In our Spring-based application, we supplement the application context file with elements from namespace http://www.springframework.org/schema/security located at http://www.springframework.org/schema/security/spring-security.xsd:
<beans ...
xmlns:security="http://www.springframework.org/schema/security"
...
xsi:schemaLocation="...
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd"> ... </beans>
However, recently we receive this error message
Multiple annotations found at this line:
- cvc-complex-type.2.4.c: The matching wildcard is strict, but no declaration can be found for element 'security:global-method-security'.
- schema_reference.4: Failed to read schema document 'http://www.springframework.org/schema/security/spring-security.xsd', because 1) could not
find the document; 2) the document could not be read; 3) the root element of the document is not <xsd:schema>.
when opening the application context file in the XML editor of Eclipse after an initial setup of our project or after clearing the network cache of Eclipse.
Further research on archive.org reveals that the version-less XSD has been removed when the now current version (spring-security-4.1.xsd) has been published on or about 2016-03-08.
Does anyone have an idea whether this has happened by accident or whether there is a deeper reason for the removal? For other namespaces, there are still version-less XSDs available on springframework.org/schema/, i.e. spring-security-oauth.xsd and spring-beans.xsd. (Due to my low reputation level, I am unable to post explicit links to them.)
As a workaround, we now reference a versioned XSD. However, until now, my impression was that Spring encourages the usage of the version-less XSDs, for example as suggested in the current Spring security reference documentation or in this SO post.
