Caused by: org.xml.sax.SAXParseException: cvc-complex-type.3.2.2: Attribute 'id'

[davidbrummy]

Hey,

I have been trying out the oauth extension to security and I seem to hit a brick wall where I am getting this exception

Caused by: org.xml.sax.SAXParseException: cvc-complex-type.3.2.2: Attribute 'id' is not allowed to appear in element 'oauth:client'.

I have looked at the examples and this is my xml


<?xml version="1.0" encoding="UTF-8" ?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schem...-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schem...rity-3.0.3.xsd
http://www.springframework.org/schema/security/oauth2
http://www.springframework.org/schema/security/spring-security-oauth2-1.0.xsd">

<beans:bean id="cloudUserDetailsService"
class="com.inqmobile.inqcloud.security.CloudUserDe tailsService">
</beans:bean>

<beans:bean id="cloudPasswordEncoder"
class="com.inqmobile.inqcloud.security.CloudPasswo rdEncoder">
</beans:bean>

<http auto-config='true'>
<intercept-url pattern='/admin/**' access='ROLE_ADMIN' />
<intercept-url pattern='/secure/**' access='ROLE_ADMIN, ROLE_USER' />
<intercept-url pattern="/facebook/**" access="ROLE_USER" />
<form-login login-page='/login.html' default-target-url='/admin/user/list' always-use-default-target='false' />
<custom-filter ref="oauth2ClientFilter" after="EXCEPTION_TRANSLATION_FILTER"/>
</http>

<authentication-manager>
<authentication-provider user-service-ref='cloudUserDetailsService'>
<password-encoder ref='cloudPasswordEncoder'/>
</authentication-provider>
</authentication-manager>

<!--apply the oauth client context -->
<oauth:client id="oauth2ClientFilter" token-services-ref="oauth2TokenServices"/>

<beans:bean id="oauth2TokenServices" class="org.springframework.security.oauth2.client. token.InMemoryOAuth2ClientTokenServices" />

<!--define an oauth 2 resource for facebook. according to the facebook docs, the 'clientId' is the App ID, and the 'clientSecret'
is the App Secret -->
<oauth:resource id="facebook" type="authorization_code" clientId="162646850439461" clientSecret="560ad91d992d60298ae6c7f717c8fc93"
bearerTokenMethod="query" accessTokenUri="https://graph.facebook.com/oauth/access_token" userAuthorizationUri="https://www.facebook.com/dialog/oauth"
bearerTokenName="oauth_token" />
</beans:beans>

HELP!

[davidbrummy]

I tried removing the id and it now complains it can not find

http://www.springframework.org/schem...oauth2-1.0.xsd

When I look into the jar (I am using) M4 it is not in the jar

[davidbrummy]

So I fell back to m3 and which has the xsd in the jar file mvn downloads. I cracked open the jar file and client does seem to be correct and should allow an id


<xs:complexType>
<xs:complexContent>
<xs:extension base="beans:identifiedType">
<xs:choice minOccurs="0" maxOccurs="unbounded">
<xs:element name="client">
<xs:annotation>
<xs:documentation>
Definition of a client.
</xs:documentation>
</xs:annotation>

[Dave Syer]

The XSD is definitely in the jar, and you should not be using an old milestone really. Maybe you have the wrong jar (M4 split oauth2 off from oauth1, so the correct artifact id is spring-security-oauth2)?

[swang30]

Tonr2 uses:
http://www.springframework.org/schem...oauth2-1.0.xsd

which doesn't have id as a valid attribute for client.

[carlos.aguayo]

The XSD in
http://www.springframework.org/schem...-oauth-1.0.xsd

it's a bit out of date, you should be able to point directly to the one in github:
https://github.com/SpringSource/spri...oauth2-1.0.xsd

https://raw.github.com/SpringSource/...oauth2-1.0.xsd