A B C D E F G H I J K L M N O P R S T U V W X
All Classes All Packages
All Classes All Packages
All Classes All Packages
A
- abort() - Method in class org.springframework.security.authentication.jaas.SecurityContextLoginModule
-
Abort the authentication process by forgetting the Spring Security
Authentication
. - AbstractAccessDecisionManager - Class in org.springframework.security.access.vote
-
Abstract implementation of
AccessDecisionManager
. - AbstractAccessDecisionManager(List<AccessDecisionVoter<?>>) - Constructor for class org.springframework.security.access.vote.AbstractAccessDecisionManager
- AbstractAclVoter - Class in org.springframework.security.access.vote
-
Provides helper methods for writing domain object ACL voters.
- AbstractAclVoter() - Constructor for class org.springframework.security.access.vote.AbstractAclVoter
- AbstractAuthenticationEvent - Class in org.springframework.security.authentication.event
-
Represents an application authentication event.
- AbstractAuthenticationEvent(Authentication) - Constructor for class org.springframework.security.authentication.event.AbstractAuthenticationEvent
- AbstractAuthenticationFailureEvent - Class in org.springframework.security.authentication.event
-
Abstract application event which indicates authentication failure for some reason.
- AbstractAuthenticationFailureEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AbstractAuthenticationFailureEvent
- AbstractAuthenticationToken - Class in org.springframework.security.authentication
-
Base class for
Authentication
objects. - AbstractAuthenticationToken(Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.authentication.AbstractAuthenticationToken
-
Creates a token with the supplied array of authorities.
- AbstractAuthorizationEvent - Class in org.springframework.security.access.event
-
Abstract superclass for all security interception related events.
- AbstractAuthorizationEvent(Object) - Constructor for class org.springframework.security.access.event.AbstractAuthorizationEvent
-
Construct the event, passing in the secure object being intercepted.
- AbstractFallbackMethodSecurityMetadataSource - Class in org.springframework.security.access.method
-
Abstract implementation of
MethodSecurityMetadataSource
that supports both Spring AOP and AspectJ and performs attribute resolution from: 1. - AbstractFallbackMethodSecurityMetadataSource() - Constructor for class org.springframework.security.access.method.AbstractFallbackMethodSecurityMetadataSource
- AbstractJaasAuthenticationProvider - Class in org.springframework.security.authentication.jaas
-
An
AuthenticationProvider
implementation that retrieves user details from a JAAS login configuration. - AbstractJaasAuthenticationProvider() - Constructor for class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
- AbstractMethodSecurityMetadataSource - Class in org.springframework.security.access.method
-
Abstract implementation of MethodSecurityMetadataSource which resolves the secured object type to a MethodInvocation.
- AbstractMethodSecurityMetadataSource() - Constructor for class org.springframework.security.access.method.AbstractMethodSecurityMetadataSource
- AbstractSecurityExpressionHandler<T> - Class in org.springframework.security.access.expression
-
Base implementation of the facade which isolates Spring Security's requirements for evaluating security expressions from the implementation of the underlying expression objects.
- AbstractSecurityExpressionHandler() - Constructor for class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
- AbstractSecurityInterceptor - Class in org.springframework.security.access.intercept
-
Abstract class that implements security interception for secure objects.
- AbstractSecurityInterceptor() - Constructor for class org.springframework.security.access.intercept.AbstractSecurityInterceptor
- AbstractSessionEvent - Class in org.springframework.security.core.session
-
Abstract superclass for all session related events.
- AbstractSessionEvent(Object) - Constructor for class org.springframework.security.core.session.AbstractSessionEvent
- AbstractUserDetailsAuthenticationProvider - Class in org.springframework.security.authentication.dao
-
A base
AuthenticationProvider
that allows subclasses to override and work withUserDetails
objects. - AbstractUserDetailsAuthenticationProvider() - Constructor for class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- AbstractUserDetailsReactiveAuthenticationManager - Class in org.springframework.security.authentication
-
A base
ReactiveAuthenticationManager
that allows subclasses to override and work withUserDetails
objects. - AbstractUserDetailsReactiveAuthenticationManager() - Constructor for class org.springframework.security.authentication.AbstractUserDetailsReactiveAuthenticationManager
- ACCESS_ABSTAIN - Static variable in interface org.springframework.security.access.AccessDecisionVoter
- ACCESS_DENIED - Static variable in interface org.springframework.security.access.AccessDecisionVoter
- ACCESS_GRANTED - Static variable in interface org.springframework.security.access.AccessDecisionVoter
- AccessDecisionManager - Interface in org.springframework.security.access
-
Makes a final access control (authorization) decision.
- AccessDecisionVoter<S> - Interface in org.springframework.security.access
-
Indicates a class is responsible for voting on authorization decisions.
- AccessDeniedException - Exception in org.springframework.security.access
-
Thrown if an
Authentication
object does not hold a required authority. - AccessDeniedException(String) - Constructor for exception org.springframework.security.access.AccessDeniedException
-
Constructs an
AccessDeniedException
with the specified message. - AccessDeniedException(String, Throwable) - Constructor for exception org.springframework.security.access.AccessDeniedException
-
Constructs an
AccessDeniedException
with the specified message and root cause. - accountExpired(boolean) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
-
Defines if the account is expired or not.
- AccountExpiredException - Exception in org.springframework.security.authentication
-
Thrown if an authentication request is rejected because the account has expired.
- AccountExpiredException(String) - Constructor for exception org.springframework.security.authentication.AccountExpiredException
-
Constructs a
AccountExpiredException
with the specified message. - AccountExpiredException(String, Throwable) - Constructor for exception org.springframework.security.authentication.AccountExpiredException
-
Constructs a
AccountExpiredException
with the specified message and root cause. - accountLocked(boolean) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
-
Defines if the account is locked or not.
- AccountStatusException - Exception in org.springframework.security.authentication
-
Base class for authentication exceptions which are caused by a particular user account status (locked, disabled etc).
- AccountStatusException(String) - Constructor for exception org.springframework.security.authentication.AccountStatusException
- AccountStatusException(String, Throwable) - Constructor for exception org.springframework.security.authentication.AccountStatusException
- AccountStatusUserDetailsChecker - Class in org.springframework.security.authentication
- AccountStatusUserDetailsChecker() - Constructor for class org.springframework.security.authentication.AccountStatusUserDetailsChecker
- addAuthority(GrantedAuthority) - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
- addCustomAuthorities(String, List<GrantedAuthority>) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
-
Allows subclasses to add their own granted authorities to the list to be returned in the UserDetails.
- addGroupAuthority(String, GrantedAuthority) - Method in interface org.springframework.security.provisioning.GroupManager
-
Assigns a new authority to a group.
- addGroupAuthority(String, GrantedAuthority) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- additionalAuthenticationChecks(UserDetails, UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
-
Allows subclasses to perform any additional checks of a returned (or cached)
UserDetails
for a given authentication request. - additionalAuthenticationChecks(UserDetails, UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
- addListener(SmartApplicationListener) - Method in class org.springframework.security.context.DelegatingApplicationListener
-
Adds a new SmartApplicationListener to use.
- addSecureMethod(Class<?>, Method, List<ConfigAttribute>) - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
-
Adds configuration attributes for a specific method, for example where the method has been matched using a pointcut expression.
- addSecureMethod(Class<?>, String, List<ConfigAttribute>) - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
-
Add configuration attributes for a secure method.
- addUserToGroup(String, String) - Method in interface org.springframework.security.provisioning.GroupManager
-
Makes a user a member of a particular group.
- addUserToGroup(String, String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- admin - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
- AffirmativeBased - Class in org.springframework.security.access.vote
-
Simple concrete implementation of
AccessDecisionManager
that grants access if anyAccessDecisionVoter
returns an affirmative response. - AffirmativeBased(List<AccessDecisionVoter<?>>) - Constructor for class org.springframework.security.access.vote.AffirmativeBased
- after(Authentication, MethodInvocation, PostInvocationAttribute, Object) - Method in class org.springframework.security.access.expression.method.ExpressionBasedPostInvocationAdvice
- after(Authentication, MethodInvocation, PostInvocationAttribute, Object) - Method in interface org.springframework.security.access.prepost.PostInvocationAuthorizationAdvice
- afterInvocation(InterceptorStatusToken, Object) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
Completes the work of the AbstractSecurityInterceptor after the secure object invocation has been completed.
- AfterInvocationManager - Interface in org.springframework.security.access.intercept
-
Reviews the
Object
returned from a secure object invocation, being able to modify theObject
or throw anAccessDeniedException
. - AfterInvocationProvider - Interface in org.springframework.security.access
-
Indicates a class is responsible for participating in an
AfterInvocationProviderManager
decision. - AfterInvocationProviderManager - Class in org.springframework.security.access.intercept
-
Provider-based implementation of
AfterInvocationManager
. - AfterInvocationProviderManager() - Constructor for class org.springframework.security.access.intercept.AfterInvocationProviderManager
- afterPropertiesSet() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
- afterPropertiesSet() - Method in class org.springframework.security.access.intercept.AfterInvocationProviderManager
- afterPropertiesSet() - Method in class org.springframework.security.access.intercept.MethodInvocationPrivilegeEvaluator
- afterPropertiesSet() - Method in class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider
- afterPropertiesSet() - Method in class org.springframework.security.access.intercept.RunAsManagerImpl
- afterPropertiesSet() - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager
- afterPropertiesSet() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- afterPropertiesSet() - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
-
Validates the required properties are set.
- afterPropertiesSet() - Method in class org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider
- afterPropertiesSet() - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
- afterPropertiesSet() - Method in class org.springframework.security.authentication.ProviderManager
- afterPropertiesSet() - Method in class org.springframework.security.authentication.rcp.RemoteAuthenticationManagerImpl
-
Deprecated.
- afterPropertiesSet() - Method in class org.springframework.security.authentication.rcp.RemoteAuthenticationProvider
-
Deprecated.
- afterPropertiesSet() - Method in class org.springframework.security.authentication.RememberMeAuthenticationProvider
- afterPropertiesSet() - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
- afterPropertiesSet() - Method in class org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper
-
Check whether all properties have been set to correct values.
- afterPropertiesSet() - Method in class org.springframework.security.core.authority.mapping.SimpleAuthorityMapper
- afterPropertiesSet() - Method in class org.springframework.security.core.token.KeyBasedPersistenceTokenService
- afterPropertiesSet() - Method in class org.springframework.security.core.userdetails.cache.EhCacheBasedUserCache
-
Deprecated.
- afterPropertiesSet() - Method in class org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper
-
Check whether all required properties have been set.
- allocateToken(String) - Method in class org.springframework.security.core.token.KeyBasedPersistenceTokenService
- allocateToken(String) - Method in interface org.springframework.security.core.token.TokenService
-
Forces the allocation of a new
Token
. - AnnotationMetadataExtractor<A extends java.lang.annotation.Annotation> - Interface in org.springframework.security.access.annotation
-
Strategy to process a custom security annotation to extract the relevant
ConfigAttribute
s for securing a method. - AnnotationParameterNameDiscoverer - Class in org.springframework.security.core.parameters
-
Allows finding parameter names using the value attribute of any number of
Annotation
instances. - AnnotationParameterNameDiscoverer(String...) - Constructor for class org.springframework.security.core.parameters.AnnotationParameterNameDiscoverer
- AnnotationParameterNameDiscoverer(Set<String>) - Constructor for class org.springframework.security.core.parameters.AnnotationParameterNameDiscoverer
- AnonymousAuthenticationProvider - Class in org.springframework.security.authentication
-
An
AuthenticationProvider
implementation that validatesAnonymousAuthenticationToken
s. - AnonymousAuthenticationProvider(String) - Constructor for class org.springframework.security.authentication.AnonymousAuthenticationProvider
- AnonymousAuthenticationToken - Class in org.springframework.security.authentication
-
Represents an anonymous
Authentication
. - AnonymousAuthenticationToken(String, Object, Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.authentication.AnonymousAuthenticationToken
-
Constructor.
- AspectJCallback - Interface in org.springframework.security.access.intercept.aspectj
-
Called by the
AspectJMethodSecurityInterceptor
when it wishes for the AspectJ processing to continue. - AspectJMethodSecurityInterceptor - Class in org.springframework.security.access.intercept.aspectj
-
AspectJ
JoinPoint
security interceptor which wraps theJoinPoint
in aMethodInvocation
adapter to make it compatible with security infrastructure classes which only supportMethodInvocation
s. - AspectJMethodSecurityInterceptor() - Constructor for class org.springframework.security.access.intercept.aspectj.AspectJMethodSecurityInterceptor
- attemptAuthentication(String, String) - Method in interface org.springframework.security.authentication.rcp.RemoteAuthenticationManager
-
Deprecated.Attempts to authenticate the remote client using the presented username and password.
- attemptAuthentication(String, String) - Method in class org.springframework.security.authentication.rcp.RemoteAuthenticationManagerImpl
-
Deprecated.
- Attributes2GrantedAuthoritiesMapper - Interface in org.springframework.security.core.authority.mapping
-
Interface to be implemented by classes that can map a list of security attributes (such as roles or group names) to a collection of Spring Security
GrantedAuthority
s. - authenticate(Authentication) - Method in class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider
- authenticate(Authentication) - Method in class org.springframework.security.authentication.AbstractUserDetailsReactiveAuthenticationManager
- authenticate(Authentication) - Method in class org.springframework.security.authentication.AnonymousAuthenticationProvider
- authenticate(Authentication) - Method in interface org.springframework.security.authentication.AuthenticationManager
-
Attempts to authenticate the passed
Authentication
object, returning a fully populatedAuthentication
object (including granted authorities) if successful. - authenticate(Authentication) - Method in interface org.springframework.security.authentication.AuthenticationProvider
-
Performs authentication with the same contract as
AuthenticationManager.authenticate(Authentication)
. - authenticate(Authentication) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- authenticate(Authentication) - Method in class org.springframework.security.authentication.DelegatingReactiveAuthenticationManager
- authenticate(Authentication) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
-
Attempts to login the user given the Authentication objects principal and credential
- authenticate(Authentication) - Method in class org.springframework.security.authentication.ProviderManager
-
Attempts to authenticate the passed
Authentication
object. - authenticate(Authentication) - Method in class org.springframework.security.authentication.rcp.RemoteAuthenticationProvider
-
Deprecated.
- authenticate(Authentication) - Method in interface org.springframework.security.authentication.ReactiveAuthenticationManager
-
Attempts to authenticate the provided
Authentication
- authenticate(Authentication) - Method in class org.springframework.security.authentication.ReactiveAuthenticationManagerAdapter
- authenticate(Authentication) - Method in class org.springframework.security.authentication.RememberMeAuthenticationProvider
- authenticate(Authentication) - Method in class org.springframework.security.authentication.TestingAuthenticationProvider
- authenticated() - Static method in class org.springframework.security.authorization.AuthenticatedAuthorizationManager
-
Creates an instance of
AuthenticatedAuthorizationManager
. - authenticated() - Static method in class org.springframework.security.authorization.AuthenticatedReactiveAuthorizationManager
-
Gets an instance of
AuthenticatedReactiveAuthorizationManager
- authenticated(Object, Object, Collection<? extends GrantedAuthority>) - Static method in class org.springframework.security.authentication.UsernamePasswordAuthenticationToken
-
This factory method can be safely used by any code that wishes to create a authenticated
UsernamePasswordAuthenticationToken
. - AuthenticatedAuthorizationManager<T> - Class in org.springframework.security.authorization
-
An
AuthorizationManager
that determines if the current user is authenticated. - AuthenticatedAuthorizationManager() - Constructor for class org.springframework.security.authorization.AuthenticatedAuthorizationManager
- AuthenticatedPrincipal - Interface in org.springframework.security.core
-
Representation of an authenticated
Principal
once anAuthentication
request has been successfully authenticated by theAuthenticationManager.authenticate(Authentication)
method. - AuthenticatedReactiveAuthorizationManager<T> - Class in org.springframework.security.authorization
-
A
ReactiveAuthorizationManager
that determines if the current user is authenticated. - AuthenticatedVoter - Class in org.springframework.security.access.vote
-
Votes if a
ConfigAttribute.getAttribute()
ofIS_AUTHENTICATED_FULLY
orIS_AUTHENTICATED_REMEMBERED
orIS_AUTHENTICATED_ANONYMOUSLY
is present. - AuthenticatedVoter() - Constructor for class org.springframework.security.access.vote.AuthenticatedVoter
- authentication - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
- Authentication - Interface in org.springframework.security.core
-
Represents the token for an authentication request or for an authenticated principal once the request has been processed by the
AuthenticationManager.authenticate(Authentication)
method. - AuthenticationCredentialsNotFoundEvent - Class in org.springframework.security.access.event
-
Indicates a secure object invocation failed because the
Authentication
could not be obtained from theSecurityContextHolder
. - AuthenticationCredentialsNotFoundEvent(Object, Collection<ConfigAttribute>, AuthenticationCredentialsNotFoundException) - Constructor for class org.springframework.security.access.event.AuthenticationCredentialsNotFoundEvent
-
Construct the event.
- AuthenticationCredentialsNotFoundException - Exception in org.springframework.security.authentication
-
Thrown if an authentication request is rejected because there is no
Authentication
object in theSecurityContext
. - AuthenticationCredentialsNotFoundException(String) - Constructor for exception org.springframework.security.authentication.AuthenticationCredentialsNotFoundException
-
Constructs an
AuthenticationCredentialsNotFoundException
with the specified message. - AuthenticationCredentialsNotFoundException(String, Throwable) - Constructor for exception org.springframework.security.authentication.AuthenticationCredentialsNotFoundException
-
Constructs an
AuthenticationCredentialsNotFoundException
with the specified message and root cause. - AuthenticationDetailsSource<C,T> - Interface in org.springframework.security.authentication
-
Provides a
Authentication.getDetails()
object for a given web request. - AuthenticationEventPublisher - Interface in org.springframework.security.authentication
- AuthenticationException - Exception in org.springframework.security.core
-
Abstract superclass for all exceptions related to an
Authentication
object being invalid for whatever reason. - AuthenticationException(String) - Constructor for exception org.springframework.security.core.AuthenticationException
-
Constructs an
AuthenticationException
with the specified message and no root cause. - AuthenticationException(String, Throwable) - Constructor for exception org.springframework.security.core.AuthenticationException
-
Constructs an
AuthenticationException
with the specified message and root cause. - AuthenticationFailureBadCredentialsEvent - Class in org.springframework.security.authentication.event
-
Application event which indicates authentication failure due to invalid credentials being presented.
- AuthenticationFailureBadCredentialsEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureBadCredentialsEvent
- AuthenticationFailureCredentialsExpiredEvent - Class in org.springframework.security.authentication.event
-
Application event which indicates authentication failure due to the user's credentials having expired.
- AuthenticationFailureCredentialsExpiredEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureCredentialsExpiredEvent
- AuthenticationFailureDisabledEvent - Class in org.springframework.security.authentication.event
-
Application event which indicates authentication failure due to the user's account being disabled.
- AuthenticationFailureDisabledEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureDisabledEvent
- AuthenticationFailureExpiredEvent - Class in org.springframework.security.authentication.event
-
Application event which indicates authentication failure due to the user's account having expired.
- AuthenticationFailureExpiredEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureExpiredEvent
- AuthenticationFailureLockedEvent - Class in org.springframework.security.authentication.event
-
Application event which indicates authentication failure due to the user's account having been locked.
- AuthenticationFailureLockedEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureLockedEvent
- AuthenticationFailureProviderNotFoundEvent - Class in org.springframework.security.authentication.event
-
Application event which indicates authentication failure due to there being no registered
AuthenticationProvider
that can process the request. - AuthenticationFailureProviderNotFoundEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureProviderNotFoundEvent
- AuthenticationFailureProxyUntrustedEvent - Class in org.springframework.security.authentication.event
-
Application event which indicates authentication failure due to the CAS user's ticket being generated by an untrusted proxy.
- AuthenticationFailureProxyUntrustedEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureProxyUntrustedEvent
- AuthenticationFailureServiceExceptionEvent - Class in org.springframework.security.authentication.event
-
Application event which indicates authentication failure due to there being a problem internal to the
AuthenticationManager
. - AuthenticationFailureServiceExceptionEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureServiceExceptionEvent
- AuthenticationManager - Interface in org.springframework.security.authentication
-
Processes an
Authentication
request. - AuthenticationManagerResolver<C> - Interface in org.springframework.security.authentication
-
An interface for resolving an
AuthenticationManager
based on the provided context - AuthenticationPrincipal - Annotation Type in org.springframework.security.core.annotation
-
Annotation that is used to resolve
Authentication.getPrincipal()
to a method argument. - AuthenticationProvider - Interface in org.springframework.security.authentication
-
Indicates a class can process a specific
Authentication
implementation. - AuthenticationServiceException - Exception in org.springframework.security.authentication
-
Thrown if an authentication request could not be processed due to a system problem.
- AuthenticationServiceException(String) - Constructor for exception org.springframework.security.authentication.AuthenticationServiceException
-
Constructs an
AuthenticationServiceException
with the specified message. - AuthenticationServiceException(String, Throwable) - Constructor for exception org.springframework.security.authentication.AuthenticationServiceException
-
Constructs an
AuthenticationServiceException
with the specified message and root cause. - AuthenticationSuccessEvent - Class in org.springframework.security.authentication.event
-
Application event which indicates successful authentication.
- AuthenticationSuccessEvent(Authentication) - Constructor for class org.springframework.security.authentication.event.AuthenticationSuccessEvent
- AuthenticationTrustResolver - Interface in org.springframework.security.authentication
-
Evaluates
Authentication
tokens - AuthenticationTrustResolverImpl - Class in org.springframework.security.authentication
-
Basic implementation of
AuthenticationTrustResolver
. - AuthenticationTrustResolverImpl() - Constructor for class org.springframework.security.authentication.AuthenticationTrustResolverImpl
- AuthenticationUserDetailsService<T extends Authentication> - Interface in org.springframework.security.core.userdetails
-
Interface that allows for retrieving a UserDetails object based on an Authentication object.
- authorities(String...) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
-
Populates the authorities.
- authorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
-
Populates the authorities.
- authorities(GrantedAuthority...) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
-
Populates the authorities.
- AuthorityAuthorizationDecision - Class in org.springframework.security.authorization
-
Represents an
AuthorizationDecision
based on a collection of authorities - AuthorityAuthorizationDecision(boolean, Collection<GrantedAuthority>) - Constructor for class org.springframework.security.authorization.AuthorityAuthorizationDecision
- AuthorityAuthorizationManager<T> - Class in org.springframework.security.authorization
-
An
AuthorizationManager
that determines if the current user is authorized by evaluating if theAuthentication
contains a specified authority. - AuthorityGranter - Interface in org.springframework.security.authentication.jaas
-
The AuthorityGranter interface is used to map a given principal to role names.
- authorityListToSet(Collection<? extends GrantedAuthority>) - Static method in class org.springframework.security.core.authority.AuthorityUtils
-
Converts an array of GrantedAuthority objects to a Set.
- AuthorityReactiveAuthorizationManager<T> - Class in org.springframework.security.authorization
-
A
ReactiveAuthorizationManager
that determines if the current user is authorized by evaluating if theAuthentication
contains a specified authority. - AuthorityUtils - Class in org.springframework.security.core.authority
-
Utility method for manipulating GrantedAuthority collections etc.
- AuthorizationDecision - Class in org.springframework.security.authorization
- AuthorizationDecision(boolean) - Constructor for class org.springframework.security.authorization.AuthorizationDecision
- AuthorizationDeniedEvent<T> - Class in org.springframework.security.authorization.event
-
An
ApplicationEvent
which indicates failed authorization. - AuthorizationDeniedEvent(Supplier<Authentication>, T, AuthorizationDecision) - Constructor for class org.springframework.security.authorization.event.AuthorizationDeniedEvent
- AuthorizationEventPublisher - Interface in org.springframework.security.authorization
-
A contract for publishing authorization events
- AuthorizationFailureEvent - Class in org.springframework.security.access.event
-
Indicates a secure object invocation failed because the principal could not be authorized for the request.
- AuthorizationFailureEvent(Object, Collection<ConfigAttribute>, Authentication, AccessDeniedException) - Constructor for class org.springframework.security.access.event.AuthorizationFailureEvent
-
Construct the event.
- AuthorizationGrantedEvent<T> - Class in org.springframework.security.authorization.event
-
An
ApplicationEvent
which indicates successful authorization. - AuthorizationGrantedEvent(Supplier<Authentication>, T, AuthorizationDecision) - Constructor for class org.springframework.security.authorization.event.AuthorizationGrantedEvent
- AuthorizationInterceptorsOrder - Enum in org.springframework.security.authorization.method
-
Ordering of Spring Security's authorization
Advisor
s - AuthorizationManager<T> - Interface in org.springframework.security.authorization
-
An Authorization manager which can determine if an
Authentication
has access to a specific object. - AuthorizationManagerAfterMethodInterceptor - Class in org.springframework.security.authorization.method
-
A
MethodInterceptor
which can determine if anAuthentication
has access to the result of anMethodInvocation
using anAuthorizationManager
- AuthorizationManagerAfterMethodInterceptor(Pointcut, AuthorizationManager<MethodInvocationResult>) - Constructor for class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor
-
Creates an instance.
- AuthorizationManagerBeforeMethodInterceptor - Class in org.springframework.security.authorization.method
-
A
MethodInterceptor
which uses aAuthorizationManager
to determine if anAuthentication
may invoke the givenMethodInvocation
- AuthorizationManagerBeforeMethodInterceptor(Pointcut, AuthorizationManager<MethodInvocation>) - Constructor for class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
-
Creates an instance.
- AuthorizationServiceException - Exception in org.springframework.security.access
-
Thrown if an authorization request could not be processed due to a system problem.
- AuthorizationServiceException(String) - Constructor for exception org.springframework.security.access.AuthorizationServiceException
-
Constructs an
AuthorizationServiceException
with the specified message. - AuthorizationServiceException(String, Throwable) - Constructor for exception org.springframework.security.access.AuthorizationServiceException
-
Constructs an
AuthorizationServiceException
with the specified message and root cause. - AuthorizedEvent - Class in org.springframework.security.access.event
-
Event indicating a secure object was invoked successfully.
- AuthorizedEvent(Object, Collection<ConfigAttribute>, Authentication) - Constructor for class org.springframework.security.access.event.AuthorizedEvent
-
Construct the event.
- awaitTermination(long, TimeUnit) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
B
- BadCredentialsException - Exception in org.springframework.security.authentication
-
Thrown if an authentication request is rejected because the credentials are invalid.
- BadCredentialsException(String) - Constructor for exception org.springframework.security.authentication.BadCredentialsException
-
Constructs a
BadCredentialsException
with the specified message. - BadCredentialsException(String, Throwable) - Constructor for exception org.springframework.security.authentication.BadCredentialsException
-
Constructs a
BadCredentialsException
with the specified message and root cause. - before(Authentication, MethodInvocation, PreInvocationAttribute) - Method in class org.springframework.security.access.expression.method.ExpressionBasedPreInvocationAdvice
- before(Authentication, MethodInvocation, PreInvocationAttribute) - Method in interface org.springframework.security.access.prepost.PreInvocationAuthorizationAdvice
-
The "before" advice which should be executed to perform any filtering necessary and to decide whether the method call is authorised.
- beforeInvocation(Object) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
- build() - Method in class org.springframework.security.core.userdetails.User.UserBuilder
- buildDetails(C) - Method in interface org.springframework.security.authentication.AuthenticationDetailsSource
-
Called by a class when it wishes a new authentication details instance to be created.
- builder() - Static method in class org.springframework.security.core.userdetails.User
-
Creates a UserBuilder
- buildRunAs(Authentication, Object, Collection<ConfigAttribute>) - Method in interface org.springframework.security.access.intercept.RunAsManager
-
Returns a replacement
Authentication
object for the current secure object invocation, ornull
if replacement not required. - buildRunAs(Authentication, Object, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.intercept.RunAsManagerImpl
C
- cachePermissionsFor(Authentication, Collection<?>) - Method in interface org.springframework.security.access.PermissionCacheOptimizer
-
Optimises the permission cache for anticipated operation on the supplied collection of objects.
- CachingUserDetailsService - Class in org.springframework.security.authentication
- CachingUserDetailsService(UserDetailsService) - Constructor for class org.springframework.security.authentication.CachingUserDetailsService
- call() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextCallable
- changePassword(String, String) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
- changePassword(String, String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- changePassword(String, String) - Method in interface org.springframework.security.provisioning.UserDetailsManager
-
Modify the current user's password.
- check(Supplier<Authentication>, MethodInvocation) - Method in class org.springframework.security.authorization.method.Jsr250AuthorizationManager
-
Determine if an
Authentication
has access to a method by evaluating theDenyAll
,PermitAll
, andRolesAllowed
annotations thatMethodInvocation
specifies. - check(Supplier<Authentication>, MethodInvocation) - Method in class org.springframework.security.authorization.method.PreAuthorizeAuthorizationManager
-
Determine if an
Authentication
has access to a method by evaluating an expression from thePreAuthorize
annotation that theMethodInvocation
specifies. - check(Supplier<Authentication>, MethodInvocation) - Method in class org.springframework.security.authorization.method.SecuredAuthorizationManager
-
Determine if an
Authentication
has access to a method by evaluating theSecured
annotation thatMethodInvocation
specifies. - check(Supplier<Authentication>, MethodInvocationResult) - Method in class org.springframework.security.authorization.method.PostAuthorizeAuthorizationManager
-
Determine if an
Authentication
has access to the returned object by evaluating thePostAuthorize
annotation that theMethodInvocation
specifies. - check(Supplier<Authentication>, T) - Method in class org.springframework.security.authorization.AuthenticatedAuthorizationManager
-
Determines if the current user is authorized by evaluating if the
Authentication
is not anonymous and authenticated. - check(Supplier<Authentication>, T) - Method in class org.springframework.security.authorization.AuthorityAuthorizationManager
-
Determines if the current user is authorized by evaluating if the
Authentication
contains a specified authority. - check(Supplier<Authentication>, T) - Method in interface org.springframework.security.authorization.AuthorizationManager
-
Determines if access is granted for a specific authentication and object.
- check(UserDetails) - Method in class org.springframework.security.authentication.AccountStatusUserDetailsChecker
- check(UserDetails) - Method in interface org.springframework.security.core.userdetails.UserDetailsChecker
-
Examines the User
- check(Mono<Authentication>, T) - Method in class org.springframework.security.authorization.AuthenticatedReactiveAuthorizationManager
- check(Mono<Authentication>, T) - Method in class org.springframework.security.authorization.AuthorityReactiveAuthorizationManager
- check(Mono<Authentication>, T) - Method in interface org.springframework.security.authorization.ReactiveAuthorizationManager
-
Determines if access is granted for a specific authentication and object.
- checkAllowIfAllAbstainDecisions() - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager
- clearContext() - Method in class org.springframework.security.core.context.ListeningSecurityContextHolderStrategy
-
Clears the current context.
- clearContext() - Static method in class org.springframework.security.core.context.ReactiveSecurityContextHolder
-
Clears the
Mono<SecurityContext>
from ReactorContext
- clearContext() - Static method in class org.springframework.security.core.context.SecurityContextHolder
-
Explicitly clears the context value from the current thread.
- clearContext() - Method in interface org.springframework.security.core.context.SecurityContextHolderStrategy
-
Clears the current context.
- commaSeparatedStringToAuthorityList(String) - Static method in class org.springframework.security.core.authority.AuthorityUtils
-
Creates a array of GrantedAuthority objects from a comma-separated string representation (e.g.
- commit() - Method in class org.springframework.security.authentication.jaas.SecurityContextLoginModule
-
Authenticate the
Subject
(phase two) by adding the Spring SecurityAuthentication
to theSubject
's principals. - ConfigAttribute - Interface in org.springframework.security.access
-
Stores a security system related configuration attribute.
- configureJaas(Resource) - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
-
Hook method for configuring Jaas.
- ConsensusBased - Class in org.springframework.security.access.vote
-
Simple concrete implementation of
AccessDecisionManager
that uses a consensus-based approach. - ConsensusBased(List<AccessDecisionVoter<?>>) - Constructor for class org.springframework.security.access.vote.ConsensusBased
- CoreJackson2Module - Class in org.springframework.security.jackson2
-
Jackson module for spring-security-core.
- CoreJackson2Module() - Constructor for class org.springframework.security.jackson2.CoreJackson2Module
- create - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
- create(Object, String, Object...) - Static method in class org.springframework.security.util.MethodInvocationUtils
-
Generates a
MethodInvocation
for specifiedmethodName
on the passed object, using theargs
to locate the method. - create(Runnable, SecurityContext) - Static method in class org.springframework.security.concurrent.DelegatingSecurityContextRunnable
-
Factory method for creating a
DelegatingSecurityContextRunnable
. - create(Callable<V>, SecurityContext) - Static method in class org.springframework.security.concurrent.DelegatingSecurityContextCallable
-
Creates a
DelegatingSecurityContextCallable
and with the givenCallable
andSecurityContext
, but if the securityContext is null will defaults to the currentSecurityContext
on theSecurityContextHolder
- createAuthorityList(String...) - Static method in class org.springframework.security.core.authority.AuthorityUtils
-
Converts authorities into a List of GrantedAuthority objects.
- createEmptyContext() - Method in class org.springframework.security.core.context.ListeningSecurityContextHolderStrategy
-
Creates a new, empty context implementation, for use by SecurityContextRepository implementations, when creating a new context for the first time.
- createEmptyContext() - Static method in class org.springframework.security.core.context.SecurityContextHolder
-
Delegates the creation of a new, empty context to the configured strategy.
- createEmptyContext() - Method in interface org.springframework.security.core.context.SecurityContextHolderStrategy
-
Creates a new, empty context implementation, for use by SecurityContextRepository implementations, when creating a new context for the first time.
- createEvaluationContext(Authentication, T) - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
-
Invokes the internal template methods to create
StandardEvaluationContext
andSecurityExpressionRoot
objects. - createEvaluationContext(Authentication, T) - Method in interface org.springframework.security.access.expression.SecurityExpressionHandler
-
Provides an evaluation context in which to evaluate security expressions for the invocation type.
- createEvaluationContextInternal(Authentication, MethodInvocation) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
-
Uses a
MethodSecurityEvaluationContext
as the EvaluationContext implementation. - createEvaluationContextInternal(Authentication, T) - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
-
Override to create a custom instance of
StandardEvaluationContext
. - createFromClass(Class<?>, String) - Static method in class org.springframework.security.util.MethodInvocationUtils
-
Generates a
MethodInvocation
for the specifiedmethodName
on the passed class. - createFromClass(Object, Class<?>, String, Class<?>[], Object[]) - Static method in class org.springframework.security.util.MethodInvocationUtils
-
Generates a
MethodInvocation
for specifiedmethodName
on the passed class, using theargs
to locate the method. - createGroup(String, List<GrantedAuthority>) - Method in interface org.springframework.security.provisioning.GroupManager
-
Creates a new group with the specified list of authorities.
- createGroup(String, List<GrantedAuthority>) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- createList(String...) - Static method in class org.springframework.security.access.SecurityConfig
- createListFromCommaDelimitedString(String) - Static method in class org.springframework.security.access.SecurityConfig
- createLoginContext(CallbackHandler) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
-
Creates the LoginContext to be used for authentication.
- createLoginContext(CallbackHandler) - Method in class org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider
-
Creates a LoginContext using the Configuration that was specified in
DefaultJaasAuthenticationProvider.setConfiguration(Configuration)
. - createLoginContext(CallbackHandler) - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
- createNewAuthentication(Authentication, String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- createPostInvocationAttribute(String, String) - Method in class org.springframework.security.access.expression.method.ExpressionBasedAnnotationAttributeFactory
- createPostInvocationAttribute(String, String) - Method in interface org.springframework.security.access.prepost.PrePostInvocationAttributeFactory
- createPreInvocationAttribute(String, String, String) - Method in class org.springframework.security.access.expression.method.ExpressionBasedAnnotationAttributeFactory
- createPreInvocationAttribute(String, String, String) - Method in interface org.springframework.security.access.prepost.PrePostInvocationAttributeFactory
- createSecurityExpressionRoot(Authentication, MethodInvocation) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
-
Creates the root object for expression evaluation.
- createSecurityExpressionRoot(Authentication, T) - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
-
Implement in order to create a root object of the correct type for the supported invocation type.
- createSuccessAuthentication(Object, Authentication, UserDetails) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
-
Creates a successful
Authentication
object. - createSuccessAuthentication(Object, Authentication, UserDetails) - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
- createUser(UserDetails) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
- createUser(UserDetails) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- createUser(UserDetails) - Method in interface org.springframework.security.provisioning.UserDetailsManager
-
Create a new user with the supplied details.
- createUserDetails(String, UserDetails, List<GrantedAuthority>) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
-
Can be overridden to customize the creation of the final UserDetailsObject which is returned by the loadUserByUsername method.
- CredentialsContainer - Interface in org.springframework.security.core
-
Indicates that the implementing object contains sensitive data, which can be erased using the
eraseCredentials
method. - credentialsExpired(boolean) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
-
Defines if the credentials are expired or not.
- CredentialsExpiredException - Exception in org.springframework.security.authentication
-
Thrown if an authentication request is rejected because the account's credentials have expired.
- CredentialsExpiredException(String) - Constructor for exception org.springframework.security.authentication.CredentialsExpiredException
-
Constructs a
CredentialsExpiredException
with the specified message. - CredentialsExpiredException(String, Throwable) - Constructor for exception org.springframework.security.authentication.CredentialsExpiredException
-
Constructs a
CredentialsExpiredException
with the specified message and root cause. - CurrentSecurityContext - Annotation Type in org.springframework.security.core.annotation
-
Annotation that is used to resolve the
SecurityContext
as a method argument. - CycleInRoleHierarchyException - Exception in org.springframework.security.access.hierarchicalroles
-
Exception that is thrown because of a cycle in the role hierarchy definition
- CycleInRoleHierarchyException() - Constructor for exception org.springframework.security.access.hierarchicalroles.CycleInRoleHierarchyException
D
- DaoAuthenticationProvider - Class in org.springframework.security.authentication.dao
-
An
AuthenticationProvider
implementation that retrieves user details from aUserDetailsService
. - DaoAuthenticationProvider() - Constructor for class org.springframework.security.authentication.dao.DaoAuthenticationProvider
- decide(Authentication, Object, Collection<ConfigAttribute>) - Method in interface org.springframework.security.access.AccessDecisionManager
-
Resolves an access control decision for the passed parameters.
- decide(Authentication, Object, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.vote.AffirmativeBased
-
This concrete implementation simply polls all configured
AccessDecisionVoter
s and grants access if anyAccessDecisionVoter
voted affirmatively. - decide(Authentication, Object, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.vote.ConsensusBased
-
This concrete implementation simply polls all configured
AccessDecisionVoter
s and upon completion determines the consensus of granted against denied responses. - decide(Authentication, Object, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.vote.UnanimousBased
-
This concrete implementation polls all configured
AccessDecisionVoter
s for eachConfigAttribute
and grants access if only grant (or abstain) votes were received. - decide(Authentication, Object, Collection<ConfigAttribute>, Object) - Method in interface org.springframework.security.access.AfterInvocationProvider
- decide(Authentication, Object, Collection<ConfigAttribute>, Object) - Method in interface org.springframework.security.access.intercept.AfterInvocationManager
-
Given the details of a secure object invocation including its returned
Object
, make an access control decision or optionally modify the returnedObject
. - decide(Authentication, Object, Collection<ConfigAttribute>, Object) - Method in class org.springframework.security.access.intercept.AfterInvocationProviderManager
- decide(Authentication, Object, Collection<ConfigAttribute>, Object) - Method in class org.springframework.security.access.prepost.PostInvocationAdviceProvider
- DEF_AUTHORITIES_BY_USERNAME_QUERY - Static variable in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- DEF_CHANGE_PASSWORD_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_CREATE_USER_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_DELETE_GROUP_AUTHORITIES_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_DELETE_GROUP_AUTHORITY_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_DELETE_GROUP_MEMBER_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_DELETE_GROUP_MEMBERS_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_DELETE_GROUP_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_DELETE_USER_AUTHORITIES_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_DELETE_USER_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_FIND_GROUP_ID_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_FIND_GROUPS_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_FIND_USERS_IN_GROUP_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_GROUP_AUTHORITIES_BY_USERNAME_QUERY - Static variable in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- DEF_GROUP_AUTHORITIES_QUERY_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_INSERT_AUTHORITY_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_INSERT_GROUP_AUTHORITY_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_INSERT_GROUP_MEMBER_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_INSERT_GROUP_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_RENAME_GROUP_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_UPDATE_USER_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_USER_EXISTS_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_USERS_BY_USERNAME_QUERY - Static variable in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- DEFAULT_USER_SCHEMA_DDL_LOCATION - Static variable in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- DefaultAuthenticationEventPublisher - Class in org.springframework.security.authentication
-
The default strategy for publishing authentication events.
- DefaultAuthenticationEventPublisher() - Constructor for class org.springframework.security.authentication.DefaultAuthenticationEventPublisher
- DefaultAuthenticationEventPublisher(ApplicationEventPublisher) - Constructor for class org.springframework.security.authentication.DefaultAuthenticationEventPublisher
- DefaultJaasAuthenticationProvider - Class in org.springframework.security.authentication.jaas
-
Creates a LoginContext using the Configuration provided to it.
- DefaultJaasAuthenticationProvider() - Constructor for class org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider
- DefaultLoginExceptionResolver - Class in org.springframework.security.authentication.jaas
-
This LoginExceptionResolver simply wraps the LoginException with an AuthenticationServiceException.
- DefaultLoginExceptionResolver() - Constructor for class org.springframework.security.authentication.jaas.DefaultLoginExceptionResolver
- DefaultMethodSecurityExpressionHandler - Class in org.springframework.security.access.expression.method
-
The standard implementation of
MethodSecurityExpressionHandler
. - DefaultMethodSecurityExpressionHandler() - Constructor for class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
- DefaultSecurityParameterNameDiscoverer - Class in org.springframework.security.core.parameters
-
Spring Security's default
ParameterNameDiscoverer
which tries a number ofParameterNameDiscoverer
depending on what is found on the classpath. - DefaultSecurityParameterNameDiscoverer() - Constructor for class org.springframework.security.core.parameters.DefaultSecurityParameterNameDiscoverer
-
Creates a new instance with only the default
ParameterNameDiscoverer
instances. - DefaultSecurityParameterNameDiscoverer(List<? extends ParameterNameDiscoverer>) - Constructor for class org.springframework.security.core.parameters.DefaultSecurityParameterNameDiscoverer
-
Creates a new instance that first tries the passed in
ParameterNameDiscoverer
instances. - DefaultToken - Class in org.springframework.security.core.token
-
The default implementation of
Token
. - DefaultToken(String, long, String) - Constructor for class org.springframework.security.core.token.DefaultToken
- DelegatingApplicationListener - Class in org.springframework.security.context
-
Used for delegating to a number of SmartApplicationListener instances.
- DelegatingApplicationListener() - Constructor for class org.springframework.security.context.DelegatingApplicationListener
- DelegatingMethodSecurityMetadataSource - Class in org.springframework.security.access.method
-
Automatically tries a series of method definition sources, relying on the first source of metadata that provides a non-null/non-empty response.
- DelegatingMethodSecurityMetadataSource(List<MethodSecurityMetadataSource>) - Constructor for class org.springframework.security.access.method.DelegatingMethodSecurityMetadataSource
- DelegatingReactiveAuthenticationManager - Class in org.springframework.security.authentication
-
A
ReactiveAuthenticationManager
that delegates to otherReactiveAuthenticationManager
instances using the result from the first non empty result. - DelegatingReactiveAuthenticationManager(List<ReactiveAuthenticationManager>) - Constructor for class org.springframework.security.authentication.DelegatingReactiveAuthenticationManager
- DelegatingReactiveAuthenticationManager(ReactiveAuthenticationManager...) - Constructor for class org.springframework.security.authentication.DelegatingReactiveAuthenticationManager
- DelegatingSecurityContextAsyncTaskExecutor - Class in org.springframework.security.task
-
An
AsyncTaskExecutor
which wraps eachRunnable
in aDelegatingSecurityContextRunnable
and eachCallable
in aDelegatingSecurityContextCallable
. - DelegatingSecurityContextAsyncTaskExecutor(AsyncTaskExecutor) - Constructor for class org.springframework.security.task.DelegatingSecurityContextAsyncTaskExecutor
-
Creates a new
DelegatingSecurityContextAsyncTaskExecutor
that uses the currentSecurityContext
. - DelegatingSecurityContextAsyncTaskExecutor(AsyncTaskExecutor, SecurityContext) - Constructor for class org.springframework.security.task.DelegatingSecurityContextAsyncTaskExecutor
-
Creates a new
DelegatingSecurityContextAsyncTaskExecutor
that uses the specifiedSecurityContext
. - DelegatingSecurityContextCallable<V> - Class in org.springframework.security.concurrent
-
Wraps a delegate
Callable
with logic for setting up aSecurityContext
before invoking the delegateCallable
and then removing theSecurityContext
after the delegate has completed. - DelegatingSecurityContextCallable(Callable<V>) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextCallable
-
Creates a new
DelegatingSecurityContextCallable
with theSecurityContext
from theSecurityContextHolder
. - DelegatingSecurityContextCallable(Callable<V>, SecurityContext) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextCallable
-
Creates a new
DelegatingSecurityContextCallable
with a specificSecurityContext
. - DelegatingSecurityContextExecutor - Class in org.springframework.security.concurrent
- DelegatingSecurityContextExecutor(Executor) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextExecutor
-
Creates a new
DelegatingSecurityContextExecutor
that uses the currentSecurityContext
from theSecurityContextHolder
at the time the task is submitted. - DelegatingSecurityContextExecutor(Executor, SecurityContext) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextExecutor
-
Creates a new
DelegatingSecurityContextExecutor
that uses the specifiedSecurityContext
. - DelegatingSecurityContextExecutorService - Class in org.springframework.security.concurrent
-
An
ExecutorService
which wraps eachRunnable
in aDelegatingSecurityContextRunnable
and eachCallable
in aDelegatingSecurityContextCallable
. - DelegatingSecurityContextExecutorService(ExecutorService) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
-
Creates a new
DelegatingSecurityContextExecutorService
that uses the currentSecurityContext
from theSecurityContextHolder
. - DelegatingSecurityContextExecutorService(ExecutorService, SecurityContext) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
-
Creates a new
DelegatingSecurityContextExecutorService
that uses the specifiedSecurityContext
. - DelegatingSecurityContextRunnable - Class in org.springframework.security.concurrent
-
Wraps a delegate
Runnable
with logic for setting up aSecurityContext
before invoking the delegateRunnable
and then removing theSecurityContext
after the delegate has completed. - DelegatingSecurityContextRunnable(Runnable) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextRunnable
-
Creates a new
DelegatingSecurityContextRunnable
with theSecurityContext
from theSecurityContextHolder
. - DelegatingSecurityContextRunnable(Runnable, SecurityContext) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextRunnable
-
Creates a new
DelegatingSecurityContextRunnable
with a specificSecurityContext
. - DelegatingSecurityContextScheduledExecutorService - Class in org.springframework.security.concurrent
-
An
ScheduledExecutorService
which wraps eachRunnable
in aDelegatingSecurityContextRunnable
and eachCallable
in aDelegatingSecurityContextCallable
. - DelegatingSecurityContextScheduledExecutorService(ScheduledExecutorService) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextScheduledExecutorService
-
Creates a new
DelegatingSecurityContextScheduledExecutorService
that uses the currentSecurityContext
from theSecurityContextHolder
. - DelegatingSecurityContextScheduledExecutorService(ScheduledExecutorService, SecurityContext) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextScheduledExecutorService
-
Creates a new
DelegatingSecurityContextScheduledExecutorService
that uses the specifiedSecurityContext
. - DelegatingSecurityContextSchedulingTaskExecutor - Class in org.springframework.security.scheduling
-
An
SchedulingTaskExecutor
which wraps eachRunnable
in aDelegatingSecurityContextRunnable
and eachCallable
in aDelegatingSecurityContextCallable
. - DelegatingSecurityContextSchedulingTaskExecutor(SchedulingTaskExecutor) - Constructor for class org.springframework.security.scheduling.DelegatingSecurityContextSchedulingTaskExecutor
-
Creates a new
DelegatingSecurityContextSchedulingTaskExecutor
that uses the currentSecurityContext
. - DelegatingSecurityContextSchedulingTaskExecutor(SchedulingTaskExecutor, SecurityContext) - Constructor for class org.springframework.security.scheduling.DelegatingSecurityContextSchedulingTaskExecutor
-
Creates a new
DelegatingSecurityContextSchedulingTaskExecutor
that uses the specifiedSecurityContext
. - DelegatingSecurityContextTaskExecutor - Class in org.springframework.security.task
- DelegatingSecurityContextTaskExecutor(TaskExecutor) - Constructor for class org.springframework.security.task.DelegatingSecurityContextTaskExecutor
-
Creates a new
DelegatingSecurityContextTaskExecutor
that uses the currentSecurityContext
from theSecurityContextHolder
. - DelegatingSecurityContextTaskExecutor(TaskExecutor, SecurityContext) - Constructor for class org.springframework.security.task.DelegatingSecurityContextTaskExecutor
-
Creates a new
DelegatingSecurityContextTaskExecutor
that uses the specifiedSecurityContext
. - DelegatingSecurityContextTaskScheduler - Class in org.springframework.security.scheduling
-
An implementation of
TaskScheduler
invoking it whenever the trigger indicates a next execution time. - DelegatingSecurityContextTaskScheduler(TaskScheduler) - Constructor for class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
-
Creates a new
DelegatingSecurityContextTaskScheduler
that uses the currentSecurityContext
from theSecurityContextHolder
. - DelegatingSecurityContextTaskScheduler(TaskScheduler, SecurityContext) - Constructor for class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
-
Creates a new
DelegatingSecurityContextTaskScheduler
that uses the specifiedSecurityContext
. - delete - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
- deleteGroup(String) - Method in interface org.springframework.security.provisioning.GroupManager
-
Removes a group, including all members and authorities.
- deleteGroup(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- deleteUser(String) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
- deleteUser(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- deleteUser(String) - Method in interface org.springframework.security.provisioning.UserDetailsManager
-
Remove the user with the given login name from the system.
- DENY_ALL_ATTRIBUTE - Static variable in class org.springframework.security.access.annotation.Jsr250SecurityConfig
- denyAll - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
-
Allows "denyAll" expression
- denyAll() - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
-
Always denies access
- denyAll() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
- DenyAllPermissionEvaluator - Class in org.springframework.security.access.expression
-
A null PermissionEvaluator which denies all access.
- DenyAllPermissionEvaluator() - Constructor for class org.springframework.security.access.expression.DenyAllPermissionEvaluator
- disabled(boolean) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
-
Defines if the account is disabled or not.
- DisabledException - Exception in org.springframework.security.authentication
-
Thrown if an authentication request is rejected because the account is disabled.
- DisabledException(String) - Constructor for exception org.springframework.security.authentication.DisabledException
-
Constructs a
DisabledException
with the specified message. - DisabledException(String, Throwable) - Constructor for exception org.springframework.security.authentication.DisabledException
-
Constructs a
DisabledException
with the specified message and root cause. - doAfterPropertiesSet() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- doAfterPropertiesSet() - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
E
- EhCacheBasedUserCache - Class in org.springframework.security.core.userdetails.cache
-
Deprecated.since 5.6. In favor of JCache based implementations
- EhCacheBasedUserCache() - Constructor for class org.springframework.security.core.userdetails.cache.EhCacheBasedUserCache
-
Deprecated.
- enableDefaultTyping(ObjectMapper) - Static method in class org.springframework.security.jackson2.SecurityJackson2Modules
- equals(Object) - Method in class org.springframework.security.access.SecurityConfig
- equals(Object) - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
- equals(Object) - Method in class org.springframework.security.authentication.AnonymousAuthenticationToken
- equals(Object) - Method in class org.springframework.security.authentication.jaas.JaasGrantedAuthority
- equals(Object) - Method in class org.springframework.security.authentication.RememberMeAuthenticationToken
- equals(Object) - Method in class org.springframework.security.core.authority.SimpleGrantedAuthority
- equals(Object) - Method in class org.springframework.security.core.context.SecurityContextImpl
- equals(Object) - Method in class org.springframework.security.core.token.DefaultToken
- equals(Object) - Method in class org.springframework.security.core.userdetails.User
-
Returns
true
if the supplied object is aUser
instance with the sameusername
value. - equals(Object) - Method in class org.springframework.security.util.InMemoryResource
- eraseCredentials() - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
-
Checks the
credentials
,principal
anddetails
objects, invoking theeraseCredentials
method on any which implementCredentialsContainer
. - eraseCredentials() - Method in class org.springframework.security.authentication.UsernamePasswordAuthenticationToken
- eraseCredentials() - Method in interface org.springframework.security.core.CredentialsContainer
- eraseCredentials() - Method in class org.springframework.security.core.userdetails.User
- errorOnInvalidType() - Method in annotation type org.springframework.security.core.annotation.AuthenticationPrincipal
-
True if a
ClassCastException
should be thrown when the currentAuthentication.getPrincipal()
is the incorrect type. - errorOnInvalidType() - Method in annotation type org.springframework.security.core.annotation.CurrentSecurityContext
-
True if a
ClassCastException
should be thrown when the currentSecurityContext
is the incorrect type. - evaluateAsBoolean(Expression, EvaluationContext) - Static method in class org.springframework.security.access.expression.ExpressionUtils
- execute(Runnable) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutor
- execute(Runnable, long) - Method in class org.springframework.security.task.DelegatingSecurityContextAsyncTaskExecutor
- expireNow() - Method in class org.springframework.security.core.session.SessionInformation
- expression() - Method in annotation type org.springframework.security.core.annotation.AuthenticationPrincipal
-
If specified will use the provided SpEL expression to resolve the principal.
- expression() - Method in annotation type org.springframework.security.core.annotation.CurrentSecurityContext
-
If specified, will use the provided SpEL expression to resolve the security context.
- ExpressionAttributeAuthorizationDecision - Class in org.springframework.security.authorization.method
-
Represents an
AuthorizationDecision
based on aExpressionAttribute
- ExpressionAttributeAuthorizationDecision(boolean, ExpressionAttribute) - Constructor for class org.springframework.security.authorization.method.ExpressionAttributeAuthorizationDecision
- ExpressionBasedAnnotationAttributeFactory - Class in org.springframework.security.access.expression.method
-
PrePostInvocationAttributeFactory
which interprets the annotation value as an expression to be evaluated at runtime. - ExpressionBasedAnnotationAttributeFactory(MethodSecurityExpressionHandler) - Constructor for class org.springframework.security.access.expression.method.ExpressionBasedAnnotationAttributeFactory
- ExpressionBasedPostInvocationAdvice - Class in org.springframework.security.access.expression.method
- ExpressionBasedPostInvocationAdvice(MethodSecurityExpressionHandler) - Constructor for class org.springframework.security.access.expression.method.ExpressionBasedPostInvocationAdvice
- ExpressionBasedPreInvocationAdvice - Class in org.springframework.security.access.expression.method
-
Method pre-invocation handling based on expressions.
- ExpressionBasedPreInvocationAdvice() - Constructor for class org.springframework.security.access.expression.method.ExpressionBasedPreInvocationAdvice
- ExpressionUtils - Class in org.springframework.security.access.expression
- extractAttributes(A) - Method in interface org.springframework.security.access.annotation.AnnotationMetadataExtractor
F
- FieldUtils - Class in org.springframework.security.util
-
Offers static methods for directly manipulating fields.
- filter(Object, Expression, EvaluationContext) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
-
Filters the
filterTarget
object (which must be either a collection, array, map or stream), by evaluating the supplied expression. - filter(Object, Expression, EvaluationContext) - Method in interface org.springframework.security.access.expression.method.MethodSecurityExpressionHandler
-
Filters a target collection or array.
- filterTarget() - Method in annotation type org.springframework.security.access.prepost.PreFilter
- finallyInvocation(InterceptorStatusToken) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
Cleans up the work of the AbstractSecurityInterceptor after the secure object invocation has been completed.
- findAllGroups() - Method in interface org.springframework.security.provisioning.GroupManager
-
Returns the names of all groups that this group manager controls.
- findAllGroups() - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- findAttributes(Class<?>) - Method in class org.springframework.security.access.annotation.Jsr250MethodSecurityMetadataSource
- findAttributes(Class<?>) - Method in class org.springframework.security.access.annotation.SecuredAnnotationSecurityMetadataSource
- findAttributes(Class<?>) - Method in class org.springframework.security.access.method.AbstractFallbackMethodSecurityMetadataSource
-
Obtains the security metadata registered against the specified class.
- findAttributes(Class<?>) - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
-
Implementation does not support class-level attributes.
- findAttributes(Method, Class<?>) - Method in class org.springframework.security.access.annotation.Jsr250MethodSecurityMetadataSource
- findAttributes(Method, Class<?>) - Method in class org.springframework.security.access.annotation.SecuredAnnotationSecurityMetadataSource
- findAttributes(Method, Class<?>) - Method in class org.springframework.security.access.method.AbstractFallbackMethodSecurityMetadataSource
-
Obtains the security metadata applicable to the specified method invocation.
- findAttributes(Method, Class<?>) - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
-
Will walk the method inheritance tree to find the most specific declaration applicable.
- findByUsername(String) - Method in class org.springframework.security.core.userdetails.MapReactiveUserDetailsService
- findByUsername(String) - Method in interface org.springframework.security.core.userdetails.ReactiveUserDetailsService
-
Find the
UserDetails
by username. - findGroupAuthorities(String) - Method in interface org.springframework.security.provisioning.GroupManager
-
Obtains the list of authorities which are assigned to a group.
- findGroupAuthorities(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- findUsersInGroup(String) - Method in interface org.springframework.security.provisioning.GroupManager
-
Locates the users who are members of a group
- findUsersInGroup(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- FIRST - org.springframework.security.authorization.method.AuthorizationInterceptorsOrder
G
- getAccessDecisionManager() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
- getAccessDeniedException() - Method in class org.springframework.security.access.event.AuthorizationFailureEvent
- getAccessor() - Static method in class org.springframework.security.core.SpringSecurityMessageSource
- getAdvice() - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityMetadataSourceAdvisor
- getAdvice() - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor
- getAdvice() - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
- getAdvice() - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationMethodInterceptor
- getAdvice() - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationMethodInterceptor
- getAfterInvocationManager() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
- getAllConfigAttributes() - Method in class org.springframework.security.access.annotation.Jsr250MethodSecurityMetadataSource
- getAllConfigAttributes() - Method in class org.springframework.security.access.annotation.SecuredAnnotationSecurityMetadataSource
- getAllConfigAttributes() - Method in class org.springframework.security.access.method.DelegatingMethodSecurityMetadataSource
- getAllConfigAttributes() - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
-
Obtains the configuration attributes explicitly defined against this bean.
- getAllConfigAttributes() - Method in class org.springframework.security.access.prepost.PrePostAnnotationSecurityMetadataSource
- getAllConfigAttributes() - Method in interface org.springframework.security.access.SecurityMetadataSource
-
If available, returns all of the
ConfigAttribute
s defined by the implementing class. - getAllPrincipals() - Method in interface org.springframework.security.core.session.SessionRegistry
-
Obtains all the known principals in the
SessionRegistry
. - getAllPrincipals() - Method in class org.springframework.security.core.session.SessionRegistryImpl
- getAllSessions(Object, boolean) - Method in interface org.springframework.security.core.session.SessionRegistry
-
Obtains all the known sessions for the specified principal.
- getAllSessions(Object, boolean) - Method in class org.springframework.security.core.session.SessionRegistryImpl
- getAppConfigurationEntry(String) - Method in class org.springframework.security.authentication.jaas.memory.InMemoryConfiguration
- getApplicationEventPublisher() - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
- getArguments() - Method in class org.springframework.security.access.intercept.aspectj.MethodInvocationAdapter
- getArguments() - Method in class org.springframework.security.util.SimpleMethodInvocation
- getAttribute() - Method in interface org.springframework.security.access.ConfigAttribute
-
If the
ConfigAttribute
can be represented as aString
and thatString
is sufficient in precision to be relied upon as a configuration parameter by aRunAsManager
,AccessDecisionManager
orAccessDecisionManager
delegate, this method should return such aString
. - getAttribute() - Method in class org.springframework.security.access.SecurityConfig
- getAttributes() - Method in class org.springframework.security.access.intercept.InterceptorStatusToken
- getAttributes(Object) - Method in class org.springframework.security.access.method.AbstractMethodSecurityMetadataSource
- getAttributes(Object) - Method in interface org.springframework.security.access.SecurityMetadataSource
-
Accesses the
ConfigAttribute
s that apply to a given secure object. - getAttributes(Method, Class<?>) - Method in class org.springframework.security.access.method.AbstractFallbackMethodSecurityMetadataSource
- getAttributes(Method, Class<?>) - Method in class org.springframework.security.access.method.DelegatingMethodSecurityMetadataSource
- getAttributes(Method, Class<?>) - Method in interface org.springframework.security.access.method.MethodSecurityMetadataSource
- getAttributes(Method, Class<?>) - Method in class org.springframework.security.access.prepost.PrePostAnnotationSecurityMetadataSource
- getAttributes2grantedAuthoritiesMap() - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
- getAuthentication() - Method in class org.springframework.security.access.event.AuthorizationFailureEvent
- getAuthentication() - Method in class org.springframework.security.access.event.AuthorizedEvent
- getAuthentication() - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
-
Gets the
Authentication
used for evaluating the expressions - getAuthentication() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
- getAuthentication() - Method in class org.springframework.security.authentication.event.AbstractAuthenticationEvent
-
Getters for the
Authentication
request that caused the event. - getAuthentication() - Method in class org.springframework.security.authentication.jaas.event.JaasAuthenticationEvent
-
Pre-casted method that returns the 'source' of the event.
- getAuthentication() - Method in class org.springframework.security.authorization.event.AuthorizationDeniedEvent
- getAuthentication() - Method in class org.springframework.security.authorization.event.AuthorizationGrantedEvent
- getAuthentication() - Method in interface org.springframework.security.core.context.SecurityContext
-
Obtains the currently authenticated principal, or an authentication request token.
- getAuthentication() - Method in class org.springframework.security.core.context.SecurityContextImpl
- getAuthenticationManager() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
- getAuthenticationManager() - Method in class org.springframework.security.authentication.rcp.RemoteAuthenticationManagerImpl
-
Deprecated.
- getAuthorities() - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
- getAuthorities() - Method in class org.springframework.security.authorization.AuthorityAuthorizationDecision
- getAuthorities() - Method in interface org.springframework.security.core.Authentication
-
Set by an
AuthenticationManager
to indicate the authorities that the principal has been granted. - getAuthorities() - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
- getAuthorities() - Method in class org.springframework.security.core.userdetails.User
- getAuthorities() - Method in interface org.springframework.security.core.userdetails.UserDetails
-
Returns the authorities granted to the user.
- getAuthoritiesByUsernameQuery() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- getAuthority() - Method in class org.springframework.security.authentication.jaas.JaasGrantedAuthority
- getAuthority() - Method in class org.springframework.security.core.authority.SimpleGrantedAuthority
- getAuthority() - Method in interface org.springframework.security.core.GrantedAuthority
-
If the
GrantedAuthority
can be represented as aString
and thatString
is sufficient in precision to be relied upon for an access control decision by anAccessDecisionManager
(or delegate), this method should return such aString
. - getAuthorizationDecision() - Method in class org.springframework.security.authorization.event.AuthorizationDeniedEvent
- getAuthorizationDecision() - Method in class org.springframework.security.authorization.event.AuthorizationGrantedEvent
- getCache() - Method in class org.springframework.security.core.userdetails.cache.EhCacheBasedUserCache
-
Deprecated.
- getConfigAttributes() - Method in class org.springframework.security.access.event.AuthenticationCredentialsNotFoundEvent
- getConfigAttributes() - Method in class org.springframework.security.access.event.AuthorizationFailureEvent
- getConfigAttributes() - Method in class org.springframework.security.access.event.AuthorizedEvent
- getConfiguration() - Method in class org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider
- getContext() - Method in class org.springframework.security.core.context.ListeningSecurityContextHolderStrategy
-
Obtains the current context.
- getContext() - Static method in class org.springframework.security.core.context.ReactiveSecurityContextHolder
-
Gets the
Mono<SecurityContext>
from ReactorContext
- getContext() - Static method in class org.springframework.security.core.context.SecurityContextHolder
-
Obtain the current
SecurityContext
. - getContext() - Method in interface org.springframework.security.core.context.SecurityContextHolderStrategy
-
Obtains the current context.
- getContextHolderStrategy() - Static method in class org.springframework.security.core.context.SecurityContextHolder
-
Allows retrieval of the context strategy.
- getCredentials() - Method in class org.springframework.security.access.intercept.RunAsUserToken
- getCredentials() - Method in class org.springframework.security.authentication.AnonymousAuthenticationToken
-
Always returns an empty
String
- getCredentials() - Method in class org.springframework.security.authentication.RememberMeAuthenticationToken
-
Always returns an empty
String
- getCredentials() - Method in class org.springframework.security.authentication.TestingAuthenticationToken
- getCredentials() - Method in class org.springframework.security.authentication.UsernamePasswordAuthenticationToken
- getCredentials() - Method in interface org.springframework.security.core.Authentication
-
The credentials that prove the principal is correct.
- getCredentialsNotFoundException() - Method in class org.springframework.security.access.event.AuthenticationCredentialsNotFoundEvent
- getDecisionVoters() - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager
- getDefaultRolePrefix() - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
- getDelegateExecutor() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutor
- getDescription() - Method in class org.springframework.security.util.InMemoryResource
- getDetails() - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
- getDetails() - Method in interface org.springframework.security.core.Authentication
-
Stores additional details about the authentication request.
- getDomainObjectInstance(MethodInvocation) - Method in class org.springframework.security.access.vote.AbstractAclVoter
- getEnableAuthorities() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- getEnableGroups() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- getException() - Method in class org.springframework.security.authentication.event.AbstractAuthenticationFailureEvent
- getException() - Method in class org.springframework.security.authentication.jaas.event.JaasAuthenticationFailedEvent
- getExpressionAttribute() - Method in class org.springframework.security.authorization.method.ExpressionAttributeAuthorizationDecision
- getExpressionParser() - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
- getExpressionParser() - Method in interface org.springframework.security.access.expression.SecurityExpressionHandler
- getExtendedInformation() - Method in class org.springframework.security.core.token.DefaultToken
- getExtendedInformation() - Method in interface org.springframework.security.core.token.Token
-
Obtains the extended information associated within the token, which was presented when the token was first created.
- getField(Class<?>, String) - Static method in class org.springframework.security.util.FieldUtils
-
Attempts to locate the specified field on the class.
- getFieldValue(Object, String) - Static method in class org.springframework.security.util.FieldUtils
-
Returns the value of a (nested) field on a bean.
- getFilterObject() - Method in interface org.springframework.security.access.expression.method.MethodSecurityExpressionOperations
- getGeneratedBy() - Method in class org.springframework.security.authentication.event.InteractiveAuthenticationSuccessEvent
-
Getter for the
Class
that generated this event. - getGrantedAuthorities() - Method in interface org.springframework.security.core.authority.GrantedAuthoritiesContainer
- getGrantedAuthorities(Collection<String>) - Method in interface org.springframework.security.core.authority.mapping.Attributes2GrantedAuthoritiesMapper
-
Implementations of this method should map the given collection of attributes to a collection of Spring Security GrantedAuthorities.
- getGrantedAuthorities(Collection<String>) - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
-
Map the given array of attributes to Spring Security GrantedAuthorities.
- getGrantedAuthorities(Collection<String>) - Method in class org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper
-
Map the given list of string attributes one-to-one to Spring Security GrantedAuthorities.
- getId() - Method in class org.springframework.security.core.session.SessionDestroyedEvent
- getInitializeCount() - Static method in class org.springframework.security.core.context.SecurityContextHolder
-
Primarily for troubleshooting purposes, this method shows how many times the class has re-initialized its
SecurityContextHolderStrategy
. - getInputStream() - Method in class org.springframework.security.util.InMemoryResource
- getKey() - Method in class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider
- getKey() - Method in class org.springframework.security.access.intercept.RunAsManagerImpl
- getKey() - Method in class org.springframework.security.authentication.AnonymousAuthenticationProvider
- getKey() - Method in class org.springframework.security.authentication.RememberMeAuthenticationProvider
- getKey() - Method in class org.springframework.security.core.token.DefaultToken
- getKey() - Method in interface org.springframework.security.core.token.Token
-
Obtains the randomised, secure key assigned to this token.
- getKeyCreationTime() - Method in class org.springframework.security.core.token.DefaultToken
- getKeyCreationTime() - Method in interface org.springframework.security.core.token.Token
-
The time the token key was initially created is available from this method.
- getKeyHash() - Method in class org.springframework.security.access.intercept.RunAsUserToken
- getKeyHash() - Method in class org.springframework.security.authentication.AnonymousAuthenticationToken
- getKeyHash() - Method in class org.springframework.security.authentication.RememberMeAuthenticationToken
- getLastRequest() - Method in class org.springframework.security.core.session.SessionInformation
- getLoginConfig() - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
- getLoginContext() - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationToken
- getMappableAttributes() - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
- getMappableAttributes() - Method in interface org.springframework.security.core.authority.mapping.MappableAttributesRetriever
-
Implementations of this method should return a set of all string attributes which can be mapped to GrantedAuthoritys.
- getMappableAttributes() - Method in class org.springframework.security.core.authority.mapping.SimpleMappableAttributesRetriever
- getMessages() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- getMethod() - Method in class org.springframework.security.access.intercept.aspectj.MethodInvocationAdapter
- getMethod() - Method in class org.springframework.security.util.SimpleMethodInvocation
- getMethodInvocation() - Method in class org.springframework.security.authorization.method.MethodInvocationResult
-
Return the already-invoked
MethodInvocation
- getMethodMapSize() - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
- getMethodSecurityMetadataSources() - Method in class org.springframework.security.access.method.DelegatingMethodSecurityMetadataSource
- getModules(ClassLoader) - Static method in class org.springframework.security.jackson2.SecurityJackson2Modules
- getName() - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
- getName() - Method in interface org.springframework.security.core.AuthenticatedPrincipal
-
Returns the name of the authenticated
Principal
. - getNewContext() - Method in class org.springframework.security.core.context.SecurityContextChangedEvent
-
Get the
SecurityContext
set on theSecurityContextHolder
as of this event - getNewSessionId() - Method in class org.springframework.security.core.session.SessionIdChangedEvent
-
Returns the new session ID.
- getObject() - Method in class org.springframework.security.core.token.SecureRandomFactoryBean
- getObjectType() - Method in class org.springframework.security.core.token.SecureRandomFactoryBean
- getOldContext() - Method in class org.springframework.security.core.context.SecurityContextChangedEvent
-
Get the
SecurityContext
set on theSecurityContextHolder
immediately previous to this event - getOldSessionId() - Method in class org.springframework.security.core.session.SessionIdChangedEvent
-
Returns the old session ID.
- getOrder() - Method in enum org.springframework.security.authorization.method.AuthorizationInterceptorsOrder
- getOrder() - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor
- getOrder() - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
- getOrder() - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationMethodInterceptor
- getOrder() - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationMethodInterceptor
- getOriginalAuthentication() - Method in class org.springframework.security.access.intercept.RunAsUserToken
- getParameterNameDiscoverer() - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
- getParameterNames(Constructor<?>) - Method in class org.springframework.security.core.parameters.AnnotationParameterNameDiscoverer
- getParameterNames(Method) - Method in class org.springframework.security.core.parameters.AnnotationParameterNameDiscoverer
- getPassword() - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
- getPassword() - Method in class org.springframework.security.core.userdetails.User
- getPassword() - Method in interface org.springframework.security.core.userdetails.UserDetails
-
Returns the password used to authenticate the user.
- getPasswordEncoder() - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
- getPermissionEvaluator() - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
- getPointcut() - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityMetadataSourceAdvisor
- getPointcut() - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor
- getPointcut() - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
- getPointcut() - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationMethodInterceptor
- getPointcut() - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationMethodInterceptor
- getPostAuthenticationChecks() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- getPreAuthenticationChecks() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- getPrincipal() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
-
Convenience method to access
Authentication.getPrincipal()
fromSecurityExpressionRoot.getAuthentication()
- getPrincipal() - Method in class org.springframework.security.access.intercept.RunAsUserToken
- getPrincipal() - Method in class org.springframework.security.authentication.AnonymousAuthenticationToken
- getPrincipal() - Method in class org.springframework.security.authentication.jaas.JaasGrantedAuthority
- getPrincipal() - Method in class org.springframework.security.authentication.RememberMeAuthenticationToken
- getPrincipal() - Method in class org.springframework.security.authentication.TestingAuthenticationToken
- getPrincipal() - Method in class org.springframework.security.authentication.UsernamePasswordAuthenticationToken
- getPrincipal() - Method in interface org.springframework.security.core.Authentication
-
The identity of the principal being authenticated.
- getPrincipal() - Method in class org.springframework.security.core.session.SessionInformation
- getProcessDomainObjectClass() - Method in class org.springframework.security.access.vote.AbstractAclVoter
- getProtectedFieldValue(String, Object) - Static method in class org.springframework.security.util.FieldUtils
- getProviders() - Method in class org.springframework.security.access.intercept.AfterInvocationProviderManager
- getProviders() - Method in class org.springframework.security.authentication.ProviderManager
- getReachableGrantedAuthorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.access.hierarchicalroles.NullRoleHierarchy
- getReachableGrantedAuthorities(Collection<? extends GrantedAuthority>) - Method in interface org.springframework.security.access.hierarchicalroles.RoleHierarchy
-
Returns an array of all reachable authorities.
- getReachableGrantedAuthorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl
- getRemoteAuthenticationManager() - Method in class org.springframework.security.authentication.rcp.RemoteAuthenticationProvider
-
Deprecated.
- getResult() - Method in class org.springframework.security.authorization.method.MethodInvocationResult
-
Return the result of the already-invoked
MethodInvocation
- getReturnObject() - Method in interface org.springframework.security.access.expression.method.MethodSecurityExpressionOperations
- getRoleHierarchy() - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
- getRolePrefix() - Method in class org.springframework.security.access.intercept.RunAsManagerImpl
- getRolePrefix() - Method in class org.springframework.security.access.vote.RoleVoter
- getRolePrefix() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- getRunAsManager() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
- getSecureObject() - Method in class org.springframework.security.access.intercept.InterceptorStatusToken
- getSecureObjectClass() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
Indicates the type of secure objects the subclass will be presenting to the abstract parent for processing.
- getSecureObjectClass() - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor
- getSecurityContext() - Method in class org.springframework.security.access.intercept.InterceptorStatusToken
- getSecurityContexts() - Method in class org.springframework.security.core.session.SessionDestroyedEvent
-
Provides the
SecurityContext
instances which were associated with the destroyed session. - getSecurityMetadataSource() - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor
- getSessionId() - Method in class org.springframework.security.core.session.SessionInformation
- getSessionInformation(String) - Method in interface org.springframework.security.core.session.SessionRegistry
-
Obtains the session information for the specified
sessionId
. - getSessionInformation(String) - Method in class org.springframework.security.core.session.SessionRegistryImpl
- getStaticPart() - Method in class org.springframework.security.access.intercept.aspectj.MethodInvocationAdapter
- getStaticPart() - Method in class org.springframework.security.util.SimpleMethodInvocation
- getStringSeparator() - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
- getThis() - Method in interface org.springframework.security.access.expression.method.MethodSecurityExpressionOperations
- getThis() - Method in class org.springframework.security.access.intercept.aspectj.MethodInvocationAdapter
- getThis() - Method in class org.springframework.security.util.SimpleMethodInvocation
- getTrustResolver() - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
- getUserCache() - Method in class org.springframework.security.authentication.CachingUserDetailsService
- getUserCache() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- getUserDetailsService() - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
- getUserFromCache(String) - Method in class org.springframework.security.core.userdetails.cache.EhCacheBasedUserCache
-
Deprecated.
- getUserFromCache(String) - Method in class org.springframework.security.core.userdetails.cache.NullUserCache
- getUserFromCache(String) - Method in class org.springframework.security.core.userdetails.cache.SpringCacheBasedUserCache
- getUserFromCache(String) - Method in interface org.springframework.security.core.userdetails.UserCache
-
Obtains a
UserDetails
from the cache. - getUsername() - Method in class org.springframework.security.core.userdetails.User
- getUsername() - Method in interface org.springframework.security.core.userdetails.UserDetails
-
Returns the username used to authenticate the user.
- getUsersByUsernameQuery() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- getVersion() - Static method in class org.springframework.security.core.SpringSecurityCoreVersion
- grant(Principal) - Method in interface org.springframework.security.authentication.jaas.AuthorityGranter
-
The grant method is called for each principal returned from the LoginContext subject.
- GrantedAuthoritiesContainer - Interface in org.springframework.security.core.authority
-
Indicates that a object stores GrantedAuthority objects.
- GrantedAuthoritiesMapper - Interface in org.springframework.security.core.authority.mapping
-
Mapping interface which can be injected into the authentication layer to convert the authorities loaded from storage into those which will be used in the
Authentication
object. - GrantedAuthority - Interface in org.springframework.security.core
-
Represents an authority granted to an
Authentication
object. - GroupManager - Interface in org.springframework.security.provisioning
-
Allows management of groups of authorities and their members.
H
- handle(Callback, Authentication) - Method in interface org.springframework.security.authentication.jaas.JaasAuthenticationCallbackHandler
-
Handle the Callback.
- handle(Callback, Authentication) - Method in class org.springframework.security.authentication.jaas.JaasNameCallbackHandler
-
If the callback passed to the 'handle' method is an instance of NameCallback, the JaasNameCallbackHandler will call, callback.setName(authentication.getPrincipal().toString()).
- handle(Callback, Authentication) - Method in class org.springframework.security.authentication.jaas.JaasPasswordCallbackHandler
-
If the callback passed to the 'handle' method is an instance of PasswordCallback, the JaasPasswordCallbackHandler will call, callback.setPassword(authentication.getCredentials().toString()).
- handleLogout(SessionDestroyedEvent) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
-
Handles the logout by getting the security contexts for the destroyed session and invoking
LoginContext.logout()
for any which contain aJaasAuthenticationToken
. - hasAnyAuthority(String...) - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
-
Determines if the
SecurityExpressionOperations.getAuthentication()
has any of the specified authorities withinAuthentication.getAuthorities()
. - hasAnyAuthority(String...) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
- hasAnyAuthority(String...) - Static method in class org.springframework.security.authorization.AuthorityAuthorizationManager
-
Creates an instance of
AuthorityAuthorizationManager
with the provided authorities. - hasAnyAuthority(String...) - Static method in class org.springframework.security.authorization.AuthorityReactiveAuthorizationManager
-
Creates an instance of
AuthorityReactiveAuthorizationManager
with the provided authorities. - hasAnyRole(String...) - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
-
Determines if the
SecurityExpressionOperations.getAuthentication()
has any of the specified authorities withinAuthentication.getAuthorities()
. - hasAnyRole(String...) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
- hasAnyRole(String...) - Static method in class org.springframework.security.authorization.AuthorityAuthorizationManager
-
Creates an instance of
AuthorityAuthorizationManager
with the provided authorities. - hasAnyRole(String...) - Static method in class org.springframework.security.authorization.AuthorityReactiveAuthorizationManager
-
Creates an instance of
AuthorityReactiveAuthorizationManager
with the provided authorities. - hasAnyRole(String, String[]) - Static method in class org.springframework.security.authorization.AuthorityAuthorizationManager
-
Creates an instance of
AuthorityAuthorizationManager
with the provided authorities. - hasAuthority(String) - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
-
Determines if the
SecurityExpressionOperations.getAuthentication()
has a particular authority withinAuthentication.getAuthorities()
. - hasAuthority(String) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
- hasAuthority(String) - Static method in class org.springframework.security.authorization.AuthorityAuthorizationManager
-
Creates an instance of
AuthorityAuthorizationManager
with the provided authority. - hasAuthority(String) - Static method in class org.springframework.security.authorization.AuthorityReactiveAuthorizationManager
-
Creates an instance of
AuthorityReactiveAuthorizationManager
with the provided authority. - hashCode() - Method in class org.springframework.security.access.SecurityConfig
- hashCode() - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
- hashCode() - Method in class org.springframework.security.authentication.AnonymousAuthenticationToken
- hashCode() - Method in class org.springframework.security.authentication.jaas.JaasGrantedAuthority
- hashCode() - Method in class org.springframework.security.authentication.RememberMeAuthenticationToken
- hashCode() - Method in class org.springframework.security.core.authority.SimpleGrantedAuthority
- hashCode() - Method in class org.springframework.security.core.context.SecurityContextImpl
- hashCode() - Method in class org.springframework.security.core.token.DefaultToken
- hashCode() - Method in class org.springframework.security.core.userdetails.User
-
Returns the hashcode of the
username
. - hashCode() - Method in class org.springframework.security.util.InMemoryResource
- hasPermission(Object, Object) - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
-
Determines if the
SecurityExpressionOperations.getAuthentication()
has permission to access the target given the permission - hasPermission(Object, Object) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
- hasPermission(Object, String, Object) - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
-
Determines if the
SecurityExpressionOperations.getAuthentication()
has permission to access the domain object with a given id, type, and permission. - hasPermission(Object, String, Object) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
- hasPermission(Authentication, Serializable, String, Object) - Method in class org.springframework.security.access.expression.DenyAllPermissionEvaluator
- hasPermission(Authentication, Serializable, String, Object) - Method in interface org.springframework.security.access.PermissionEvaluator
-
Alternative method for evaluating a permission where only the identifier of the target object is available, rather than the target instance itself.
- hasPermission(Authentication, Object, Object) - Method in class org.springframework.security.access.expression.DenyAllPermissionEvaluator
- hasPermission(Authentication, Object, Object) - Method in interface org.springframework.security.access.PermissionEvaluator
- hasRole(String) - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
-
Determines if the
SecurityExpressionOperations.getAuthentication()
has a particular authority withinAuthentication.getAuthorities()
. - hasRole(String) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
- hasRole(String) - Static method in class org.springframework.security.authorization.AuthorityAuthorizationManager
-
Creates an instance of
AuthorityAuthorizationManager
with the provided authority. - hasRole(String) - Static method in class org.springframework.security.authorization.AuthorityReactiveAuthorizationManager
-
Creates an instance of
AuthorityReactiveAuthorizationManager
with the provided authority. - hideUserNotFoundExceptions - Variable in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
I
- initDao() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- initDao() - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- initialize(Subject, CallbackHandler, Map, Map) - Method in class org.springframework.security.authentication.jaas.SecurityContextLoginModule
-
Initialize this
LoginModule
. - InMemoryConfiguration - Class in org.springframework.security.authentication.jaas.memory
-
An in memory representation of a JAAS configuration.
- InMemoryConfiguration(Map<String, AppConfigurationEntry[]>) - Constructor for class org.springframework.security.authentication.jaas.memory.InMemoryConfiguration
-
Creates a new instance with a mapping of login context name to an array of
AppConfigurationEntry
s. - InMemoryConfiguration(Map<String, AppConfigurationEntry[]>, AppConfigurationEntry[]) - Constructor for class org.springframework.security.authentication.jaas.memory.InMemoryConfiguration
-
Creates a new instance with a mapping of login context name to an array of
AppConfigurationEntry
s along with a default configuration that will be used if no mapping is found for the given login context name. - InMemoryConfiguration(AppConfigurationEntry[]) - Constructor for class org.springframework.security.authentication.jaas.memory.InMemoryConfiguration
-
Creates a new instance with only a defaultConfiguration.
- InMemoryResource - Class in org.springframework.security.util
-
An in memory implementation of Spring's
Resource
interface. - InMemoryResource(byte[]) - Constructor for class org.springframework.security.util.InMemoryResource
- InMemoryResource(byte[], String) - Constructor for class org.springframework.security.util.InMemoryResource
- InMemoryResource(String) - Constructor for class org.springframework.security.util.InMemoryResource
- InMemoryUserDetailsManager - Class in org.springframework.security.provisioning
-
Non-persistent implementation of
UserDetailsManager
which is backed by an in-memory map. - InMemoryUserDetailsManager() - Constructor for class org.springframework.security.provisioning.InMemoryUserDetailsManager
- InMemoryUserDetailsManager(Collection<UserDetails>) - Constructor for class org.springframework.security.provisioning.InMemoryUserDetailsManager
- InMemoryUserDetailsManager(Properties) - Constructor for class org.springframework.security.provisioning.InMemoryUserDetailsManager
- InMemoryUserDetailsManager(UserDetails...) - Constructor for class org.springframework.security.provisioning.InMemoryUserDetailsManager
- InsufficientAuthenticationException - Exception in org.springframework.security.authentication
-
Thrown if an authentication request is rejected because the credentials are not sufficiently trusted.
- InsufficientAuthenticationException(String) - Constructor for exception org.springframework.security.authentication.InsufficientAuthenticationException
-
Constructs an
InsufficientAuthenticationException
with the specified message. - InsufficientAuthenticationException(String, Throwable) - Constructor for exception org.springframework.security.authentication.InsufficientAuthenticationException
-
Constructs an
InsufficientAuthenticationException
with the specified message and root cause. - InteractiveAuthenticationSuccessEvent - Class in org.springframework.security.authentication.event
-
Indicates an interactive authentication was successful.
- InteractiveAuthenticationSuccessEvent(Authentication, Class<?>) - Constructor for class org.springframework.security.authentication.event.InteractiveAuthenticationSuccessEvent
- InterceptorStatusToken - Class in org.springframework.security.access.intercept
-
A return object received by
AbstractSecurityInterceptor
subclasses. - InterceptorStatusToken(SecurityContext, boolean, Collection<ConfigAttribute>, Object) - Constructor for class org.springframework.security.access.intercept.InterceptorStatusToken
- InternalAuthenticationServiceException - Exception in org.springframework.security.authentication
-
Thrown if an authentication request could not be processed due to a system problem that occurred internally.
- InternalAuthenticationServiceException(String) - Constructor for exception org.springframework.security.authentication.InternalAuthenticationServiceException
- InternalAuthenticationServiceException(String, Throwable) - Constructor for exception org.springframework.security.authentication.InternalAuthenticationServiceException
- invoke(MethodInvocation) - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor
-
This method should be used to enforce security on a
MethodInvocation
. - invoke(MethodInvocation) - Method in class org.springframework.security.access.prepost.PrePostAdviceReactiveMethodInterceptor
- invoke(MethodInvocation) - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor
- invoke(MethodInvocation) - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
-
Determine if an
Authentication
has access to theMethodInvocation
using the configuredAuthorizationManager
. - invoke(MethodInvocation) - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationMethodInterceptor
- invoke(MethodInvocation) - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationMethodInterceptor
-
Filter the method argument specified in the
PreFilter
annotation thatMethodInvocation
specifies. - invoke(JoinPoint) - Method in class org.springframework.security.access.intercept.aspectj.AspectJMethodSecurityInterceptor
-
Method that is suitable for user with @Aspect notation.
- invoke(JoinPoint, AspectJCallback) - Method in class org.springframework.security.access.intercept.aspectj.AspectJMethodSecurityInterceptor
-
Method that is suitable for user with traditional AspectJ-code aspects.
- invokeAll(Collection) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
- invokeAll(Collection, long, TimeUnit) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
- invokeAny(Collection) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
- invokeAny(Collection, long, TimeUnit) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
- IS_AUTHENTICATED_ANONYMOUSLY - Static variable in class org.springframework.security.access.vote.AuthenticatedVoter
- IS_AUTHENTICATED_FULLY - Static variable in class org.springframework.security.access.vote.AuthenticatedVoter
- IS_AUTHENTICATED_REMEMBERED - Static variable in class org.springframework.security.access.vote.AuthenticatedVoter
- isAccountNonExpired() - Method in class org.springframework.security.core.userdetails.User
- isAccountNonExpired() - Method in interface org.springframework.security.core.userdetails.UserDetails
-
Indicates whether the user's account has expired.
- isAccountNonLocked() - Method in class org.springframework.security.core.userdetails.User
- isAccountNonLocked() - Method in interface org.springframework.security.core.userdetails.UserDetails
-
Indicates whether the user is locked or unlocked.
- isAllowed(MethodInvocation, Authentication) - Method in class org.springframework.security.access.intercept.MethodInvocationPrivilegeEvaluator
- isAllowIfAllAbstainDecisions() - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager
- isAllowIfEqualGrantedDeniedDecisions() - Method in class org.springframework.security.access.vote.ConsensusBased
- isAlwaysReauthenticate() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
- isAnonymous() - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
-
Determines if the
SecurityExpressionOperations.getAuthentication()
is anonymous - isAnonymous() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
- isAnonymous(Authentication) - Method in interface org.springframework.security.authentication.AuthenticationTrustResolver
-
Indicates whether the passed
Authentication
token represents an anonymous user. - isAnonymous(Authentication) - Method in class org.springframework.security.authentication.AuthenticationTrustResolverImpl
- isAuthenticated() - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
-
Determines ifthe
SecurityExpressionOperations.getAuthentication()
is authenticated - isAuthenticated() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
- isAuthenticated() - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
- isAuthenticated() - Method in interface org.springframework.security.core.Authentication
-
Used to indicate to
AbstractSecurityInterceptor
whether it should present the authentication token to theAuthenticationManager
. - isContextHolderRefreshRequired() - Method in class org.springframework.security.access.intercept.InterceptorStatusToken
- isCredentialsNonExpired() - Method in class org.springframework.security.core.userdetails.User
- isCredentialsNonExpired() - Method in interface org.springframework.security.core.userdetails.UserDetails
-
Indicates whether the user's credentials (password) has expired.
- isEnabled() - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
- isEnabled() - Method in class org.springframework.security.core.userdetails.User
- isEnabled() - Method in interface org.springframework.security.core.userdetails.UserDetails
-
Indicates whether the user is enabled or disabled.
- isEraseCredentialsAfterAuthentication() - Method in class org.springframework.security.authentication.ProviderManager
- isExpired() - Method in class org.springframework.security.core.session.SessionInformation
- isForcePrincipalAsString() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- isFullyAuthenticated() - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
-
Determines if the
SecurityExpressionOperations.getAuthentication()
authenticated without the use of remember me - isFullyAuthenticated() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
- isGranted() - Method in class org.springframework.security.authorization.AuthorizationDecision
- isHideUserNotFoundExceptions() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- isLogInteractiveAuthenticationSuccessEvents() - Method in class org.springframework.security.authentication.event.LoggerListener
- isPerInstance() - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor
- isPerInstance() - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
- isPerInstance() - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationMethodInterceptor
- isPerInstance() - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationMethodInterceptor
- isRejectPublicInvocations() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
- isRememberMe() - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
-
Determines if the
SecurityExpressionOperations.getAuthentication()
was authenticated using remember me - isRememberMe() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
- isRememberMe(Authentication) - Method in interface org.springframework.security.authentication.AuthenticationTrustResolver
-
Indicates whether the passed
Authentication
token represents user that has been remembered (i.e. - isRememberMe(Authentication) - Method in class org.springframework.security.authentication.AuthenticationTrustResolverImpl
- isShutdown() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
- isSingleton() - Method in class org.springframework.security.core.token.SecureRandomFactoryBean
- isTerminated() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
- isUsernameBasedPrimaryKey() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- isValid() - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
- isValidateConfigAttributes() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
J
- JaasAuthenticationCallbackHandler - Interface in org.springframework.security.authentication.jaas
-
The JaasAuthenticationCallbackHandler is similar to the javax.security.auth.callback.CallbackHandler interface in that it defines a handle method.
- JaasAuthenticationEvent - Class in org.springframework.security.authentication.jaas.event
-
Parent class for events fired by the
JaasAuthenticationProvider
. - JaasAuthenticationEvent(Authentication) - Constructor for class org.springframework.security.authentication.jaas.event.JaasAuthenticationEvent
-
The Authentication object is stored as the ApplicationEvent 'source'.
- JaasAuthenticationFailedEvent - Class in org.springframework.security.authentication.jaas.event
-
Fired when LoginContext.login throws a LoginException, or if any other exception is thrown during that time.
- JaasAuthenticationFailedEvent(Authentication, Exception) - Constructor for class org.springframework.security.authentication.jaas.event.JaasAuthenticationFailedEvent
- JaasAuthenticationProvider - Class in org.springframework.security.authentication.jaas
-
An
AuthenticationProvider
implementation that retrieves user details from a JAAS login configuration. - JaasAuthenticationProvider() - Constructor for class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
- JaasAuthenticationSuccessEvent - Class in org.springframework.security.authentication.jaas.event
-
Fired by the
JaasAuthenticationProvider
after successfully logging the user into the LoginContext, handling all callbacks, and calling all AuthorityGranters. - JaasAuthenticationSuccessEvent(Authentication) - Constructor for class org.springframework.security.authentication.jaas.event.JaasAuthenticationSuccessEvent
- JaasAuthenticationToken - Class in org.springframework.security.authentication.jaas
-
UsernamePasswordAuthenticationToken extension to carry the Jaas LoginContext that the user was logged into
- JaasAuthenticationToken(Object, Object, List<GrantedAuthority>, LoginContext) - Constructor for class org.springframework.security.authentication.jaas.JaasAuthenticationToken
- JaasAuthenticationToken(Object, Object, LoginContext) - Constructor for class org.springframework.security.authentication.jaas.JaasAuthenticationToken
- JaasGrantedAuthority - Class in org.springframework.security.authentication.jaas
-
GrantedAuthority
which, in addition to the assigned role, holds the principal that anAuthorityGranter
used as a reason to grant this authority. - JaasGrantedAuthority(String, Principal) - Constructor for class org.springframework.security.authentication.jaas.JaasGrantedAuthority
- JaasNameCallbackHandler - Class in org.springframework.security.authentication.jaas
-
The most basic Callbacks to be handled when using a LoginContext from JAAS, are the NameCallback and PasswordCallback.
- JaasNameCallbackHandler() - Constructor for class org.springframework.security.authentication.jaas.JaasNameCallbackHandler
- JaasPasswordCallbackHandler - Class in org.springframework.security.authentication.jaas
-
The most basic Callbacks to be handled when using a LoginContext from JAAS, are the NameCallback and PasswordCallback.
- JaasPasswordCallbackHandler() - Constructor for class org.springframework.security.authentication.jaas.JaasPasswordCallbackHandler
- JdbcDaoImpl - Class in org.springframework.security.core.userdetails.jdbc
-
UserDetailsService implementation which retrieves the user details (username, password, enabled flag, and authorities) from a database using JDBC queries.
- JdbcDaoImpl() - Constructor for class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- JdbcUserDetailsManager - Class in org.springframework.security.provisioning
-
Jdbc user management service, based on the same table structure as its parent class, JdbcDaoImpl.
- JdbcUserDetailsManager() - Constructor for class org.springframework.security.provisioning.JdbcUserDetailsManager
- JdbcUserDetailsManager(DataSource) - Constructor for class org.springframework.security.provisioning.JdbcUserDetailsManager
- jsr250() - Static method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
-
Creates an interceptor for the JSR-250 annotations
- jsr250(Jsr250AuthorizationManager) - Static method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
-
Creates an interceptor for the JSR-250 annotations
- JSR250 - org.springframework.security.authorization.method.AuthorizationInterceptorsOrder
- Jsr250AuthorizationManager - Class in org.springframework.security.authorization.method
-
An
AuthorizationManager
which can determine if anAuthentication
may invoke theMethodInvocation
by evaluating if theAuthentication
contains a specified authority from the JSR-250 security annotations. - Jsr250AuthorizationManager() - Constructor for class org.springframework.security.authorization.method.Jsr250AuthorizationManager
- Jsr250MethodSecurityMetadataSource - Class in org.springframework.security.access.annotation
-
Sources method security metadata from major JSR 250 security annotations.
- Jsr250MethodSecurityMetadataSource() - Constructor for class org.springframework.security.access.annotation.Jsr250MethodSecurityMetadataSource
- Jsr250SecurityConfig - Class in org.springframework.security.access.annotation
-
Security config applicable as a JSR 250 annotation attribute.
- Jsr250SecurityConfig(String) - Constructor for class org.springframework.security.access.annotation.Jsr250SecurityConfig
- Jsr250Voter - Class in org.springframework.security.access.annotation
-
Voter on JSR-250 configuration attributes.
- Jsr250Voter() - Constructor for class org.springframework.security.access.annotation.Jsr250Voter
K
- KeyBasedPersistenceTokenService - Class in org.springframework.security.core.token
-
Basic implementation of
TokenService
that is compatible with clusters and across machine restarts, without requiring database persistence. - KeyBasedPersistenceTokenService() - Constructor for class org.springframework.security.core.token.KeyBasedPersistenceTokenService
L
- LAST - org.springframework.security.authorization.method.AuthorizationInterceptorsOrder
- ListeningSecurityContextHolderStrategy - Class in org.springframework.security.core.context
-
An API for notifying when the
SecurityContext
changes. - ListeningSecurityContextHolderStrategy(Collection<SecurityContextChangedListener>) - Constructor for class org.springframework.security.core.context.ListeningSecurityContextHolderStrategy
-
Construct a
ListeningSecurityContextHolderStrategy
based onThreadLocalSecurityContextHolderStrategy
- ListeningSecurityContextHolderStrategy(SecurityContextChangedListener...) - Constructor for class org.springframework.security.core.context.ListeningSecurityContextHolderStrategy
-
Construct a
ListeningSecurityContextHolderStrategy
based onThreadLocalSecurityContextHolderStrategy
- ListeningSecurityContextHolderStrategy(SecurityContextHolderStrategy, Collection<SecurityContextChangedListener>) - Constructor for class org.springframework.security.core.context.ListeningSecurityContextHolderStrategy
-
Construct a
ListeningSecurityContextHolderStrategy
- ListeningSecurityContextHolderStrategy(SecurityContextHolderStrategy, SecurityContextChangedListener...) - Constructor for class org.springframework.security.core.context.ListeningSecurityContextHolderStrategy
-
Construct a
ListeningSecurityContextHolderStrategy
- loadGroupAuthorities(String) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
-
Loads authorities by executing the SQL from groupAuthoritiesByUsernameQuery.
- loadUserAuthorities(String) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
-
Loads authorities by executing the SQL from authoritiesByUsernameQuery.
- loadUserByUsername(String) - Method in class org.springframework.security.authentication.CachingUserDetailsService
- loadUserByUsername(String) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- loadUserByUsername(String) - Method in interface org.springframework.security.core.userdetails.UserDetailsService
-
Locates the user based on the username.
- loadUserByUsername(String) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
- loadUserDetails(T) - Method in interface org.springframework.security.core.userdetails.AuthenticationUserDetailsService
- loadUserDetails(T) - Method in class org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper
-
Get the UserDetails object from the wrapped UserDetailsService implementation
- loadUsersByUsername(String) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
-
Executes the SQL usersByUsernameQuery and returns a list of UserDetails objects.
- loadUsersByUsername(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
-
Executes the SQL usersByUsernameQuery and returns a list of UserDetails objects.
- LockedException - Exception in org.springframework.security.authentication
-
Thrown if an authentication request is rejected because the account is locked.
- LockedException(String) - Constructor for exception org.springframework.security.authentication.LockedException
-
Constructs a
LockedException
with the specified message. - LockedException(String, Throwable) - Constructor for exception org.springframework.security.authentication.LockedException
-
Constructs a
LockedException
with the specified message and root cause. - log - Variable in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
- log - Static variable in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
- logger - Variable in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
- logger - Variable in class org.springframework.security.access.expression.method.ExpressionBasedPostInvocationAdvice
- logger - Variable in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
- logger - Static variable in class org.springframework.security.access.intercept.AfterInvocationProviderManager
- logger - Static variable in class org.springframework.security.access.intercept.MethodInvocationPrivilegeEvaluator
- logger - Variable in class org.springframework.security.access.method.AbstractMethodSecurityMetadataSource
- logger - Variable in class org.springframework.security.access.prepost.PostInvocationAdviceProvider
- logger - Variable in class org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter
- logger - Variable in class org.springframework.security.access.vote.AbstractAccessDecisionManager
- logger - Variable in class org.springframework.security.authentication.AbstractUserDetailsReactiveAuthenticationManager
- logger - Variable in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- logger - Variable in class org.springframework.security.core.session.SessionRegistryImpl
- logger - Variable in class org.springframework.security.provisioning.InMemoryUserDetailsManager
- logger - Variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- LoggerListener - Class in org.springframework.security.access.event
-
Outputs interceptor-related application events to Commons Logging.
- LoggerListener - Class in org.springframework.security.authentication.event
-
Outputs authentication-related application events to Commons Logging.
- LoggerListener() - Constructor for class org.springframework.security.access.event.LoggerListener
- LoggerListener() - Constructor for class org.springframework.security.authentication.event.LoggerListener
- login() - Method in class org.springframework.security.authentication.jaas.SecurityContextLoginModule
-
Authenticate the
Subject
(phase one) by extracting the Spring SecurityAuthentication
from the currentSecurityContext
. - LoginExceptionResolver - Interface in org.springframework.security.authentication.jaas
-
The JaasAuthenticationProvider takes an instance of LoginExceptionResolver to resolve LoginModule specific exceptions to Spring Security AuthenticationExceptions.
- logout() - Method in class org.springframework.security.authentication.jaas.SecurityContextLoginModule
-
Log out the
Subject
. - LogoutSuccessEvent - Class in org.springframework.security.authentication.event
-
Application event which indicates successful logout
- LogoutSuccessEvent(Authentication) - Constructor for class org.springframework.security.authentication.event.LogoutSuccessEvent
M
- mapAuthorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.access.hierarchicalroles.RoleHierarchyAuthoritiesMapper
- mapAuthorities(Collection<? extends GrantedAuthority>) - Method in interface org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper
- mapAuthorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.core.authority.mapping.NullAuthoritiesMapper
- mapAuthorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.core.authority.mapping.SimpleAuthorityMapper
-
Creates a mapping of the supplied authorities based on the case-conversion and prefix settings.
- MapBasedAttributes2GrantedAuthoritiesMapper - Class in org.springframework.security.core.authority.mapping
-
This class implements the Attributes2GrantedAuthoritiesMapper and MappableAttributesRetriever interfaces based on the supplied Map.
- MapBasedAttributes2GrantedAuthoritiesMapper() - Constructor for class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
- MapBasedMethodSecurityMetadataSource - Class in org.springframework.security.access.method
-
Stores a list of ConfigAttributes for a method or class signature.
- MapBasedMethodSecurityMetadataSource() - Constructor for class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
- MapBasedMethodSecurityMetadataSource(Map<String, List<ConfigAttribute>>) - Constructor for class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
-
Creates the MapBasedMethodSecurityMetadataSource from a
- MappableAttributesRetriever - Interface in org.springframework.security.core.authority.mapping
-
Interface to be implemented by classes that can retrieve a list of mappable security attribute strings (for example the list of all available J2EE roles in a web or EJB application).
- MapReactiveUserDetailsService - Class in org.springframework.security.core.userdetails
-
A
Map
based implementation ofReactiveUserDetailsService
- MapReactiveUserDetailsService(Collection<UserDetails>) - Constructor for class org.springframework.security.core.userdetails.MapReactiveUserDetailsService
-
Creates a new instance
- MapReactiveUserDetailsService(Map<String, UserDetails>) - Constructor for class org.springframework.security.core.userdetails.MapReactiveUserDetailsService
-
Creates a new instance using a
Map
that must be non blocking. - MapReactiveUserDetailsService(UserDetails...) - Constructor for class org.springframework.security.core.userdetails.MapReactiveUserDetailsService
-
Creates a new instance
- messages - Variable in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
- messages - Variable in class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider
- messages - Variable in class org.springframework.security.access.vote.AbstractAccessDecisionManager
- messages - Variable in class org.springframework.security.authentication.AbstractUserDetailsReactiveAuthenticationManager
- messages - Variable in class org.springframework.security.authentication.AccountStatusUserDetailsChecker
- messages - Variable in class org.springframework.security.authentication.AnonymousAuthenticationProvider
- messages - Variable in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- messages - Variable in class org.springframework.security.authentication.ProviderManager
- messages - Variable in class org.springframework.security.authentication.RememberMeAuthenticationProvider
- messages - Variable in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- MethodInvocationAdapter - Class in org.springframework.security.access.intercept.aspectj
-
Decorates a JoinPoint to allow it to be used with method-security infrastructure classes which support
MethodInvocation
instances. - MethodInvocationPrivilegeEvaluator - Class in org.springframework.security.access.intercept
-
Allows users to determine whether they have "before invocation" privileges for a given method invocation.
- MethodInvocationPrivilegeEvaluator() - Constructor for class org.springframework.security.access.intercept.MethodInvocationPrivilegeEvaluator
- MethodInvocationResult - Class in org.springframework.security.authorization.method
-
A context object that contains a
MethodInvocation
and the result of thatMethodInvocation
. - MethodInvocationResult(MethodInvocation, Object) - Constructor for class org.springframework.security.authorization.method.MethodInvocationResult
-
Construct a
MethodInvocationResult
with the provided parameters - MethodInvocationUtils - Class in org.springframework.security.util
-
Static utility methods for creating
MethodInvocation
s usable within Spring Security. - methodMap - Variable in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
-
Map from RegisteredMethod to ConfigAttribute list
- MethodSecurityExpressionHandler - Interface in org.springframework.security.access.expression.method
-
Extended expression-handler facade which adds methods which are specific to securing method invocations.
- MethodSecurityExpressionOperations - Interface in org.springframework.security.access.expression.method
-
Interface which must be implemented if you want to use filtering in method security expressions.
- MethodSecurityInterceptor - Class in org.springframework.security.access.intercept.aopalliance
-
Provides security interception of AOP Alliance based method invocations.
- MethodSecurityInterceptor() - Constructor for class org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor
- MethodSecurityMetadataSource - Interface in org.springframework.security.access.method
-
Interface for
SecurityMetadataSource
implementations that are designed to perform lookups keyed onMethod
s. - MethodSecurityMetadataSourceAdvisor - Class in org.springframework.security.access.intercept.aopalliance
-
Advisor driven by a
MethodSecurityMetadataSource
, used to exclude aMethodInterceptor
from public (non-secure) methods. - MethodSecurityMetadataSourceAdvisor(String, MethodSecurityMetadataSource, String) - Constructor for class org.springframework.security.access.intercept.aopalliance.MethodSecurityMetadataSourceAdvisor
-
Alternative constructor for situations where we want the advisor decoupled from the advice.
- MODE_GLOBAL - Static variable in class org.springframework.security.core.context.SecurityContextHolder
- MODE_INHERITABLETHREADLOCAL - Static variable in class org.springframework.security.core.context.SecurityContextHolder
- MODE_THREADLOCAL - Static variable in class org.springframework.security.core.context.SecurityContextHolder
N
- NO_AUTHORITIES - Static variable in class org.springframework.security.core.authority.AuthorityUtils
- NullAuthoritiesMapper - Class in org.springframework.security.core.authority.mapping
- NullAuthoritiesMapper() - Constructor for class org.springframework.security.core.authority.mapping.NullAuthoritiesMapper
- NullRoleHierarchy - Class in org.springframework.security.access.hierarchicalroles
- NullRoleHierarchy() - Constructor for class org.springframework.security.access.hierarchicalroles.NullRoleHierarchy
- NullUserCache - Class in org.springframework.security.core.userdetails.cache
-
Does not perform any caching.
- NullUserCache() - Constructor for class org.springframework.security.core.userdetails.cache.NullUserCache
O
- obtainSecurityMetadataSource() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
- obtainSecurityMetadataSource() - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor
- onApplicationEvent(ApplicationEvent) - Method in class org.springframework.security.context.DelegatingApplicationListener
- onApplicationEvent(AbstractAuthorizationEvent) - Method in class org.springframework.security.access.event.LoggerListener
- onApplicationEvent(AbstractAuthenticationEvent) - Method in class org.springframework.security.authentication.event.LoggerListener
- onApplicationEvent(AbstractSessionEvent) - Method in class org.springframework.security.core.session.SessionRegistryImpl
- onApplicationEvent(SessionDestroyedEvent) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
- org.springframework.security.access - package org.springframework.security.access
-
Core access-control related code, including security metadata related classes, interception code, access control annotations, EL support and voter-based implementations of the central
AccessDecisionManager
interface. - org.springframework.security.access.annotation - package org.springframework.security.access.annotation
-
Support for JSR-250 and Spring Security
@Secured
annotations. - org.springframework.security.access.event - package org.springframework.security.access.event
-
Authorization event and listener classes.
- org.springframework.security.access.expression - package org.springframework.security.access.expression
-
Expression handling code to support the use of Spring-EL based expressions in
@PreAuthorize
,@PreFilter
,@PostAuthorize
and@PostFilter
annotations. - org.springframework.security.access.expression.method - package org.springframework.security.access.expression.method
-
Implementation of expression-based method security.
- org.springframework.security.access.hierarchicalroles - package org.springframework.security.access.hierarchicalroles
-
Role hierarchy implementation.
- org.springframework.security.access.intercept - package org.springframework.security.access.intercept
-
Abstract level security interception classes which are responsible for enforcing the configured security constraints for a secure object.
- org.springframework.security.access.intercept.aopalliance - package org.springframework.security.access.intercept.aopalliance
-
Enforces security for AOP Alliance
MethodInvocation
s, such as via Spring AOP. - org.springframework.security.access.intercept.aspectj - package org.springframework.security.access.intercept.aspectj
-
Enforces security for AspectJ
JointPoint
s, delegating secure object callbacks to the calling aspect. - org.springframework.security.access.method - package org.springframework.security.access.method
-
Provides
SecurityMetadataSource
implementations for securing Java method invocations via different AOP libraries. - org.springframework.security.access.prepost - package org.springframework.security.access.prepost
-
Contains the infrastructure classes for handling the
@PreAuthorize
,@PreFilter
,@PostAuthorize
and@PostFilter
annotations. - org.springframework.security.access.vote - package org.springframework.security.access.vote
-
Implements a vote-based approach to authorization decisions.
- org.springframework.security.authentication - package org.springframework.security.authentication
-
Core classes and interfaces related to user authentication, which are used throughout Spring Security.
- org.springframework.security.authentication.dao - package org.springframework.security.authentication.dao
-
An
AuthenticationProvider
which relies upon a data access object. - org.springframework.security.authentication.event - package org.springframework.security.authentication.event
-
Authentication success and failure events which can be published to the Spring application context.
- org.springframework.security.authentication.jaas - package org.springframework.security.authentication.jaas
-
An authentication provider for JAAS.
- org.springframework.security.authentication.jaas.event - package org.springframework.security.authentication.jaas.event
-
JAAS authentication events which can be published to the Spring application context by the JAAS authentication provider.
- org.springframework.security.authentication.jaas.memory - package org.springframework.security.authentication.jaas.memory
-
An in memory JAAS implementation.
- org.springframework.security.authentication.rcp - package org.springframework.security.authentication.rcp
-
Allows remote clients to authenticate and obtain a populated
Authentication
object. - org.springframework.security.authorization - package org.springframework.security.authorization
- org.springframework.security.authorization.event - package org.springframework.security.authorization.event
- org.springframework.security.authorization.method - package org.springframework.security.authorization.method
- org.springframework.security.concurrent - package org.springframework.security.concurrent
- org.springframework.security.context - package org.springframework.security.context
- org.springframework.security.converter - package org.springframework.security.converter
- org.springframework.security.core - package org.springframework.security.core
-
Core classes and interfaces related to user authentication and authorization, as well as the maintenance of a security context.
- org.springframework.security.core.annotation - package org.springframework.security.core.annotation
- org.springframework.security.core.authority - package org.springframework.security.core.authority
-
The default implementation of the
GrantedAuthority
interface. - org.springframework.security.core.authority.mapping - package org.springframework.security.core.authority.mapping
-
Strategies for mapping a list of attributes (such as roles or LDAP groups) to a list of
GrantedAuthority
s. - org.springframework.security.core.context - package org.springframework.security.core.context
-
Classes related to the establishment of a security context for the duration of a request (such as an HTTP or RMI invocation).
- org.springframework.security.core.parameters - package org.springframework.security.core.parameters
- org.springframework.security.core.session - package org.springframework.security.core.session
-
Session abstraction which is provided by the
org.springframework.security.core.session.SessionInformation SessionInformation
class. - org.springframework.security.core.token - package org.springframework.security.core.token
-
A service for building secure random tokens.
- org.springframework.security.core.userdetails - package org.springframework.security.core.userdetails
-
The standard interfaces for implementing user data DAOs.
- org.springframework.security.core.userdetails.cache - package org.springframework.security.core.userdetails.cache
-
Implementations of
UserCache
. - org.springframework.security.core.userdetails.jdbc - package org.springframework.security.core.userdetails.jdbc
-
Exposes a JDBC-based authentication repository, implementing
org.springframework.security.core.userdetails.UserDetailsService UserDetailsService
. - org.springframework.security.core.userdetails.memory - package org.springframework.security.core.userdetails.memory
-
Exposes an in-memory authentication repository.
- org.springframework.security.jackson2 - package org.springframework.security.jackson2
-
Mix-in classes to add Jackson serialization support.
- org.springframework.security.provisioning - package org.springframework.security.provisioning
-
Contains simple user and authority group account provisioning interfaces together with a a JDBC-based implementation.
- org.springframework.security.scheduling - package org.springframework.security.scheduling
- org.springframework.security.task - package org.springframework.security.task
- org.springframework.security.util - package org.springframework.security.util
-
General utility classes used throughout the Spring Security framework.
P
- P - Annotation Type in org.springframework.security.access.method
-
Deprecated.use @{code org.springframework.security.core.parameters.P}
- P - Annotation Type in org.springframework.security.core.parameters
-
An annotation that can be used along with
AnnotationParameterNameDiscoverer
to specify parameter names. - password(String) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
-
Populates the password.
- passwordEncoder(Function<String, String>) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
-
Encodes the current password (if non-null) and any future passwords supplied to
User.UserBuilder.password(String)
. - PermissionCacheOptimizer - Interface in org.springframework.security.access
-
Allows permissions to be pre-cached when using pre or post filtering with expressions
- PermissionEvaluator - Interface in org.springframework.security.access
-
Strategy used in expression evaluation to determine whether a user has a permission or permissions for a given domain object.
- PERMIT_ALL_ATTRIBUTE - Static variable in class org.springframework.security.access.annotation.Jsr250SecurityConfig
- permitAll - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
-
Allows "permitAll" expression
- permitAll() - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
-
Always grants access.
- permitAll() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
- pkcs8() - Static method in class org.springframework.security.converter.RsaKeyConverters
-
Construct a
Converter
for converting a PEM-encoded PKCS#8 RSA Private Key into aRSAPrivateKey
. - POST_AUTHORIZE - org.springframework.security.authorization.method.AuthorizationInterceptorsOrder
- POST_FILTER - org.springframework.security.authorization.method.AuthorizationInterceptorsOrder
- postAuthorize() - Static method in class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor
-
Creates an interceptor for the
PostAuthorize
annotation - postAuthorize(PostAuthorizeAuthorizationManager) - Static method in class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor
-
Creates an interceptor for the
PostAuthorize
annotation - PostAuthorize - Annotation Type in org.springframework.security.access.prepost
-
Annotation for specifying a method access-control expression which will be evaluated after a method has been invoked.
- PostAuthorizeAuthorizationManager - Class in org.springframework.security.authorization.method
-
An
AuthorizationManager
which can determine if anAuthentication
may return the result from an invokedMethodInvocation
by evaluating an expression from thePostAuthorize
annotation. - PostAuthorizeAuthorizationManager() - Constructor for class org.springframework.security.authorization.method.PostAuthorizeAuthorizationManager
- PostFilter - Annotation Type in org.springframework.security.access.prepost
-
Annotation for specifying a method filtering expression which will be evaluated after a method has been invoked.
- PostFilterAuthorizationMethodInterceptor - Class in org.springframework.security.authorization.method
-
A
MethodInterceptor
which filters areturnedObject
from theMethodInvocation
by evaluating an expression from thePostFilter
annotation. - PostFilterAuthorizationMethodInterceptor() - Constructor for class org.springframework.security.authorization.method.PostFilterAuthorizationMethodInterceptor
-
Creates a
PostFilterAuthorizationMethodInterceptor
using the provided parameters - PostInvocationAdviceProvider - Class in org.springframework.security.access.prepost
-
AfterInvocationProvider which delegates to a
PostInvocationAuthorizationAdvice
instance passing it the PostInvocationAttribute created from @PostAuthorize and @PostFilter annotations. - PostInvocationAdviceProvider(PostInvocationAuthorizationAdvice) - Constructor for class org.springframework.security.access.prepost.PostInvocationAdviceProvider
- PostInvocationAttribute - Interface in org.springframework.security.access.prepost
-
Marker interface for attributes which are created from combined @PostFilter and @PostAuthorize annotations.
- PostInvocationAuthorizationAdvice - Interface in org.springframework.security.access.prepost
-
Performs filtering and authorization logic after a method is invoked.
- PRE_AUTHORIZE - org.springframework.security.authorization.method.AuthorizationInterceptorsOrder
- PRE_FILTER - org.springframework.security.authorization.method.AuthorizationInterceptorsOrder
- preAuthorize() - Static method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
-
Creates an interceptor for the
PreAuthorize
annotation - preAuthorize(PreAuthorizeAuthorizationManager) - Static method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
-
Creates an interceptor for the
PreAuthorize
annotation - PreAuthorize - Annotation Type in org.springframework.security.access.prepost
-
Annotation for specifying a method access-control expression which will be evaluated to decide whether a method invocation is allowed or not.
- PreAuthorizeAuthorizationManager - Class in org.springframework.security.authorization.method
-
An
AuthorizationManager
which can determine if anAuthentication
may invoke theMethodInvocation
by evaluating an expression from thePreAuthorize
annotation. - PreAuthorizeAuthorizationManager() - Constructor for class org.springframework.security.authorization.method.PreAuthorizeAuthorizationManager
- prefersShortLivedTasks() - Method in class org.springframework.security.scheduling.DelegatingSecurityContextSchedulingTaskExecutor
- PreFilter - Annotation Type in org.springframework.security.access.prepost
-
Annotation for specifying a method filtering expression which will be evaluated before a method has been invoked.
- PreFilterAuthorizationMethodInterceptor - Class in org.springframework.security.authorization.method
-
A
MethodInterceptor
which filters a method argument by evaluating an expression from thePreFilter
annotation. - PreFilterAuthorizationMethodInterceptor() - Constructor for class org.springframework.security.authorization.method.PreFilterAuthorizationMethodInterceptor
-
Creates a
PreFilterAuthorizationMethodInterceptor
using the provided parameters - PreInvocationAttribute - Interface in org.springframework.security.access.prepost
-
Marker interface for attributes which are created from combined @PreFilter and @PreAuthorize annotations.
- PreInvocationAuthorizationAdvice - Interface in org.springframework.security.access.prepost
-
Performs argument filtering and authorization logic before a method is invoked.
- PreInvocationAuthorizationAdviceVoter - Class in org.springframework.security.access.prepost
-
Voter which performs the actions using a PreInvocationAuthorizationAdvice implementation generated from @PreFilter and @PreAuthorize annotations.
- PreInvocationAuthorizationAdviceVoter(PreInvocationAuthorizationAdvice) - Constructor for class org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter
- PrePostAdviceReactiveMethodInterceptor - Class in org.springframework.security.access.prepost
-
A
MethodInterceptor
that supportsPreAuthorize
andPostAuthorize
for methods that returnMono
orFlux
and Kotlin coroutine functions. - PrePostAdviceReactiveMethodInterceptor(MethodSecurityMetadataSource, PreInvocationAuthorizationAdvice, PostInvocationAuthorizationAdvice) - Constructor for class org.springframework.security.access.prepost.PrePostAdviceReactiveMethodInterceptor
-
Creates a new instance
- PrePostAnnotationSecurityMetadataSource - Class in org.springframework.security.access.prepost
-
MethodSecurityMetadataSource which extracts metadata from the @PreFilter and @PreAuthorize annotations placed on a method.
- PrePostAnnotationSecurityMetadataSource(PrePostInvocationAttributeFactory) - Constructor for class org.springframework.security.access.prepost.PrePostAnnotationSecurityMetadataSource
- PrePostInvocationAttributeFactory - Interface in org.springframework.security.access.prepost
- proceed() - Method in class org.springframework.security.access.intercept.aspectj.MethodInvocationAdapter
- proceed() - Method in class org.springframework.security.util.SimpleMethodInvocation
- proceedWithObject() - Method in interface org.springframework.security.access.intercept.aspectj.AspectJCallback
- ProviderManager - Class in org.springframework.security.authentication
-
Iterates an
Authentication
request through a list ofAuthenticationProvider
s. - ProviderManager(List<AuthenticationProvider>) - Constructor for class org.springframework.security.authentication.ProviderManager
-
Construct a
ProviderManager
using the givenAuthenticationProvider
s - ProviderManager(List<AuthenticationProvider>, AuthenticationManager) - Constructor for class org.springframework.security.authentication.ProviderManager
-
Construct a
ProviderManager
using the provided parameters - ProviderManager(AuthenticationProvider...) - Constructor for class org.springframework.security.authentication.ProviderManager
-
Construct a
ProviderManager
using the givenAuthenticationProvider
s - ProviderNotFoundException - Exception in org.springframework.security.authentication
-
Thrown by
ProviderManager
if noAuthenticationProvider
could be found that supports the presentedAuthentication
object. - ProviderNotFoundException(String) - Constructor for exception org.springframework.security.authentication.ProviderNotFoundException
-
Constructs a
ProviderNotFoundException
with the specified message. - PublicInvocationEvent - Class in org.springframework.security.access.event
-
Event that is generated whenever a public secure object is invoked.
- PublicInvocationEvent(Object) - Constructor for class org.springframework.security.access.event.PublicInvocationEvent
-
Construct the event, passing in the public secure object.
- publishAuthenticationFailure(AuthenticationException, Authentication) - Method in interface org.springframework.security.authentication.AuthenticationEventPublisher
- publishAuthenticationFailure(AuthenticationException, Authentication) - Method in class org.springframework.security.authentication.DefaultAuthenticationEventPublisher
- publishAuthenticationSuccess(Authentication) - Method in interface org.springframework.security.authentication.AuthenticationEventPublisher
- publishAuthenticationSuccess(Authentication) - Method in class org.springframework.security.authentication.DefaultAuthenticationEventPublisher
- publishAuthorizationEvent(Supplier<Authentication>, T, AuthorizationDecision) - Method in interface org.springframework.security.authorization.AuthorizationEventPublisher
-
Publish the given details in the form of an event, typically
AuthorizationGrantedEvent
orAuthorizationDeniedEvent
. - publishAuthorizationEvent(Supplier<Authentication>, T, AuthorizationDecision) - Method in class org.springframework.security.authorization.SpringAuthorizationEventPublisher
-
Publish the given details in the form of an event, typically
AuthorizationGrantedEvent
orAuthorizationDeniedEvent
. - publishFailureEvent(UsernamePasswordAuthenticationToken, AuthenticationException) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
-
Publishes the
JaasAuthenticationFailedEvent
. - publishFailureEvent(UsernamePasswordAuthenticationToken, AuthenticationException) - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
-
Publishes the
JaasAuthenticationFailedEvent
. - publishSuccessEvent(UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
-
Publishes the
JaasAuthenticationSuccessEvent
. - putUserInCache(UserDetails) - Method in class org.springframework.security.core.userdetails.cache.EhCacheBasedUserCache
-
Deprecated.
- putUserInCache(UserDetails) - Method in class org.springframework.security.core.userdetails.cache.NullUserCache
- putUserInCache(UserDetails) - Method in class org.springframework.security.core.userdetails.cache.SpringCacheBasedUserCache
- putUserInCache(UserDetails) - Method in interface org.springframework.security.core.userdetails.UserCache
-
Places a
UserDetails
in the cache.
R
- ReactiveAuthenticationManager - Interface in org.springframework.security.authentication
-
Determines if the provided
Authentication
can be authenticated. - ReactiveAuthenticationManagerAdapter - Class in org.springframework.security.authentication
-
Adapts an AuthenticationManager to the reactive APIs.
- ReactiveAuthenticationManagerAdapter(AuthenticationManager) - Constructor for class org.springframework.security.authentication.ReactiveAuthenticationManagerAdapter
- ReactiveAuthenticationManagerResolver<C> - Interface in org.springframework.security.authentication
-
An interface for resolving a
ReactiveAuthenticationManager
based on the provided context - ReactiveAuthorizationManager<T> - Interface in org.springframework.security.authorization
-
A reactive authorization manager which can determine if an
Authentication
has access to a specific object. - ReactiveSecurityContextHolder - Class in org.springframework.security.core.context
-
Allows getting and setting the Spring
SecurityContext
into aContext
. - ReactiveUserDetailsPasswordService - Interface in org.springframework.security.core.userdetails
-
An API for changing a
UserDetails
password. - ReactiveUserDetailsService - Interface in org.springframework.security.core.userdetails
-
An API for finding the
UserDetails
by username. - read - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
- refresh() - Method in class org.springframework.security.authentication.jaas.memory.InMemoryConfiguration
-
Does nothing, but required for JDK5
- refreshLastRequest() - Method in class org.springframework.security.core.session.SessionInformation
-
Refreshes the internal lastRequest to the current date and time.
- refreshLastRequest(String) - Method in interface org.springframework.security.core.session.SessionRegistry
-
Updates the given
sessionId
so its last request time is equal to the present date and time. - refreshLastRequest(String) - Method in class org.springframework.security.core.session.SessionRegistryImpl
- registerNewSession(String, Object) - Method in interface org.springframework.security.core.session.SessionRegistry
-
Registers a new session for the specified principal.
- registerNewSession(String, Object) - Method in class org.springframework.security.core.session.SessionRegistryImpl
- RememberMeAuthenticationProvider - Class in org.springframework.security.authentication
-
An
AuthenticationProvider
implementation that validatesRememberMeAuthenticationToken
s. - RememberMeAuthenticationProvider(String) - Constructor for class org.springframework.security.authentication.RememberMeAuthenticationProvider
- RememberMeAuthenticationToken - Class in org.springframework.security.authentication
-
Represents a remembered
Authentication
. - RememberMeAuthenticationToken(String, Object, Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.authentication.RememberMeAuthenticationToken
-
Constructor.
- RemoteAuthenticationException - Exception in org.springframework.security.authentication.rcp
-
Deprecated.as of 5.6.0 with no replacement
- RemoteAuthenticationException(String) - Constructor for exception org.springframework.security.authentication.rcp.RemoteAuthenticationException
-
Deprecated.Constructs a
RemoteAuthenticationException
with the specified message and no root cause. - RemoteAuthenticationManager - Interface in org.springframework.security.authentication.rcp
-
Deprecated.as of 5.6.0 with no replacement
- RemoteAuthenticationManagerImpl - Class in org.springframework.security.authentication.rcp
-
Deprecated.as of 5.6.0 with no replacement
- RemoteAuthenticationManagerImpl() - Constructor for class org.springframework.security.authentication.rcp.RemoteAuthenticationManagerImpl
-
Deprecated.
- RemoteAuthenticationProvider - Class in org.springframework.security.authentication.rcp
-
Deprecated.as of 5.6.0 with no replacement
- RemoteAuthenticationProvider() - Constructor for class org.springframework.security.authentication.rcp.RemoteAuthenticationProvider
-
Deprecated.
- removeGroupAuthority(String, GrantedAuthority) - Method in interface org.springframework.security.provisioning.GroupManager
-
Deletes an authority from those assigned to a group
- removeGroupAuthority(String, GrantedAuthority) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- removeSessionInformation(String) - Method in interface org.springframework.security.core.session.SessionRegistry
-
Deletes all the session information being maintained for the specified
sessionId
. - removeSessionInformation(String) - Method in class org.springframework.security.core.session.SessionRegistryImpl
- removeUserFromCache(String) - Method in class org.springframework.security.core.userdetails.cache.EhCacheBasedUserCache
-
Deprecated.
- removeUserFromCache(String) - Method in class org.springframework.security.core.userdetails.cache.NullUserCache
- removeUserFromCache(String) - Method in class org.springframework.security.core.userdetails.cache.SpringCacheBasedUserCache
- removeUserFromCache(String) - Method in interface org.springframework.security.core.userdetails.UserCache
-
Removes the specified user from the cache.
- removeUserFromCache(UserDetails) - Method in class org.springframework.security.core.userdetails.cache.EhCacheBasedUserCache
-
Deprecated.
- removeUserFromCache(UserDetails) - Method in class org.springframework.security.core.userdetails.cache.SpringCacheBasedUserCache
- removeUserFromGroup(String, String) - Method in interface org.springframework.security.provisioning.GroupManager
-
Deletes a user's membership of a group.
- removeUserFromGroup(String, String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- renameGroup(String, String) - Method in interface org.springframework.security.provisioning.GroupManager
-
Changes the name of a group without altering the assigned authorities or members.
- renameGroup(String, String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- resolve(C) - Method in interface org.springframework.security.authentication.AuthenticationManagerResolver
-
Resolve an
AuthenticationManager
from a provided context - resolve(C) - Method in interface org.springframework.security.authentication.ReactiveAuthenticationManagerResolver
- resolveException(LoginException) - Method in class org.springframework.security.authentication.jaas.DefaultLoginExceptionResolver
- resolveException(LoginException) - Method in interface org.springframework.security.authentication.jaas.LoginExceptionResolver
-
Translates a Jaas LoginException to an SpringSecurityException.
- retrieveUser(String) - Method in class org.springframework.security.authentication.AbstractUserDetailsReactiveAuthenticationManager
-
Allows subclasses to retrieve the
UserDetails
from an implementation-specific location. - retrieveUser(String) - Method in class org.springframework.security.authentication.UserDetailsRepositoryReactiveAuthenticationManager
- retrieveUser(String, UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
-
Allows subclasses to actually retrieve the
UserDetails
from an implementation-specific location, with the option of throwing anAuthenticationException
immediately if the presented credentials are incorrect (this is especially useful if it is necessary to bind to a resource as the user in order to obtain or generate aUserDetails
). - retrieveUser(String, UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
- RoleHierarchy - Interface in org.springframework.security.access.hierarchicalroles
-
The simple interface of a role hierarchy.
- RoleHierarchyAuthoritiesMapper - Class in org.springframework.security.access.hierarchicalroles
- RoleHierarchyAuthoritiesMapper(RoleHierarchy) - Constructor for class org.springframework.security.access.hierarchicalroles.RoleHierarchyAuthoritiesMapper
- roleHierarchyFromMap(Map<String, List<String>>) - Static method in class org.springframework.security.access.hierarchicalroles.RoleHierarchyUtils
-
Converts the supplied
Map
of role name to implied role name(s) to a string representation understood byRoleHierarchyImpl.setHierarchy(String)
. - RoleHierarchyImpl - Class in org.springframework.security.access.hierarchicalroles
-
This class defines a role hierarchy for use with various access checking components.
- RoleHierarchyImpl() - Constructor for class org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl
- RoleHierarchyUtils - Class in org.springframework.security.access.hierarchicalroles
-
Utility methods for
RoleHierarchy
. - RoleHierarchyVoter - Class in org.springframework.security.access.vote
-
Extended RoleVoter which uses a
RoleHierarchy
definition to determine the roles allocated to the current user before voting. - RoleHierarchyVoter(RoleHierarchy) - Constructor for class org.springframework.security.access.vote.RoleHierarchyVoter
- roles(String...) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
-
Populates the roles.
- RoleVoter - Class in org.springframework.security.access.vote
-
Votes if any
ConfigAttribute.getAttribute()
starts with a prefix indicating that it is a role. - RoleVoter() - Constructor for class org.springframework.security.access.vote.RoleVoter
- RsaKeyConverters - Class in org.springframework.security.converter
-
Used for creating
Key
converter instances - run() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextRunnable
- RunAsImplAuthenticationProvider - Class in org.springframework.security.access.intercept
-
An
AuthenticationProvider
implementation that can authenticate aRunAsUserToken
. - RunAsImplAuthenticationProvider() - Constructor for class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider
- RunAsManager - Interface in org.springframework.security.access.intercept
-
Creates a new temporary
Authentication
object for the current secure object invocation only. - RunAsManagerImpl - Class in org.springframework.security.access.intercept
-
Basic concrete implementation of a
RunAsManager
. - RunAsManagerImpl() - Constructor for class org.springframework.security.access.intercept.RunAsManagerImpl
- RunAsUserToken - Class in org.springframework.security.access.intercept
-
An immutable
Authentication
implementation that supportsRunAsManagerImpl
. - RunAsUserToken(String, Object, Object, Collection<? extends GrantedAuthority>, Class<? extends Authentication>) - Constructor for class org.springframework.security.access.intercept.RunAsUserToken
S
- schedule(Runnable, long, TimeUnit) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextScheduledExecutorService
- schedule(Runnable, Date) - Method in class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
- schedule(Runnable, Trigger) - Method in class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
- schedule(Callable<V>, long, TimeUnit) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextScheduledExecutorService
- scheduleAtFixedRate(Runnable, long) - Method in class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
- scheduleAtFixedRate(Runnable, long, long, TimeUnit) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextScheduledExecutorService
- scheduleAtFixedRate(Runnable, Date, long) - Method in class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
- scheduleWithFixedDelay(Runnable, long) - Method in class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
- scheduleWithFixedDelay(Runnable, long, long, TimeUnit) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextScheduledExecutorService
- scheduleWithFixedDelay(Runnable, Date, long) - Method in class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
- secured() - Static method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
-
Creates an interceptor for the
Secured
annotation - secured(SecuredAuthorizationManager) - Static method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
-
Creates an interceptor for the
Secured
annotation - Secured - Annotation Type in org.springframework.security.access.annotation
-
Java 5 annotation for describing service layer security attributes.
- SECURED - org.springframework.security.authorization.method.AuthorizationInterceptorsOrder
- SecuredAnnotationSecurityMetadataSource - Class in org.springframework.security.access.annotation
-
Sources method security metadata from Spring Security's
Secured
annotation. - SecuredAnnotationSecurityMetadataSource() - Constructor for class org.springframework.security.access.annotation.SecuredAnnotationSecurityMetadataSource
- SecuredAnnotationSecurityMetadataSource(AnnotationMetadataExtractor) - Constructor for class org.springframework.security.access.annotation.SecuredAnnotationSecurityMetadataSource
- SecuredAuthorizationManager - Class in org.springframework.security.authorization.method
-
An
AuthorizationManager
which can determine if anAuthentication
may invoke theMethodInvocation
by evaluating if theAuthentication
contains a specified authority from the Spring Security'sSecured
annotation. - SecuredAuthorizationManager() - Constructor for class org.springframework.security.authorization.method.SecuredAuthorizationManager
- SecureRandomFactoryBean - Class in org.springframework.security.core.token
-
Creates a
SecureRandom
instance. - SecureRandomFactoryBean() - Constructor for class org.springframework.security.core.token.SecureRandomFactoryBean
- SecurityConfig - Class in org.springframework.security.access
-
Stores a
ConfigAttribute
as aString
. - SecurityConfig(String) - Constructor for class org.springframework.security.access.SecurityConfig
- SecurityContext - Interface in org.springframework.security.core.context
-
Interface defining the minimum security information associated with the current thread of execution.
- securityContextChanged(SecurityContextChangedEvent) - Method in interface org.springframework.security.core.context.SecurityContextChangedListener
- SecurityContextChangedEvent - Class in org.springframework.security.core.context
-
An event that represents a change in
SecurityContext
- SecurityContextChangedEvent(SecurityContext, SecurityContext) - Constructor for class org.springframework.security.core.context.SecurityContextChangedEvent
-
Construct an event
- SecurityContextChangedListener - Interface in org.springframework.security.core.context
-
A listener for
SecurityContextChangedEvent
s - SecurityContextHolder - Class in org.springframework.security.core.context
-
Associates a given
SecurityContext
with the current execution thread. - SecurityContextHolder() - Constructor for class org.springframework.security.core.context.SecurityContextHolder
- SecurityContextHolderStrategy - Interface in org.springframework.security.core.context
-
A strategy for storing security context information against a thread.
- SecurityContextImpl - Class in org.springframework.security.core.context
-
Base implementation of
SecurityContext
. - SecurityContextImpl() - Constructor for class org.springframework.security.core.context.SecurityContextImpl
- SecurityContextImpl(Authentication) - Constructor for class org.springframework.security.core.context.SecurityContextImpl
- SecurityContextLoginModule - Class in org.springframework.security.authentication.jaas
-
An implementation of
LoginModule
that uses a Spring SecuritySecurityContext
to provide authentication. - SecurityContextLoginModule() - Constructor for class org.springframework.security.authentication.jaas.SecurityContextLoginModule
- SecurityExpressionHandler<T> - Interface in org.springframework.security.access.expression
-
Facade which isolates Spring Security's requirements for evaluating security expressions from the implementation of the underlying expression objects
- SecurityExpressionOperations - Interface in org.springframework.security.access.expression
-
Standard interface for expression root objects used with expression-based security.
- SecurityExpressionRoot - Class in org.springframework.security.access.expression
-
Base root object for use in Spring Security expression evaluations.
- SecurityExpressionRoot(Authentication) - Constructor for class org.springframework.security.access.expression.SecurityExpressionRoot
-
Creates a new instance
- SecurityJackson2Modules - Class in org.springframework.security.jackson2
-
This utility class will find all the SecurityModules in classpath.
- SecurityMetadataSource - Interface in org.springframework.security.access
-
Implemented by classes that store and can identify the
ConfigAttribute
s that applies to a given secure object invocation. - SERIAL_VERSION_UID - Static variable in class org.springframework.security.core.SpringSecurityCoreVersion
-
Global Serialization value for Spring Security classes.
- SessionCreationEvent - Class in org.springframework.security.core.session
-
Generic session creation event which indicates that a session (potentially represented by a security context) has begun.
- SessionCreationEvent(Object) - Constructor for class org.springframework.security.core.session.SessionCreationEvent
- SessionDestroyedEvent - Class in org.springframework.security.core.session
-
Generic "session termination" event which indicates that a session (potentially represented by a security context) has ended.
- SessionDestroyedEvent(Object) - Constructor for class org.springframework.security.core.session.SessionDestroyedEvent
- SessionIdChangedEvent - Class in org.springframework.security.core.session
-
Generic "session ID changed" event which indicates that a session identifier (potentially represented by a security context) has changed.
- SessionIdChangedEvent(Object) - Constructor for class org.springframework.security.core.session.SessionIdChangedEvent
- SessionInformation - Class in org.springframework.security.core.session
-
Represents a record of a session within the Spring Security framework.
- SessionInformation(Object, String, Date) - Constructor for class org.springframework.security.core.session.SessionInformation
- SessionRegistry - Interface in org.springframework.security.core.session
-
Maintains a registry of
SessionInformation
instances. - SessionRegistryImpl - Class in org.springframework.security.core.session
-
Default implementation of
SessionRegistry
which listens forSessionDestroyedEvent
s published in the Spring application context. - SessionRegistryImpl() - Constructor for class org.springframework.security.core.session.SessionRegistryImpl
- SessionRegistryImpl(ConcurrentMap<Object, Set<String>>, Map<String, SessionInformation>) - Constructor for class org.springframework.security.core.session.SessionRegistryImpl
- setAccessDecisionManager(AccessDecisionManager) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
- setAdditionalExceptionMappings(Map<Class<? extends AuthenticationException>, Class<? extends AbstractAuthenticationFailureEvent>>) - Method in class org.springframework.security.authentication.DefaultAuthenticationEventPublisher
-
Sets additional exception to event mappings.
- setAdditionalExceptionMappings(Properties) - Method in class org.springframework.security.authentication.DefaultAuthenticationEventPublisher
- setAddPrefixIfAlreadyExisting(boolean) - Method in class org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper
- setAfterInvocationManager(AfterInvocationManager) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
- setAlgorithm(String) - Method in class org.springframework.security.core.token.SecureRandomFactoryBean
-
Allows the Pseudo Random Number Generator (PRNG) algorithm to be nominated.
- setAllowIfAllAbstainDecisions(boolean) - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager
- setAllowIfEqualGrantedDeniedDecisions(boolean) - Method in class org.springframework.security.access.vote.ConsensusBased
- setAlwaysReauthenticate(boolean) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
Indicates whether the
AbstractSecurityInterceptor
should ignore theAuthentication.isAuthenticated()
property. - setAnonymousClass(Class<? extends Authentication>) - Method in class org.springframework.security.authentication.AuthenticationTrustResolverImpl
- setApplicationContext(ApplicationContext) - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
- setApplicationEventPublisher(ApplicationEventPublisher) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
- setApplicationEventPublisher(ApplicationEventPublisher) - Method in class org.springframework.security.authentication.DefaultAuthenticationEventPublisher
- setApplicationEventPublisher(ApplicationEventPublisher) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
- setAsText(String) - Method in class org.springframework.security.core.userdetails.memory.UserAttributeEditor
- setAttributePrefix(String) - Method in class org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper
- setAttributes2grantedAuthoritiesMap(Map<?, ?>) - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
- setAuthenticated(boolean) - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
- setAuthenticated(boolean) - Method in class org.springframework.security.authentication.UsernamePasswordAuthenticationToken
- setAuthenticated(boolean) - Method in interface org.springframework.security.core.Authentication
-
See
Authentication.isAuthenticated()
for a full description. - setAuthentication(Authentication) - Method in interface org.springframework.security.core.context.SecurityContext
-
Changes the currently authenticated principal, or removes the authentication information.
- setAuthentication(Authentication) - Method in class org.springframework.security.core.context.SecurityContextImpl
- setAuthenticationEventPublisher(AuthenticationEventPublisher) - Method in class org.springframework.security.authentication.ProviderManager
- setAuthenticationManager(AuthenticationManager) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
- setAuthenticationManager(AuthenticationManager) - Method in class org.springframework.security.authentication.rcp.RemoteAuthenticationManagerImpl
-
Deprecated.
- setAuthenticationManager(AuthenticationManager) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
- setAuthenticationManager(AuthenticationManager) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setAuthenticationTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.access.vote.AuthenticatedVoter
- setAuthorities(List<GrantedAuthority>) - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
-
Set all authorities for this user.
- setAuthoritiesAsString(List<String>) - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
-
Set all authorities for this user from String values.
- setAuthoritiesByUsernameQuery(String) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
-
Allows the default query string used to retrieve authorities based on username to be overridden, if default table or column names need to be changed.
- setAuthoritiesMapper(GrantedAuthoritiesMapper) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- setAuthorityGranters(AuthorityGranter[]) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
-
Set the AuthorityGranters that should be consulted for role names to be granted to the Authentication.
- setAuthorizationEventPublisher(AuthorizationEventPublisher) - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor
-
Use this
AuthorizationEventPublisher
to publish theAuthorizationManager
result. - setAuthorizationEventPublisher(AuthorizationEventPublisher) - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
-
Use this
AuthorizationEventPublisher
to publish theAuthorizationManager
result. - setBeanClassLoader(ClassLoader) - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
- setBeanFactory(BeanFactory) - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityMetadataSourceAdvisor
- setCache(Ehcache) - Method in class org.springframework.security.core.userdetails.cache.EhCacheBasedUserCache
-
Deprecated.
- setCallbackHandlers(JaasAuthenticationCallbackHandler[]) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
-
Set the JAASAuthentcationCallbackHandler array to handle callback objects generated by the LoginContext.login method.
- setChangePasswordSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setConfiguration(Configuration) - Method in class org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider
-
Sets the Configuration to use for Authentication.
- setContext(SecurityContext) - Method in class org.springframework.security.core.context.ListeningSecurityContextHolderStrategy
-
Sets the current context.
- setContext(SecurityContext) - Static method in class org.springframework.security.core.context.SecurityContextHolder
-
Associates a new
SecurityContext
with the current thread of execution. - setContext(SecurityContext) - Method in interface org.springframework.security.core.context.SecurityContextHolderStrategy
-
Sets the current context.
- setContextHolderStrategy(SecurityContextHolderStrategy) - Static method in class org.springframework.security.core.context.SecurityContextHolder
-
Use this
SecurityContextHolderStrategy
. - setConvertAttributeToLowerCase(boolean) - Method in class org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper
- setConvertAttributeToUpperCase(boolean) - Method in class org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper
- setConvertToLowerCase(boolean) - Method in class org.springframework.security.core.authority.mapping.SimpleAuthorityMapper
-
Whether to convert the authority value to lower case in the mapping.
- setConvertToUpperCase(boolean) - Method in class org.springframework.security.core.authority.mapping.SimpleAuthorityMapper
-
Whether to convert the authority value to upper case in the mapping.
- setCreateAuthoritySql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setCreateUserSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setDefaultAuthenticationFailureEvent(Class<? extends AbstractAuthenticationFailureEvent>) - Method in class org.springframework.security.authentication.DefaultAuthenticationEventPublisher
-
Sets a default authentication failure event as a fallback event for any unmapped exceptions not mapped in the exception mappings.
- setDefaultAuthority(String) - Method in class org.springframework.security.core.authority.mapping.SimpleAuthorityMapper
-
Sets a default authority to be assigned to all users
- setDefaultRolePrefix(String) - Method in class org.springframework.security.access.annotation.Jsr250MethodSecurityMetadataSource
-
Sets the default prefix to be added to
RolesAllowed
. - setDefaultRolePrefix(String) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
-
Sets the default prefix to be added to
SecurityExpressionRoot.hasAnyRole(String...)
orSecurityExpressionRoot.hasRole(String)
. - setDefaultRolePrefix(String) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
-
Sets the default prefix to be added to
SecurityExpressionRoot.hasAnyRole(String...)
orSecurityExpressionRoot.hasRole(String)
. - setDeleteGroupAuthoritiesSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setDeleteGroupAuthoritySql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setDeleteGroupMemberSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setDeleteGroupMembersSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setDeleteGroupSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setDeleteUserAuthoritiesSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setDeleteUserSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setDetails(Object) - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
- setEnableAuthorities(boolean) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
-
Enables loading of authorities (roles) from the authorities table.
- setEnabled(boolean) - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
- setEnableGroups(boolean) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
-
Enables support for group authorities.
- setEraseCredentialsAfterAuthentication(boolean) - Method in class org.springframework.security.authentication.ProviderManager
-
If set to, a resulting
Authentication
which implements theCredentialsContainer
interface will have itseraseCredentials
method called before it is returned from theauthenticate()
method. - setExpressionHandler(MethodSecurityExpressionHandler) - Method in class org.springframework.security.access.expression.method.ExpressionBasedPreInvocationAdvice
- setExpressionHandler(MethodSecurityExpressionHandler) - Method in class org.springframework.security.authorization.method.PostAuthorizeAuthorizationManager
-
Use this the
MethodSecurityExpressionHandler
. - setExpressionHandler(MethodSecurityExpressionHandler) - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationMethodInterceptor
-
Use this
MethodSecurityExpressionHandler
. - setExpressionHandler(MethodSecurityExpressionHandler) - Method in class org.springframework.security.authorization.method.PreAuthorizeAuthorizationManager
-
Sets the
MethodSecurityExpressionHandler
. - setExpressionHandler(MethodSecurityExpressionHandler) - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationMethodInterceptor
-
Use this
MethodSecurityExpressionHandler
- setExpressionParser(ExpressionParser) - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
- setFilterObject(Object) - Method in interface org.springframework.security.access.expression.method.MethodSecurityExpressionOperations
- setFindAllGroupsSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setFindGroupIdSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setFindUsersInGroupSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setForcePrincipalAsString(boolean) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- setGroupAuthoritiesByUsernameQuery(String) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
-
Allows the default query string used to retrieve group authorities based on username to be overridden, if default table or column names need to be changed.
- setGroupAuthoritiesSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setHideUserNotFoundExceptions(boolean) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
-
By default the
AbstractUserDetailsAuthenticationProvider
throws aBadCredentialsException
if a username is not found or the password is incorrect. - setHierarchy(String) - Method in class org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl
-
Set the role hierarchy and pre-calculate for every role the set of all reachable roles, i.e.
- setInsertGroupAuthoritySql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setInsertGroupMemberSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setInsertGroupSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setKey(String) - Method in class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider
- setKey(String) - Method in class org.springframework.security.access.intercept.RunAsManagerImpl
- setLoginConfig(Resource) - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
-
Set the JAAS login configuration file.
- setLoginContextName(String) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
-
Set the loginContextName, this name is used as the index to the configuration specified in the loginConfig property.
- setLoginExceptionResolver(LoginExceptionResolver) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
- setLogInteractiveAuthenticationSuccessEvents(boolean) - Method in class org.springframework.security.authentication.event.LoggerListener
- setMappableAttributes(Set<String>) - Method in class org.springframework.security.core.authority.mapping.SimpleMappableAttributesRetriever
- setMessageSource(MessageSource) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
- setMessageSource(MessageSource) - Method in class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider
- setMessageSource(MessageSource) - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager
- setMessageSource(MessageSource) - Method in class org.springframework.security.authentication.AbstractUserDetailsReactiveAuthenticationManager
- setMessageSource(MessageSource) - Method in class org.springframework.security.authentication.AccountStatusUserDetailsChecker
- setMessageSource(MessageSource) - Method in class org.springframework.security.authentication.AnonymousAuthenticationProvider
- setMessageSource(MessageSource) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- setMessageSource(MessageSource) - Method in class org.springframework.security.authentication.ProviderManager
- setMessageSource(MessageSource) - Method in class org.springframework.security.authentication.RememberMeAuthenticationProvider
- setMessageSource(MessageSource) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- setOrder(int) - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor
- setOrder(int) - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
- setOrder(int) - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationMethodInterceptor
- setOrder(int) - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationMethodInterceptor
- setParameterNameDiscoverer(ParameterNameDiscoverer) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
-
Sets the
ParameterNameDiscoverer
to use. - setPassword(String) - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
- setPasswordEncoder(PasswordEncoder) - Method in class org.springframework.security.authentication.AbstractUserDetailsReactiveAuthenticationManager
-
The
PasswordEncoder
that is used for validating the password. - setPasswordEncoder(PasswordEncoder) - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
-
Sets the PasswordEncoder instance to be used to encode and validate passwords.
- setPermissionCacheOptimizer(PermissionCacheOptimizer) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
- setPermissionEvaluator(PermissionEvaluator) - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
- setPermissionEvaluator(PermissionEvaluator) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
- setPostAuthenticationChecks(UserDetailsChecker) - Method in class org.springframework.security.authentication.AbstractUserDetailsReactiveAuthenticationManager
-
Sets the strategy which will be used to validate the loaded UserDetails object after authentication occurs.
- setPostAuthenticationChecks(UserDetailsChecker) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- setPreAuthenticationChecks(UserDetailsChecker) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
-
Sets the policy will be used to verify the status of the loaded UserDetails before validation of the credentials takes place.
- setPrefix(String) - Method in class org.springframework.security.core.authority.mapping.SimpleAuthorityMapper
-
Sets the prefix which should be added to the authority name (if it doesn't already exist)
- setProcessDomainObjectClass(Class<?>) - Method in class org.springframework.security.access.vote.AbstractAclVoter
- setProtectedFieldValue(String, Object, Object) - Static method in class org.springframework.security.util.FieldUtils
- setProviders(List<?>) - Method in class org.springframework.security.access.intercept.AfterInvocationProviderManager
- setPseudoRandomNumberBytes(int) - Method in class org.springframework.security.core.token.KeyBasedPersistenceTokenService
- setPublishAuthorizationSuccess(boolean) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
Only
AuthorizationFailureEvent
will be published. - setRefreshConfigurationOnStartup(boolean) - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
-
If set, a call to
Configuration#refresh()
will be made by#configureJaas(Resource)
method. - setRejectPublicInvocations(boolean) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
By rejecting public invocations (and setting this property to true), essentially you are ensuring that every secure object invocation advised by
AbstractSecurityInterceptor
has a configuration attribute defined. - setRememberMeClass(Class<? extends Authentication>) - Method in class org.springframework.security.authentication.AuthenticationTrustResolverImpl
- setRemoteAuthenticationManager(RemoteAuthenticationManager) - Method in class org.springframework.security.authentication.rcp.RemoteAuthenticationProvider
-
Deprecated.
- setRenameGroupSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setReturnObject(Object) - Method in interface org.springframework.security.access.expression.method.MethodSecurityExpressionOperations
- setReturnObject(Object, EvaluationContext) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
- setReturnObject(Object, EvaluationContext) - Method in interface org.springframework.security.access.expression.method.MethodSecurityExpressionHandler
-
Used to inform the expression system of the return object for the given evaluation context.
- setRoleHierarchy(RoleHierarchy) - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
- setRoleHierarchy(RoleHierarchy) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
- setRolePrefix(String) - Method in class org.springframework.security.access.intercept.RunAsManagerImpl
-
Allows the default role prefix of
ROLE_
to be overridden. - setRolePrefix(String) - Method in class org.springframework.security.access.vote.RoleVoter
-
Allows the default role prefix of
ROLE_
to be overridden. - setRolePrefix(String) - Method in class org.springframework.security.authorization.method.Jsr250AuthorizationManager
-
Sets the role prefix.
- setRolePrefix(String) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
-
Allows a default role prefix to be specified.
- setRunAsManager(RunAsManager) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
- setScheduler(Scheduler) - Method in class org.springframework.security.authentication.AbstractUserDetailsReactiveAuthenticationManager
-
Sets the
Scheduler
used by theUserDetailsRepositoryReactiveAuthenticationManager
. - setScheduler(Scheduler) - Method in class org.springframework.security.authentication.ReactiveAuthenticationManagerAdapter
-
Set a scheduler that will be published on to perform the authentication logic.
- setSecureRandom(SecureRandom) - Method in class org.springframework.security.core.token.KeyBasedPersistenceTokenService
- setSecurityInterceptor(AbstractSecurityInterceptor) - Method in class org.springframework.security.access.intercept.MethodInvocationPrivilegeEvaluator
- setSecurityMetadataSource(MethodSecurityMetadataSource) - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor
- setSeed(Resource) - Method in class org.springframework.security.core.token.SecureRandomFactoryBean
-
Allows the user to specify a resource which will act as a seed for the
SecureRandom
instance. - setServerInteger(Integer) - Method in class org.springframework.security.core.token.KeyBasedPersistenceTokenService
- setServerSecret(String) - Method in class org.springframework.security.core.token.KeyBasedPersistenceTokenService
- setStrategyName(String) - Static method in class org.springframework.security.core.context.SecurityContextHolder
-
Changes the preferred strategy.
- setStringSeparator(String) - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
- setTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
-
Sets the
AuthenticationTrustResolver
to be used. - setTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
- setUpdateUserSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setupModule(Module.SetupContext) - Method in class org.springframework.security.jackson2.CoreJackson2Module
- setUserCache(UserCache) - Method in class org.springframework.security.authentication.CachingUserDetailsService
- setUserCache(UserCache) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- setUserCache(UserCache) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
-
Optionally sets the UserCache if one is in use in the application.
- setUserDetailsPasswordService(ReactiveUserDetailsPasswordService) - Method in class org.springframework.security.authentication.AbstractUserDetailsReactiveAuthenticationManager
-
Sets the service to use for upgrading passwords on successful authentication.
- setUserDetailsPasswordService(UserDetailsPasswordService) - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
- setUserDetailsService(UserDetailsService) - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
- setUserDetailsService(UserDetailsService) - Method in class org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper
-
Set the wrapped UserDetailsService implementation
- setUserExistsSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setUsernameBasedPrimaryKey(boolean) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
-
If
true
(the default), indicates theJdbcDaoImpl.getUsersByUsernameQuery()
returns a username in response to a query. - setUsersByUsernameQuery(String) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
-
Allows the default query string used to retrieve users based on username to be overridden, if default table or column names need to be changed.
- setValidateConfigAttributes(boolean) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
- sha(byte[]) - Static method in class org.springframework.security.core.token.Sha512DigestUtils
-
Calculates the SHA digest and returns the value as a
byte[]
. - sha(String) - Static method in class org.springframework.security.core.token.Sha512DigestUtils
-
Calculates the SHA digest and returns the value as a
byte[]
. - Sha512DigestUtils - Class in org.springframework.security.core.token
-
Provides SHA512 digest methods.
- Sha512DigestUtils() - Constructor for class org.springframework.security.core.token.Sha512DigestUtils
- shaHex(byte[]) - Static method in class org.springframework.security.core.token.Sha512DigestUtils
-
Calculates the SHA digest and returns the value as a hex string.
- shaHex(String) - Static method in class org.springframework.security.core.token.Sha512DigestUtils
-
Calculates the SHA digest and returns the value as a hex string.
- shutdown() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
- shutdownNow() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
- SimpleAttributes2GrantedAuthoritiesMapper - Class in org.springframework.security.core.authority.mapping
-
This class implements the Attributes2GrantedAuthoritiesMapper interface by doing a one-to-one mapping from roles to Spring Security GrantedAuthorities.
- SimpleAttributes2GrantedAuthoritiesMapper() - Constructor for class org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper
- SimpleAuthorityMapper - Class in org.springframework.security.core.authority.mapping
-
Simple one-to-one
GrantedAuthoritiesMapper
which allows for case conversion of the authority name and the addition of a string prefix (which defaults toROLE_
). - SimpleAuthorityMapper() - Constructor for class org.springframework.security.core.authority.mapping.SimpleAuthorityMapper
- SimpleGrantedAuthority - Class in org.springframework.security.core.authority
-
Basic concrete implementation of a
GrantedAuthority
. - SimpleGrantedAuthority(String) - Constructor for class org.springframework.security.core.authority.SimpleGrantedAuthority
- SimpleGrantedAuthorityMixin - Class in org.springframework.security.jackson2
-
Jackson Mixin class helps in serialize/deserialize
SimpleGrantedAuthority
. - SimpleGrantedAuthorityMixin(String) - Constructor for class org.springframework.security.jackson2.SimpleGrantedAuthorityMixin
-
Mixin Constructor.
- SimpleMappableAttributesRetriever - Class in org.springframework.security.core.authority.mapping
-
This class implements the MappableAttributesRetriever interface by just returning a list of mappable attributes as previously set using the corresponding setter method.
- SimpleMappableAttributesRetriever() - Constructor for class org.springframework.security.core.authority.mapping.SimpleMappableAttributesRetriever
- SimpleMethodInvocation - Class in org.springframework.security.util
-
Represents the AOP Alliance
MethodInvocation
. - SimpleMethodInvocation() - Constructor for class org.springframework.security.util.SimpleMethodInvocation
- SimpleMethodInvocation(Object, Method, Object...) - Constructor for class org.springframework.security.util.SimpleMethodInvocation
- SpringAuthorizationEventPublisher - Class in org.springframework.security.authorization
-
An implementation of
AuthorizationEventPublisher
that uses Spring's event publishing support. - SpringAuthorizationEventPublisher(ApplicationEventPublisher) - Constructor for class org.springframework.security.authorization.SpringAuthorizationEventPublisher
-
Construct this publisher using Spring's
ApplicationEventPublisher
- SpringCacheBasedUserCache - Class in org.springframework.security.core.userdetails.cache
-
Caches
UserDetails
instances in a Spring definedCache
. - SpringCacheBasedUserCache(Cache) - Constructor for class org.springframework.security.core.userdetails.cache.SpringCacheBasedUserCache
- SpringSecurityCoreVersion - Class in org.springframework.security.core
-
Internal class used for checking version compatibility in a deployed application.
- SpringSecurityMessageSource - Class in org.springframework.security.core
-
The default
MessageSource
used by Spring Security. - SpringSecurityMessageSource() - Constructor for class org.springframework.security.core.SpringSecurityMessageSource
- submit(Runnable) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
- submit(Runnable) - Method in class org.springframework.security.task.DelegatingSecurityContextAsyncTaskExecutor
- submit(Runnable, T) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
- submit(Callable<T>) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
- submit(Callable<T>) - Method in class org.springframework.security.task.DelegatingSecurityContextAsyncTaskExecutor
- supports(Class<?>) - Method in interface org.springframework.security.access.AccessDecisionManager
-
Indicates whether the
AccessDecisionManager
implementation is able to provide access control decisions for the indicated secured object type. - supports(Class<?>) - Method in interface org.springframework.security.access.AccessDecisionVoter
-
Indicates whether the
AccessDecisionVoter
implementation is able to provide access control votes for the indicated secured object type. - supports(Class<?>) - Method in interface org.springframework.security.access.AfterInvocationProvider
-
Indicates whether the
AfterInvocationProvider
is able to provide "after invocation" processing for the indicated secured object type. - supports(Class<?>) - Method in class org.springframework.security.access.annotation.Jsr250Voter
-
All classes are supported.
- supports(Class<?>) - Method in interface org.springframework.security.access.intercept.AfterInvocationManager
-
Indicates whether the
AfterInvocationManager
implementation is able to provide access control decisions for the indicated secured object type. - supports(Class<?>) - Method in class org.springframework.security.access.intercept.AfterInvocationProviderManager
-
Iterates through all
AfterInvocationProvider
s and ensures each can support the presented class. - supports(Class<?>) - Method in class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider
- supports(Class<?>) - Method in interface org.springframework.security.access.intercept.RunAsManager
-
Indicates whether the
RunAsManager
implementation is able to provide run-as replacement for the indicated secure object type. - supports(Class<?>) - Method in class org.springframework.security.access.intercept.RunAsManagerImpl
-
This implementation supports any type of class, because it does not query the presented secure object.
- supports(Class<?>) - Method in class org.springframework.security.access.method.AbstractMethodSecurityMetadataSource
- supports(Class<?>) - Method in class org.springframework.security.access.prepost.PostInvocationAdviceProvider
- supports(Class<?>) - Method in class org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter
- supports(Class<?>) - Method in interface org.springframework.security.access.SecurityMetadataSource
-
Indicates whether the
SecurityMetadataSource
implementation is able to provideConfigAttribute
s for the indicated secure object type. - supports(Class<?>) - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager
-
Iterates through all
AccessDecisionVoter
s and ensures each can support the presented class. - supports(Class<?>) - Method in class org.springframework.security.access.vote.AbstractAclVoter
-
This implementation supports only
MethodSecurityInterceptor
, because it queries the presentedMethodInvocation
. - supports(Class<?>) - Method in class org.springframework.security.access.vote.AuthenticatedVoter
-
This implementation supports any type of class, because it does not query the presented secure object.
- supports(Class<?>) - Method in class org.springframework.security.access.vote.RoleVoter
-
This implementation supports any type of class, because it does not query the presented secure object.
- supports(Class<?>) - Method in class org.springframework.security.authentication.AnonymousAuthenticationProvider
- supports(Class<?>) - Method in interface org.springframework.security.authentication.AuthenticationProvider
-
Returns
true
if thisAuthenticationProvider
supports the indicatedAuthentication
object. - supports(Class<?>) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- supports(Class<?>) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
- supports(Class<?>) - Method in class org.springframework.security.authentication.rcp.RemoteAuthenticationProvider
-
Deprecated.
- supports(Class<?>) - Method in class org.springframework.security.authentication.RememberMeAuthenticationProvider
- supports(Class<?>) - Method in class org.springframework.security.authentication.TestingAuthenticationProvider
- supports(ConfigAttribute) - Method in interface org.springframework.security.access.AccessDecisionManager
-
Indicates whether this
AccessDecisionManager
is able to process authorization requests presented with the passedConfigAttribute
. - supports(ConfigAttribute) - Method in interface org.springframework.security.access.AccessDecisionVoter
-
Indicates whether this
AccessDecisionVoter
is able to vote on the passedConfigAttribute
. - supports(ConfigAttribute) - Method in interface org.springframework.security.access.AfterInvocationProvider
-
Indicates whether this
AfterInvocationProvider
is able to participate in a decision involving the passedConfigAttribute
. - supports(ConfigAttribute) - Method in class org.springframework.security.access.annotation.Jsr250Voter
-
The specified config attribute is supported if its an instance of a
Jsr250SecurityConfig
. - supports(ConfigAttribute) - Method in interface org.springframework.security.access.intercept.AfterInvocationManager
-
Indicates whether this
AfterInvocationManager
is able to process "after invocation" requests presented with the passedConfigAttribute
. - supports(ConfigAttribute) - Method in class org.springframework.security.access.intercept.AfterInvocationProviderManager
- supports(ConfigAttribute) - Method in interface org.springframework.security.access.intercept.RunAsManager
-
Indicates whether this
RunAsManager
is able to process the passedConfigAttribute
. - supports(ConfigAttribute) - Method in class org.springframework.security.access.intercept.RunAsManagerImpl
- supports(ConfigAttribute) - Method in class org.springframework.security.access.prepost.PostInvocationAdviceProvider
- supports(ConfigAttribute) - Method in class org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter
- supports(ConfigAttribute) - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager
- supports(ConfigAttribute) - Method in class org.springframework.security.access.vote.AuthenticatedVoter
- supports(ConfigAttribute) - Method in class org.springframework.security.access.vote.RoleVoter
- SYSTEM_PROPERTY - Static variable in class org.springframework.security.core.context.SecurityContextHolder
T
- TestingAuthenticationProvider - Class in org.springframework.security.authentication
-
An
AuthenticationProvider
implementation for theTestingAuthenticationToken
. - TestingAuthenticationProvider() - Constructor for class org.springframework.security.authentication.TestingAuthenticationProvider
- TestingAuthenticationToken - Class in org.springframework.security.authentication
-
An
Authentication
implementation that is designed for use whilst unit testing. - TestingAuthenticationToken(Object, Object) - Constructor for class org.springframework.security.authentication.TestingAuthenticationToken
- TestingAuthenticationToken(Object, Object, String...) - Constructor for class org.springframework.security.authentication.TestingAuthenticationToken
- TestingAuthenticationToken(Object, Object, List<GrantedAuthority>) - Constructor for class org.springframework.security.authentication.TestingAuthenticationToken
- Token - Interface in org.springframework.security.core.token
-
A token issued by
TokenService
. - TokenService - Interface in org.springframework.security.core.token
-
Provides a mechanism to allocate and rebuild secure, randomised tokens.
- toString() - Method in class org.springframework.security.access.intercept.RunAsUserToken
- toString() - Method in class org.springframework.security.access.SecurityConfig
- toString() - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager
- toString() - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
- toString() - Method in class org.springframework.security.authentication.jaas.JaasGrantedAuthority
- toString() - Method in class org.springframework.security.authorization.AuthorityAuthorizationDecision
- toString() - Method in class org.springframework.security.authorization.AuthorityAuthorizationManager
- toString() - Method in class org.springframework.security.authorization.AuthorizationDecision
- toString() - Method in class org.springframework.security.authorization.method.ExpressionAttributeAuthorizationDecision
- toString() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextCallable
- toString() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextRunnable
- toString() - Method in class org.springframework.security.core.authority.SimpleGrantedAuthority
- toString() - Method in class org.springframework.security.core.context.SecurityContextHolder
- toString() - Method in class org.springframework.security.core.context.SecurityContextImpl
- toString() - Method in class org.springframework.security.core.token.DefaultToken
- toString() - Method in class org.springframework.security.core.userdetails.User
- toString() - Method in class org.springframework.security.util.SimpleMethodInvocation
- Transient - Annotation Type in org.springframework.security.core
-
A marker for
Authentication
s that should never be stored across requests, for example a bearer token authentication - TransientSecurityContext - Class in org.springframework.security.core.context
-
A
SecurityContext
that is annotated with @Transient
and thus should never be stored across requests. - TransientSecurityContext() - Constructor for class org.springframework.security.core.context.TransientSecurityContext
- TransientSecurityContext(Authentication) - Constructor for class org.springframework.security.core.context.TransientSecurityContext
U
- UnanimousBased - Class in org.springframework.security.access.vote
-
Simple concrete implementation of
AccessDecisionManager
that requires all voters to abstain or grant access. - UnanimousBased(List<AccessDecisionVoter<?>>) - Constructor for class org.springframework.security.access.vote.UnanimousBased
- unauthenticated(Object, Object) - Static method in class org.springframework.security.authentication.UsernamePasswordAuthenticationToken
-
This factory method can be safely used by any code that wishes to create a unauthenticated
UsernamePasswordAuthenticationToken
. - updatePassword(UserDetails, String) - Method in class org.springframework.security.core.userdetails.MapReactiveUserDetailsService
- updatePassword(UserDetails, String) - Method in interface org.springframework.security.core.userdetails.ReactiveUserDetailsPasswordService
-
Modify the specified user's password.
- updatePassword(UserDetails, String) - Method in interface org.springframework.security.core.userdetails.UserDetailsPasswordService
-
Modify the specified user's password.
- updatePassword(UserDetails, String) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
- updateUser(UserDetails) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
- updateUser(UserDetails) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- updateUser(UserDetails) - Method in interface org.springframework.security.provisioning.UserDetailsManager
-
Update the specified user.
- User - Class in org.springframework.security.core.userdetails
-
Models core user information retrieved by a
UserDetailsService
. - User(String, String, boolean, boolean, boolean, boolean, Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.core.userdetails.User
-
Construct the
User
with the details required byDaoAuthenticationProvider
. - User(String, String, Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.core.userdetails.User
-
Calls the more complex constructor with all boolean arguments set to
true
. - User.UserBuilder - Class in org.springframework.security.core.userdetails
-
Builds the user to be added.
- UserAttribute - Class in org.springframework.security.core.userdetails.memory
-
Used by
InMemoryUserDetailsManager
to temporarily store the attributes associated with a user. - UserAttribute() - Constructor for class org.springframework.security.core.userdetails.memory.UserAttribute
- UserAttributeEditor - Class in org.springframework.security.core.userdetails.memory
-
Property editor that creates a
UserAttribute
from a comma separated list of values. - UserAttributeEditor() - Constructor for class org.springframework.security.core.userdetails.memory.UserAttributeEditor
- UserCache - Interface in org.springframework.security.core.userdetails
-
Provides a cache of
UserDetails
objects. - UserDetails - Interface in org.springframework.security.core.userdetails
-
Provides core user information.
- UserDetailsByNameServiceWrapper<T extends Authentication> - Class in org.springframework.security.core.userdetails
-
This implementation for AuthenticationUserDetailsService wraps a regular Spring Security UserDetailsService implementation, to retrieve a UserDetails object based on the user name contained in an Authentication object.
- UserDetailsByNameServiceWrapper() - Constructor for class org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper
-
Constructs an empty wrapper for compatibility with Spring Security 2.0.x's method of using a setter.
- UserDetailsByNameServiceWrapper(UserDetailsService) - Constructor for class org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper
-
Constructs a new wrapper using the supplied
UserDetailsService
as the service to delegate to. - UserDetailsChecker - Interface in org.springframework.security.core.userdetails
-
Called by classes which make use of a
UserDetailsService
to check the status of the loaded UserDetails object. - UserDetailsManager - Interface in org.springframework.security.provisioning
-
An extension of the
UserDetailsService
which provides the ability to create new users and update existing ones. - UserDetailsPasswordService - Interface in org.springframework.security.core.userdetails
-
An API for changing a
UserDetails
password. - UserDetailsRepositoryReactiveAuthenticationManager - Class in org.springframework.security.authentication
-
A
ReactiveAuthenticationManager
that uses aReactiveUserDetailsService
to validate the provided username and password. - UserDetailsRepositoryReactiveAuthenticationManager(ReactiveUserDetailsService) - Constructor for class org.springframework.security.authentication.UserDetailsRepositoryReactiveAuthenticationManager
- UserDetailsService - Interface in org.springframework.security.core.userdetails
-
Core interface which loads user-specific data.
- userExists(String) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
- userExists(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- userExists(String) - Method in interface org.springframework.security.provisioning.UserDetailsManager
-
Check if a user with the supplied login name exists in the system.
- username(String) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
-
Populates the username.
- UsernameNotFoundException - Exception in org.springframework.security.core.userdetails
-
Thrown if an
UserDetailsService
implementation cannot locate aUser
by its username. - UsernameNotFoundException(String) - Constructor for exception org.springframework.security.core.userdetails.UsernameNotFoundException
-
Constructs a
UsernameNotFoundException
with the specified message. - UsernameNotFoundException(String, Throwable) - Constructor for exception org.springframework.security.core.userdetails.UsernameNotFoundException
-
Constructs a
UsernameNotFoundException
with the specified message and root cause. - UsernamePasswordAuthenticationToken - Class in org.springframework.security.authentication
-
An
Authentication
implementation that is designed for simple presentation of a username and password. - UsernamePasswordAuthenticationToken(Object, Object) - Constructor for class org.springframework.security.authentication.UsernamePasswordAuthenticationToken
-
This constructor can be safely used by any code that wishes to create a
UsernamePasswordAuthenticationToken
, as theAbstractAuthenticationToken.isAuthenticated()
will returnfalse
. - UsernamePasswordAuthenticationToken(Object, Object, Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.authentication.UsernamePasswordAuthenticationToken
-
This constructor should only be used by
AuthenticationManager
orAuthenticationProvider
implementations that are satisfied with producing a trusted (i.e.
V
- value() - Method in annotation type org.springframework.security.access.annotation.Secured
-
Returns the list of security configuration attributes (e.g. ROLE_USER, ROLE_ADMIN).
- value() - Method in annotation type org.springframework.security.access.method.P
-
Deprecated.The parameter name
- value() - Method in annotation type org.springframework.security.access.prepost.PostAuthorize
- value() - Method in annotation type org.springframework.security.access.prepost.PostFilter
- value() - Method in annotation type org.springframework.security.access.prepost.PreAuthorize
- value() - Method in annotation type org.springframework.security.access.prepost.PreFilter
- value() - Method in annotation type org.springframework.security.core.parameters.P
-
The parameter name
- valueOf(String) - Static method in enum org.springframework.security.authorization.method.AuthorizationInterceptorsOrder
-
Returns the enum constant of this type with the specified name.
- values() - Static method in enum org.springframework.security.authorization.method.AuthorizationInterceptorsOrder
-
Returns an array containing the constants of this enum type, in the order they are declared.
- verify(Supplier<Authentication>, T) - Method in interface org.springframework.security.authorization.AuthorizationManager
-
Determines if access should be granted for a specific authentication and object.
- verify(Mono<Authentication>, T) - Method in interface org.springframework.security.authorization.ReactiveAuthorizationManager
-
Determines if access should be granted for a specific authentication and object
- verifyToken(String) - Method in class org.springframework.security.core.token.KeyBasedPersistenceTokenService
- verifyToken(String) - Method in interface org.springframework.security.core.token.TokenService
-
Permits verification the
Token.getKey()
was issued by thisTokenService
and reconstructs the correspondingToken
. - vote(Authentication, Object, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.annotation.Jsr250Voter
-
Votes according to JSR 250.
- vote(Authentication, Object, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.vote.AuthenticatedVoter
- vote(Authentication, Object, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.vote.RoleVoter
- vote(Authentication, MethodInvocation, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter
- vote(Authentication, S, Collection<ConfigAttribute>) - Method in interface org.springframework.security.access.AccessDecisionVoter
-
Indicates whether or not access is granted.
W
- withAuthentication(Authentication) - Static method in class org.springframework.security.core.context.ReactiveSecurityContextHolder
-
A shortcut for
ReactiveSecurityContextHolder.withSecurityContext(Mono)
- withDefaultPasswordEncoder() - Static method in class org.springframework.security.core.userdetails.User
-
Deprecated.Using this method is not considered safe for production, but is acceptable for demos and getting started. For production purposes, ensure the password is encoded externally. See the method Javadoc for additional details. There are no plans to remove this support. It is deprecated to indicate that this is considered insecure for production purposes.
- withSecurityContext(Mono<? extends SecurityContext>) - Static method in class org.springframework.security.core.context.ReactiveSecurityContextHolder
-
Creates a Reactor
Context
that contains theMono<SecurityContext>
that can be merged into anotherContext
- withUserDetails(UserDetails) - Static method in class org.springframework.security.core.userdetails.User
- withUsername(String) - Static method in class org.springframework.security.core.userdetails.User
-
Creates a UserBuilder with a specified user name
- write - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
X
- x509() - Static method in class org.springframework.security.converter.RsaKeyConverters
-
Construct a
Converter
for converting a PEM-encoded X.509 RSA Public Key or X.509 Certificate into aRSAPublicKey
.
All Classes All Packages