Attribute 'users-by-username-query' is not allowed to appear

**nOiDStaRr** · Sep 2nd, 2008, 06:42 AM

Hi,

I am trying to migrate from acegi to spring security and get this error (and cannot figure it out) ...

Code:

Context initialization failed
org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException: 
Line 175 in XML document from ServletContext resource [/WEB-INF/applicationContext.xml] is invalid;
 nested exception is org.xml.sax.SAXParseException: cvc-complex-type.3.2.2: 
Attribute 'users-by-username-query' is not allowed to appear in element 'sec:jdbc-user-service
'.

my application context looks like this:

Code:

<beans xmlns="http://www.springframework.org/schema/beans"
   xmlns:sec="http://www.springframework.org/schema/security"
   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   xsi:schemaLocation="http://www.springframework.org/schema/beans 
               http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
               http://www.springframework.org/schema/security
               http://www.springframework.org/schema/security/spring-security-2.0.xsd">
<sec:http auto-config="true">
    <sec:intercept-url pattern="/login.html*" filters="none"/>
    <sec:intercept-url pattern="/**" access="ROLE_SUPER_USER" />
    <sec:form-login login-page='/login.html' />
</sec:http>

<sec:authentication-provider user-service-ref="userService" />

<sec:jdbc-user-service id="userService" data-source-ref="dataSource" users-by-username-query="any query here" />

same problem if I use:

Code:

<sec:global-method-security secured-annotations="enabled" />

in my configuration ...

Thanks a lot + cu :-)

**Luke Taylor** · Sep 2nd, 2008, 07:09 AM

You aren't using an up-to-date schema. Use the spring-security-2.0.2.xsd URL.

**nOiDStaRr** · Sep 2nd, 2008, 07:32 AM

Thx so far, but... know I run into the next wildcard error with the http element!?

Code:

Caused by: org.xml.sax.SAXParseException: cvc-complex-type.2.4.c: 
The matching wildcard is strict, but no declaration can be found for element 'sec:http'.

are there any dependencies concerning the libraries?
I am using Spring 2.5 (not 2.5.5) and Tomcat...

:-)

PS: I've tried xsd 2.0.1 and 2.0.2

**Luke Taylor** · Sep 2nd, 2008, 08:49 AM

This is a basic XML file parsing error - make sure you have the URLs correct. Try using one of the sample files as a starting point.

**nOiDStaRr** · Sep 2nd, 2008, 08:55 AM

I used the wrong version of spring security ;-)

Now it seems to work ... (still testing).

THX

**nOiDStaRr** · Sep 3rd, 2008, 03:36 AM

I ran into another problem ...

Spring security is absolutely ignoring the

users-by-username-query
authorities-by-username-query

attributes.

I always get bad credentials exceptions or sql grammer exceptions which mainly tells me the users or/and authorities table does not exist.

If I use the standard tables or create a view from my database scheme which fits the users and authorities tables everything works fine and I get authorized, but I am not able to use my own SQL statements here...!

I am using the security scheme xsd in version 2.0.2 and spring security 2.0.3.

applicationContext-security.xml:

Code:

<beans xmlns="http://www.springframework.org/schema/beans"
   xmlns:sec="http://www.springframework.org/schema/security"
   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   xsi:schemaLocation="http://www.springframework.org/schema/beans 
               http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
               http://www.springframework.org/schema/security
               http://www.springframework.org/schema/security/spring-security-2.0.2.xsd">
                

  <sec:http auto-config="true" access-denied-page="/error403.html">
    <sec:intercept-url pattern="/login.html*" filters="none"/>
    <sec:intercept-url pattern="/**" access="ROLE_SUPER_USER" requires-channel="any"/>
    <sec:form-login login-page='/login.html' authentication-failure-url="/login.html?login_error=1" />
    <sec:port-mappings>
      <sec:port-mapping http="8080" https="9443"/>
    </sec:port-mappings>
  </sec:http>
  
  
  <sec:authentication-provider user-service-ref="userService" />
  
  <sec:jdbc-user-service id="userService" data-source-ref="securityDataSource"
    users-by-username-query="SELECT Login AS 'username', Password AS 'password', Enabled AS 'enabled' FROM User WHERE Login = ?" 
    authorities-by-username-query="SELECT u.Login as 'username', ua.Authority as 'authority' FROM Authority ua, User u WHERE ua.id = u.authority_id AND Login = ?"
  />
  
  <bean id="securityDataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
    <property name="driverClassName" value="${db.driverClass}" />
    <property name="url" value="${db.jdbcUrl}" />
    <property name="username" value="${db.user}" />
    <property name="password" value="${db.password}" />
  </bean>

SPRING_SECURITY_LAST_EXCEPTION

Code:

org.springframework.security.AuthenticationServiceException: PreparedStatementCallback; bad SQL grammar [SELECT username,password,enabled FROM users WHERE username = ?]; nested exception is com.mysql.jdbc.exceptions.MySQLSyntaxErrorException: Table 'command2.users' doesn't exist; 
nested exception is org.springframework.jdbc.BadSqlGrammarException: PreparedStatementCallback; bad SQL grammar [SELECT username,password,enabled FROM users WHERE username = ?]; nested exception is com.mysql.jdbc.exceptions.MySQLSyntaxErrorException: Table 'command2.users' doesn't exist

Am I missing any details, using the wrong attributes or versions?

Greetings,..

[EDIT]
I am also facing another problem ... the global-method-security element is not working ...

Code:

SCHWERWIEGEND: Context initialization failed
org.springframework.beans.factory.parsing.BeanDefinitionParsingException: Configuration problem: Cannot locate BeanDefinitionParser for element [global-method-security]
Offending resource: ServletContext resource [/WEB-INF/applicationContext-security.xml]
        at org.springframework.beans.factory.parsing.FailFastProblemReporter.fatal(FailFastProblemReporter.java:59)
        at org.springframework.beans.factory.parsing.ReaderContext.fatal(ReaderContext.java:68)
        at org.springframework.beans.factory.parsing.ReaderContext.fatal(ReaderContext.java:55)
        at org.springframework.beans.factory.xml.NamespaceHandlerSupport.findParserForElement(NamespaceHandlerSupport.java:79)
        at org.springframework.beans.factory.xml.NamespaceHandlerSupport.parse(NamespaceHandlerSupport.java:69)
        at org.springframework.beans.factory.xml.BeanDefinitionParserDelegate.parseCustomElement(BeanDefinitionParserDelegate.java:1246)
        at org.springframework.beans.factory.xml.BeanDefinitionParserDelegate.parseCustomElement(BeanDefinitionParserDelegate.java:1236)
        at org.springframework.beans.factory.xml.DefaultBeanDefinitionDocumentReader.parseBeanDefinitions(DefaultBeanDefinitionDocumentReader.java:133)
        at org.springframework.beans.factory.xml.DefaultBeanDefinitionDocumentReader.registerBeanDefinitions(DefaultBeanDefinitionDocumentReader.java:90)
        at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.registerBeanDefinitions(XmlBeanDefinitionReader.java:468)
        at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:363)
        at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:313)
        at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:290)
        at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:142)
        at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:158)
        at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:124)
        at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:92)
        at org.springframework.context.support.AbstractRefreshableApplicationContext.refreshBeanFactory(AbstractRefreshableApplicationContext.java:97)
        at org.springframework.context.support.AbstractApplicationContext.obtainFreshBeanFactory(AbstractApplicationContext.java:411)
        at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:338)
        at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:251)
        at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:190)
        at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:45)
        at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3830)
        at org.apache.catalina.core.StandardContext.start(StandardContext.java:4337)
        at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791)
        at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:771)
        at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:525)
        at org.apache.catalina.startup.HostConfig.deployDirectory(HostConfig.java:920)
        at org.apache.catalina.startup.HostConfig.deployDirectories(HostConfig.java:883)
        at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:492)
        at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1138)
        at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311)
        at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:117)
        at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053)
        at org.apache.catalina.core.StandardHost.start(StandardHost.java:719)
        at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
        at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
        at org.apache.catalina.core.StandardService.start(StandardService.java:516)
        at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:566)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:585)
        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
03.09.2008 12:26:41 org.apache.catalina.core.StandardContext start
SCHWERWIEGEND: Error listenerStart

This seems to bee a very usual element, so the configuration should work?

**Luke Taylor** · Sep 3rd, 2008, 05:46 AM

I'd recommend you just configure a JdbcDaoImpl bean directly. This is just what the jdbc-user-service namespace element does and it doesn't really offer any added value.

**nOiDStaRr** · Sep 3rd, 2008, 07:24 AM

It seemed to be a caching problem concerning my applicationContext file. Since I removed my whole application and deployed everything new the applicationContext runs at least every part of the current configuration... and my SQL statements work well! ... thx

but still I cannot use the <global-method-security secured-annotations="enabled" /> due to a new error ;-)

Code:

org.springframework.beans.factory.BeanDefinitionStoreException: Unexpected exception parsing XML document from ServletContext resource [/WEB-INF/applicationContext-security.xml]; 
nested exception is java.lang.NoSuchMethodError: 
org.springframework.aop.config.AopNamespaceUtils.registerAutoProxyCreatorIfNecessary(Lorg/springframework/beans/factory/xml/ParserContext;Ljava/lang/Object;)V
        at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:385)
        at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:313)
        at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:290)
        at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:142)
        at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:158)
        at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:124)
        at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:92)
        at org.springframework.context.support.AbstractRefreshableApplicationContext.refreshBeanFactory(AbstractRefreshableApplicationContext.java:97)
        at org.springframework.context.support.AbstractApplicationContext.obtainFreshBeanFactory(AbstractApplicationContext.java:411)
        at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:338)
        at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:251)
        at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:190)
        at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:45)
        at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3830)
        at org.apache.catalina.core.StandardContext.start(StandardContext.java:4337)
        at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791)
        at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:771)
        at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:525)
        at org.apache.catalina.startup.HostConfig.deployDirectory(HostConfig.java:920)
        at org.apache.catalina.startup.HostConfig.deployDirectories(HostConfig.java:883)
        at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:492)
        at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1138)
        at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311)
        at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:117)
        at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053)
        at org.apache.catalina.core.StandardHost.start(StandardHost.java:719)
        at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
        at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
        at org.apache.catalina.core.StandardService.start(StandardService.java:516)
        at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:566)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:585)
        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
Caused by: java.lang.NoSuchMethodError: org.springframework.aop.config.AopNamespaceUtils.registerAutoProxyCreatorIfNecessary(Lorg/springframework/beans/factory/xml/Parser
Context;Ljava/lang/Object;)V
        at org.springframework.security.config.GlobalMethodSecurityBeanDefinitionParser.parse(GlobalMethodSecurityBeanDefinitionParser.java:88)
        at org.springframework.beans.factory.xml.NamespaceHandlerSupport.parse(NamespaceHandlerSupport.java:69)
        at org.springframework.beans.factory.xml.BeanDefinitionParserDelegate.parseCustomElement(BeanDefinitionParserDelegate.java:1246)
        at org.springframework.beans.factory.xml.BeanDefinitionParserDelegate.parseCustomElement(BeanDefinitionParserDelegate.java:1236)
        at org.springframework.beans.factory.xml.DefaultBeanDefinitionDocumentReader.parseBeanDefinitions(DefaultBeanDefinitionDocumentReader.java:133)
        at org.springframework.beans.factory.xml.DefaultBeanDefinitionDocumentReader.registerBeanDefinitions(DefaultBeanDefinitionDocumentReader.java:90)
        at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.registerBeanDefinitions(XmlBeanDefinitionReader.java:468)
        at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:363)
        ... 36 more
03.09.2008 14:24:16 org.apache.catalina.core.StandardContext start

... and it drives me crazy ;-)

**Luke Taylor** · Sep 3rd, 2008, 07:38 AM

Well, it's a good idea to search the web with the error message before posting. Typing "registerAutoProxyCreatorIfNecessary" in a google search would come up with this

http://jira.springframework.org/browse/SPR-4459

in a couple of seconds (the first match). So you would know right away that it was because of the Spring version you were using and you wouldn't have to go crazy :-).

**nOiDStaRr** · Sep 3rd, 2008, 08:31 AM

Thx and yes, I already thought about incompatible versions but I could not figure it out.
Furthermore I was investigating heavily with google and co ;-) but it seems that I wasn't using the right terms... :-(

So far thank you very much and I will try to solve my problem.

PS: It would be very helpful if the documentation also includes the dependecies and which features goes with what version... + update the xml-schema version in the reference ;-)
There are a lot of examples but if you do not start from the scratch you bail hard sometimes ;-)

Thread: Attribute 'users-by-username-query' is not allowed to appear

Thread Tools

Display

Attribute 'users-by-username-query' is not allowed to appear

Tags for this Thread

Posting Permissions