Spring Security XML Error - cvc-complex-type.2.4.a: Invalid content was found starting with element 'csrf'



I am using Spring Security in my web application project. I want to enable csrf protection in my Spring application. My application-context-security.xml is as follows



<?xml version="1.0" encoding="UTF-8"?>

<beans:beans xmlns="http://ift.tt/1c8inpe"
    xmlns:beans="http://ift.tt/GArMu6"
    xmlns:xsi="http://ift.tt/ra1lAU"
    xsi:schemaLocation="http://ift.tt/GArMu6
                         http://ift.tt/QEDs1e
                        http://ift.tt/1c8inpe
                         http://ift.tt/1fChGbz">

    <global-method-security secured-annotations="enabled"/> 

    <http disable-url-rewriting="true" auto-config="false" access-decision-manager-ref="accessDecisionManager" entry-point-ref="authenticationEntryPoint">
        <intercept-url pattern="/" access="IS_AUTHENTICATED_ANONYMOUSLY, IS_AUTHENTICATED_FULLY, IS_AUTHENTICATED_REMEMBERED"/>
        <intercept-url pattern="/j_spring_security_check" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
        <intercept-url pattern="/j_spring_security_logout" access="IS_AUTHENTICATED_ANONYMOUSLY, IS_AUTHENTICATED_FULLY, IS_AUTHENTICATED_REMEMBERED"/>
<!-- Enable CSRF protection -->
        <csrf />
    <access-denied-handler ref="accessDeniedHandler"/>         
    </http>
<!-- Remaining information -->
</beans:beans>


I am using Spring 3.0.5 jars for my project.


While running though, I get the following error



SEVERE: Exception sending context initialized event to listener 
instance of class org.springframework.web.context.ContextLoaderListener
org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException:
 nested exception is org.xml.sax.SAXParseException: cvc-complex-type.2.4.a: 
Invalid content was found starting with element 'csrf'. 
One of 
'{"http://ift.tt/1c8inpe":intercept-url,
 "http://ift.tt/1c8inpe":access-denied-handler, 
"http://ift.tt/1c8inpe":form-login, 
"http://ift.tt/1c8inpe":openid-login, 
"http://ift.tt/1c8inpe":x509, 
"http://ift.tt/1c8inpe":http-basic, 
"http://ift.tt/1c8inpe":logout, 
"http://ift.tt/1c8inpe":session-management, 
"http://ift.tt/1c8inpe":remember-me, 
"http://ift.tt/1c8inpe":anonymous, 
"http://ift.tt/1c8inpe":port-mappings, 
"http://ift.tt/1c8inpe":custom-filter, 
"http://ift.tt/1c8inpe":request-cache}' 
is expected.


I tried searching for this error on google. I found a couple of similar places, but they both said the error was due to some change in Spring 3.2+. However, in my case I am using Spring 3.0.5.


Any help would be appreciated.


No comments:

Post a Comment

Subscribe to: Post Comments (Atom)