All Classes and Interfaces
Class
Description
This abstract attribute converter handles some common behaviors for simple type converters.
Check the authentication of the user.
Abstract logic to handle exceptions:
Abstract JWT profile.
Abstract implementation of the
ProfileService for the storage: LDAP, SQL and MongoDB.An authorizer to require all the elements.
An authorizer to require any of the elements.
An authorizer to require elements.
The abstract implementation for all serializers: check for nulls and convert strings from or to bytes arrays.
Abstract store.
Exception when an account is not found.
Compute if a HTTP request is an AJAX one and the appropriate response.
The conjunction of authorizers.
Anonymous client.
Anonymous credentials.
Anonymous profile.
This interface is the contract for an attribute converter.
Denotes where an attribute is placed in a profile.
An authenticator is responsible for validating
Credentials and should throw a CredentialsException
if the authentication fails.This profile creator retrieves the user profile attached in the
Credentials.The way to check authorizations.
Generate the authorization roles for this user profile.
Checks if an access is authorized.
Exception for bad credentials.
A bad request action.
This class is the default implementation of an authentication client (whatever the mechanism).
Base parent class for all client configurations
to hold common fields or to be used as a common parent
for type checking and casts in customizations.
To extract basic auth header.
This class is the user profile retrieved from a provider after successful authentication: it's an identifier (string) and attributes
(objects).
To extract an RFC 6750 bearer auth header.
This class converts a String into a Boolean or returns the Boolean in input.
Cache control header matcher.
Callback logic to finish the login process for an indirect client.
How to compute a callback URL and match a client.
CAS logout action builder.
This is
ChainingConverter.Checks the HTTP method.
Checks the profile type.
This interface is the core class of the library.
The way to find the client.
This class is made to group multiple clients, generally on one callback url.
This class is a simple RGB color values holder.
This class converts a String into a Color.
This class gathers all the utilities methods.
This class is the base implementation with the default attribute getters which can be retrieved for most profiles.
Profile definition with the common attributes.
This class represents a communication exception.
The default configuration with clients, authorizers, matchers, etc.
To build a configuration from a factory.
A factory to build the configuration.
This class defines the default converters.
Define how the CORS requests are authorized.
This class represents the base credentials.
This class represents an expected exception occurring during credentials retrieval.
A credentials extractor.
Authorizer that checks CSRF tokens.
CSRF token generator.
Matcher which creates a new CSRF token and adds it as a request attribute and as a cookie (AngularJS).
This class converts a String (depending on a specified format) into a Date.
Default way to compute if a HTTP request is an AJAX one.
Default way to check the authorizations (with default authorizers).
Constants for authorizers.
Find the right client on the callback.
Default callback logic:
A default configuration factory.
Default CSRF token generator.
Default JEE adapter.
Default logout handler.
Default logout logic:
The default matchers.
Default way to check the matchers (with default matchers).
Grant default roles to a user profile.
The default
SavedRequestHandler which handles GET and POST requests.Find the right clients based on the query parameter for the
SecurityLogic.Default security logic:
Default URL resolver: use the provided URL as is or append the server and port for relative URLs.
Direct client: credentials are passed and authentication occurs for every HTTP request.
Utility class to find the best adapter, logic... in the following order:
1) the local one
2) the one from the config
3) the default one (must not be null).
A forbidden HTTP action.
To extract a username and password posted from a form.
A "Found" HTTP action.
Generate the authorization information by inspecting attributes.
This enumeration is the gender of a user : male, female or unspecified.
This class converts a String to a Gender.
Google logout action builder.
Store data in a Guava cache.
To extract header value.
Matching on a HTTP header.
The HTTP action, to perform on the web context by the appropriate
HttpActionAdapter.HTTP action adapter.
Helper to build the appropriate
HttpAction.This class represents an exception which can happen during HTTP communication (with status code and message body).
Some HTTP constants.
Matching on HTTP methods.
This class provides utility functions to deal with opening connections,
building error messages and closing connections, etc.
Indirect client: the requested protected URL is saved, the user is redirected to the identity provider for login and
back to the application after the sucessful authentication and finally to the originally requested URL.
Object that can be (re-)initialized.
In-memory profile service.
This class converts a String into an Integer or returns the Integer in input.
The user must be anonymous.
The user must be authenticated.
The user must be fully authenticated (not remembered).
The user must be authenticated and remembered.
Java serializer.
A password encoder for bcrypt and using a salt.
The JEE adapter.
A JSON serializer.
JWT claims: https://tools.ietf.org/html/rfc7519#page-9
Load a linked account and replace the original account.
An authenticator that caches the result of an authentication based on the credentials.
A profile creator that caches the result of a profile creation based on the credentials.
This class converts a String to a Locale.
The
RedirectionAction for logout.This interface defines how to handle logout requests on client side.
Logout logic for the application and the identity provider.
This class converts a String into a Long or returns the Long (or Integer) in input.
To match requests.
The way to check requests matching.
Exception when multiple accounts are found.
A no content HTTP action.
No
RedirectionAction for logout.No name is added to the callback URL to be able to distinguish the client, so it doesn't match.
An OK HTTP action.
The disjunction of authorizers.
Common constants.
Default implementation for
Principal based on a pac4j
BasicUserProfile.To extract a parameter value.
Encode a password.
Matches all request paths except whitelisted (excluded) paths.
The client name is added to the path of the callback URL.
Authorizer which is valid if one of the profiles is authorized or all the profiles are authorized.
This interface is responsible to create a
UserProfile from a Credentials.Define a profile (its class and attributes).
For classes that can set the profile definition.
A profile factory.
This class is an helper for profiles.
This class is a generic way to manage the current user profile(s), i.e. the one(s) of the current authenticated user.
A
ProfileManager factory based on the WebContext.Profile services: creation, update, delete and retrievals in the storage.
The client name is added as a query parameter to the callback URL.
Value generator which returns a random value.
A "redirection" HTTP action.
Return the redirection action to perform.
Checks an access if the user profile has all the roles.
This is
RequireAnyAttributeAuthorizer which checks profile
attributes for the specified element, and optionally
may pattern-check the configured value.Checks an access if the user profile has any of the roles.
Saves a request before a login process and restores it after a successfull login.
Security endpoint.
Security endpoint builder.
Success adapter.
Security logic to protect an url.
A "See Other" HTTP action.
The serializer contract.
To store data in session.
Build a session store from parameters.
A password encoder based on
PasswordService from Apache Shiro
Add the shiro-core dependency to use this class.A password encoder based on
PasswordEncoder from the Spring
Security Crypto package.Authorization generator based on a properties file in Spring security format:
username=password,grantedAuthority[,grantedAuthority][,enabled|disabled]
Value generator which returns a pre-defined value.
An HTTP action with just a specific status and maybe a content.
Store data.
Strict transport security header matcher.
This class only keeps String objects.
This class represents the root technical exception for the library.
This credentials represents a token.
An unauthorized HTTP action.
URL converter.
How to compute an URL.
This class represents a username and a password credentials
The contract that all user profiles must respect.
Value generator.
This interface represents the web context to use HTTP request and response.
Build a web context from parameters.
A helper for the web context.
An action with a content.
An action with a location.
XContent type options header matcher.
XFrame options header matcher.
XSS protection header matcher.