Closed
Description
Summary
See this Stackoverflow question.
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">
<authentication-manager erase-credentials="true">
<authentication-provider>
<user-service>
<user disabled="${auth.admin.enabled}" name="${auth.admin.user}"
password="*****"/>
</user-service>
</authentication-provider>
</authentication-manager>
</beans:beans>
I'm trying to make the user disabled by SpEL expression value in Spring XML config. Since the user's "disabled" attribute is xs:boolean, XML validation doesn't accept SpEL syntax to this field.
Actual Behavior
XML validation fails if SpEL expression is used in "disabled" attribute of <user> tag.
Expected Behavior
XML validation passes, it is possible to use SpEL expressions for any <user> attribute.
Configuration
See cummary
Version
Spring Security 5.0.3 RELEASE
Sample
See Summary
Metadata
Metadata
Assignees
Labels
No labels