181
votes

Any ideas what could be the cause of this?

Unable to locate Spring NamespaceHandler for XML schema namespace [http://www.springframework.org/schema/security]

org.springframework.web.context.ContextLoader initWebApplicationContext: Context initialization failed
org.springframework.beans.factory.parsing.BeanDefinitionParsingException: Configuration problem: Unable to locate Spring NamespaceHandler for XML schema namespace [http://www.springframework.org/schema/security]
Offending resource: ServletContext resource [/WEB-INF/applicationContext.xml]

This is my applicationContext.xml:

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:beans="http://www.springframework.org/schema/beans"
    xmlns:context="http://www.springframework.org/schema/context"
    xsi:schemaLocation="http://www.springframework.org/schema/beans
        http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
        http://www.springframework.org/schema/context 
        http://www.springframework.org/schema/context/spring-context-3.0.xsd
        http://www.springframework.org/schema/security
        http://www.springframework.org/schema/security/spring-security-3.0.xsd">
...
</beans:beans>

In my pom.xml I have:

<dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-core</artifactId>      
    <version>3.0.1.RELEASE</version>
</dependency>
<dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-openid</artifactId>
    <version>3.0.1.RELEASE</version>
</dependency>
15
I hit this when following the Spring pizzashop tutorialRob Grant
Is this your complete pom.xml? Because then your most likely missing a jar.Marco Schoolenberg

15 Answers

287
votes

I needed to add an additional Maven dependency:

    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-config</artifactId>
        <version>3.0.1.RELEASE</version>
    </dependency>
18
votes

I had the same error message while trying to deploy the application. In Spring, the security configuration xml can be a different one from applicationContext.xml, usually applicationContext-security.xml inside WEB-INF folder. The changes to be applied are for web.xml

<context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>
        /WEB-INF/applicationContext.xml
        /WEB-INF/applicationContext-security.xml
    </param-value>
</context-param>

And the applicationContext.xml would look like:

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
                        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">

    <http auto-config='true'>
        <intercept-url pattern="/login.jsp" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
        <intercept-url pattern="/**" access="ROLE_USER" />
        <form-login login-page='login.jsp'/>
    </http>

</beans:beans>

Even after you make these changes, the namespace error will exist. To get rid of this, add the following jar files to the WEB-INF/lib and then to the library:

  • spring-security-acl-3.1.0.M2.jar
  • spring-security-config-3.1.0.M2.jar
  • spring-security-core-3.1.0.M2.jar
  • spring-security-taglibs-3.1.0.M2.jar
  • spring-security-web-3.1.0.M2.jar
12
votes

I struggled with this for a while and none of these answers helped. Thanks to the comment from user64141 I realised that there was a problem with the spring.handlers files.

I am using the Shade plugin for Maven to generate a fat jar, and all the spring.handlers (and spring.schemas) files were being overwritten by each Spring dependency.

The Maven site covers this exact problem and how to solve it by appending the files together instead:

http://maven.apache.org/plugins/maven-shade-plugin/examples/resource-transformers.html#AppendingTransformer

8
votes

I used spring-security-config jar it resolved the problem for me

6
votes

The solution is definitely "spring-security-config" not in your WEB-INF/lib.

For my project in Eclipse using Maven, it turned out not all of the maven dependencies were being copied to WEB-INF/lib. Looking at Project -> Properties -> Deployment Assembly, only some of the jars were being copied.

To fix this, I clicked "Add", then "Java Build Path Entires" and finally "Maven Dependencies".

I have been searching SO and the web for the last hour looking for this, so hopefully this helps someone else.

3
votes

A nice list of Maven Dependencies exists at : Spring Site The major artifacts needed are:

  1. spring-security-core
  2. Spring-security-web
  3. spring-security-config
3
votes

@James Jithin - such exception can appear also when you have two different versions of beans and security schema in xsi:schemaLocation. It's the case in the snippet you have pasted:

xsi:schemaLocation="http://www.springframework.org/schema/beans   
 http://www.springframework.org/schema/beans/spring-beans-3.0.xsd   
 http://www.springframework.org/schema/security  
 http://www.springframework.org/schema/security/spring-security-3.1.xsd"

In my case changing them both to 3.1 solved the problem

2
votes

What I did:

      <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-config</artifactId>
            <version>3.2.5.RELEASE</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-web</artifactId>
            <version>3.2.5.RELEASE</version>
        </dependency>

and

xsi:schemaLocation="
        http://www.springframework.org/schema/security 
        http://www.springframework.org/schema/security/spring-security-3.2.xsd
        http://www.springframework.org/schema/beans 
        http://www.springframework.org/schema/beans/spring-beans-4.1.xsd">

works perfectlly. More Baeldung

0
votes

If you already have all dependencies in your pom, try:
1. Remove all downloaded jars form your maven repository folder for 'org->springframework'
2. Make a maven clean build.

0
votes

I have encountered the very similar problem today. For some reason IntelliJ IDEA haven't included Spring Security jar files while deploying the application. I think I should agree with the majority of posters here.

0
votes

I got this error while deploying to Virgo. The solution was to add this to my bundle imports:

org.springframework.transaction.config;version="[3.1,3.2)",

I noticed in the Spring jars under META-INF there is a spring.schemas and a spring.handlers section, and the class that they point to (in this case org.springframework.transaction.config.TxNamespaceHandler) must be imported.

0
votes

Had the same problem a few minutes ago, I was missing the 'Maven depencendies' library in my Deployment Assembly. I added it through the section 'Web Deployment Assembly' in Eclipse

0
votes

if adding dependencies haven`t solved your problem, create WAR archive again. In my case, I used obsolete WAR file without security-web and security-conf jars

0
votes

Add the following dependency in your pom.xml file and if you are using IntelliJ then add the same jars to WEB-INF->lib folder.... path is Project Structure -> Atrifacts -> Select jar from Available Elements pane and double click. It will add to respective folder

<dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-config</artifactId>
    <version>3.0.1.RELEASE</version>
</dependency>