStart(HandlerWrapper.java:130) at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50) at org.mortbay.jetty.handler.HandlerWrapper.doStart(HandlerWrapper.java:130) at org.mortbay.jetty.Server.doStart(Server.java:224) at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50) at com.google.appengine.tools.development.JettyContainerService.startContainer(JettyContainerService.java:249) at com.google.appengine.tools.development.AbstractContainerService.startup(AbstractContainerService.java:307) at com.google.appengine.tools.development.AutomaticServerInstanceHolder.startUp(AutomaticServerInstanceHolder.java:26) at com.google.appengine.tools.development.AbstractServer.startup(AbstractServer.java:80) at com.google.appengine.tools.development.Servers.startup(Servers.java:82) at com.google.appengine.tools.development.DevAppServerImpl.start(DevAppServerImpl.java:237) at com.google.appengine.tools.development.DevAppServerMain$StartAction.apply(DevAppServerMain.java:339) at com.google.appengine.tools.util.Parser$ParseResult.applyArgs(Parser.java:48) at com.google.appengine.tools.development.DevAppServerMain.<init>(DevAppServerMain.java:274) at com.google.appengine.tools.development.DevAppServerMain.main(DevAppServerMain.java:250)This is how my spring-security.xml file looks like
<beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd"> <context:component-scan base-package="com.myapp.security" /> <beans:bean id="customAuthenticationProvider" class="com.myapp.security.CustomAuthenticationProvider"></beans:bean> <http auto-config="true"> <intercept-url pattern="/" access="IS_AUTHENTICATED_ANONYMOUSLY" /> <intercept-url pattern="/**" access="ROLE_USER" /> <form-login login-page="/login" default-target-url="/" authentication-failure-url="/loginfailure" /> <logout logout-success-url="/logout" /> </http> <authentication-manager> <authentication-provider ref="customAuthenticationProvider" /> </authentication-manager> </beans:beans>I have added spring-security-core-3.1.1.RELEASE.jar in classpath as well. I am unable to resolve this error. I would really appreciate the help.
Thanks in advance!
-
whitecollar almost 11 yearsLovely. Thanks very much!
-
Dila Gurung over 7 yearsI have added the mentioned jar file in class path..but still its giving me the same error -
8bitjunkie over 5 yearsThis solution doesn't work for the present-day latest version, 5.0.7.RELEASE:Caused by: org.xml.sax.SAXParseException: cvc-complex-type.2.4.c: The matching wildcard is strict, but no declaration can be found for element 'global-method-security'. -
Johannes Tuikkala over 4 yearsFor me the issue was that xsd urls were http, when changed to https, it started working. E.g.http://www.springframework.org/schema/security https://www.springframework.org/schema/security/spring-security.xsd -
vorburger over 3 yearsThis is, most likely, because XML parsers by default will fetch the XSDs specified in xsi:schemaLocation from an external URL, and therefore block and need external Internet access whenever reading such XML. That's UNLESS a library provides a (hard-coded) mapping to a XSD resource contained in its JAR. Serious libraries like Spring do do this - but sometimes get it wrong... More background in issues.apache.org/jira/browse/FINERACT-1180
