Failed to read schema document 'http://www.springframework.org/schema/security/spring-security.xsd'

Support
#1

Hi

We have the following error suddenly appear today on an application that has been building successfully for several years.

image
image1742×214 56.6 KB

On investigation we think we have narrowed it down to the SAML addon as the error does not appear if we disable this addon.

We are currently on v7.2.20.
Saml addon v0.5.2

Are you aware of any issues or how we can get round this? It is causing us major problems as this is not just a problem with future builds but also our existing customer environments because when the servers are rebooted it is unable to find the appropriate security file and therefore we are unable to launch the existing applications.

Thanks in advance.
David

#2

Hi

Sorry to chase but is there any update on this. As it stands we cannot run any application that has the SAML addon included.

Thanks

#3

Hi David,

Looks like it’s the same problem as described here: Did Spring removed spring-security.xsd without any version from http://www.springframework.org/schema/security/? - Stack Overflow

Unfortunately the problem is not reproduced in my environment, but we’ll try to fix it by changing the XSD declaration in the add-on.

Please provide the full stack trace of the error - it’ll help us to diagnose the cause.

#5

Hello! We have the same problem and are waiting for changes in the XSD declaration ASAP.

#6

Hi,

You can set at your CUBA Project to take xsd from your project

1.) Create spring.schemas at your web module META-INF\spring.schemas
2.) add below

http://www.springframework.org/schema/security/spring-security.xsd=com/company/saml/spring-security.xsd
3.) add spring-security.xsd inside your com/company/saml/ directory
4.) modify your build.gradle under configure(webModule) to add metaInf

jar {
        with copySpec {
            from sourceSets.main.allJava
            include "com/company/web/toolkit/ui/client/**"
            metaInf { from "$rootDir/modules/web/web/META-INF/spring.schemas"}
        }

    }

Regards,
CK

3 Likes
#8

As the topic from Stack Overflow mentioned above explains, the problem is in specific Spring Security 5.2 version brought by the REST API add-on. In the few next days we’ll release a new REST API add-on version which will depend on Spring Security 5.5. That should resolve the problem.

Thanks CK for the workaround. Alternatively, it’s possible to explicitly add Spring Security dependencies for the web module configuration of your project, after that the project should start.

configure(webModule) {

    dependencies {
        def springSecurityVersion="5.5.8"
        compile("org.springframework.security:spring-security-core:${springSecurityVersion}")
        compile("org.springframework.security:spring-security-web:${springSecurityVersion}")
        compile("org.springframework.security:spring-security-config:${springSecurityVersion}")
        
        // ...
    }
   // ...
 }
3 Likes
#9

Thanks @gorbunkov and @ckwan, really appreciate your help with this. Will give the workaround a go in the interim whilst we wait for the update. Thanks both

#10

Hi guys,

We’ve released the 7.2.6 version of the REST API add-on. Try updating it in your projects and let us know if you still have any problems.

2 Likes
#11

Thanks @gorbunkov . I’ve just updated to 7.2.6 and it seems to have fixed the issue. Thanks for getting it sorted.