A

AbstractFilterInvocationDefinition - Class in grails.plugin.springsecurity.web.access.intercept

Authors:

Burt Beckwith

AbstractFilterInvocationDefinition() - Constructor in AbstractFilterInvocationDefinition

access - Property in SecurityTagLib

Renders the body if the specified expression (a String; the 'expression' attribute) evaluates to true or if the specified URL is allowed.

afterInvocationManagerProviderNames - Property in SpringSecurityUtils

AfterInvocationProvider names.

afterPropertiesSet() - Method in AjaxAwareAccessDeniedHandler

afterPropertiesSet() - Method in AjaxAwareAuthenticationFailureHandler

afterPropertiesSet() - Method in ChannelFilterInvocationSecurityMetadataSourceFactoryBean

afterPropertiesSet() - Method in GrailsAnonymousAuthenticationFilter

afterPropertiesSet() - Method in GrailsRememberMeAuthenticationFilter

afterPropertiesSet() - Method in GrailsUsernamePasswordAuthenticationFilter

afterPropertiesSet() - Method in SpringUserCacheFactoryBean

AJAX_HEADER - Field in SpringSecurityUtils

Default value for the name of the Ajax header.

ajaxAuthenticationFailureUrl - Property in AjaxAwareAuthenticationFailureHandler

Dependency injection for the Ajax auth fail url.

AjaxAwareAccessDeniedHandler - Class in grails.plugin.springsecurity.web.access

Authors:

Burt Beckwith

AjaxAwareAccessDeniedHandler() - Constructor in AjaxAwareAccessDeniedHandler

AjaxAwareAuthenticationEntryPoint - Class in grails.plugin.springsecurity.web.authentication

Authors:

Burt Beckwith

AjaxAwareAuthenticationEntryPoint(java.lang.String) - Constructor in AjaxAwareAuthenticationEntryPoint

Parameters:

loginFormUrl - URL where the login page can be found.

AjaxAwareAuthenticationFailureHandler - Class in grails.plugin.springsecurity.web.authentication

Ajax-aware failure handler that detects failed Ajax logins and redirects to the appropriate URL.

AjaxAwareAuthenticationFailureHandler() - Constructor in AjaxAwareAuthenticationFailureHandler

AjaxAwareAuthenticationSuccessHandler - Class in grails.plugin.springsecurity.web.authentication

Authors:

Burt Beckwith

AjaxAwareAuthenticationSuccessHandler() - Constructor in AjaxAwareAuthenticationSuccessHandler

ajaxDenied() - Method in LoginController

The Ajax denied redirect url.

ajaxErrorPage - Field in AjaxAwareAccessDeniedHandler

ajaxLoginFormUrl - Field in AjaxAwareAuthenticationEntryPoint

ajaxSuccess() - Method in LoginController

The Ajax success redirect url.

ajaxSuccessUrl - Property in AjaxAwareAuthenticationSuccessHandler

Dependency injection for the Ajax success url, e.g.

ALLOW404 - Field in AbstractFilterInvocationDefinition

allowLocalhost - Property in IpAddressFilter

Dependency injection for whether to allow localhost calls (useful for testing).

ALREADY_FILTERED_ATTR_NAME - Field in DebugFilter

Annotation - Enum Constant in SecurityConfigType

Annotations in controllers.

AnnotationFilterInvocationDefinition - Class in grails.plugin.springsecurity.web.access.intercept

A org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource that uses rules defined with Controller annotations combined with static rules defined in SecurityConfig.groovy, e.g. for js, images, css or for rules that cannot be expressed in a controller like '/**'.

AnnotationFilterInvocationDefinition() - Constructor in AnnotationFilterInvocationDefinition

ANONYMOUS_FILTER - Enum Constant in SecurityFilterPosition

ANY_METHOD - Field in Secured

Default value for httpMethod().

Application - Class in grails.plugin.springsecurity

Authors:

Burt Beckwith

application - Property in AnnotationFilterInvocationDefinition

Dependency injection for the application.

Application() - Constructor in Application

application - Property in ReflectionUtils

applicationContext - Property in ClosureVoter

applicationContext - Property in SecurityEventListener

applyAnonymousForThisRequest(jakarta.servlet.http.HttpServletRequest) - Method in GrailsAnonymousAuthenticationFilter

asList(java.lang.Object) - Method in ReflectionUtils

assertAttribute(java.lang.String, java.lang.Object, java.lang.String) - Method in SecurityTagLib

attemptAuthentication(jakarta.servlet.http.HttpServletRequest, jakarta.servlet.http.HttpServletResponse) - Method in GrailsUsernamePasswordAuthenticationFilter

auth() - Method in LoginController

Show the login page.

authAjax() - Method in LoginController

The redirect action for Ajax requests.

authenticate(org.springframework.security.core.Authentication) - Method in GrailsAnonymousAuthenticationProvider

AuthenticatedVetoableDecisionManager - Class in grails.plugin.springsecurity.access.vote

Uses the affirmative-based logic for roles, i.e. any in the list will grant access, but allows an authenticated voter to 'veto' access.

AuthenticatedVetoableDecisionManager(List<AccessDecisionVoter>) - Constructor in AuthenticatedVetoableDecisionManager

authenticatedVoter - Field in AbstractFilterInvocationDefinition

authenticationDetailsSource - Property in GrailsAnonymousAuthenticationFilter

Dependency injection for authenticationDetailsSource.

authenticationTrustResolver - Property in AjaxAwareAccessDeniedHandler

Dependency injection for the org.springframework.security.authentication.AuthenticationTrustResolver.

authenticationTrustResolver - Property in LoginController

Dependency injection for the authenticationTrustResolver.

authenticationTrustResolver - Property in SpringSecurityService

dependency injection for authenticationTrustResolver

authfail() - Method in LoginController

Callback after a failed login.

author - Property in SpringSecurityCoreGrailsPlugin

authorEmail - Property in SpringSecurityCoreGrailsPlugin

Authorities - Annotation Type in grails.plugin.springsecurity.annotation

Specify the property file key with this annotation, and the AST transform class will replace with an

Secured:

annotation with the associated role names.

authoritiesToRoles(java.lang.Object) - Method in SpringSecurityUtils

Extract the role names from authorities.

AuthoritiesTransformation - Class in grails.plugin.springsecurity.annotation

See http://burtbeckwith.com/blog/?

AuthoritiesTransformation() - Constructor in AuthoritiesTransformation

authorizeExpression - Property in WebExpressionConfigAttribute

AUTOCONFIG_NAME - Field in SpringSecurityBeanFactoryPostProcessor

B

BASIC_AUTH_FILTER - Enum Constant in SecurityFilterPosition

BeanTypeResolver - Class in grails.plugin.springsecurity

Used in doWithSpring to allow overriding of the class of individual Spring beans by setting a property in the config.

BeanTypeResolver(groovy.util.ConfigObject, grails.core.GrailsApplication) - Constructor in BeanTypeResolver

BEARER_TOKEN_AUTH_FILTER - Enum Constant in SecurityFilterPosition

buildAnnotationNode(java.lang.String) - Method in AuthoritiesTransformation

buildConfigAttributes(Collection<String>, boolean) - Method in ReflectionUtils

buildFilterChains(SortedMap<Integer, String>, List<Map<String, ?>>, List<GrailsSecurityFilterChain>, org.springframework.context.ApplicationContext) - Method in SpringSecurityUtils

buildMap() - Method in ChannelFilterInvocationSecurityMetadataSourceFactoryBean

C

cacheConfig - Property in SpringUserCacheFactoryBean

cacheManager - Property in SpringUserCacheFactoryBean

cacheName - Property in SpringUserCacheFactoryBean

calculateRedirectUrl(jakarta.servlet.http.HttpServletRequest, java.lang.String) - Method in GrailsRedirectStrategy

calculateUri(jakarta.servlet.http.HttpServletRequest) - Method in AbstractFilterInvocationDefinition

Resolve the URI from jakarta.servlet.http.HttpServletRequest

call(org.springframework.context.ApplicationEvent, java.lang.String) - Method in SecurityEventListener

CAS_FILTER - Enum Constant in SecurityFilterPosition

CHANNEL_FILTER - Enum Constant in SecurityFilterPosition

ChannelFilterInvocationSecurityMetadataSourceFactoryBean - Class in grails.plugin.springsecurity.web.access.intercept

Factory bean that builds a org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource for channel security.

ChannelFilterInvocationSecurityMetadataSourceFactoryBean() - Constructor in ChannelFilterInvocationSecurityMetadataSourceFactoryBean

check(org.springframework.security.core.userdetails.UserDetails) - Method in DefaultPostAuthenticationChecks

check(org.springframework.security.core.userdetails.UserDetails) - Method in DefaultPreAuthenticationChecks

checkAuthenticatedVoters(org.springframework.security.core.Authentication, java.lang.Object, Collection<ConfigAttribute>) - Method in AuthenticatedVetoableDecisionManager

Allow any org.springframework.security.access.vote.AuthenticatedVoter to veto.

checkOtherVoters(org.springframework.security.core.Authentication, java.lang.Object, Collection<ConfigAttribute>) - Method in AuthenticatedVetoableDecisionManager

Check the other (non-org.springframework.security.access.vote.AuthenticatedVoter) voters.

clearCachedRequestmaps() - Method in SpringSecurityService

Call when editing, creating, or deleting a Requestmap to flush the cached configuration and rebuild using the most recent data.

clientRegisterFilter(java.lang.String, int) - Method in SpringSecurityUtils

Register a filter in a specified position in the chain.

closure - Property in ClosureConfigAttribute

closure - Property in ClosureX509PrincipalExtractor

Dependency injection for the closure to use to extract the username.

closure() - Method in Secured

Optional attribute to specify a closure that will be evaluated to decide if access should be allowed.

closureClass - Property in InterceptedUrl

ClosureConfigAttribute - Class in grails.plugin.springsecurity.access.vote

Authors:

Burt Beckwith

ClosureConfigAttribute(Closure<?>) - Constructor in ClosureConfigAttribute

Constructor.

ClosureVoter - Class in grails.plugin.springsecurity.access.vote

Authors:

Burt Beckwith

ClosureVoter() - Constructor in ClosureVoter

ClosureX509PrincipalExtractor - Class in grails.plugin.springsecurity.web.authentication.preauth.x509

Authors:

Burt Beckwith

ClosureX509PrincipalExtractor() - Constructor in ClosureX509PrincipalExtractor

CommandLineHelper - Trait in grails.plugin.springsecurity

commence(jakarta.servlet.http.HttpServletRequest, jakarta.servlet.http.HttpServletResponse, org.springframework.security.core.AuthenticationException) - Method in AjaxAwareAuthenticationEntryPoint

compileActionClosures(Map<String, List<InterceptedUrl>>) - Method in AnnotationFilterInvocationDefinition

compileActionRoles(Map<String, List<InterceptedUrl>>) - Method in AnnotationFilterInvocationDefinition

compileAndStoreMapping(grails.plugin.springsecurity.InterceptedUrl) - Method in AbstractFilterInvocationDefinition

compileClassClosures(List<InterceptedUrl>) - Method in AnnotationFilterInvocationDefinition

compileClassRoles(List<InterceptedUrl>) - Method in AnnotationFilterInvocationDefinition

compiled - Field in AbstractFilterInvocationDefinition

compileStaticRules(java.lang.Object) - Method in AnnotationFilterInvocationDefinition

CONCURRENT_SESSION_FILTER - Enum Constant in SecurityFilterPosition

conf - Field in BeanTypeResolver

configAttributes - Property in InterceptedUrl

configuredOrderedFilters - Property in SpringSecurityUtils

Set by SpringSecurityCoreGrailsPlugin contains the actual filter beans in order.

configureMapping(grails.web.mapping.UrlMappingInfo, org.grails.web.servlet.mvc.GrailsWebRequest, Map<String, Object>) - Method in AnnotationFilterInvocationDefinition

consoleLogger - Property in S2CreatePersistentTokenCommand

consoleLogger - Property in S2CreateRoleHierarchyEntryCommand

consoleLogger - Property in S2QuickstartCommand

ControllerMixin - Trait in grails.plugin.springsecurity

Authors:

Burt Beckwith

copyParams(org.grails.web.servlet.mvc.GrailsWebRequest) - Method in AnnotationFilterInvocationDefinition

CORS_FILTER - Enum Constant in SecurityFilterPosition

createAnnotation(org.codehaus.groovy.ast.AnnotationNode, org.codehaus.groovy.control.SourceUnit) - Method in AuthoritiesTransformation

createAuthentication(jakarta.servlet.http.HttpServletRequest) - Method in GrailsAnonymousAuthenticationFilter

createControllerUri(java.lang.String, java.lang.String) - Method in AnnotationFilterInvocationDefinition

createFilterInvocation(java.lang.String, java.lang.String, java.lang.String) - Method in GrailsWebInvocationPrivilegeEvaluator

createInstance(java.lang.String, java.lang.String, java.lang.String) - Method in DummyRequestCreator

createInstance() - Method in DummyResponseCreator

createNewToken(org.springframework.security.web.authentication.rememberme.PersistentRememberMeToken) - Method in GormPersistentTokenRepository

createRequestMaps(List<String>, java.lang.String) - Method in SpringSecurityService

Create multiple requestmap instances in a transaction that all share the same configAttribute.

createSessionOnSuccess - Property in GrailsRememberMeAuthenticationFilter

Dependency injection for createSessionOnSuccess.

createUserDetails(java.lang.Object, Collection<GrantedAuthority>) - Method in GormUserDetailsService

CSRF_FILTER - Enum Constant in SecurityFilterPosition

ctx - Property in SecuredClosureDelegate

current - Property in DelegatingAsyncGrailsWebRequest

current - Property in DelegatingGrailsWebRequest

D

DebugFilter - Class in grails.plugin.springsecurity.web.filter

Based on the package-scope org.springframework.security.config.debug.DebugFilter.

DebugFilter.1 - Class in grails.plugin.springsecurity.web.filter

DebugFilter.1() - Constructor in DebugFilter.1

DebugFilter(org.springframework.security.web.FilterChainProxy) - Constructor in DebugFilter

debugLog(boolean, java.lang.String, java.lang.Object) - Method in DebugFilter

decide(org.springframework.security.core.Authentication, java.lang.Object, Collection<ConfigAttribute>) - Method in AuthenticatedVetoableDecisionManager

decide(org.springframework.security.core.Authentication, java.lang.Object, Collection<ConfigAttribute>, java.lang.Object) - Method in NullAfterInvocationManager

decide(org.springframework.security.core.Authentication, java.lang.Object, Collection<ConfigAttribute>, java.lang.Object) - Method in NullAfterInvocationProvider

DEFAULT_METHOD_PARAM - Field in HttpMethodOverrideDetector

Default method parameter: _method

DEFAULT_RESOURCES_FILTER - Enum Constant in SecurityFilterPosition

DEFAULT_TARGET_PARAMETER - Field in SpringSecurityUtils

DefaultPostAuthenticationChecks - Class in grails.plugin.springsecurity.userdetails

Copy of the private class in AbstractUserDetailsAuthenticationProvider to make subclassing or replacement easier.

DefaultPostAuthenticationChecks() - Constructor in DefaultPostAuthenticationChecks

DefaultPreAuthenticationChecks - Class in grails.plugin.springsecurity.userdetails

Copy of the private class in AbstractUserDetailsAuthenticationProvider to make subclassing or replacement easier.

DefaultPreAuthenticationChecks() - Constructor in DefaultPreAuthenticationChecks

DefaultThrowableAnalyzer - Class in grails.plugin.springsecurity.web.access

Copy of org.springframework.security.web.access.ExceptionTranslationFilter.DefaultThrowableAnalyzer which is private.

DefaultThrowableAnalyzer.1 - Class in grails.plugin.springsecurity.web.access

DefaultThrowableAnalyzer.1() - Constructor in DefaultThrowableAnalyzer.1

DefaultThrowableAnalyzer() - Constructor in DefaultThrowableAnalyzer

definition - Property in ChannelFilterInvocationSecurityMetadataSourceFactoryBean

Dependency injection for the definition maps.

DelegatingAsyncGrailsWebRequest - Class in grails.plugin.springsecurity.web

DelegatingAsyncGrailsWebRequest(jakarta.servlet.http.HttpServletRequest, jakarta.servlet.http.HttpServletResponse, grails.async.web.AsyncGrailsWebRequest) - Constructor in DelegatingAsyncGrailsWebRequest

DelegatingGrailsWebRequest - Class in grails.plugin.springsecurity.web

DelegatingGrailsWebRequest(jakarta.servlet.http.HttpServletRequest, jakarta.servlet.http.HttpServletResponse, org.grails.web.servlet.mvc.GrailsWebRequest) - Constructor in DelegatingGrailsWebRequest

deleteRole(java.lang.Object) - Method in SpringSecurityService

Delete a role, and if Requestmap class is used to store roles, remove the role from all Requestmap definitions.

denied() - Method in LoginController

Show denied page.

DENY - Field in AbstractFilterInvocationDefinition

deny() - Method in AuthenticatedVetoableDecisionManager

deny(jakarta.servlet.http.HttpServletRequest, jakarta.servlet.http.HttpServletResponse) - Method in IpAddressFilter

description - Property in S2QuickstartCommand

description - Property in SpringSecurityCoreGrailsPlugin

determineSource() - Method in SecurityTagLib

determineUrl(org.springframework.security.web.FilterInvocation) - Method in AbstractFilterInvocationDefinition

determineUrl(org.springframework.security.web.FilterInvocation) - Method in AnnotationFilterInvocationDefinition

determineUrlToUseForThisRequest(jakarta.servlet.http.HttpServletRequest, jakarta.servlet.http.HttpServletResponse, org.springframework.security.core.AuthenticationException) - Method in AjaxAwareAuthenticationEntryPoint

DIGEST_AUTH_FILTER - Enum Constant in SecurityFilterPosition

DISABLE_ENCODE_URL_FILTER - Enum Constant in SecurityFilterPosition

disableFilterRegistrationBeans(org.springframework.beans.factory.support.BeanDefinitionRegistry) - Method in SpringSecurityBeanFactoryPostProcessor

Need to add a FilterRegistrationBean with enabled set to false to prevent Boot from registering all of the filters in the filterchains again as regular filters.

documentation - Property in SpringSecurityCoreGrailsPlugin

doFilter(jakarta.servlet.ServletRequest, jakarta.servlet.ServletResponse, jakarta.servlet.FilterChain) - Method in DebugFilter

doFilter(jakarta.servlet.ServletRequest, jakarta.servlet.ServletResponse, jakarta.servlet.FilterChain) - Method in GrailsAnonymousAuthenticationFilter

doFilter(jakarta.servlet.ServletRequest, jakarta.servlet.ServletResponse) - Method in GrailsWebInvocationPrivilegeEvaluator.1

doFilter(jakarta.servlet.ServletRequest, jakarta.servlet.ServletResponse, jakarta.servlet.FilterChain) - Method in IpAddressFilter

doFilter(jakarta.servlet.ServletRequest, jakarta.servlet.ServletResponse, jakarta.servlet.FilterChain) - Method in MutableLogoutFilter

doFilter(jakarta.servlet.ServletRequest, jakarta.servlet.ServletResponse, jakarta.servlet.FilterChain) - Method in SecurityRequestHolderFilter

doFilter(jakarta.servlet.ServletRequest, jakarta.servlet.ServletResponse, jakarta.servlet.FilterChain) - Method in UpdateRequestContextHolderExceptionTranslationFilter

doStoreMapping(java.lang.String, org.springframework.http.HttpMethod, Collection<ConfigAttribute>) - Method in AnnotationFilterInvocationDefinition

doWithApplicationContext() - Method in SpringSecurityCoreGrailsPlugin

doWithAuth(java.lang.String, Closure<?>) - Method in SpringSecurityUtils

Authenticate as the specified user and execute the closure with that authentication.

doWithSpring() - Method in SpringSecurityCoreGrailsPlugin

DUMMY_CHAIN - Field in GrailsWebInvocationPrivilegeEvaluator

DUMMY_CHAIN - Field in SecurityTagLib

DUMMY_RESPONSE - Field in GrailsWebInvocationPrivilegeEvaluator

DummyRequestCreator - Class in grails.plugin.springsecurity.web.access

DummyRequestCreator.1 - Class in grails.plugin.springsecurity.web.access

DummyRequestCreator.1() - Constructor in DummyRequestCreator.1

DummyRequestCreator() - Constructor in DummyRequestCreator

DummyResponseCreator - Class in grails.plugin.springsecurity.web.access

DummyResponseCreator.1 - Class in grails.plugin.springsecurity.web.access

DummyResponseCreator.1() - Constructor in DummyResponseCreator.1

DummyResponseCreator() - Constructor in DummyResponseCreator

E

encodePassword(java.lang.String) - Method in SpringSecurityService

Encode the password using the configured PasswordEncoder.

ENCODING_ID_ARGON2 - Field in SpringSecurityCoreGrailsPlugin

ENCODING_ID_BCRYPT - Field in SpringSecurityCoreGrailsPlugin

ENCODING_ID_LDAP - Field in SpringSecurityCoreGrailsPlugin

ENCODING_ID_MD4 - Field in SpringSecurityCoreGrailsPlugin

ENCODING_ID_MD5 - Field in SpringSecurityCoreGrailsPlugin

ENCODING_ID_NOOP - Field in SpringSecurityCoreGrailsPlugin

ENCODING_ID_PBKDF2 - Field in SpringSecurityCoreGrailsPlugin

ENCODING_ID_SCRYPT - Field in SpringSecurityCoreGrailsPlugin

ENCODING_ID_SHA1 - Field in SpringSecurityCoreGrailsPlugin

ENCODING_IDSHA256 - Field in SpringSecurityCoreGrailsPlugin

ERROR404 - Field in AbstractFilterInvocationDefinition

errorPage - Field in AjaxAwareAccessDeniedHandler

EXCEPTION_TRANSLATION_FILTER - Enum Constant in SecurityFilterPosition

expressionCache - Field in SecurityTagLib

expressionHandler - Property in WebExpressionVoter

Dependency injection for the expression handler.

extractCause(java.lang.Throwable) - Method in DefaultThrowableAnalyzer.1

extractPrincipal(java.security.cert.X509Certificate) - Method in ClosureX509PrincipalExtractor

F

FAILURE - Property in CommandLineHelper

fillInStackTrace() - Method in NoStackUsernameNotFoundException

FILTER_SECURITY_INTERCEPTOR - Enum Constant in SecurityFilterPosition

filterChainProxy - Property in DebugFilter

filterProcessesUrl - Property in FilterProcessUrlRequestMatcher

FilterProcessUrlRequestMatcher - Class in grails.plugin.springsecurity.web.authentication

Based on the class of the same name which is a private static inner class in org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.

FilterProcessUrlRequestMatcher(java.lang.String) - Constructor in FilterProcessUrlRequestMatcher

filters - Property in GrailsSecurityFilterChain

filters - Property in InterceptedUrl

FILTERS_NONE - Field in SpringSecurityUtils

findActionClosures(Class<?>) - Method in AnnotationFilterInvocationDefinition

findActionRoles(Class<?>) - Method in AnnotationFilterInvocationDefinition

findActions(Class<?>) - Method in AnnotationFilterInvocationDefinition

findClosureClass(grails.plugin.springsecurity.annotation.Secured) - Method in AnnotationFilterInvocationDefinition

findConfigAttribute(Collection<ConfigAttribute>) - Method in WebExpressionVoter

findConfigAttributes(java.lang.String, java.lang.String) - Method in AbstractFilterInvocationDefinition

findControllerAnnotations(grails.core.GrailsControllerClass, Map<String, List<InterceptedUrl>>, List<InterceptedUrl>, Map<String, List<InterceptedUrl>>, List<InterceptedUrl>) - Method in AnnotationFilterInvocationDefinition

findDomainAnnotations(grails.core.GrailsDomainClass, Map<String, List<InterceptedUrl>>, List<InterceptedUrl>, Map<String, List<InterceptedUrl>>, List<InterceptedUrl>) - Method in AnnotationFilterInvocationDefinition

findFilterChainNames(groovy.util.ConfigObject) - Method in ReflectionUtils

findFilterChainNames(java.lang.Object, boolean, boolean, boolean, boolean, boolean, boolean) - Method in SpringSecurityUtils

findGrailsUrl(grails.web.mapping.UrlMappingInfo) - Method in AnnotationFilterInvocationDefinition

findMatchingAttributes(java.lang.String) - Method in AbstractFilterInvocationDefinition

For admin/debugging - find all config attributes that apply to the specified URL (doesn't consider request method restrictions).

findMatchingRules(java.lang.String) - Method in IpAddressFilter

findOrCreateExpression(java.lang.String) - Method in SecurityTagLib

findRequestmapsByRole(java.lang.String, java.lang.Object) - Method in SpringSecurityService

findSecuredAnnotation(java.lang.reflect.AccessibleObject) - Method in AnnotationFilterInvocationDefinition

FIRST - Enum Constant in SecurityFilterPosition

flagValue(java.lang.String) - Method in CommandLineHelper

FORCE_EAGER_SESSION_FILTER - Enum Constant in SecurityFilterPosition

FORM_LOGIN_FILTER - Enum Constant in SecurityFilterPosition

formatFilters(List<Filter>) - Method in DebugFilter

full() - Method in LoginController

Login page for users with a remember-me cookie but accessing a IS_AUTHENTICATED_FULLY page.

G

generatePatterns(java.lang.String, java.lang.String, boolean) - Method in AnnotationFilterInvocationDefinition

getAllConfigAttributes() - Method in AbstractFilterInvocationDefinition

getAttribute() - Method in ClosureConfigAttribute

getAttribute() - Method in WebExpressionConfigAttribute

getAttributes(java.lang.Object) - Method in AbstractFilterInvocationDefinition

getAuthenticatedUser() - Method in ControllerMixin

getAuthentication() - Method in AjaxAwareAccessDeniedHandler

getAuthentication() - Method in LoginController

getAuthentication() - Method in SpringSecurityService

Get the currently logged in user's Authentication.

getAuthorityNames(java.lang.String, org.codehaus.groovy.ast.AnnotationNode, org.codehaus.groovy.control.SourceUnit) - Method in AuthoritiesTransformation

getClassForName(java.lang.String) - Method in SpringSecurityService

getConf() - Method in LoginController

getConfigAttributeMap() - Method in AbstractFilterInvocationDefinition

For debugging.

getConfigProperty(java.lang.String, java.lang.Object) - Method in ReflectionUtils

getCurrentUser() - Method in SpringSecurityService

Get the domain class instance associated with the current authentication.

getCurrentUserId() - Method in SpringSecurityService

getExecutionContext() - Method in CommandLineHelper

getFilters(jakarta.servlet.http.HttpServletRequest) - Method in DebugFilter

getGrailsServerURL() - Method in ReflectionUtils

getHttpMethod(java.lang.annotation.Annotation) - Method in AnnotationFilterInvocationDefinition

getHttpMethodOverride(jakarta.servlet.http.HttpServletRequest) - Method in HttpMethodOverrideDetector

getInterceptedUrl(java.lang.String, org.springframework.http.HttpMethod) - Method in AbstractFilterInvocationDefinition

getLastException(jakarta.servlet.http.HttpSession) - Method in SpringSecurityUtils

Get the last auth exception.

getLastUsername(jakarta.servlet.http.HttpSession) - Method in SpringSecurityUtils

Get the last attempted username.

getObject() - Method in ChannelFilterInvocationSecurityMetadataSourceFactoryBean

getObject() - Method in SpringUserCacheFactoryBean

getObjectType() - Method in ChannelFilterInvocationSecurityMetadataSourceFactoryBean

getObjectType() - Method in SpringUserCacheFactoryBean

getOrder() - Method in SecurityFilterPosition

getParams() - Method in SecuredClosureDelegate

getPrincipal() - Method in ControllerMixin

getPrincipal() - Method in SpringSecurityService

Get the currently logged in user's principal.

getPrincipalAuthorities() - Method in SpringSecurityUtils

Get the current user's authorities.

getRequest() - Method in SecurityRequestHolder

Get the current request.

getRequestMapClass() - Method in ReflectionUtils

getRequestmapConfigAttribute(java.lang.Object) - Method in ReflectionUtils

getRequestmapHttpMethod(java.lang.Object) - Method in ReflectionUtils

getRequestmapUrl(java.lang.Object) - Method in ReflectionUtils

getResponse() - Method in SecurityRequestHolder

Get the current response.

getRoleAuthority(java.lang.Object) - Method in ReflectionUtils

getSavedRequest(jakarta.servlet.http.HttpSession) - Method in SpringSecurityUtils

Get the saved request from the session.

getScheme() - Method in SecurityRequestHolderFilter.1

getScheme() - Method in SecurityRequestHolderFilter.2

getSecurityConfig() - Method in ReflectionUtils

getSecurityConfig() - Method in SpringSecurityService

getSecurityConfig() - Method in SpringSecurityUtils

Parse and load the security configuration.

getSecurityConfigType() - Method in SpringSecurityUtils

Lookup the security type as a String to avoid dev mode reload issues.

getSecurityContext(jakarta.servlet.http.HttpSession) - Method in SpringSecurityUtils

getServerPort() - Method in SecurityRequestHolderFilter.1

getServerPort() - Method in SecurityRequestHolderFilter.2

getSession(boolean) - Method in DebugFilter.1

getSwitchedUserOriginalUsername() - Method in SpringSecurityUtils

Get the username of the original user before switching to another.

getTokenForSeries(java.lang.String) - Method in GormPersistentTokenRepository

getValue(java.lang.annotation.Annotation) - Method in AnnotationFilterInvocationDefinition

GORM_VERSION_THRESHOLD - Field in S2QuickstartCommand

GormPersistentTokenRepository - Class in grails.plugin.springsecurity.web.authentication.rememberme

GORM-based PersistentTokenRepository implementation, based on org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl.

GormPersistentTokenRepository() - Constructor in GormPersistentTokenRepository

GormUserDetailsService - Class in grails.plugin.springsecurity.userdetails

Default implementation of GrailsUserDetailsService that uses domain classes to load users and roles.

GormUserDetailsService() - Constructor in GormUserDetailsService

GrailsAnonymousAuthenticationFilter - Class in grails.plugin.springsecurity.web.filter

Replaces org.springframework.security.web.authentication.AnonymousAuthenticationFilter.

GrailsAnonymousAuthenticationFilter() - Constructor in GrailsAnonymousAuthenticationFilter

GrailsAnonymousAuthenticationProvider - Class in grails.plugin.springsecurity.authentication

Authors:

Burt Beckwith

GrailsAnonymousAuthenticationProvider() - Constructor in GrailsAnonymousAuthenticationProvider

GrailsAnonymousAuthenticationToken - Class in grails.plugin.springsecurity.authentication

Authors:

Burt Beckwith

GrailsAnonymousAuthenticationToken(java.lang.String, java.lang.Object) - Constructor in GrailsAnonymousAuthenticationToken

Constructor.

grailsApplication - Field in BeanTypeResolver

grailsApplication - Property in GormPersistentTokenRepository

Dependency injection for grailsApplication.

grailsApplication - Property in GormUserDetailsService

Dependency injection for the application.

grailsApplication - Property in SpringSecurityService

dependency injection for grailsApplication

GrailsRedirectStrategy - Class in grails.plugin.springsecurity.web

Builds absolute urls when using header check channel security to prevent the container from generating urls with an incorrect scheme.

GrailsRedirectStrategy() - Constructor in GrailsRedirectStrategy

GrailsRememberMeAuthenticationFilter - Class in grails.plugin.springsecurity.web.filter

Stores a SavedRequest so remember-me autologin gets redirected to requested url.

GrailsRememberMeAuthenticationFilter(org.springframework.security.authentication.AuthenticationManager, org.springframework.security.web.authentication.RememberMeServices, org.springframework.security.web.savedrequest.RequestCache) - Constructor in GrailsRememberMeAuthenticationFilter

GrailsSecurityFilterChain - Class in grails.plugin.springsecurity.web

Based on org.springframework.security.web.DefaultSecurityFilterChain which is final.

GrailsSecurityFilterChain(java.lang.String, List<Filter>) - Constructor in GrailsSecurityFilterChain

grailsUrlConverter - Property in AnnotationFilterInvocationDefinition

Dependency injection for the grailsUrlConverter bean.

GrailsUser - Class in grails.plugin.springsecurity.userdetails

Extends the default Spring Security user class to contain the ID for efficient lookup of the domain class from the Authentication.

GrailsUser(java.lang.String, java.lang.String, boolean, boolean, boolean, boolean, Collection<GrantedAuthority>, java.lang.Object) - Constructor in GrailsUser

Constructor.

GrailsUserDetailsService - Interface in grails.plugin.springsecurity.userdetails

Extension of the standard interface that allows specifying whether or not to load roles from the database, e.g. for LDAP where role information is inferred from LDAP group membership.

GrailsUsernamePasswordAuthenticationFilter - Class in grails.plugin.springsecurity.web.authentication

Extends the default org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter to store the last attempted login username in the session under the 'SPRING_SECURITY_LAST_USERNAME' key if storeLastUsername is true.

GrailsUsernamePasswordAuthenticationFilter() - Constructor in GrailsUsernamePasswordAuthenticationFilter

grailsVersion - Property in SpringSecurityCoreGrailsPlugin

GrailsWebInvocationPrivilegeEvaluator - Class in grails.plugin.springsecurity.web.access

createFilterInvocation() is private in the base class so this is required to create a mock request that works with Grails - more methods get called than are expected in the mock request that the base class uses.

GrailsWebInvocationPrivilegeEvaluator.1 - Class in grails.plugin.springsecurity.web.access

GrailsWebInvocationPrivilegeEvaluator.1() - Constructor in GrailsWebInvocationPrivilegeEvaluator.1

GrailsWebInvocationPrivilegeEvaluator(org.springframework.security.access.intercept.AbstractSecurityInterceptor) - Constructor in GrailsWebInvocationPrivilegeEvaluator

Constructor.

H

handle(jakarta.servlet.http.HttpServletRequest, jakarta.servlet.http.HttpServletResponse, org.springframework.security.access.AccessDeniedException) - Method in AjaxAwareAccessDeniedHandler

handle() - Method in S2CreatePersistentTokenCommand

handle() - Method in S2CreateRoleHierarchyEntryCommand

handle() - Method in S2QuickstartCommand

handlers - Property in MutableLogoutFilter

Dependency injection for the logout handlers.

hasAccess(java.lang.Object, java.lang.String) - Method in SecurityTagLib

HEADER_X_HTTP_METHOD_OVERRIDE - Field in HttpMethodOverrideDetector

HEADERS_FILTER - Enum Constant in SecurityFilterPosition

httpMethod - Property in InterceptedUrl

httpMethod() - Method in Secured

Optional attribute to specify the HTTP method required.

HttpMethodOverrideDetector - Class in grails.plugin.springsecurity.web.filter

HttpMethodOverrideDetector() - Constructor in HttpMethodOverrideDetector

https - Property in InterceptedUrl

httpServletResponseExtension - Property in AnnotationFilterInvocationDefinition

Dependency injection for the httpServletResponseExtension bean.

I

id - Property in GrailsUser

idToPasswordEncoder(groovy.util.ConfigObject) - Method in SpringSecurityCoreGrailsPlugin

ifAllGranted - Property in SecurityTagLib

Renders the body if all of the specified roles are granted to the user.

ifAllGranted(Collection<? extends GrantedAuthority>) - Method in SpringSecurityUtils

ifAnyGranted - Property in SecurityTagLib

Renders the body if any of the specified roles are granted to the user.

ifAnyGranted(Collection<? extends GrantedAuthority>) - Method in SpringSecurityUtils

ifLoggedIn - Property in SecurityTagLib

Renders the body if the user is authenticated.

ifNotGranted - Property in SecurityTagLib

Renders the body if none of the specified roles are granted to the user.

ifNotGranted(Collection<? extends GrantedAuthority>) - Method in SpringSecurityUtils

ifNotLoggedIn - Property in SecurityTagLib

Renders the body if the user is not authenticated.

ifNotSwitched - Property in SecurityTagLib

Renders the body if the user is not authenticated as another user via run-as.

ifSwitched - Property in SecurityTagLib

Renders the body if the user is authenticated as another user via run-as.

index() - Method in LoginController

Default action; redirects to 'defaultTargetUrl' if logged in, /login/auth otherwise.

index() - Method in LogoutController

Index action.

initExtractorMap() - Method in DefaultThrowableAnalyzer

initFilterBean() - Method in IpAddressFilter

initialize() - Method in AbstractFilterInvocationDefinition

initialize(java.lang.Object, grails.web.mapping.UrlMappingsHolder, grails.core.GrailsClass, grails.core.GrailsClass) - Method in AnnotationFilterInvocationDefinition

Called by the plugin to set controller role info.

initialize() - Method in InterceptUrlMapFilterInvocationDefinition

initialize() - Method in RequestmapFilterInvocationDefinition

initialized - Field in AbstractFilterInvocationDefinition

insecureHeaderName - Property in SecurityRequestHolderFilter

insecureHeaderValue - Property in SecurityRequestHolderFilter

InterceptedUrl - Class in grails.plugin.springsecurity

Authors:

Burt Beckwith

InterceptedUrl(java.lang.String, Class<?>, org.springframework.http.HttpMethod) - Constructor in InterceptedUrl

interceptor - Field in GrailsWebInvocationPrivilegeEvaluator

InterceptUrlMap - Enum Constant in SecurityConfigType

Map defined in Config.groovy.

InterceptUrlMapFilterInvocationDefinition - Class in grails.plugin.springsecurity.web.access.intercept

Authors:

Burt Beckwith

InterceptUrlMapFilterInvocationDefinition() - Constructor in InterceptUrlMapFilterInvocationDefinition

invoke(java.lang.Object, java.lang.reflect.Method, java.lang.Object) - Method in DummyRequestCreator.1

invoke(java.lang.Object, java.lang.reflect.Method, java.lang.Object) - Method in DummyResponseCreator.1

invokeWithWrappedRequest(jakarta.servlet.http.HttpServletRequest, jakarta.servlet.http.HttpServletResponse, jakarta.servlet.FilterChain) - Method in DebugFilter

IpAddressFilter - Class in grails.plugin.springsecurity.web.filter

Blocks access to protected resources based on IP address.

IpAddressFilter() - Constructor in IpAddressFilter

IPV4_LOOPBACK - Field in IpAddressFilter

IPV6_LOOPBACK - Field in IpAddressFilter

isAjax(jakarta.servlet.http.HttpServletRequest) - Method in SpringSecurityService

Check if the request was triggered by an Ajax call.

isAjax(jakarta.servlet.http.HttpServletRequest) - Method in SpringSecurityUtils

Check if the request was triggered by an Ajax call.

isAllowed(java.lang.String, java.lang.String, java.lang.String, org.springframework.security.core.Authentication) - Method in GrailsWebInvocationPrivilegeEvaluator

isAllowed(jakarta.servlet.http.HttpServletRequest) - Method in IpAddressFilter

isFallback(java.lang.Object) - Method in SecurityTagLib

isFlagPresent(java.lang.String) - Method in CommandLineHelper

isLoggedIn() - Method in AjaxAwareAccessDeniedHandler

isLoggedIn() - Method in ControllerMixin

isLoggedIn() - Method in SpringSecurityService

Quick check to see if the current user is logged in.

isSecure() - Method in SecurityRequestHolderFilter.1

isSecure() - Method in SecurityRequestHolderFilter.2

isSingleton() - Method in ChannelFilterInvocationSecurityMetadataSourceFactoryBean

issueManagement - Property in SpringSecurityCoreGrailsPlugin

isSwitched() - Method in SpringSecurityUtils

Check if the current user is switched to another user.

J

JAAS_API_SUPPORT_FILTER - Enum Constant in SecurityFilterPosition

JAVA_LANG_EXCEPTION - Field in DebugFilter

JAVA_LANG_EXCEPTION_LENGTH - Field in DebugFilter

K

key - Property in GrailsAnonymousAuthenticationFilter

Dependency injection for the key.

L

LAST - Enum Constant in SecurityFilterPosition

license - Property in SpringSecurityCoreGrailsPlugin

link - Property in SecurityTagLib

Provides a wrapper around the standard Grails link tag g:link.

loadAfter - Property in SpringSecurityCoreGrailsPlugin

loadAllRequestmaps() - Method in ReflectionUtils

loadAuthorities(java.lang.Object, java.lang.String, boolean) - Method in GormUserDetailsService

loadCurrentUser() - Method in SpringSecurityService

Get a proxy for the domain class instance associated with the current authentication.

loadRequestmaps() - Method in RequestmapFilterInvocationDefinition

loadSecondaryConfig(java.lang.String) - Method in SpringSecurityUtils

Allow a secondary plugin to add config attributes.

loadUserByUsername(java.lang.String) - Method in GormUserDetailsService

loadUserByUsername(java.lang.String, boolean) - Method in GrailsUserDetailsService

Locates the user based on the username.

loggedInUserInfo - Property in SecurityTagLib

Renders a property (specified by the 'field' attribute) from the principal.

LOGIN_PAGE_FILTER - Enum Constant in SecurityFilterPosition

LoginController - Class in grails.plugin.springsecurity

LoginController() - Constructor in LoginController

LOGOUT_FILTER - Enum Constant in SecurityFilterPosition

logout(jakarta.servlet.http.HttpServletRequest, jakarta.servlet.http.HttpServletResponse, org.springframework.security.core.Authentication) - Method in MutableLogoutFilter.DummyLogoutHandler

logout(jakarta.servlet.http.HttpServletRequest, jakarta.servlet.http.HttpServletResponse, org.springframework.security.core.Authentication) - Method in NullLogoutHandlerRememberMeServices

LOGOUT_PAGE_FILTER - Enum Constant in SecurityFilterPosition

LogoutController - Class in grails.plugin.springsecurity

LogoutController() - Constructor in LogoutController

logoutHandlerNames - Property in SpringSecurityUtils

Logout handler names.

logoutSuccessHandler - Field in MutableLogoutFilter

lookupDomainClass() - Method in GormPersistentTokenRepository

lowercaseAndStripQuerystring(java.lang.String) - Method in AbstractFilterInvocationDefinition

M

main(java.lang.String) - Method in Application

matchAllUrlMappings(grails.web.mapping.UrlMappingsHolder, java.lang.String, org.grails.web.servlet.mvc.GrailsWebRequest, org.grails.web.mime.HttpServletResponseExtension) - Method in ReflectionUtils

matcherPattern - Property in GrailsSecurityFilterChain

matches(jakarta.servlet.http.HttpServletRequest) - Method in FilterProcessUrlRequestMatcher

matches(jakarta.servlet.http.HttpServletRequest) - Method in GrailsSecurityFilterChain

MAX_VALUE - Field in SecurityConfigType

messages - Field in AbstractFilterInvocationDefinition

messages - Field in ClosureX509PrincipalExtractor

messages - Field in DefaultPostAuthenticationChecks

messages - Field in DefaultPreAuthenticationChecks

messageSource - Property in LoginController

Dependency injection for the messageSource.

MIN_VALUE - Field in SecurityConfigType

modifyGrantedAuthorities(org.springframework.security.core.userdetails.UserDetails, org.springframework.security.core.Authentication, Collection<? extends GrantedAuthority>) - Method in NullSwitchUserAuthorityChanger

MutableLogoutFilter - Class in grails.plugin.springsecurity.web.authentication.logout

Authors:

Burt Beckwith

MutableLogoutFilter.DummyLogoutHandler - Class in grails.plugin.springsecurity.web.authentication.logout

Null logout handler that's used to provide a non-empty list of handlers to the base class.

MutableLogoutFilter.DummyLogoutHandler() - Constructor in MutableLogoutFilter.DummyLogoutHandler

MutableLogoutFilter(org.springframework.security.web.authentication.logout.LogoutSuccessHandler) - Constructor in MutableLogoutFilter

Constructor.

N

namespace - Property in SecurityTagLib

newInstance(Class<?>) - Method in AnnotationFilterInvocationDefinition

NO_ROLE - Property in GormUserDetailsService

Some Spring Security classes (e.g.

NO_ROLE - Field in SpringSecurityUtils

Used to ensure that all authenticated users have at least one granted authority to work around Spring Security code that assumes at least one.

NO_SALT - Field in SpringSecurityService

noAccess - Property in SecurityTagLib

Renders the body if the specified expression (a String; the 'expression' attribute) evaluates to false or if the specified URL is not allowed.

noFilterIsApplied(List<Map<String, ?>>, java.lang.String) - Method in SpringSecurityUtils

NoStackUsernameNotFoundException - Class in grails.plugin.springsecurity.userdetails

Lightweight exception that avoids the cost of filling in the stack frames.

NoStackUsernameNotFoundException() - Constructor in NoStackUsernameNotFoundException

NullAfterInvocationManager - Class in grails.plugin.springsecurity.access.intercept

No-op implementation.

NullAfterInvocationManager() - Constructor in NullAfterInvocationManager

NullAfterInvocationProvider - Class in grails.plugin.springsecurity.access

No-op implementation.

NullAfterInvocationProvider() - Constructor in NullAfterInvocationProvider

NullAuthenticationEventPublisher - Class in grails.plugin.springsecurity.authentication

Authors:

Burt Beckwith

NullAuthenticationEventPublisher() - Constructor in NullAuthenticationEventPublisher

NullAuthenticationFailureHandler - Class in grails.plugin.springsecurity.web.authentication.preauth.x509

Authors:

Burt Beckwith

NullAuthenticationFailureHandler() - Constructor in NullAuthenticationFailureHandler

NullAuthenticationSuccessHandler - Class in grails.plugin.springsecurity.web.authentication.preauth.x509

Authors:

Burt Beckwith

NullAuthenticationSuccessHandler() - Constructor in NullAuthenticationSuccessHandler

NullFilterChainValidator - Class in grails.plugin.springsecurity.web

No-op validator.

NullFilterChainValidator() - Constructor in NullFilterChainValidator

NullLogoutHandlerRememberMeServices - Class in grails.plugin.springsecurity.web.authentication

Authors:

Burt Beckwith

NullLogoutHandlerRememberMeServices() - Constructor in NullLogoutHandlerRememberMeServices

NullSwitchUserAuthorityChanger - Class in grails.plugin.springsecurity.web.authentication.switchuser

No-op implementation.

NullSwitchUserAuthorityChanger() - Constructor in NullSwitchUserAuthorityChanger

O

OAUTH2_AUTHORIZATION_CODE_GRANT_FILTER - Enum Constant in SecurityFilterPosition

OAUTH2_AUTHORIZATION_REQUEST_FILTER - Enum Constant in SecurityFilterPosition

OAUTH2_LOGIN_FILTER - Enum Constant in SecurityFilterPosition

objectDefinitionSource - Property in SpringSecurityService

dependency injection for org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource

observe - Property in SpringSecurityCoreGrailsPlugin

onApplicationEvent(org.springframework.context.ApplicationEvent) - Method in SecurityEventListener

onAuthenticationFailure(jakarta.servlet.http.HttpServletRequest, jakarta.servlet.http.HttpServletResponse, org.springframework.security.core.AuthenticationException) - Method in AjaxAwareAuthenticationFailureHandler

onAuthenticationFailure(jakarta.servlet.http.HttpServletRequest, jakarta.servlet.http.HttpServletResponse, org.springframework.security.core.AuthenticationException) - Method in NullAuthenticationFailureHandler

onAuthenticationSuccess(jakarta.servlet.http.HttpServletRequest, jakarta.servlet.http.HttpServletResponse, org.springframework.security.core.Authentication) - Method in AjaxAwareAuthenticationSuccessHandler

onAuthenticationSuccess(jakarta.servlet.http.HttpServletRequest, jakarta.servlet.http.HttpServletResponse, org.springframework.security.core.Authentication) - Method in NullAuthenticationSuccessHandler

onChange(Map<String, Object>) - Method in SpringSecurityCoreGrailsPlugin

onConfigChange(Map<String, Object>) - Method in SpringSecurityCoreGrailsPlugin

onSuccessfulAuthentication(jakarta.servlet.http.HttpServletRequest, jakarta.servlet.http.HttpServletResponse, org.springframework.security.core.Authentication) - Method in GrailsRememberMeAuthenticationFilter

orderedFilters - Property in SpringSecurityUtils

Ordered filter names.

organization - Property in SpringSecurityCoreGrailsPlugin

P

parseAuthoritiesString(java.lang.String) - Method in SpringSecurityUtils

Split the role names and create org.springframework.security.core.GrantedAuthoritys for each.

PASSWORD - Field in GrailsAnonymousAuthenticationToken

passwordEncoder - Property in SpringSecurityService

dependency injection for the password encoder

pathMatcher - Field in IpAddressFilter

pattern - Property in InterceptedUrl

portMapper - Property in SecurityRequestHolderFilter

portResolver - Property in AjaxAwareAccessDeniedHandler

Dependency injection for the port resolver.

portResolver - Property in GrailsRedirectStrategy

Dependency injection for the port resolver.

portResolver - Property in SecurityRequestHolderFilter

postProcessBeanFactory(org.springframework.beans.factory.config.ConfigurableListableBeanFactory) - Method in SpringSecurityBeanFactoryPostProcessor

PRE_AUTH_FILTER - Enum Constant in SecurityFilterPosition

profiles - Property in SpringSecurityCoreGrailsPlugin

providerNames - Property in SpringSecurityUtils

Authentication provider names.

publishAuthenticationFailure(org.springframework.security.core.AuthenticationException, org.springframework.security.core.Authentication) - Method in NullAuthenticationEventPublisher

publishAuthenticationSuccess(org.springframework.security.core.Authentication) - Method in NullAuthenticationEventPublisher

Q

R

reauthenticate(java.lang.String, java.lang.String) - Method in SpringSecurityService

Rebuild an Authentication for the given username and register it in the security context.

reauthenticate(java.lang.String, java.lang.String) - Method in SpringSecurityUtils

Rebuild an Authentication for the given username and register it in the security context.

redirectStrategy - Property in AjaxAwareAuthenticationEntryPoint

Dependency injection for the RedirectStrategy.

redirectStrategy - Property in LogoutController

Dependency injection for RedirectStrategy.

ReflectionUtils - Class in grails.plugin.springsecurity

Helper methods that use dynamic Groovy.

registerAfterInvocationProvider(java.lang.String) - Method in SpringSecurityUtils

Register an AfterInvocationProvider bean name.

registerFilter(java.lang.String, int) - Method in SpringSecurityUtils

Register a filter bean name in a specified position in the chain.

registerLogoutHandler(java.lang.String) - Method in SpringSecurityUtils

Register a logout handler bean name.

registerProvider(java.lang.String) - Method in SpringSecurityUtils

Register a provider bean name.

registerVoter(java.lang.String) - Method in SpringSecurityUtils

Register a voter bean name.

rejectIfNoRule - Property in AbstractFilterInvocationDefinition

Dependency injection for whether to reject if there's no matching rule.

reloadDBRoleHierarchy() - Method in SpringSecurityService

Call for reloading the role hierarchy configuration from the database.

reloadSecurityConfig() - Method in SpringSecurityUtils

Force a reload of the security configuration.

REMEMBER_ME_FILTER - Enum Constant in SecurityFilterPosition

removeAutoconfigBeans(org.springframework.beans.factory.support.BeanDefinitionRegistry) - Method in SpringSecurityBeanFactoryPostProcessor

removeUserTokens(java.lang.String) - Method in GormPersistentTokenRepository

reportError(java.lang.String, org.codehaus.groovy.control.SourceUnit, org.codehaus.groovy.ast.ASTNode) - Method in AuthoritiesTransformation

REQUEST_CACHE_FILTER - Enum Constant in SecurityFilterPosition

requestCache - Property in AjaxAwareAccessDeniedHandler

Dependency injection for the request cache.

requestCache - Field in AjaxAwareAuthenticationSuccessHandler

requestCache - Field in GrailsRememberMeAuthenticationFilter

Requestmap - Enum Constant in SecurityConfigType

Requestmap domain class.

requestmapClassSupportsHttpMethod() - Method in ReflectionUtils

RequestmapFilterInvocationDefinition - Class in grails.plugin.springsecurity.web.access.intercept

Authors:

Burt Beckwith

RequestmapFilterInvocationDefinition() - Constructor in RequestmapFilterInvocationDefinition

requestMatcher - Property in GrailsSecurityFilterChain

reset() - Method in AbstractFilterInvocationDefinition

Allows subclasses to be externally reset.

reset() - Method in InterceptUrlMapFilterInvocationDefinition

reset() - Method in RequestmapFilterInvocationDefinition

Call at startup or when Requestmap instances have been added, removed, or changed.

reset() - Method in SecurityRequestHolder

Clear the saved request.

resetConfigs() - Method in AbstractFilterInvocationDefinition

resetSecurityConfig() - Method in SpringSecurityUtils

Reset the config for testing or after a dev mode Config.groovy change.

resolveFullControllerName(java.lang.String, java.lang.String) - Method in AnnotationFilterInvocationDefinition

resolveType(java.lang.String, java.lang.Class) - Method in BeanTypeResolver

restrictions - Field in IpAddressFilter

retainAll(java.lang.Object, java.lang.Object) - Method in SpringSecurityUtils

Find authorities in granted that are also in required.

ROLE - Field in GrailsAnonymousAuthenticationToken

ROLE_NAME - Field in GrailsAnonymousAuthenticationToken

ROLES - Field in GrailsAnonymousAuthenticationToken

roleVoter - Field in AbstractFilterInvocationDefinition

S

S2CreatePersistentTokenCommand - Class in grails.plugin.springsecurity

Creates a persistent token domain class for the Spring Security Core plugin.

S2CreatePersistentTokenCommand() - Constructor in S2CreatePersistentTokenCommand

S2CreateRoleHierarchyEntryCommand - Class in grails.plugin.springsecurity

Creates a domain class for a persistent role hierarchy for the Spring Security Core plugin Usage: .

S2CreateRoleHierarchyEntryCommand() - Constructor in S2CreateRoleHierarchyEntryCommand

S2QuickstartCommand - Class in grails.plugin.springsecurity

Creates domain classes and updates config settings for the Spring Security plugin.

S2QuickstartCommand() - Constructor in S2QuickstartCommand

SAML2_AUTHENTICATION_FILTER - Enum Constant in SecurityFilterPosition

SAML2_AUTHENTICATION_REQUEST_FILTER - Enum Constant in SecurityFilterPosition

SAML2_LOGOUT_FILTER - Enum Constant in SecurityFilterPosition

SAML2_LOGOUT_REQUEST_FILTER - Enum Constant in SecurityFilterPosition

SAML2_LOGOUT_RESPONSE_FILTER - Enum Constant in SecurityFilterPosition

SAVED_REQUEST - Field in SpringSecurityUtils

scm - Property in SpringSecurityCoreGrailsPlugin

Secured - Annotation Type in grails.plugin.springsecurity.annotation

Annotation for Controllers at the class level or per-action, defining what roles are required for the entire controller or action.

SECURED - Field in AuthoritiesTransformation

SecuredClosureDelegate - Class in grails.plugin.springsecurity.annotation

Set as the delegate of a closure in

Secured:

annotations; provides access to the request and application context, as well as all of the methods and properties available when using SpEL.

SecuredClosureDelegate(org.springframework.security.core.Authentication, org.springframework.security.web.FilterInvocation, org.springframework.context.ApplicationContext) - Constructor in SecuredClosureDelegate

secureHeaderName - Property in SecurityRequestHolderFilter

secureHeaderValue - Property in SecurityRequestHolderFilter

SECURITY_CONTEXT_FILTER - Enum Constant in SecurityFilterPosition

SECURITY_PROPERTIES_NAME - Field in SpringSecurityBeanFactoryPostProcessor

SecurityConfigType - Enum in grails.plugin.springsecurity

Authors:

Burt Beckwith

SecurityEventListener - Class in grails.plugin.springsecurity

Registers as an event listener and delegates handling of security-related events to optional closures defined in Config.groovy.

SecurityEventListener() - Constructor in SecurityEventListener

SecurityFilterPosition - Enum in grails.plugin.springsecurity

Stores the default order numbers of all Spring Security filters for use in configuration.

SecurityRequestHolder - Class in grails.plugin.springsecurity.web

Uses a java.lang.ThreadLocal to store the current request and response.

SecurityRequestHolderFilter - Class in grails.plugin.springsecurity.web

Stores the request and response in the SecurityRequestHolder.

SecurityRequestHolderFilter.1 - Class in grails.plugin.springsecurity.web

SecurityRequestHolderFilter.1() - Constructor in SecurityRequestHolderFilter.1

SecurityRequestHolderFilter.2 - Class in grails.plugin.springsecurity.web

SecurityRequestHolderFilter.2() - Constructor in SecurityRequestHolderFilter.2

SecurityRequestHolderFilter() - Constructor in SecurityRequestHolderFilter

SecurityTagLib - Class in grails.plugin.springsecurity

Security tags.

SecurityTagLib() - Constructor in SecurityTagLib

sendRedirect(jakarta.servlet.http.HttpServletRequest, jakarta.servlet.http.HttpServletResponse, java.lang.String) - Method in GrailsRedirectStrategy

serverContextPath - Property in SecurityTagLib

SERVLET_API_SUPPORT_FILTER - Enum Constant in SecurityFilterPosition

servletContext - Property in AnnotationFilterInvocationDefinition

SESSION_MANAGEMENT_FILTER - Enum Constant in SecurityFilterPosition

set(jakarta.servlet.http.HttpServletRequest, jakarta.servlet.http.HttpServletResponse) - Method in SecurityRequestHolder

Set the current request and response.

setAjaxErrorPage(java.lang.String) - Method in AjaxAwareAccessDeniedHandler

Dependency injection for the Ajax error page, e.g.

setAjaxLoginFormUrl(java.lang.String) - Method in AjaxAwareAuthenticationEntryPoint

Dependency injection for the Ajax login form url, e.g.

setApplication(grails.core.GrailsApplication) - Method in SpringSecurityUtils

Set at startup by plugin.

setConfigProperty(java.lang.String, java.lang.Object) - Method in ReflectionUtils

setConfiguration(grails.config.Config) - Method in SecurityTagLib

setErrorPage(java.lang.String) - Method in AjaxAwareAccessDeniedHandler

Dependency injection for the error page, e.g.

setExceptionMappings(List<Map<String, ?>>) - Method in AjaxAwareAuthenticationFailureHandler

Dependency injection for the exception -> url mappings; each map has an 'exception' key and a 'url' key, and all are merged into one map, where each key is an exception name and each value is the url.

setExceptionMappingsList(List<Map<String, ?>>) - Method in AjaxAwareAuthenticationFailureHandler

setIpRestrictions(List<Map<String, Object>>) - Method in IpAddressFilter

Dependency injection for the ip/pattern restriction map.

setMessageSource(org.springframework.context.MessageSource) - Method in ClosureX509PrincipalExtractor

Dependency injection for the message source.

setMessageSource(org.springframework.context.MessageSource) - Method in DefaultPostAuthenticationChecks

setMessageSource(org.springframework.context.MessageSource) - Method in DefaultPreAuthenticationChecks

setMethodParam(java.lang.String) - Method in HttpMethodOverrideDetector

Set the parameter name to look for HTTP methods.

setRequestCache(org.springframework.security.web.savedrequest.RequestCache) - Method in AjaxAwareAuthenticationSuccessHandler

setSecurityConfig(groovy.util.ConfigObject) - Method in ReflectionUtils

setSecurityConfig(groovy.util.ConfigObject) - Method in SpringSecurityUtils

For testing only.

SkipBootstrap - Trait in grails.plugin.springsecurity

skipBootstrap - Property in SkipBootstrap

SLASH - Field in AnnotationFilterInvocationDefinition

source - Field in ChannelFilterInvocationSecurityMetadataSourceFactoryBean

split(java.lang.String) - Method in AbstractFilterInvocationDefinition

splitMap(List<Map<String, Object>>) - Method in ReflectionUtils

SPRING_SECURITY_LAST_USERNAME_KEY - Field in SpringSecurityUtils

SpringSecurityBeanFactoryPostProcessor - Class in grails.plugin.springsecurity

Unregisters auto-config beans registered by Boot.

SpringSecurityBeanFactoryPostProcessor() - Constructor in SpringSecurityBeanFactoryPostProcessor

SpringSecurityCoreGrailsPlugin - Class in grails.plugin.springsecurity

Authors:

Burt Beckwith

SpringSecurityCoreGrailsPlugin() - Constructor in SpringSecurityCoreGrailsPlugin

SpringSecurityService - Class in grails.plugin.springsecurity

Utility methods.

springSecurityService - Property in LoginController

Dependency injection for the springSecurityService.

springSecurityService - Property in SecurityTagLib

Dependency injection for springSecurityService.

SpringSecurityService() - Constructor in SpringSecurityService

SpringSecurityUtils - Class in grails.plugin.springsecurity

Helper methods.

SpringUserCacheFactoryBean - Class in grails.plugin.springsecurity.cache

SpringUserCacheFactoryBean() - Constructor in SpringUserCacheFactoryBean

stopAtFirstMatch() - Method in AbstractFilterInvocationDefinition

stopAtFirstMatch() - Method in InterceptUrlMapFilterInvocationDefinition

storeLastUsername - Property in GrailsUsernamePasswordAuthenticationFilter

Whether to store the last attempted username in the session.

storeMapping(java.lang.String, org.springframework.http.HttpMethod, Collection<ConfigAttribute>) - Method in AbstractFilterInvocationDefinition

storeMapping(java.lang.String, java.lang.String, Class<?>, org.springframework.http.HttpMethod) - Method in AnnotationFilterInvocationDefinition

stripContextPath(java.lang.String, jakarta.servlet.http.HttpServletRequest) - Method in AbstractFilterInvocationDefinition

SUCCESS - Property in CommandLineHelper

SUPPORTED - Field in ChannelFilterInvocationSecurityMetadataSourceFactoryBean

supports(Class<?>) - Method in AbstractFilterInvocationDefinition

supports(Class<?>) - Method in ClosureVoter

supports(Class<?>) - Method in GrailsAnonymousAuthenticationProvider

supports(Class<?>) - Method in NullAfterInvocationManager

supports(Class<?>) - Method in NullAfterInvocationProvider

supports(Class<?>) - Method in WebExpressionVoter

SWITCH_USER_FILTER - Enum Constant in SecurityFilterPosition

switchedUserOriginalUsername - Property in SecurityTagLib

Renders the username of the 'real' authentication when authenticated as another user via run-as.