0

I want to manage user sessions and forbid one user to login twice using the same credentials.

According to documentation I've added the listener entry in my web.xml and tried to edit context.xml

My context.xml file looks like this:

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/mvc"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:beans="http://www.springframework.org/schema/beans"
    xmlns:context="http://www.springframework.org/schema/context"
    xsi:schemaLocation="http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd
        http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
        http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">
    <annotation-driven />
    <beans:bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">
        <beans:property name="prefix" value="/WEB-INF/views/" />
        <beans:property name="suffix" value=".jsp" />
    </beans:bean>

    <context:component-scan base-package="com.xyz.abc" />
</beans:beans>

and when I add lines from documentation:

<http>
    <session-management>
        <concurrency-control max-sessions="1" error-if-maximum-exceeded="true" />
    </session-management>
</http>

below/under I got an error: The markup in the document following the root element must be well-formed. Which means I can only have one root element. So I've added that code inside <beans:beans> and then another problem occured:

cvc-complex-type.2.4.c: The matching wildcard is strict, but no declaration can be found for element 'http'. and Cannot locate BeanDefinitionParser for element [http]

For first error I tried the answer from here and added:

<dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-config</artifactId>
    <version>4.0.3.RELEASE</version>
</dependency>

to my pom.xml to download the mentioned spring-security-config.jar and also added: 

http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-4.0.3.xsd

to xsi:schemaLocation but nothing has changed.

From what I've found, the second error is connected with the first one.

Edit:

I followed @rmlan's lead and added: xmlns:sec="http://www.springframework.org/schema/security" and changed <http> to <sec:http>

And also added missing dependency to pom.xml : 

<dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-web</artifactId>
    <version>4.0.3.RELEASE</version>
</dependency>

and another error popped up:

No AuthenticationEntryPoint could be established. Please make sure you have a login mechanism configured through the namespace (such as form-login) or specify a custom AuthenticationEntryPoint with the 'entry-point-ref' attribute

But it'll be handled in the future.

Community
  • 1
  • 1
Kamil
  • 1,456
  • 4
  • 32
  • 50
  • Your second issue is a new issue. You should accept the answer to your original issue and open a new question if you are still having problems. – rmlan Feb 22 '16 at 14:26

1 Answers1

3

It is looking for the http tag in your default namespace, which is http://www.springframework.org/schema/mvc

Either change your default namespace to http://www.springframework.org/schema/security, or declare that namespace with a prefix, and prefix your http tags with it.

<beans:beans xmlns="http://www.springframework.org/schema/mvc"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:sec="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd
    http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
    http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
    http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.0.3.xsd">
  <sec:http>
    <sec:session-management>
        <sec:concurrency-control max-sessions="1" error-if-maximum-exceeded="true" />
    </sec:session-management>
  </sec:http>
</beans:beans>
rmlan
  • 4,387
  • 2
  • 21
  • 28