Error when trying to use session-management

I am trying to place session-management in my security-application.xml file.

Error:

Invalid content was found starting with element 'session-management'. One of '{"http://www.springframework.org/schema/security":intercept-url,

I tried to put in other places but without success.

Advice?

------------------------UPDATE ONE------------------------

I tried:

<security:session-management invalid-session-url="/logonTimeOut.jsp">             <security:concurrency-control expired-url="/logonTimeOut.jsp"/>         </security:session-management> 

and it is still not working.

1 Answers

Answers 1

I think your xml configuration is not correct .Change xml configuration like this

<?xml version="1.0" encoding="UTF-8"?> <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"     xsi:schemaLocation="         http://www.springframework.org/schema/security          http://www.springframework.org/schema/security/spring-security-4.2.xsd         http://www.springframework.org/schema/beans          http://www.springframework.org/schema/beans/spring-beans-4.3.xsd" >      <http create-session="always" use-expressions="true">         <intercept-url pattern="/anonymous*" access="isAnonymous()"/>         <intercept-url pattern="/login*" access="permitAll"/>         <intercept-url pattern="/**" access="isAuthenticated()"/>          <csrf disabled="true"/>          <form-login login-page='/login.html' authentication-success-handler-ref="myAuthenticationSuccessHandler" authentication-failure-url="/login.html?error=true"/>          <logout delete-cookies="JSESSIONID"/>         <remember-me key="uniqueAndSecret" token-validity-seconds="86400"/>          <session-management invalid-session-url="/invalidSession.html">             <concurrency-control max-sessions="2" expired-url="/sessionExpired.html"/>         </session-management>      </http>      <beans:bean id="myAuthenticationSuccessHandler" class="org.baeldung.security.MySimpleUrlAuthenticationSuccessHandler"/>      <authentication-manager>         <authentication-provider>             <user-service>                 <user name="user1" password="user1Pass" authorities="ROLE_USER"/>                 <user name="admin1" password="admin1Pass" authorities="ROLE_ADMIN"/>             </user-service>         </authentication-provider>     </authentication-manager>  </beans:beans> 

If You Enjoyed This, Take 5 Seconds To Share It

• Facebook
• Twitter
• Google+
• StumbleUpon
• Digg
• Delicious
• LinkedIn
• Reddit
• Technorati