Spring Security security.tld in spring-security-taglibs-5.1.4.RELEASE refers J2EE 1.4 schema resource

The security.tld file shipped in spring-security-taglibs-5.1.4.RELEASE.jar refers to J2EE 1.4 schema resource.

Use of this causes the XSD validation to fail i.e when security.tld file shipped with spring-security-taglibs-5.1.4.RELEASE.jar is referenced as below "taglib prefix="sec" uri="WEB-Inf/security.tld" in a jsp file, it fails to validate and throws error as below.

"Referenced file contains errors (http://www.ibm.com/webservices/xsd/j2ee_web_services_client_1_1.xsd). For more information, right click on the message in the Problems View and select "Show Details...""

However it succeeds if the namespace is updated with J2EE 1.8 Schema Resources i.e http://xmlns.jcp.org/xml/ns/javaee/ or Use J2EE 1.5 onwards Schema Resources : http://java.sun.com/xml/ns/javaee.

Should not this be updated in the shipped jar as well ?

Comment From: rammishr

Can anyone help me on this ?

Comment From: jzheaux

@rammishr, thanks for the report, your proposal makes sense. Would you like to submit a PR with the change?

The current baseline for Spring Framework is Java EE 7, so I'd recommend the schema location that correctly aligns with that release (sounds like from your research that it is J2EE 1.5).

Comment From: spring-projects-issues

If you would like us to look at this issue, please provide the requested information. If the information is not provided within the next 7 days this issue will be closed.

Comment From: spring-projects-issues

Closing due to lack of requested feedback. If you would like us to look at this issue, please provide the requested information and we will re-open the issue.