All Classes and Interfaces
Class
Description
AbstractAuthenticationFilterConfigurer<B extends HttpSecurityBuilder<B>,T extends AbstractAuthenticationFilterConfigurer<B,T,F>,F extends org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter>
Base class for configuring
AbstractAuthenticationFilterConfigurer.A base class for registering
RequestMatcher's.
A base
SecurityBuilder that allows SecurityConfigurer to be applied to
it.AbstractDaoAuthenticationConfigurer<B extends ProviderManagerBuilder<B>,C extends AbstractDaoAuthenticationConfigurer<B,C,U>,U extends org.springframework.security.core.userdetails.UserDetailsService>
Allows configuring a
DaoAuthenticationProviderAdds a convenient base class for
SecurityConfigurer instances that operate on
HttpSecurity.AbstractInterceptUrlConfigurer<C extends AbstractInterceptUrlConfigurer<C,H>,H extends HttpSecurityBuilder<H>>
Deprecated.
AbstractLdapAuthenticationManagerFactory<T extends org.springframework.security.ldap.authentication.AbstractLdapAuthenticator>
Creates an
AuthenticationManager that can perform LDAP authentication.A base class for registering
RequestMatcher's.A base
SecurityBuilder that ensures the object being built is only built one
time.Deprecated.
Use
EnableWebSocketSecurity insteadThrown when
AbstractSecurityBuilder.build() is two or more times.Configures Anonymous authentication (i.e.
Exports the authentication
ConfigurationRegisters the central ProviderManager used by the namespace configuration, and allows
the configuration of an alias, allowing users to reference it in their beans and
clearly see where the name is coming from.
Provider which doesn't provide any service.
SecurityBuilder used to create an AuthenticationManager.Factory bean for the namespace AuthenticationManager, which allows a more meaningful
error message to be reported in the NoSuchBeanDefinitionException, if the user
has forgotten to declare the <authentication-manager> element.
Wraps a UserDetailsService bean with a DaoAuthenticationProvider and registers the
latter with the ProviderManager.
Adds a URL based authorization using
AuthorizationManager.A class used to get all the
WebSecurityConfigurer instances from the current
ApplicationContext but ignoring the parent.Contains globally used default Bean IDs for beans created by the namespace support in
Spring Security 2.
Used as a factory bean to create config attribute values for the
requires-channel attribute.
Adds channel security (i.e.
Common OAuth2 Providers that can be used to create
builders pre-configured with sensible defaults for the
HttpSecurity.oauth2Login() flow.Checks for the presence of a ContextSource instance.
Parser for the
CorsFilter.Adds
CorsFilter to the Spring Security filter chain.Parser for the
CsrfFilter.Adds
CSRF
protection for the methods as specified by
CsrfConfigurer.requireCsrfProtectionMatcher(RequestMatcher).Callback interface that accepts a single input argument and returns no result.
DaoAuthenticationConfigurer<B extends ProviderManagerBuilder<B>,U extends org.springframework.security.core.userdetails.UserDetailsService>
Allows configuring a
DaoAuthenticationProviderAdds a Filter that will generate a login page if one is not specified otherwise when
using
EnableWebSecurity.Contains all the element names used by Spring Security 3 namespace support.
Creates a
DefaultSpringSecurityContextSource used to perform LDAP
authentication and starts and in-memory LDAP server.The
EnableGlobalAuthentication annotation signals that the annotated class can
be used to configure a global instance of AuthenticationManagerBuilder.Deprecated.
Use
EnableMethodSecurity insteadEnables Spring Security Method Security.
Add this annotation to a
Configuration class to have Spring Security
RSocketSecurity support added.Add this annotation to a
Configuration class to have Spring Security WebFlux
support added.Deprecated.
Use EnableWebSecurity instead which will automatically add the Spring MVC
related Security items.
Add this annotation to an
@Configuration class to have the Spring Security
configuration defined in any WebSecurityConfigurer or more likely by exposing a
SecurityFilterChain bean:Allows configuring WebSocket Authorization.
Adds exception handling for Spring Security related exceptions to an application.
Deprecated.
Use
AuthorizeHttpRequestsConfigurer insteadSets the filter chain Map for a FilterChainProxy bean declaration.
Deprecated.
Use `use-authorization-manager` property instead
Adds form based authentication.
A
SecurityConfigurer that can be exposed as a bean to configure the global
AuthenticationManagerBuilder.Deprecated.
Use
MethodSecurityBeanDefinitionParser insteadDeprecated.
Use
PrePostMethodSecurityConfiguration,
SecuredMethodSecurityConfiguration, or
Jsr250MethodSecurityConfiguration insteadAllows providing defaults for
GrantedAuthorityParser for the
HeadersFilter.
Adds the Security HTTP headers to the response.
Adds HTTP basic based authentication.
Injects the supplied
HttpFirewall bean reference into the
FilterChainProxy.A
HttpSecurity is similar to Spring Security's XML <http> element in the
namespace configuration.Sets up HTTP security: filter stack and protected URLs.
Configures an
AuthenticationManagerBuilder
to have in memory authentication.Configures an
AuthenticationManagerBuilder
to have JDBC authentication.Adds support for J2EE pre authentication.
Configures LDAP
AuthenticationProvider in the ProviderManagerBuilder.Creates an
AuthenticationManager that can perform LDAP authentication using
bind authentication.Creates an
AuthenticationManager that can perform LDAP authentication using
password comparison.Ldap authentication provider namespace configuration.
Adds logout support.
Defines the
RequestMatcher types supported by the namespace.Deprecated.
Use
MessageMatcherDelegatingAuthorizationManager insteadProcesses the top-level "method-security" element.
Deprecated.
Use
<intercept-methods>, <method-security>, or
@EnableMethodSecurityAn
AbstractHttpConfigurer for OAuth 2.0 Client support.An
AbstractHttpConfigurer for OAuth 2.0 Login, which leverages the OAuth 2.0
Authorization Code Grant Flow.An
AbstractHttpConfigurer for OAuth 2.0 Resource Server Support.Allows initialization of Objects.
Spring
Configuration that exports the default ObjectPostProcessor.Stateful parser for the <password-encoder> element.
Adds password management support.
The standard order for
PayloadInterceptor to be sorted.Allows configuring a shared
PortMapper instance used to determine the ports
when redirecting between HTTP and HTTPS.Interface for operating on a SecurityBuilder that creates a
ProviderManagerConstructs an
MapReactiveUserDetailsService from a resource using
UserDetailsResourceFactoryBean.Configures Remember Me authentication.
Adds request cache for Spring Security.
Allows configuring RSocket based security.
An
AbstractHttpConfigurer for SAML 2.0 Login, which leverages the SAML 2.0 Web
Browser Single Sign On (WebSSO) Flow.Adds SAML 2.0 logout support.
An
AbstractHttpConfigurer for SAML 2.0 Metadata.Interface for building an Object
Allows for configuring a
SecurityBuilder.A base class for
SecurityConfigurer that allows subclasses to only implement
the methods they are interested in.Allows persisting and restoring of the
SecurityContext found on the
SecurityContextHolder for each request by configuring the
SecurityContextPersistenceFilter.Parses elements from the "security" namespace
(http://www.springframework.org/schema/security).
A
ServerHttpSecurity is similar to Spring Security's HttpSecurity but
for WebFlux.Implements select methods from the
HttpServletRequest using the
SecurityContext from the SecurityContextHolder.Specifies the various session creation policies for Spring Security.
Allows configuring session management.
Deprecated.
Use
AuthorizeHttpRequestsConfigurer insteadUserDetailsAwareConfigurer<B extends ProviderManagerBuilder<B>,U extends org.springframework.security.core.userdetails.UserDetailsService>
Base class that allows access to the
UserDetailsService for using as a default
value with AuthenticationManagerBuilder.UserDetailsManagerConfigurer<B extends ProviderManagerBuilder<B>,C extends UserDetailsManagerConfigurer<B,C>>
Base class for populating an
AuthenticationManagerBuilder
with a UserDetailsManager.Constructs an
InMemoryUserDetailsManager from a resource using
UserDetailsResourceFactoryBean.Creates a
Collection<UserDetails> from a @{code Map} in the format ofParses a Resource that is a Properties file in the format of:
username=password[,enabled|disabled],roles...UserDetailsServiceConfigurer<B extends ProviderManagerBuilder<B>,C extends UserDetailsServiceConfigurer<B,C,U>,U extends org.springframework.security.core.userdetails.UserDetailsService>
Allows configuring a
UserDetailsService within a
AuthenticationManagerBuilder.Bean used to lookup a named UserDetailsService or AuthenticationUserDetailsService.
Deprecated.
This is applied internally using SpringWebMvcImportSelector
The
WebSecurity is created by WebSecurityConfiguration to create the
FilterChainProxy known as the Spring Security Filter Chain
(springSecurityFilterChain).Uses a
WebSecurity to create the FilterChainProxy that performs the web
based security for Spring Security.Allows customization to the
WebSecurity.Callback interface for customizing
WebSecurity.Parses Spring Security's websocket namespace support.
The bean definition parser for a Well-Known URL for Changing Passwords.
Adds X509 based pre authentication to an application.
AuthorizeHttpRequestsConfigurerinstead