org.springframework.beans.factory.parsing.BeanDefinitionParsingException: Configuration problem: session-fixation-protection attribute cannot be used in combination with session-authentication-strategy-ref Offending resource: ServletContext resource [/WEB-INF/applicationContext-security.xml] ...

GitHub | spring-issuemaster | 3 years ago
tip
Click on the to mark the solution that helps you, Samebug will learn from it.
As a community member, you’ll be rewarded for you help.
  1. 0

    SEC-2545: Failure to fully configurate SessionFixationProtectionStrategy

    GitHub | 3 years ago | spring-issuemaster
    org.springframework.beans.factory.parsing.BeanDefinitionParsingException: Configuration problem: session-fixation-protection attribute cannot be used in combination with session-authentication-strategy-ref Offending resource: ServletContext resource [/WEB-INF/applicationContext-security.xml] ...

    Root Cause Analysis

    1. org.springframework.beans.factory.parsing.BeanDefinitionParsingException

      Configuration problem: session-fixation-protection attribute cannot be used in combination with session-authentication-strategy-ref Offending resource: ServletContext resource [/WEB-INF/applicationContext-security.xml] ...

      at org.springframework.security.config.http.HttpConfigurationBuilder.createSessionManagementFilters()
    2. spring-security-config
      HttpSecurityBeanDefinitionParser.createFilterChain
      1. org.springframework.security.config.http.HttpConfigurationBuilder.createSessionManagementFilters(HttpConfigurationBuilder.java:299)
      2. org.springframework.security.config.http.HttpConfigurationBuilder.<init>(HttpConfigurationBuilder.java:164)
      3. org.springframework.security.config.http.HttpSecurityBeanDefinitionParser.createFilterChain(HttpSecurityBeanDefinitionParser.java:135)
      3 frames