Home/ Questions/Q 8188917
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-07T03:04:40+00:00

I have problem with my spring-security.xml file. I have wanted to configure some session

  • 0

I have problem with my spring-security.xml file. I have wanted to configure some session settings and first of all create login form to maintain guests and logged in users.

This is my spring-security.xml headline:

<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
      http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
      http://www.springframework.org/schema/security
      http://www.springframework.org/schema/security/spring-security-3.1.xsd">

As you can see I am using Spring Security in latest version – 3.1. When I try to change the schema versione to lower, I have got errors. In terms of 3.1 version I have only yellow warnings in Eclipse.

My http tag looks like:

<security:http auto-config='true'>      
    <security:intercept-url pattern="/wellcome*" access="ROLE_USER"  />
    <security:form-login login-page="/login" default-target-url="/wellcome" authentication-failure-url="/loginfailed"  />
    <security:logout logout-success-url="/logout" />
    <security:session-management invalid-session-url="/invalidsession" />
</security:http>

And at the first line of this tag I have long list of warnings:

Multiple annotations found at this line:
- Method 'setAuthenticationEntryPoint' is marked deprecated [config set: SpringMVC/web-context]
- Method 'setSessionAuthenticationStrategy' is marked deprecated [config set: SpringMVC/web-
 context]
- Method 'setUserAttribute' is marked deprecated [config set: SpringMVC/web-context]
- Method 'setRequestCache' is marked deprecated [config set: SpringMVC/web-context]
- Method 'setKey' is marked deprecated [config set: SpringMVC/web-context]
- Method 'setSecurityContextRepository' is marked deprecated [config set: SpringMVC/web-context]

Additionaly I have also one warning on the third line:

Method 'setLoginFormUrl' is marked deprecated [config set: SpringMVC/web-context]

Could you explain me how I should properly define my spring-security.xml file with http tag in Spring Security 3.1?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    EDIT: This issue is now fixed in Spring Security 3.1.2, so if you’re using 3.1 or 3.1.1, please upgrade it to newer version.

    Original answer:

    Your config is fine. It’s a known bug in Spring Security with STS in Eclipse (see also forum topic mentioned there in Reference URL).

    For now you can ignore the warnings, login on https://jira.springsource.org and vote up the issue and wait until it’s fixed (or remove spring nature for your project if you can’t stand those warnings).

    • 0