Unable to locate Spring NamespaceHandler for XML schema namespace [http://www.springframework.org/schema/security]

I am developing my first application in spring security. My applicationContext-security.xml file looks like this:

<?xml version="1.0" encoding="UTF-8"?>

<!--
  -  Namespace-based OpenID configuration
  -->

<b:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:b="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
                        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">

    <http>
        <intercept-url pattern="/**" access="ROLE_USER"/>
        <intercept-url pattern="/index.xhtml*" filters="none"/>
        <logout/>
        <openid-login login-page="/index.xhtml" authentication-failure-url="/index.xhtml?login_error=true">
            <attribute-exchange>
                <openid-attribute name="email" type="http://schema.openid.net/contact/email" required="true" count="2"/>
                <openid-attribute name="name" type="http://schema.openid.net/namePerson/friendly" />
            </attribute-exchange>
        </openid-login>
        <remember-me token-repository-ref="tokenRepo"/>
    </http>

    <b:bean id="tokenRepo"
            class="org.springframework.security.web.authentication.rememberme.InMemoryTokenRepositoryImpl" />

    <authentication-manager alias="authenticationManager"/>

    <user-service id="userService">
        <user name="http://user.myopenid.com/" authorities="ROLE_SUPERVISOR,ROLE_USER" />
    </user-service>

</b:beans>

and Web.xml file is:

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" version="2.4">

    <display-name>Spring Security OpenID Demo Application</display-name>

    <context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>
            /WEB-INF/applicationContext-security.xml
        </param-value>
    </context-param>

    <context-param>
        <param-name>log4jConfigLocation</param-name>
        <param-value>/WEB-INF/classes/log4j.properties</param-value>
    </context-param>

    <context-param>
        <param-name>webAppRootKey</param-name>
        <param-value>openid.root</param-value>
    </context-param>

    <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>

    <filter-mapping>
      <filter-name>springSecurityFilterChain</filter-name>
      <url-pattern>/*</url-pattern>
    </filter-mapping>

    <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    </listener>

    <listener>
        <listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
    </listener>
     <welcome-file-list>
        <welcome-file>faces/index.xhtml</welcome-file>
    </welcome-file-list>
</web-app>

Clean and Build of the application is successful, but when I try to deploy the application jetty 7 gives me following error:

SEVERE: Context initialization failed
org.springframework.beans.factory.parsing.BeanDefinitionParsingException: Configuration problem: Unable to locate Spring NamespaceHandler for XML schema namespace [http://www.springframework.org/schema/security]
Offending resource: ServletContext resource [/WEB-INF/applicationContext-security.xml]
at org.springframework.beans.factory.parsing.FailFastProblemReporter.error(FailFastProblemReporter.java:68)
at org.springframework.beans.factory.parsing.ReaderContext.error(ReaderContext.java:85)
at org.springframework.beans.factory.parsing.ReaderContext.error(ReaderContext.java:80)

Tried everything but can't solve this error. Any help would be appreciated.

EDIT I tried added 3.0.2 version of the Spring-Security and got this:

Context initialization failed
org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException: Line 13 in XML document from ServletContext resource [/WEB-INF/applicationContext-security.xml] is invalid;
nested exception is org.xml.sax.SAXParseException; lineNumber: 13; columnNumber: 11; cvc-complex-type.2.4.c: The matching wildcard is strict, but no declaration can be found for element 'http'. at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:396)
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:334


You need a spring-security-config.jar on your classpath.

The exception means that the security: xml namescape cannot be handled by spring "parsers". They are implementations of the NamespaceHandler interface, so you need a handler that knows how to process <security: tags. That's the SecurityNamespaceHandler located in spring-security-config


I had the same problem. The only thing that solved it was merge the content of META-INF/spring.handler and META-INF/spring.schemas of each spring jar file into same file names under my META-INF project.

This two threads explain it better:

  • maven assembly plugin and spring namespace handlers
  • Thread: unable to locate Spring NamespaceHandler for XML schema namespace