All Classes and Interfaces
Class
Description
AbstractAuthenticationFilterConfigurer<B extends HttpSecurityBuilder<B>,T extends AbstractAuthenticationFilterConfigurer<B,T,F>,F extends org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter>
Base class for configuring
AbstractAuthenticationFilterConfigurer
.A base class for registering
RequestMatcher
's.
A base
SecurityBuilder
that allows SecurityConfigurer
to be applied to
it.AbstractDaoAuthenticationConfigurer<B extends ProviderManagerBuilder<B>,C extends AbstractDaoAuthenticationConfigurer<B,C,U>,U extends org.springframework.security.core.userdetails.UserDetailsService>
Allows configuring a
DaoAuthenticationProvider
Adds a convenient base class for
SecurityConfigurer
instances that operate on
HttpSecurity
.AbstractInterceptUrlConfigurer<C extends AbstractInterceptUrlConfigurer<C,H>,H extends HttpSecurityBuilder<H>>
Deprecated.
AbstractLdapAuthenticationManagerFactory<T extends org.springframework.security.ldap.authentication.AbstractLdapAuthenticator>
Creates an
AuthenticationManager
that can perform LDAP authentication.A base class for registering
RequestMatcher
's.A base
SecurityBuilder
that ensures the object being built is only built one
time.Deprecated.
Use
EnableWebSocketSecurity
insteadThrown when
AbstractSecurityBuilder.build()
is two or more times.Configures Anonymous authentication (i.e.
Exports the authentication
Configuration
Registers the central ProviderManager used by the namespace configuration, and allows
the configuration of an alias, allowing users to reference it in their beans and
clearly see where the name is coming from.
Provider which doesn't provide any service.
SecurityBuilder
used to create an AuthenticationManager
.Factory bean for the namespace AuthenticationManager, which allows a more meaningful
error message to be reported in the NoSuchBeanDefinitionException, if the user
has forgotten to declare the <authentication-manager> element.
Wraps a UserDetailsService bean with a DaoAuthenticationProvider and registers the
latter with the ProviderManager.
Adds a URL based authorization using
AuthorizationManager
.A class used to get all the
WebSecurityConfigurer
instances from the current
ApplicationContext
but ignoring the parent.Contains globally used default Bean IDs for beans created by the namespace support in
Spring Security 2.
Used as a factory bean to create config attribute values for the
requires-channel attribute.
Adds channel security (i.e.
Common OAuth2 Providers that can be used to create
builders
pre-configured with sensible defaults for the
HttpSecurity.oauth2Login()
flow.Checks for the presence of a ContextSource instance.
Parser for the
CorsFilter
.Adds
CorsFilter
to the Spring Security filter chain.Parser for the
CsrfFilter
.Adds
CSRF
protection for the methods as specified by
CsrfConfigurer.requireCsrfProtectionMatcher(RequestMatcher)
.Callback interface that accepts a single input argument and returns no result.
DaoAuthenticationConfigurer<B extends ProviderManagerBuilder<B>,U extends org.springframework.security.core.userdetails.UserDetailsService>
Allows configuring a
DaoAuthenticationProvider
Adds a Filter that will generate a login page if one is not specified otherwise when
using
EnableWebSecurity
.Contains all the element names used by Spring Security 3 namespace support.
Creates a
DefaultSpringSecurityContextSource
used to perform LDAP
authentication and starts and in-memory LDAP server.The
EnableGlobalAuthentication
annotation signals that the annotated class can
be used to configure a global instance of AuthenticationManagerBuilder
.Deprecated.
Use
EnableMethodSecurity
insteadEnables Spring Security Method Security.
Add this annotation to a
Configuration
class to have Spring Security
RSocketSecurity
support added.Add this annotation to a
Configuration
class to have Spring Security WebFlux
support added.Deprecated.
Use EnableWebSecurity instead which will automatically add the Spring MVC
related Security items.
Add this annotation to an
@Configuration
class to have the Spring Security
configuration defined in any WebSecurityConfigurer
or more likely by exposing a
SecurityFilterChain
bean:Allows configuring WebSocket Authorization.
Adds exception handling for Spring Security related exceptions to an application.
Deprecated.
Use
AuthorizeHttpRequestsConfigurer
insteadSets the filter chain Map for a FilterChainProxy bean declaration.
Deprecated.
Use `use-authorization-manager` property instead
Adds form based authentication.
A
SecurityConfigurer
that can be exposed as a bean to configure the global
AuthenticationManagerBuilder
.Deprecated.
Use
MethodSecurityBeanDefinitionParser
insteadDeprecated.
Use
PrePostMethodSecurityConfiguration
,
SecuredMethodSecurityConfiguration
, or
Jsr250MethodSecurityConfiguration
insteadAllows providing defaults for
GrantedAuthority
Parser for the
HeadersFilter
.
Adds the Security HTTP headers to the response.
Adds HTTP basic based authentication.
Injects the supplied
HttpFirewall
bean reference into the
FilterChainProxy
.A
HttpSecurity
is similar to Spring Security's XML <http> element in the
namespace configuration.Sets up HTTP security: filter stack and protected URLs.
Configures an
AuthenticationManagerBuilder
to have in memory authentication.Configures an
AuthenticationManagerBuilder
to have JDBC authentication.Adds support for J2EE pre authentication.
Configures LDAP
AuthenticationProvider
in the ProviderManagerBuilder
.Creates an
AuthenticationManager
that can perform LDAP authentication using
bind authentication.Creates an
AuthenticationManager
that can perform LDAP authentication using
password comparison.Ldap authentication provider namespace configuration.
Adds logout support.
Defines the
RequestMatcher
types supported by the namespace.Deprecated.
Use
MessageMatcherDelegatingAuthorizationManager
insteadProcesses the top-level "method-security" element.
Deprecated.
Use
<intercept-methods>
, <method-security>
, or
@EnableMethodSecurity
An
AbstractHttpConfigurer
for OAuth 2.0 Client support.An
AbstractHttpConfigurer
for OAuth 2.0 Login, which leverages the OAuth 2.0
Authorization Code Grant Flow.An
AbstractHttpConfigurer
for OAuth 2.0 Resource Server Support.Allows initialization of Objects.
Spring
Configuration
that exports the default ObjectPostProcessor
.An
AbstractHttpConfigurer
for OIDC Logout flowsStateful parser for the <password-encoder> element.
Adds password management support.
The standard order for
PayloadInterceptor
to be sorted.Allows configuring a shared
PortMapper
instance used to determine the ports
when redirecting between HTTP and HTTPS.Interface for operating on a SecurityBuilder that creates a
ProviderManager
Constructs an
MapReactiveUserDetailsService
from a resource using
UserDetailsResourceFactoryBean
.Configures Remember Me authentication.
Adds request cache for Spring Security.
Allows configuring RSocket based security.
An
AbstractHttpConfigurer
for SAML 2.0 Login, which leverages the SAML 2.0 Web
Browser Single Sign On (WebSSO) Flow.Adds SAML 2.0 logout support.
An
AbstractHttpConfigurer
for SAML 2.0 Metadata.Interface for building an Object
Allows for configuring a
SecurityBuilder
.A base class for
SecurityConfigurer
that allows subclasses to only implement
the methods they are interested in.Allows persisting and restoring of the
SecurityContext
found on the
SecurityContextHolder
for each request by configuring the
SecurityContextPersistenceFilter
.Parses elements from the "security" namespace
(http://www.springframework.org/schema/security).
A
ServerHttpSecurity
is similar to Spring Security's HttpSecurity
but
for WebFlux.Implements select methods from the
HttpServletRequest
using the
SecurityContext
from the SecurityContextHolder
.Specifies the various session creation policies for Spring Security.
Allows configuring session management.
Deprecated.
Use
AuthorizeHttpRequestsConfigurer
insteadUserDetailsAwareConfigurer<B extends ProviderManagerBuilder<B>,U extends org.springframework.security.core.userdetails.UserDetailsService>
Base class that allows access to the
UserDetailsService
for using as a default
value with AuthenticationManagerBuilder
.UserDetailsManagerConfigurer<B extends ProviderManagerBuilder<B>,C extends UserDetailsManagerConfigurer<B,C>>
Base class for populating an
AuthenticationManagerBuilder
with a UserDetailsManager
.Constructs an
InMemoryUserDetailsManager
from a resource using
UserDetailsResourceFactoryBean
.Creates a
Collection<UserDetails>
from a @{code Map} in the format ofParses a Resource that is a Properties file in the format of:
username=password[,enabled|disabled],roles...
UserDetailsServiceConfigurer<B extends ProviderManagerBuilder<B>,C extends UserDetailsServiceConfigurer<B,C,U>,U extends org.springframework.security.core.userdetails.UserDetailsService>
Allows configuring a
UserDetailsService
within a
AuthenticationManagerBuilder
.Bean used to lookup a named UserDetailsService or AuthenticationUserDetailsService.
Deprecated.
This is applied internally using SpringWebMvcImportSelector
The
WebSecurity
is created by WebSecurityConfiguration
to create the
FilterChainProxy
known as the Spring Security Filter Chain
(springSecurityFilterChain).Uses a
WebSecurity
to create the FilterChainProxy
that performs the web
based security for Spring Security.Allows customization to the
WebSecurity
.Callback interface for customizing
WebSecurity
.Parses Spring Security's websocket namespace support.
The bean definition parser for a Well-Known URL for Changing Passwords.
Adds X509 based pre authentication to an application.
AuthorizeHttpRequestsConfigurer
instead