All Classes and Interfaces
Class
Description
AbstractAuthenticationFilterConfigurer<B extends HttpSecurityBuilder<B>,T extends AbstractAuthenticationFilterConfigurer<B,T,F>,F extends org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter>
Base class for configuring
AbstractAuthenticationFilterConfigurer.Deprecated.
In modern Spring Security APIs, each API manages its own configuration
context.
A base
SecurityBuilder that allows SecurityConfigurer to be applied to
it.AbstractDaoAuthenticationConfigurer<B extends ProviderManagerBuilder<B>,C extends AbstractDaoAuthenticationConfigurer<B,C,U>,U extends org.springframework.security.core.userdetails.UserDetailsService>
Allows configuring a
DaoAuthenticationProviderAdds a convenient base class for
SecurityConfigurer instances that operate on
HttpSecurity.AbstractLdapAuthenticationManagerFactory<T extends org.springframework.security.ldap.authentication.AbstractLdapAuthenticator>
Creates an
AuthenticationManager that can perform LDAP authentication.A base class for registering
RequestMatcher's.A base
SecurityBuilder that ensures the object being built is only built one
time.Thrown when
SecurityBuilder.build() is two or more times.Configures Anonymous authentication (i.e.
Exports the authentication
ConfigurationRegisters the central ProviderManager used by the namespace configuration, and allows
the configuration of an alias, allowing users to reference it in their beans and
clearly see where the name is coming from.
Provider which doesn't provide any service.
SecurityBuilder used to create an AuthenticationManager.Factory bean for the namespace AuthenticationManager, which allows a more meaningful
error message to be reported in the NoSuchBeanDefinitionException, if the user
has forgotten to declare the <authentication-manager> element.
Wraps a UserDetailsService bean with a DaoAuthenticationProvider and registers the
latter with the ProviderManager.
Adds a URL based authorization using
AuthorizationManager.A class used to get all the
WebSecurityConfigurer instances from the current
ApplicationContext but ignoring the parent.Contains globally used default Bean IDs for beans created by the namespace support in
Spring Security 2.
Deprecated.
In modern Spring Security APIs, each API manages its own configuration
context.
Deprecated.
please use
HttpsRedirectConfigurer insteadCommon OAuth2 Providers that can be used to create
builders pre-configured with sensible defaults for the
HttpSecurity.oauth2Login(Customizer) flow.Checks for the presence of a ContextSource instance.
Parser for the
CorsFilter.Adds
CorsFilter to the Spring Security filter chain.Parser for the
CsrfFilter.Adds
CSRF
protection for the methods as specified by
CsrfConfigurer.requireCsrfProtectionMatcher(RequestMatcher).Callback interface that accepts a single input argument and returns no result.
DaoAuthenticationConfigurer<B extends ProviderManagerBuilder<B>,U extends org.springframework.security.core.userdetails.UserDetailsService>
Allows configuring a
DaoAuthenticationProviderAdds a Filter that will generate a login page if one is not specified otherwise when
using
EnableWebSecurity.Contains all the element names used by Spring Security 3 namespace support.
Creates a
DefaultSpringSecurityContextSource used to perform LDAP
authentication and starts and in-memory LDAP server.The
EnableGlobalAuthentication annotation signals that the annotated class can
be used to configure a global instance of AuthenticationManagerBuilder.Deprecated.
Use
EnableMethodSecurity insteadEnables Spring Security Method Security.
Enables Multi-Factor Authentication (MFA) support within Spring Security.
Add this annotation to a
Configuration class to have Spring Security
RSocketSecurity support added.Add this annotation to a
Configuration class to have Spring Security WebFlux
support added.Add this annotation to an
@Configuration class to have the Spring Security
configuration defined in any WebSecurityConfigurer or more likely by exposing a
SecurityFilterChain bean:Allows configuring WebSocket Authorization.
Adds exception handling for Spring Security related exceptions to an application.
Sets the filter chain Map for a FilterChainProxy bean declaration.
Deprecated.
Use `use-authorization-manager` property instead
Adds form based authentication.
A
SecurityConfigurer that can be exposed as a bean to configure the global
AuthenticationManagerBuilder.Deprecated.
Use
MethodSecurityBeanDefinitionParser insteadDeprecated.
Use
PrePostMethodSecurityConfiguration,
SecuredMethodSecurityConfiguration, or
Jsr250MethodSecurityConfiguration insteadAllows providing defaults for
GrantedAuthorityParser for the
HeadersFilter.
Adds the Security HTTP headers to the response.
Adds HTTP basic based authentication.
Injects the supplied
HttpFirewall bean reference into the
FilterChainProxy.A
HttpSecurity is similar to Spring Security's XML <http> element in the
namespace configuration.Sets up HTTP security: filter stack and protected URLs.
Specifies for what requests the application should redirect to HTTPS.
Configures an
AuthenticationManagerBuilder
to have in memory authentication.Configures an
AuthenticationManagerBuilder
to have JDBC authentication.Adds support for J2EE pre authentication.
Configures LDAP
AuthenticationProvider in the ProviderManagerBuilder.Creates an
AuthenticationManager that can perform LDAP authentication using
bind authentication.Creates an
AuthenticationManager that can perform LDAP authentication using
password comparison.Ldap authentication provider namespace configuration.
Adds logout support.
Defines the
RequestMatcher types supported by the namespace.Deprecated.
Processes the top-level "method-security" element.
Deprecated.
Use
<intercept-methods>, <method-security>, or
@EnableMethodSecurityConfigurer for the OAuth 2.0 Authorization Endpoint.
Configuration for OAuth 2.1 Authorization Server support.An
AbstractHttpConfigurer for OAuth 2.1 Authorization Server support.Configurer for the OAuth 2.0 Authorization Server Metadata Endpoint.
Configurer for OAuth 2.0 Client Authentication.
An
AbstractHttpConfigurer for OAuth 2.0 Client support.Configurer for OAuth 2.0 Dynamic Client Registration Endpoint.
Configurer for the OAuth 2.0 Device Authorization Endpoint.
Configurer for the OAuth 2.0 Device Verification Endpoint.
An
AbstractHttpConfigurer for OAuth 2.0 Login, which leverages the OAuth 2.0
Authorization Code Grant Flow.Configurer for the OAuth 2.0 Pushed Authorization Request Endpoint.
An
AbstractHttpConfigurer for OAuth 2.0 Resource Server Support.Configurer for the OAuth 2.0 Token Endpoint.
Configurer for the OAuth 2.0 Token Introspection Endpoint.
Configurer for the OAuth 2.0 Token Revocation Endpoint.
Allows initialization of Objects.
Spring
Configuration that exports the default ObjectPostProcessor.A
LogoutHandler that locates the sessions associated with a given OIDC
Back-Channel Logout Token and invalidates each one.A
ServerLogoutHandler that locates the sessions associated with a given OIDC
Back-Channel Logout Token and invalidates each one.Configurer for OpenID Connect 1.0 Dynamic Client Registration Endpoint.
Configurer for OpenID Connect 1.0 support.
An
AbstractHttpConfigurer for OIDC Logout flowsConfigurer for OpenID Connect 1.0 RP-Initiated Logout Endpoint.
Configurer for the OpenID Connect 1.0 Provider Configuration Endpoint.
Configurer for OpenID Connect 1.0 UserInfo Endpoint.
An
AbstractHttpConfigurer for One-Time Token Login.Stateful parser for the <password-encoder> element.
Adds password management support.
Use this factory bean to configure the
PathPatternMessageMatcher.Builder bean
used to create request matchers in MessageMatcherDelegatingAuthorizationManager
and other parts of the DSL.Use this factory bean to configure the
PathPatternRequestMatcher.Builder bean
used to create request matchers in AuthorizeHttpRequestsConfigurer and other
parts of the DSL.The standard order for
PayloadInterceptor to be sorted.Allows configuring a shared
PortMapper instance used to determine the ports
when redirecting between HTTP and HTTPS.Interface for operating on a SecurityBuilder that creates a
ProviderManagerConstructs an
MapReactiveUserDetailsService from a resource using
UserDetailsResourceFactoryBean.Configures Remember Me authentication.
Adds request cache for Spring Security.
Deprecated.
Allows configuring RSocket based security.
An
AbstractHttpConfigurer for SAML 2.0 Login, which leverages the SAML 2.0 Web
Browser Single Sign On (WebSSO) Flow.Adds SAML 2.0 logout support.
An
AbstractHttpConfigurer for SAML 2.0 Metadata.Interface for building an Object
Allows for configuring a
SecurityBuilder.A base class for
SecurityConfigurer that allows subclasses to only implement
the methods they are interested in.Allows persisting and restoring of the
SecurityContext found on the
SecurityContextHolder for each request by configuring the
SecurityContextPersistenceFilter.Parses elements from the "security" namespace
(http://www.springframework.org/schema/security).
An
ObservationPredicate that can be used to change which Spring Security
observations are made with Micrometer.A builder for configuring a
SecurityObservationSettingsA
ServerHttpSecurity is similar to Spring Security's HttpSecurity but
for WebFlux.Implements select methods from the
HttpServletRequest using the
SecurityContext from the SecurityContextHolder.Specifies the various session creation policies for Spring Security.
Allows configuring session management.
A
Customizer that allows invocation of code that throws a checked exception.UserDetailsAwareConfigurer<B extends ProviderManagerBuilder<B>,U extends org.springframework.security.core.userdetails.UserDetailsService>
Base class that allows access to the
UserDetailsService for using as a default
value with AuthenticationManagerBuilder.UserDetailsManagerConfigurer<B extends ProviderManagerBuilder<B>,C extends UserDetailsManagerConfigurer<B,C>>
Base class for populating an
AuthenticationManagerBuilder
with a UserDetailsManager.Constructs an
InMemoryUserDetailsManager from a resource using
UserDetailsResourceFactoryBean.Creates a
Collection<UserDetails> from a @{code Map} in the format ofParses a Resource that is a Properties file in the format of:
username=password[,enabled|disabled],roles...UserDetailsServiceConfigurer<B extends ProviderManagerBuilder<B>,C extends UserDetailsServiceConfigurer<B,C,U>,U extends org.springframework.security.core.userdetails.UserDetailsService>
Allows configuring a
UserDetailsService within a
AuthenticationManagerBuilder.Bean used to lookup a named UserDetailsService or AuthenticationUserDetailsService.
Configures WebAuthn for Spring Security applications
Deprecated.
This is applied internally using SpringWebMvcImportSelector
The
WebSecurity is created by WebSecurityConfiguration to create the
FilterChainProxy known as the Spring Security Filter Chain
(springSecurityFilterChain).Uses a
WebSecurity to create the FilterChainProxy that performs the web
based security for Spring Security.Allows customization to the
WebSecurity.Callback interface for customizing
WebSecurity.Parses Spring Security's websocket namespace support.
The bean definition parser for a Well-Known URL for Changing Passwords.
Adds X509 based pre authentication to an application.