Spring Security BeanDefinitionParsingException when using spring-security-5.7.xsd with Spring Security 5.7

Describe the bug BeanDefinitionParsingException when using spring-security-5.6.xsd with Spring Security 5.7

Caused by: org.springframework.beans.factory.parsing.BeanDefinitionParsingException: Configuration problem: You cannot use a spring-security-2.0.xsd or spring-security-3.0.xsd or spring-security-3.1.xsd schema or spring-security-3.2.xsd schema or spring-security-4.0.xsd schema with Spring Security 5.7. Please update your schema declarations to the 5.7 schema.
Offending resource: class path resource [web-security.xml]

Related to #8974 ?

To Reproduce XML Bean Definition with header

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:util="http://www.springframework.org/schema/util"
    xsi:schemaLocation="
       http://www.springframework.org/schema/security
       http://www.springframework.org/schema/security/spring-security-5.7.xsd
       http://www.springframework.org/schema/beans
       http://www.springframework.org/schema/beans/spring-beans-4.3.xsd
       http://www.springframework.org/schema/util
       http://www.springframework.org/schema/util/spring-util-4.3.xsd">

Tried with 5.6 and 5.7 - and on Jetty (with Internet access) - it work, but not on a Tomcat (relevant?).

Reverting to (omitting the version) seems to help:

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:util="http://www.springframework.org/schema/util"
    xsi:schemaLocation="
       http://www.springframework.org/schema/security
       http://www.springframework.org/schema/security/spring-security.xsd
       http://www.springframework.org/schema/beans
       http://www.springframework.org/schema/beans/spring-beans-4.3.xsd
       http://www.springframework.org/schema/util
       http://www.springframework.org/schema/util/spring-util-4.3.xsd">

Note that there is (as of June 3rd) no 5.7 here: http://www.springframework.org/schema/security/

Expected behavior Expecting a correct error message or no error.

Sample

Cannot provide a sample - sorry.

Comment From: jgrandja

@in-fke

BeanDefinitionParsingException when using spring-security-5.6.xsd with Spring Security 5.7

If you're using Spring Security 5.7 then you should point to spring-security-5.7.xsd. The error caused by pointing to spring-security-5.6.xsd may be related to attributes/elements added in 5.7 that the BeanDefinitionParser is expecting.

Note that there is (as of June 3rd) no 5.7 here:

It is there now http://www.springframework.org/schema/security/spring-security-5.7.xsd Can you please try this again on your end?

FYI, http://www.springframework.org/schema/security/spring-security.xsd always points to the latest schema so in this case it's 5.7.

Comment From: in-fke

Can you please try this again on your end?

I had tried this initially (with 5.7) - I will not have the time to test again, unfortunately.

Comment From: jgrandja

@in-fke Closing this as resolved since https://www.springframework.org/schema/security/spring-security-5.7.xsd is in the expected location.