Spring-security-oauth2.xsd is not published to http://www.springframework.org/schema/security

[lukasondrak96]

Summary
Spring-security-oauth2.xsd should be published under https://www.springframework.org/schema/security/
Or was this removal intentional? Because it crashes our application based on spring.

Actual Behavior
Spring-security-oauth2.xsd is not available under https://www.springframework.org/schema/security/ causing XML schema validation failures in IDEs.

Expected Behavior
Spring-security-oauth2.xsd should be available under https://www.springframework.org/schema/security/ to enable successful XML schema validation in IDEs

[lukasondrak96]

For anyone missing this file, temporal solution could be something like this:
dhis2/dhis2-core@c1a0f47

Also worked for us to change url in WEB-INF/spring-oauth-security.xml to
https://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd

[jgrandja]

@lukasondrak96 The Spring Security OAuth project has reached end-of-life. Please see announcement.

As part of the end-of-life process, there are a few cleanup tasks involving the removal of some content, archives, moving repository to attic, etc.

[bilaliqball]

@lukasondrak96
https://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd
also returns 404 , page not found

[whaan]

in the spring.schemas file in the META-INF folder, all requests for https\://www.springframework.org/schema/security/spring-security-oauth2.xsd get redirected to org/springframework/security/oauth2/spring-security-oauth2-2.0.xsd

So the XSD doesn't have to looked up from the internet. As long as you use https, it will simply look it up from the classpath

[MikeN123]

Yes, and the problem is that previously http was used, other projects consistently added both http and https to the spring.schemas, but that was never fixed for spring-security-oauth. So that's why stuff all over the place is breaking now.

And yes, I could change the application to https:// which we already did a while ago, but not all legacy is gone yet and the complete breakage of the apps means I would now have to rebuild dozens of applications.