Index
All Classes and Interfaces|All Packages|Constant Field Values|Serialized Form
A
- abort() - Method in class org.springframework.security.authentication.jaas.SecurityContextLoginModule
-
Abort the authentication process by forgetting the Spring Security
Authentication
. - AbstractAccessDecisionManager - Class in org.springframework.security.access.vote
-
Deprecated.
- AbstractAccessDecisionManager(List<AccessDecisionVoter<?>>) - Constructor for class org.springframework.security.access.vote.AbstractAccessDecisionManager
-
Deprecated.
- AbstractAclVoter - Class in org.springframework.security.access.vote
-
Deprecated.Now used by only-deprecated classes. Generally speaking, in-memory ACL is no longer advised, so no replacement is planned at this point.
- AbstractAclVoter() - Constructor for class org.springframework.security.access.vote.AbstractAclVoter
-
Deprecated.
- AbstractAuthenticationEvent - Class in org.springframework.security.authentication.event
-
Represents an application authentication event.
- AbstractAuthenticationEvent(Authentication) - Constructor for class org.springframework.security.authentication.event.AbstractAuthenticationEvent
- AbstractAuthenticationFailureEvent - Class in org.springframework.security.authentication.event
-
Abstract application event which indicates authentication failure for some reason.
- AbstractAuthenticationFailureEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AbstractAuthenticationFailureEvent
- AbstractAuthenticationToken - Class in org.springframework.security.authentication
-
Base class for
Authentication
objects. - AbstractAuthenticationToken(Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.authentication.AbstractAuthenticationToken
-
Creates a token with the supplied array of authorities.
- AbstractAuthorizationEvent - Class in org.springframework.security.access.event
-
Deprecated.Authorization events have moved. Consider
AuthorizationGrantedEvent
andAuthorizationDeniedEvent
- AbstractAuthorizationEvent(Object) - Constructor for class org.springframework.security.access.event.AbstractAuthorizationEvent
-
Deprecated.Construct the event, passing in the secure object being intercepted.
- AbstractFallbackMethodSecurityMetadataSource - Class in org.springframework.security.access.method
-
Deprecated.Use the
use-authorization-manager
attribute for<method-security>
and<intercept-methods>
instead or use annotation-based orAuthorizationManager
-based authorization - AbstractFallbackMethodSecurityMetadataSource() - Constructor for class org.springframework.security.access.method.AbstractFallbackMethodSecurityMetadataSource
-
Deprecated.
- AbstractJaasAuthenticationProvider - Class in org.springframework.security.authentication.jaas
-
An
AuthenticationProvider
implementation that retrieves user details from a JAAS login configuration. - AbstractJaasAuthenticationProvider() - Constructor for class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
- AbstractMethodSecurityMetadataSource - Class in org.springframework.security.access.method
-
Deprecated.Use the
use-authorization-manager
attribute for<method-security>
and<intercept-methods>
instead or use annotation-based orAuthorizationManager
-based authorization - AbstractMethodSecurityMetadataSource() - Constructor for class org.springframework.security.access.method.AbstractMethodSecurityMetadataSource
-
Deprecated.
- AbstractSecurityExpressionHandler<T> - Class in org.springframework.security.access.expression
-
Base implementation of the facade which isolates Spring Security's requirements for evaluating security expressions from the implementation of the underlying expression objects.
- AbstractSecurityExpressionHandler() - Constructor for class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
- AbstractSecurityInterceptor - Class in org.springframework.security.access.intercept
-
Deprecated.Use
org.springframework.security.web.access.intercept.AuthorizationFilter
instead for filter security,org.springframework.security.messaging.access.intercept.AuthorizationChannelInterceptor
for messaging security, orAuthorizationManagerBeforeMethodInterceptor
andAuthorizationManagerAfterMethodInterceptor
for method security. - AbstractSecurityInterceptor() - Constructor for class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
Deprecated.
- AbstractSessionEvent - Class in org.springframework.security.core.session
-
Abstract superclass for all session related events.
- AbstractSessionEvent(Object) - Constructor for class org.springframework.security.core.session.AbstractSessionEvent
- AbstractUserDetailsAuthenticationProvider - Class in org.springframework.security.authentication.dao
-
A base
AuthenticationProvider
that allows subclasses to override and work withUserDetails
objects. - AbstractUserDetailsAuthenticationProvider() - Constructor for class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- AbstractUserDetailsReactiveAuthenticationManager - Class in org.springframework.security.authentication
-
A base
ReactiveAuthenticationManager
that allows subclasses to override and work withUserDetails
objects. - AbstractUserDetailsReactiveAuthenticationManager() - Constructor for class org.springframework.security.authentication.AbstractUserDetailsReactiveAuthenticationManager
- ACCESS_ABSTAIN - Static variable in interface org.springframework.security.access.AccessDecisionVoter
-
Deprecated.
- ACCESS_DENIED - Static variable in interface org.springframework.security.access.AccessDecisionVoter
-
Deprecated.
- ACCESS_GRANTED - Static variable in interface org.springframework.security.access.AccessDecisionVoter
-
Deprecated.
- AccessDecisionManager - Interface in org.springframework.security.access
-
Deprecated.Use
AuthorizationManager
instead - AccessDecisionVoter<S> - Interface in org.springframework.security.access
-
Deprecated.Use
AuthorizationManager
instead - AccessDeniedException - Exception in org.springframework.security.access
-
Thrown if an
Authentication
object does not hold a required authority. - AccessDeniedException(String) - Constructor for exception org.springframework.security.access.AccessDeniedException
-
Constructs an
AccessDeniedException
with the specified message. - AccessDeniedException(String, Throwable) - Constructor for exception org.springframework.security.access.AccessDeniedException
-
Constructs an
AccessDeniedException
with the specified message and root cause. - accountExpired(boolean) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
-
Defines if the account is expired or not.
- AccountExpiredException - Exception in org.springframework.security.authentication
-
Thrown if an authentication request is rejected because the account has expired.
- AccountExpiredException(String) - Constructor for exception org.springframework.security.authentication.AccountExpiredException
-
Constructs a
AccountExpiredException
with the specified message. - AccountExpiredException(String, Throwable) - Constructor for exception org.springframework.security.authentication.AccountExpiredException
-
Constructs a
AccountExpiredException
with the specified message and root cause. - accountLocked(boolean) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
-
Defines if the account is locked or not.
- AccountStatusException - Exception in org.springframework.security.authentication
-
Base class for authentication exceptions which are caused by a particular user account status (locked, disabled etc).
- AccountStatusException(String) - Constructor for exception org.springframework.security.authentication.AccountStatusException
- AccountStatusException(String, Throwable) - Constructor for exception org.springframework.security.authentication.AccountStatusException
- AccountStatusUserDetailsChecker - Class in org.springframework.security.authentication
- AccountStatusUserDetailsChecker() - Constructor for class org.springframework.security.authentication.AccountStatusUserDetailsChecker
- addAuthority(GrantedAuthority) - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
- addCustomAuthorities(String, List<GrantedAuthority>) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
-
Allows subclasses to add their own granted authorities to the list to be returned in the UserDetails.
- addGroupAuthority(String, GrantedAuthority) - Method in interface org.springframework.security.provisioning.GroupManager
-
Assigns a new authority to a group.
- addGroupAuthority(String, GrantedAuthority) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- additionalAuthenticationChecks(UserDetails, UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
-
Allows subclasses to perform any additional checks of a returned (or cached)
UserDetails
for a given authentication request. - additionalAuthenticationChecks(UserDetails, UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
- addListener(SmartApplicationListener) - Method in class org.springframework.security.context.DelegatingApplicationListener
-
Adds a new SmartApplicationListener to use.
- addSecureMethod(Class<?>, Method, List<ConfigAttribute>) - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
-
Deprecated.Adds configuration attributes for a specific method, for example where the method has been matched using a pointcut expression.
- addSecureMethod(Class<?>, String, List<ConfigAttribute>) - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
-
Deprecated.Add configuration attributes for a secure method.
- addUserToGroup(String, String) - Method in interface org.springframework.security.provisioning.GroupManager
-
Makes a user a member of a particular group.
- addUserToGroup(String, String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- admin - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
- AffirmativeBased - Class in org.springframework.security.access.vote
-
Deprecated.Use
AuthorizationManager
instead - AffirmativeBased(List<AccessDecisionVoter<?>>) - Constructor for class org.springframework.security.access.vote.AffirmativeBased
-
Deprecated.
- after(Authentication, MethodInvocation, PostInvocationAttribute, Object) - Method in class org.springframework.security.access.expression.method.ExpressionBasedPostInvocationAdvice
-
Deprecated.
- after(Authentication, MethodInvocation, PostInvocationAttribute, Object) - Method in interface org.springframework.security.access.prepost.PostInvocationAuthorizationAdvice
-
Deprecated.
- afterInvocation(InterceptorStatusToken, Object) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
Deprecated.Completes the work of the AbstractSecurityInterceptor after the secure object invocation has been completed.
- AfterInvocationManager - Interface in org.springframework.security.access.intercept
-
Deprecated.Use delegation with
AuthorizationManager
- AfterInvocationProvider - Interface in org.springframework.security.access
-
Deprecated.Use delegation with
AuthorizationManager
- AfterInvocationProviderManager - Class in org.springframework.security.access.intercept
-
Deprecated.Use delegation with
AuthorizationManager
- AfterInvocationProviderManager() - Constructor for class org.springframework.security.access.intercept.AfterInvocationProviderManager
-
Deprecated.
- afterPropertiesSet() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
Deprecated.
- afterPropertiesSet() - Method in class org.springframework.security.access.intercept.AfterInvocationProviderManager
-
Deprecated.
- afterPropertiesSet() - Method in class org.springframework.security.access.intercept.MethodInvocationPrivilegeEvaluator
-
Deprecated.
- afterPropertiesSet() - Method in class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider
-
Deprecated.
- afterPropertiesSet() - Method in class org.springframework.security.access.intercept.RunAsManagerImpl
-
Deprecated.
- afterPropertiesSet() - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager
-
Deprecated.
- afterPropertiesSet() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- afterPropertiesSet() - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
-
Validates the required properties are set.
- afterPropertiesSet() - Method in class org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider
- afterPropertiesSet() - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
- afterPropertiesSet() - Method in class org.springframework.security.authentication.ProviderManager
- afterPropertiesSet() - Method in class org.springframework.security.authentication.RememberMeAuthenticationProvider
- afterPropertiesSet() - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
- afterPropertiesSet() - Method in class org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper
-
Check whether all properties have been set to correct values.
- afterPropertiesSet() - Method in class org.springframework.security.core.authority.mapping.SimpleAuthorityMapper
- afterPropertiesSet() - Method in class org.springframework.security.core.token.KeyBasedPersistenceTokenService
- afterPropertiesSet() - Method in class org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper
-
Check whether all required properties have been set.
- allocateToken(String) - Method in class org.springframework.security.core.token.KeyBasedPersistenceTokenService
- allocateToken(String) - Method in interface org.springframework.security.core.token.TokenService
-
Forces the allocation of a new
Token
. - allOf(AuthorizationManager<T>...) - Static method in class org.springframework.security.authorization.AuthorizationManagers
-
Creates an
AuthorizationManager
that grants access if allAuthorizationManager
s granted or abstained, ifmanagers
are empty then granted decision is returned. - AnnotationMetadataExtractor<A extends Annotation> - Interface in org.springframework.security.access.annotation
-
Deprecated.Used only by now-deprecated classes. Consider
SecuredAuthorizationManager
for `@Secured` methods. - AnnotationParameterNameDiscoverer - Class in org.springframework.security.core.parameters
-
Allows finding parameter names using the value attribute of any number of
Annotation
instances. - AnnotationParameterNameDiscoverer(String...) - Constructor for class org.springframework.security.core.parameters.AnnotationParameterNameDiscoverer
- AnnotationParameterNameDiscoverer(Set<String>) - Constructor for class org.springframework.security.core.parameters.AnnotationParameterNameDiscoverer
- anonymous() - Static method in class org.springframework.security.authorization.AuthenticatedAuthorizationManager
-
Creates an instance of
AuthenticatedAuthorizationManager
that determines if theAuthentication
is anonymous. - AnonymousAuthenticationProvider - Class in org.springframework.security.authentication
-
An
AuthenticationProvider
implementation that validatesAnonymousAuthenticationToken
s. - AnonymousAuthenticationProvider(String) - Constructor for class org.springframework.security.authentication.AnonymousAuthenticationProvider
- AnonymousAuthenticationToken - Class in org.springframework.security.authentication
-
Represents an anonymous
Authentication
. - AnonymousAuthenticationToken(String, Object, Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.authentication.AnonymousAuthenticationToken
-
Constructor.
- anyOf(AuthorizationManager<T>...) - Static method in class org.springframework.security.authorization.AuthorizationManagers
-
Creates an
AuthorizationManager
that grants access if at least oneAuthorizationManager
granted or abstained, ifmanagers
are empty then denied decision is returned. - AspectJCallback - Interface in org.springframework.security.access.intercept.aspectj
-
Deprecated.This class will be removed from the public API. Please either use `spring-security-aspects`, Spring Security's method security support or create your own class that uses Spring AOP annotations.
- AspectJMethodSecurityInterceptor - Class in org.springframework.security.access.intercept.aspectj
-
Deprecated.This class will be removed from the public API. Please either use `spring-security-aspects`, Spring Security's method security support or create your own class that uses Spring AOP annotations.
- AspectJMethodSecurityInterceptor() - Constructor for class org.springframework.security.access.intercept.aspectj.AspectJMethodSecurityInterceptor
-
Deprecated.
- Attributes2GrantedAuthoritiesMapper - Interface in org.springframework.security.core.authority.mapping
-
Interface to be implemented by classes that can map a list of security attributes (such as roles or group names) to a collection of Spring Security
GrantedAuthority
s. - authenticate(Authentication) - Method in class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider
-
Deprecated.
- authenticate(Authentication) - Method in class org.springframework.security.authentication.AbstractUserDetailsReactiveAuthenticationManager
- authenticate(Authentication) - Method in class org.springframework.security.authentication.AnonymousAuthenticationProvider
- authenticate(Authentication) - Method in interface org.springframework.security.authentication.AuthenticationManager
-
Attempts to authenticate the passed
Authentication
object, returning a fully populatedAuthentication
object (including granted authorities) if successful. - authenticate(Authentication) - Method in interface org.springframework.security.authentication.AuthenticationProvider
-
Performs authentication with the same contract as
AuthenticationManager.authenticate(Authentication)
. - authenticate(Authentication) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- authenticate(Authentication) - Method in class org.springframework.security.authentication.DelegatingReactiveAuthenticationManager
- authenticate(Authentication) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
-
Attempts to login the user given the Authentication objects principal and credential
- authenticate(Authentication) - Method in class org.springframework.security.authentication.ObservationAuthenticationManager
- authenticate(Authentication) - Method in class org.springframework.security.authentication.ObservationReactiveAuthenticationManager
- authenticate(Authentication) - Method in class org.springframework.security.authentication.ProviderManager
-
Attempts to authenticate the passed
Authentication
object. - authenticate(Authentication) - Method in interface org.springframework.security.authentication.ReactiveAuthenticationManager
-
Attempts to authenticate the provided
Authentication
- authenticate(Authentication) - Method in class org.springframework.security.authentication.ReactiveAuthenticationManagerAdapter
- authenticate(Authentication) - Method in class org.springframework.security.authentication.RememberMeAuthenticationProvider
- authenticate(Authentication) - Method in class org.springframework.security.authentication.TestingAuthenticationProvider
- authenticated() - Static method in class org.springframework.security.authorization.AuthenticatedAuthorizationManager
-
Creates an instance of
AuthenticatedAuthorizationManager
. - authenticated() - Static method in class org.springframework.security.authorization.AuthenticatedReactiveAuthorizationManager
-
Gets an instance of
AuthenticatedReactiveAuthorizationManager
- authenticated(Object, Object, Collection<? extends GrantedAuthority>) - Static method in class org.springframework.security.authentication.UsernamePasswordAuthenticationToken
-
This factory method can be safely used by any code that wishes to create a authenticated
UsernamePasswordAuthenticationToken
. - AuthenticatedAuthorizationManager<T> - Class in org.springframework.security.authorization
-
An
AuthorizationManager
that determines if the current user is authenticated. - AuthenticatedAuthorizationManager() - Constructor for class org.springframework.security.authorization.AuthenticatedAuthorizationManager
-
Creates an instance that determines if the current user is authenticated, this is the same as calling
AuthenticatedAuthorizationManager.authenticated()
factory method. - AuthenticatedPrincipal - Interface in org.springframework.security.core
-
Representation of an authenticated
Principal
once anAuthentication
request has been successfully authenticated by theAuthenticationManager.authenticate(Authentication)
method. - AuthenticatedReactiveAuthorizationManager<T> - Class in org.springframework.security.authorization
-
A
ReactiveAuthorizationManager
that determines if the current user is authenticated. - AuthenticatedVoter - Class in org.springframework.security.access.vote
-
Deprecated.Use
AuthorityAuthorizationManager
instead - AuthenticatedVoter() - Constructor for class org.springframework.security.access.vote.AuthenticatedVoter
-
Deprecated.
- Authentication - Interface in org.springframework.security.core
-
Represents the token for an authentication request or for an authenticated principal once the request has been processed by the
AuthenticationManager.authenticate(Authentication)
method. - AuthenticationCredentialsNotFoundEvent - Class in org.springframework.security.access.event
-
Deprecated.Authentication is now separated from authorization. Consider
AbstractAuthenticationFailureEvent
instead. - AuthenticationCredentialsNotFoundEvent(Object, Collection<ConfigAttribute>, AuthenticationCredentialsNotFoundException) - Constructor for class org.springframework.security.access.event.AuthenticationCredentialsNotFoundEvent
-
Deprecated.Construct the event.
- AuthenticationCredentialsNotFoundException - Exception in org.springframework.security.authentication
-
Thrown if an authentication request is rejected because there is no
Authentication
object in theSecurityContext
. - AuthenticationCredentialsNotFoundException(String) - Constructor for exception org.springframework.security.authentication.AuthenticationCredentialsNotFoundException
-
Constructs an
AuthenticationCredentialsNotFoundException
with the specified message. - AuthenticationCredentialsNotFoundException(String, Throwable) - Constructor for exception org.springframework.security.authentication.AuthenticationCredentialsNotFoundException
-
Constructs an
AuthenticationCredentialsNotFoundException
with the specified message and root cause. - AuthenticationDetailsSource<C,
T> - Interface in org.springframework.security.authentication -
Provides a
Authentication.getDetails()
object for a given web request. - AuthenticationEventPublisher - Interface in org.springframework.security.authentication
- AuthenticationException - Exception in org.springframework.security.core
-
Abstract superclass for all exceptions related to an
Authentication
object being invalid for whatever reason. - AuthenticationException(String) - Constructor for exception org.springframework.security.core.AuthenticationException
-
Constructs an
AuthenticationException
with the specified message and no root cause. - AuthenticationException(String, Throwable) - Constructor for exception org.springframework.security.core.AuthenticationException
-
Constructs an
AuthenticationException
with the specified message and root cause. - AuthenticationFailureBadCredentialsEvent - Class in org.springframework.security.authentication.event
-
Application event which indicates authentication failure due to invalid credentials being presented.
- AuthenticationFailureBadCredentialsEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureBadCredentialsEvent
- AuthenticationFailureCredentialsExpiredEvent - Class in org.springframework.security.authentication.event
-
Application event which indicates authentication failure due to the user's credentials having expired.
- AuthenticationFailureCredentialsExpiredEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureCredentialsExpiredEvent
- AuthenticationFailureDisabledEvent - Class in org.springframework.security.authentication.event
-
Application event which indicates authentication failure due to the user's account being disabled.
- AuthenticationFailureDisabledEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureDisabledEvent
- AuthenticationFailureExpiredEvent - Class in org.springframework.security.authentication.event
-
Application event which indicates authentication failure due to the user's account having expired.
- AuthenticationFailureExpiredEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureExpiredEvent
- AuthenticationFailureLockedEvent - Class in org.springframework.security.authentication.event
-
Application event which indicates authentication failure due to the user's account having been locked.
- AuthenticationFailureLockedEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureLockedEvent
- AuthenticationFailureProviderNotFoundEvent - Class in org.springframework.security.authentication.event
-
Application event which indicates authentication failure due to there being no registered
AuthenticationProvider
that can process the request. - AuthenticationFailureProviderNotFoundEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureProviderNotFoundEvent
- AuthenticationFailureProxyUntrustedEvent - Class in org.springframework.security.authentication.event
-
Application event which indicates authentication failure due to the CAS user's ticket being generated by an untrusted proxy.
- AuthenticationFailureProxyUntrustedEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureProxyUntrustedEvent
- AuthenticationFailureServiceExceptionEvent - Class in org.springframework.security.authentication.event
-
Application event which indicates authentication failure due to there being a problem internal to the
AuthenticationManager
. - AuthenticationFailureServiceExceptionEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureServiceExceptionEvent
- AuthenticationManager - Interface in org.springframework.security.authentication
-
Processes an
Authentication
request. - AuthenticationManagerResolver<C> - Interface in org.springframework.security.authentication
-
An interface for resolving an
AuthenticationManager
based on the provided context - AuthenticationObservationContext - Class in org.springframework.security.authentication
-
An
Observation.Context
used during authentications - AuthenticationObservationContext() - Constructor for class org.springframework.security.authentication.AuthenticationObservationContext
- AuthenticationObservationConvention - Class in org.springframework.security.authentication
-
An
ObservationConvention
for translating authentications intoKeyValues
. - AuthenticationObservationConvention() - Constructor for class org.springframework.security.authentication.AuthenticationObservationConvention
- AuthenticationPrincipal - Annotation Interface in org.springframework.security.core.annotation
-
Annotation that is used to resolve
Authentication.getPrincipal()
to a method argument. - AuthenticationProvider - Interface in org.springframework.security.authentication
-
Indicates a class can process a specific
Authentication
implementation. - AuthenticationServiceException - Exception in org.springframework.security.authentication
-
Thrown if an authentication request could not be processed due to a system problem.
- AuthenticationServiceException(String) - Constructor for exception org.springframework.security.authentication.AuthenticationServiceException
-
Constructs an
AuthenticationServiceException
with the specified message. - AuthenticationServiceException(String, Throwable) - Constructor for exception org.springframework.security.authentication.AuthenticationServiceException
-
Constructs an
AuthenticationServiceException
with the specified message and root cause. - AuthenticationSuccessEvent - Class in org.springframework.security.authentication.event
-
Application event which indicates successful authentication.
- AuthenticationSuccessEvent(Authentication) - Constructor for class org.springframework.security.authentication.event.AuthenticationSuccessEvent
- AuthenticationTrustResolver - Interface in org.springframework.security.authentication
-
Evaluates
Authentication
tokens - AuthenticationTrustResolverImpl - Class in org.springframework.security.authentication
-
Basic implementation of
AuthenticationTrustResolver
. - AuthenticationTrustResolverImpl() - Constructor for class org.springframework.security.authentication.AuthenticationTrustResolverImpl
- AuthenticationUserDetailsService<T extends Authentication> - Interface in org.springframework.security.core.userdetails
-
Interface that allows for retrieving a UserDetails object based on an Authentication object.
- authorities(String...) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
-
Populates the authorities.
- authorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
-
Populates the authorities.
- authorities(GrantedAuthority...) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
-
Populates the authorities.
- AuthorityAuthorizationDecision - Class in org.springframework.security.authorization
-
Represents an
AuthorizationDecision
based on a collection of authorities - AuthorityAuthorizationDecision(boolean, Collection<GrantedAuthority>) - Constructor for class org.springframework.security.authorization.AuthorityAuthorizationDecision
- AuthorityAuthorizationManager<T> - Class in org.springframework.security.authorization
-
An
AuthorizationManager
that determines if the current user is authorized by evaluating if theAuthentication
contains a specified authority. - AuthorityGranter - Interface in org.springframework.security.authentication.jaas
-
The AuthorityGranter interface is used to map a given principal to role names.
- authorityListToSet(Collection<? extends GrantedAuthority>) - Static method in class org.springframework.security.core.authority.AuthorityUtils
-
Converts an array of GrantedAuthority objects to a Set.
- AuthorityReactiveAuthorizationManager<T> - Class in org.springframework.security.authorization
-
A
ReactiveAuthorizationManager
that determines if the current user is authorized by evaluating if theAuthentication
contains a specified authority. - AuthorityUtils - Class in org.springframework.security.core.authority
-
Utility method for manipulating GrantedAuthority collections etc.
- AuthorizationDecision - Class in org.springframework.security.authorization
- AuthorizationDecision(boolean) - Constructor for class org.springframework.security.authorization.AuthorizationDecision
- AuthorizationDeniedEvent<T> - Class in org.springframework.security.authorization.event
-
An
ApplicationEvent
which indicates failed authorization. - AuthorizationDeniedEvent(Supplier<Authentication>, T, AuthorizationDecision) - Constructor for class org.springframework.security.authorization.event.AuthorizationDeniedEvent
- AuthorizationEvent - Class in org.springframework.security.authorization.event
-
A parent class for
AuthorizationGrantedEvent
andAuthorizationDeniedEvent
. - AuthorizationEvent(Supplier<Authentication>, Object, AuthorizationDecision) - Constructor for class org.springframework.security.authorization.event.AuthorizationEvent
-
Construct an
AuthorizationEvent
- AuthorizationEventPublisher - Interface in org.springframework.security.authorization
-
A contract for publishing authorization events
- AuthorizationFailureEvent - Class in org.springframework.security.access.event
-
Deprecated.Use
AuthorizationDeniedEvent
instead - AuthorizationFailureEvent(Object, Collection<ConfigAttribute>, Authentication, AccessDeniedException) - Constructor for class org.springframework.security.access.event.AuthorizationFailureEvent
-
Deprecated.Construct the event.
- AuthorizationGrantedEvent<T> - Class in org.springframework.security.authorization.event
-
An
ApplicationEvent
which indicates successful authorization. - AuthorizationGrantedEvent(Supplier<Authentication>, T, AuthorizationDecision) - Constructor for class org.springframework.security.authorization.event.AuthorizationGrantedEvent
- AuthorizationInterceptorsOrder - Enum Class in org.springframework.security.authorization.method
-
Ordering of Spring Security's authorization
Advisor
s - AuthorizationManager<T> - Interface in org.springframework.security.authorization
-
An Authorization manager which can determine if an
Authentication
has access to a specific object. - AuthorizationManagerAfterMethodInterceptor - Class in org.springframework.security.authorization.method
-
A
MethodInterceptor
which can determine if anAuthentication
has access to the result of anMethodInvocation
using anAuthorizationManager
- AuthorizationManagerAfterMethodInterceptor(Pointcut, AuthorizationManager<MethodInvocationResult>) - Constructor for class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor
-
Creates an instance.
- AuthorizationManagerAfterReactiveMethodInterceptor - Class in org.springframework.security.authorization.method
-
A
MethodInterceptor
which can determine if anAuthentication
has access to the returned object from theMethodInvocation
using the configuredReactiveAuthorizationManager
. - AuthorizationManagerAfterReactiveMethodInterceptor(Pointcut, ReactiveAuthorizationManager<MethodInvocationResult>) - Constructor for class org.springframework.security.authorization.method.AuthorizationManagerAfterReactiveMethodInterceptor
-
Creates an instance.
- AuthorizationManagerBeforeMethodInterceptor - Class in org.springframework.security.authorization.method
-
A
MethodInterceptor
which uses aAuthorizationManager
to determine if anAuthentication
may invoke the givenMethodInvocation
- AuthorizationManagerBeforeMethodInterceptor(Pointcut, AuthorizationManager<MethodInvocation>) - Constructor for class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
-
Creates an instance.
- AuthorizationManagerBeforeReactiveMethodInterceptor - Class in org.springframework.security.authorization.method
-
A
MethodInterceptor
which can determine if anAuthentication
has access to theMethodInvocation
using the configuredReactiveAuthorizationManager
. - AuthorizationManagerBeforeReactiveMethodInterceptor(Pointcut, ReactiveAuthorizationManager<MethodInvocation>) - Constructor for class org.springframework.security.authorization.method.AuthorizationManagerBeforeReactiveMethodInterceptor
-
Creates an instance.
- AuthorizationManagers - Class in org.springframework.security.authorization
-
A factory class to create an
AuthorizationManager
instances. - AuthorizationObservationContext<T> - Class in org.springframework.security.authorization
-
An
Observation.Context
used during authorizations - AuthorizationObservationContext(T) - Constructor for class org.springframework.security.authorization.AuthorizationObservationContext
- AuthorizationObservationConvention - Class in org.springframework.security.authorization
-
An
ObservationConvention
for translating authorizations intoKeyValues
. - AuthorizationObservationConvention() - Constructor for class org.springframework.security.authorization.AuthorizationObservationConvention
- AuthorizationServiceException - Exception in org.springframework.security.access
-
Thrown if an authorization request could not be processed due to a system problem.
- AuthorizationServiceException(String) - Constructor for exception org.springframework.security.access.AuthorizationServiceException
-
Constructs an
AuthorizationServiceException
with the specified message. - AuthorizationServiceException(String, Throwable) - Constructor for exception org.springframework.security.access.AuthorizationServiceException
-
Constructs an
AuthorizationServiceException
with the specified message and root cause. - AuthorizedEvent - Class in org.springframework.security.access.event
-
Deprecated.Use
AuthorizationGrantedEvent
instead - AuthorizedEvent(Object, Collection<ConfigAttribute>, Authentication) - Constructor for class org.springframework.security.access.event.AuthorizedEvent
-
Deprecated.Construct the event.
- awaitTermination(long, TimeUnit) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
B
- BadCredentialsException - Exception in org.springframework.security.authentication
-
Thrown if an authentication request is rejected because the credentials are invalid.
- BadCredentialsException(String) - Constructor for exception org.springframework.security.authentication.BadCredentialsException
-
Constructs a
BadCredentialsException
with the specified message. - BadCredentialsException(String, Throwable) - Constructor for exception org.springframework.security.authentication.BadCredentialsException
-
Constructs a
BadCredentialsException
with the specified message and root cause. - before(Authentication, MethodInvocation, PreInvocationAttribute) - Method in class org.springframework.security.access.expression.method.ExpressionBasedPreInvocationAdvice
-
Deprecated.
- before(Authentication, MethodInvocation, PreInvocationAttribute) - Method in interface org.springframework.security.access.prepost.PreInvocationAuthorizationAdvice
-
Deprecated.The "before" advice which should be executed to perform any filtering necessary and to decide whether the method call is authorised.
- beforeInvocation(Object) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
Deprecated.
- build() - Method in class org.springframework.security.core.userdetails.User.UserBuilder
- buildDetails(C) - Method in interface org.springframework.security.authentication.AuthenticationDetailsSource
-
Called by a class when it wishes a new authentication details instance to be created.
- builder() - Static method in class org.springframework.security.core.userdetails.User
-
Creates a UserBuilder
- buildRunAs(Authentication, Object, Collection<ConfigAttribute>) - Method in interface org.springframework.security.access.intercept.RunAsManager
-
Deprecated.Returns a replacement
Authentication
object for the current secure object invocation, ornull
if replacement not required. - buildRunAs(Authentication, Object, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.intercept.RunAsManagerImpl
-
Deprecated.
C
- cachePermissionsFor(Authentication, Collection<?>) - Method in interface org.springframework.security.access.PermissionCacheOptimizer
-
Optimises the permission cache for anticipated operation on the supplied collection of objects.
- CachingUserDetailsService - Class in org.springframework.security.authentication
- CachingUserDetailsService(UserDetailsService) - Constructor for class org.springframework.security.authentication.CachingUserDetailsService
- call() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextCallable
- changePassword(String, String) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
- changePassword(String, String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- changePassword(String, String) - Method in interface org.springframework.security.provisioning.UserDetailsManager
-
Modify the current user's password.
- check(Supplier<Authentication>, MethodInvocation) - Method in class org.springframework.security.authorization.method.Jsr250AuthorizationManager
-
Determine if an
Authentication
has access to a method by evaluating theDenyAll
,PermitAll
, andRolesAllowed
annotations thatMethodInvocation
specifies. - check(Supplier<Authentication>, MethodInvocation) - Method in class org.springframework.security.authorization.method.MethodExpressionAuthorizationManager
-
Determines the access by evaluating the provided expression.
- check(Supplier<Authentication>, MethodInvocation) - Method in class org.springframework.security.authorization.method.PreAuthorizeAuthorizationManager
-
Determine if an
Authentication
has access to a method by evaluating an expression from thePreAuthorize
annotation that theMethodInvocation
specifies. - check(Supplier<Authentication>, MethodInvocation) - Method in class org.springframework.security.authorization.method.SecuredAuthorizationManager
-
Determine if an
Authentication
has access to a method by evaluating theSecured
annotation thatMethodInvocation
specifies. - check(Supplier<Authentication>, MethodInvocationResult) - Method in class org.springframework.security.authorization.method.PostAuthorizeAuthorizationManager
-
Determine if an
Authentication
has access to the returned object by evaluating thePostAuthorize
annotation that theMethodInvocation
specifies. - check(Supplier<Authentication>, T) - Method in class org.springframework.security.authorization.AuthenticatedAuthorizationManager
-
Determines if the current user is authorized according to the given strategy.
- check(Supplier<Authentication>, T) - Method in class org.springframework.security.authorization.AuthorityAuthorizationManager
-
Determines if the current user is authorized by evaluating if the
Authentication
contains a specified authority. - check(Supplier<Authentication>, T) - Method in interface org.springframework.security.authorization.AuthorizationManager
-
Determines if access is granted for a specific authentication and object.
- check(Supplier<Authentication>, T) - Method in class org.springframework.security.authorization.ObservationAuthorizationManager
- check(UserDetails) - Method in class org.springframework.security.authentication.AccountStatusUserDetailsChecker
- check(UserDetails) - Method in interface org.springframework.security.core.userdetails.UserDetailsChecker
-
Examines the User
- check(Mono<Authentication>, MethodInvocation) - Method in class org.springframework.security.authorization.method.PreAuthorizeReactiveAuthorizationManager
-
Determines if an
Authentication
has access to theMethodInvocation
by evaluating an expression from thePreAuthorize
annotation. - check(Mono<Authentication>, MethodInvocationResult) - Method in class org.springframework.security.authorization.method.PostAuthorizeReactiveAuthorizationManager
-
Determines if an
Authentication
has access to the returned object from theMethodInvocation
by evaluating an expression from thePostAuthorize
annotation. - check(Mono<Authentication>, T) - Method in class org.springframework.security.authorization.AuthenticatedReactiveAuthorizationManager
- check(Mono<Authentication>, T) - Method in class org.springframework.security.authorization.AuthorityReactiveAuthorizationManager
- check(Mono<Authentication>, T) - Method in class org.springframework.security.authorization.ObservationReactiveAuthorizationManager
- check(Mono<Authentication>, T) - Method in interface org.springframework.security.authorization.ReactiveAuthorizationManager
-
Determines if access is granted for a specific authentication and object.
- checkAllowIfAllAbstainDecisions() - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager
-
Deprecated.
- clearContext() - Method in class org.springframework.security.core.context.ListeningSecurityContextHolderStrategy
-
Clears the current context.
- clearContext() - Static method in class org.springframework.security.core.context.ReactiveSecurityContextHolder
-
Clears the
Mono<SecurityContext>
from ReactorContext
- clearContext() - Static method in class org.springframework.security.core.context.SecurityContextHolder
-
Explicitly clears the context value from the current thread.
- clearContext() - Method in interface org.springframework.security.core.context.SecurityContextHolderStrategy
-
Clears the current context.
- commaSeparatedStringToAuthorityList(String) - Static method in class org.springframework.security.core.authority.AuthorityUtils
-
Creates a array of GrantedAuthority objects from a comma-separated string representation (e.g.
- commit() - Method in class org.springframework.security.authentication.jaas.SecurityContextLoginModule
-
Authenticate the
Subject
(phase two) by adding the Spring SecurityAuthentication
to theSubject
's principals. - ConfigAttribute - Interface in org.springframework.security.access
-
Stores a security system related configuration attribute.
- configureJaas(Resource) - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
-
Hook method for configuring Jaas.
- ConsensusBased - Class in org.springframework.security.access.vote
-
Deprecated.Use
AuthorizationManager
instead - ConsensusBased(List<AccessDecisionVoter<?>>) - Constructor for class org.springframework.security.access.vote.ConsensusBased
-
Deprecated.
- CoreJackson2Module - Class in org.springframework.security.jackson2
-
Jackson module for spring-security-core.
- CoreJackson2Module() - Constructor for class org.springframework.security.jackson2.CoreJackson2Module
- create - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
- create(Object, String, Object...) - Static method in class org.springframework.security.util.MethodInvocationUtils
-
Generates a
MethodInvocation
for specifiedmethodName
on the passed object, using theargs
to locate the method. - create(Runnable, SecurityContext) - Static method in class org.springframework.security.concurrent.DelegatingSecurityContextRunnable
-
Factory method for creating a
DelegatingSecurityContextRunnable
. - create(Callable<V>, SecurityContext) - Static method in class org.springframework.security.concurrent.DelegatingSecurityContextCallable
-
Creates a
DelegatingSecurityContextCallable
and with the givenCallable
andSecurityContext
, but if the securityContext is null will defaults to the currentSecurityContext
on theSecurityContextHolder
- createAuthorityList(String...) - Static method in class org.springframework.security.core.authority.AuthorityUtils
-
Converts authorities into a List of GrantedAuthority objects.
- createEmptyContext() - Method in class org.springframework.security.core.context.ListeningSecurityContextHolderStrategy
-
Creates a new, empty context implementation, for use by SecurityContextRepository implementations, when creating a new context for the first time.
- createEmptyContext() - Static method in class org.springframework.security.core.context.SecurityContextHolder
-
Delegates the creation of a new, empty context to the configured strategy.
- createEmptyContext() - Method in interface org.springframework.security.core.context.SecurityContextHolderStrategy
-
Creates a new, empty context implementation, for use by SecurityContextRepository implementations, when creating a new context for the first time.
- createEvaluationContext(Supplier<Authentication>, MethodInvocation) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
- createEvaluationContext(Supplier<Authentication>, T) - Method in interface org.springframework.security.access.expression.SecurityExpressionHandler
-
Provides an evaluation context in which to evaluate security expressions for the invocation type.
- createEvaluationContext(Authentication, T) - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
-
Invokes the internal template methods to create
StandardEvaluationContext
andSecurityExpressionRoot
objects. - createEvaluationContext(Authentication, T) - Method in interface org.springframework.security.access.expression.SecurityExpressionHandler
-
Provides an evaluation context in which to evaluate security expressions for the invocation type.
- createEvaluationContextInternal(Authentication, MethodInvocation) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
-
Uses a
MethodSecurityEvaluationContext
as the EvaluationContext implementation. - createEvaluationContextInternal(Authentication, T) - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
-
Override to create a custom instance of
StandardEvaluationContext
. - createFromClass(Class<?>, String) - Static method in class org.springframework.security.util.MethodInvocationUtils
-
Generates a
MethodInvocation
for the specifiedmethodName
on the passed class. - createFromClass(Object, Class<?>, String, Class<?>[], Object[]) - Static method in class org.springframework.security.util.MethodInvocationUtils
-
Generates a
MethodInvocation
for specifiedmethodName
on the passed class, using theargs
to locate the method. - createGroup(String, List<GrantedAuthority>) - Method in interface org.springframework.security.provisioning.GroupManager
-
Creates a new group with the specified list of authorities.
- createGroup(String, List<GrantedAuthority>) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- createList(String...) - Static method in class org.springframework.security.access.SecurityConfig
- createListFromCommaDelimitedString(String) - Static method in class org.springframework.security.access.SecurityConfig
- createLoginContext(CallbackHandler) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
-
Creates the LoginContext to be used for authentication.
- createLoginContext(CallbackHandler) - Method in class org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider
-
Creates a LoginContext using the Configuration that was specified in
DefaultJaasAuthenticationProvider.setConfiguration(Configuration)
. - createLoginContext(CallbackHandler) - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
- createNewAuthentication(Authentication, String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- createPostInvocationAttribute(String, String) - Method in class org.springframework.security.access.expression.method.ExpressionBasedAnnotationAttributeFactory
-
Deprecated.
- createPostInvocationAttribute(String, String) - Method in interface org.springframework.security.access.prepost.PrePostInvocationAttributeFactory
-
Deprecated.
- createPreInvocationAttribute(String, String, String) - Method in class org.springframework.security.access.expression.method.ExpressionBasedAnnotationAttributeFactory
-
Deprecated.
- createPreInvocationAttribute(String, String, String) - Method in interface org.springframework.security.access.prepost.PrePostInvocationAttributeFactory
-
Deprecated.
- createSecurityExpressionRoot(Authentication, MethodInvocation) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
-
Creates the root object for expression evaluation.
- createSecurityExpressionRoot(Authentication, T) - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
-
Implement in order to create a root object of the correct type for the supported invocation type.
- createSuccessAuthentication(Object, Authentication, UserDetails) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
-
Creates a successful
Authentication
object. - createSuccessAuthentication(Object, Authentication, UserDetails) - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
- createUser(UserDetails) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
- createUser(UserDetails) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- createUser(UserDetails) - Method in interface org.springframework.security.provisioning.UserDetailsManager
-
Create a new user with the supplied details.
- createUserDetails(String, UserDetails, List<GrantedAuthority>) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
-
Can be overridden to customize the creation of the final UserDetailsObject which is returned by the loadUserByUsername method.
- CredentialsContainer - Interface in org.springframework.security.core
-
Indicates that the implementing object contains sensitive data, which can be erased using the
eraseCredentials
method. - credentialsExpired(boolean) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
-
Defines if the credentials are expired or not.
- CredentialsExpiredException - Exception in org.springframework.security.authentication
-
Thrown if an authentication request is rejected because the account's credentials have expired.
- CredentialsExpiredException(String) - Constructor for exception org.springframework.security.authentication.CredentialsExpiredException
-
Constructs a
CredentialsExpiredException
with the specified message. - CredentialsExpiredException(String, Throwable) - Constructor for exception org.springframework.security.authentication.CredentialsExpiredException
-
Constructs a
CredentialsExpiredException
with the specified message and root cause. - CurrentSecurityContext - Annotation Interface in org.springframework.security.core.annotation
-
Annotation that is used to resolve the
SecurityContext
as a method argument. - CycleInRoleHierarchyException - Exception in org.springframework.security.access.hierarchicalroles
-
Exception that is thrown because of a cycle in the role hierarchy definition
- CycleInRoleHierarchyException() - Constructor for exception org.springframework.security.access.hierarchicalroles.CycleInRoleHierarchyException
D
- DaoAuthenticationProvider - Class in org.springframework.security.authentication.dao
-
An
AuthenticationProvider
implementation that retrieves user details from aUserDetailsService
. - DaoAuthenticationProvider() - Constructor for class org.springframework.security.authentication.dao.DaoAuthenticationProvider
- DaoAuthenticationProvider(PasswordEncoder) - Constructor for class org.springframework.security.authentication.dao.DaoAuthenticationProvider
-
Creates a new instance using the provided
PasswordEncoder
- decide(Authentication, Object, Collection<ConfigAttribute>) - Method in interface org.springframework.security.access.AccessDecisionManager
-
Deprecated.Resolves an access control decision for the passed parameters.
- decide(Authentication, Object, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.vote.AffirmativeBased
-
Deprecated.This concrete implementation simply polls all configured
AccessDecisionVoter
s and grants access if anyAccessDecisionVoter
voted affirmatively. - decide(Authentication, Object, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.vote.ConsensusBased
-
Deprecated.This concrete implementation simply polls all configured
AccessDecisionVoter
s and upon completion determines the consensus of granted against denied responses. - decide(Authentication, Object, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.vote.UnanimousBased
-
Deprecated.This concrete implementation polls all configured
AccessDecisionVoter
s for eachConfigAttribute
and grants access if only grant (or abstain) votes were received. - decide(Authentication, Object, Collection<ConfigAttribute>, Object) - Method in interface org.springframework.security.access.AfterInvocationProvider
-
Deprecated.
- decide(Authentication, Object, Collection<ConfigAttribute>, Object) - Method in interface org.springframework.security.access.intercept.AfterInvocationManager
-
Deprecated.Given the details of a secure object invocation including its returned
Object
, make an access control decision or optionally modify the returnedObject
. - decide(Authentication, Object, Collection<ConfigAttribute>, Object) - Method in class org.springframework.security.access.intercept.AfterInvocationProviderManager
-
Deprecated.
- decide(Authentication, Object, Collection<ConfigAttribute>, Object) - Method in class org.springframework.security.access.prepost.PostInvocationAdviceProvider
-
Deprecated.
- DEF_AUTHORITIES_BY_USERNAME_QUERY - Static variable in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- DEF_CHANGE_PASSWORD_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_CREATE_USER_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_DELETE_GROUP_AUTHORITIES_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_DELETE_GROUP_AUTHORITY_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_DELETE_GROUP_MEMBER_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_DELETE_GROUP_MEMBERS_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_DELETE_GROUP_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_DELETE_USER_AUTHORITIES_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_DELETE_USER_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_FIND_GROUP_ID_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_FIND_GROUPS_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_FIND_USERS_IN_GROUP_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_GROUP_AUTHORITIES_BY_USERNAME_QUERY - Static variable in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- DEF_GROUP_AUTHORITIES_QUERY_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_INSERT_AUTHORITY_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_INSERT_GROUP_AUTHORITY_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_INSERT_GROUP_MEMBER_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_INSERT_GROUP_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_RENAME_GROUP_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_UPDATE_USER_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_USER_EXISTS_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- DEF_USERS_BY_USERNAME_QUERY - Static variable in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- DEFAULT_USER_SCHEMA_DDL_LOCATION - Static variable in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- DefaultAuthenticationEventPublisher - Class in org.springframework.security.authentication
-
The default strategy for publishing authentication events.
- DefaultAuthenticationEventPublisher() - Constructor for class org.springframework.security.authentication.DefaultAuthenticationEventPublisher
- DefaultAuthenticationEventPublisher(ApplicationEventPublisher) - Constructor for class org.springframework.security.authentication.DefaultAuthenticationEventPublisher
- DefaultJaasAuthenticationProvider - Class in org.springframework.security.authentication.jaas
-
Creates a LoginContext using the Configuration provided to it.
- DefaultJaasAuthenticationProvider() - Constructor for class org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider
- DefaultLoginExceptionResolver - Class in org.springframework.security.authentication.jaas
-
This LoginExceptionResolver simply wraps the LoginException with an AuthenticationServiceException.
- DefaultLoginExceptionResolver() - Constructor for class org.springframework.security.authentication.jaas.DefaultLoginExceptionResolver
- DefaultMethodSecurityExpressionHandler - Class in org.springframework.security.access.expression.method
-
The standard implementation of
MethodSecurityExpressionHandler
. - DefaultMethodSecurityExpressionHandler() - Constructor for class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
- DefaultSecurityParameterNameDiscoverer - Class in org.springframework.security.core.parameters
-
Spring Security's default
ParameterNameDiscoverer
which tries a number ofParameterNameDiscoverer
depending on what is found on the classpath. - DefaultSecurityParameterNameDiscoverer() - Constructor for class org.springframework.security.core.parameters.DefaultSecurityParameterNameDiscoverer
-
Creates a new instance with only the default
ParameterNameDiscoverer
instances. - DefaultSecurityParameterNameDiscoverer(List<? extends ParameterNameDiscoverer>) - Constructor for class org.springframework.security.core.parameters.DefaultSecurityParameterNameDiscoverer
-
Creates a new instance that first tries the passed in
ParameterNameDiscoverer
instances. - DefaultToken - Class in org.springframework.security.core.token
-
The default implementation of
Token
. - DefaultToken(String, long, String) - Constructor for class org.springframework.security.core.token.DefaultToken
- DeferredSecurityContext - Interface in org.springframework.security.core.context
-
An interface that allows delayed access to a
SecurityContext
that may be generated. - DelegatingApplicationListener - Class in org.springframework.security.context
-
Used for delegating to a number of SmartApplicationListener instances.
- DelegatingApplicationListener() - Constructor for class org.springframework.security.context.DelegatingApplicationListener
- DelegatingMethodSecurityMetadataSource - Class in org.springframework.security.access.method
-
Deprecated.Use the
use-authorization-manager
attribute for<method-security>
and<intercept-methods>
instead or use annotation-based orAuthorizationManager
-based authorization - DelegatingMethodSecurityMetadataSource(List<MethodSecurityMetadataSource>) - Constructor for class org.springframework.security.access.method.DelegatingMethodSecurityMetadataSource
-
Deprecated.
- DelegatingReactiveAuthenticationManager - Class in org.springframework.security.authentication
-
A
ReactiveAuthenticationManager
that delegates to otherReactiveAuthenticationManager
instances using the result from the first non empty result. - DelegatingReactiveAuthenticationManager(List<ReactiveAuthenticationManager>) - Constructor for class org.springframework.security.authentication.DelegatingReactiveAuthenticationManager
- DelegatingReactiveAuthenticationManager(ReactiveAuthenticationManager...) - Constructor for class org.springframework.security.authentication.DelegatingReactiveAuthenticationManager
- DelegatingSecurityContextAsyncTaskExecutor - Class in org.springframework.security.task
-
An
AsyncTaskExecutor
which wraps eachRunnable
in aDelegatingSecurityContextRunnable
and eachCallable
in aDelegatingSecurityContextCallable
. - DelegatingSecurityContextAsyncTaskExecutor(AsyncTaskExecutor) - Constructor for class org.springframework.security.task.DelegatingSecurityContextAsyncTaskExecutor
-
Creates a new
DelegatingSecurityContextAsyncTaskExecutor
that uses the currentSecurityContext
. - DelegatingSecurityContextAsyncTaskExecutor(AsyncTaskExecutor, SecurityContext) - Constructor for class org.springframework.security.task.DelegatingSecurityContextAsyncTaskExecutor
-
Creates a new
DelegatingSecurityContextAsyncTaskExecutor
that uses the specifiedSecurityContext
. - DelegatingSecurityContextCallable<V> - Class in org.springframework.security.concurrent
-
Wraps a delegate
Callable
with logic for setting up aSecurityContext
before invoking the delegateCallable
and then removing theSecurityContext
after the delegate has completed. - DelegatingSecurityContextCallable(Callable<V>) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextCallable
-
Creates a new
DelegatingSecurityContextCallable
with theSecurityContext
from theSecurityContextHolder
. - DelegatingSecurityContextCallable(Callable<V>, SecurityContext) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextCallable
-
Creates a new
DelegatingSecurityContextCallable
with a specificSecurityContext
. - DelegatingSecurityContextExecutor - Class in org.springframework.security.concurrent
- DelegatingSecurityContextExecutor(Executor) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextExecutor
-
Creates a new
DelegatingSecurityContextExecutor
that uses the currentSecurityContext
from theSecurityContextHolder
at the time the task is submitted. - DelegatingSecurityContextExecutor(Executor, SecurityContext) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextExecutor
-
Creates a new
DelegatingSecurityContextExecutor
that uses the specifiedSecurityContext
. - DelegatingSecurityContextExecutorService - Class in org.springframework.security.concurrent
-
An
ExecutorService
which wraps eachRunnable
in aDelegatingSecurityContextRunnable
and eachCallable
in aDelegatingSecurityContextCallable
. - DelegatingSecurityContextExecutorService(ExecutorService) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
-
Creates a new
DelegatingSecurityContextExecutorService
that uses the currentSecurityContext
from theSecurityContextHolder
. - DelegatingSecurityContextExecutorService(ExecutorService, SecurityContext) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
-
Creates a new
DelegatingSecurityContextExecutorService
that uses the specifiedSecurityContext
. - DelegatingSecurityContextRunnable - Class in org.springframework.security.concurrent
-
Wraps a delegate
Runnable
with logic for setting up aSecurityContext
before invoking the delegateRunnable
and then removing theSecurityContext
after the delegate has completed. - DelegatingSecurityContextRunnable(Runnable) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextRunnable
-
Creates a new
DelegatingSecurityContextRunnable
with theSecurityContext
from theSecurityContextHolder
. - DelegatingSecurityContextRunnable(Runnable, SecurityContext) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextRunnable
-
Creates a new
DelegatingSecurityContextRunnable
with a specificSecurityContext
. - DelegatingSecurityContextScheduledExecutorService - Class in org.springframework.security.concurrent
-
An
ScheduledExecutorService
which wraps eachRunnable
in aDelegatingSecurityContextRunnable
and eachCallable
in aDelegatingSecurityContextCallable
. - DelegatingSecurityContextScheduledExecutorService(ScheduledExecutorService) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextScheduledExecutorService
-
Creates a new
DelegatingSecurityContextScheduledExecutorService
that uses the currentSecurityContext
from theSecurityContextHolder
. - DelegatingSecurityContextScheduledExecutorService(ScheduledExecutorService, SecurityContext) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextScheduledExecutorService
-
Creates a new
DelegatingSecurityContextScheduledExecutorService
that uses the specifiedSecurityContext
. - DelegatingSecurityContextSchedulingTaskExecutor - Class in org.springframework.security.scheduling
-
An
SchedulingTaskExecutor
which wraps eachRunnable
in aDelegatingSecurityContextRunnable
and eachCallable
in aDelegatingSecurityContextCallable
. - DelegatingSecurityContextSchedulingTaskExecutor(SchedulingTaskExecutor) - Constructor for class org.springframework.security.scheduling.DelegatingSecurityContextSchedulingTaskExecutor
-
Creates a new
DelegatingSecurityContextSchedulingTaskExecutor
that uses the currentSecurityContext
. - DelegatingSecurityContextSchedulingTaskExecutor(SchedulingTaskExecutor, SecurityContext) - Constructor for class org.springframework.security.scheduling.DelegatingSecurityContextSchedulingTaskExecutor
-
Creates a new
DelegatingSecurityContextSchedulingTaskExecutor
that uses the specifiedSecurityContext
. - DelegatingSecurityContextTaskExecutor - Class in org.springframework.security.task
- DelegatingSecurityContextTaskExecutor(TaskExecutor) - Constructor for class org.springframework.security.task.DelegatingSecurityContextTaskExecutor
-
Creates a new
DelegatingSecurityContextTaskExecutor
that uses the currentSecurityContext
from theSecurityContextHolder
. - DelegatingSecurityContextTaskExecutor(TaskExecutor, SecurityContext) - Constructor for class org.springframework.security.task.DelegatingSecurityContextTaskExecutor
-
Creates a new
DelegatingSecurityContextTaskExecutor
that uses the specifiedSecurityContext
. - DelegatingSecurityContextTaskScheduler - Class in org.springframework.security.scheduling
-
An implementation of
TaskScheduler
invoking it whenever the trigger indicates a next execution time. - DelegatingSecurityContextTaskScheduler(TaskScheduler) - Constructor for class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
-
Creates a new
DelegatingSecurityContextTaskScheduler
that uses the currentSecurityContext
from theSecurityContextHolder
. - DelegatingSecurityContextTaskScheduler(TaskScheduler, SecurityContext) - Constructor for class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
-
Creates a new
DelegatingSecurityContextTaskScheduler
that uses the specifiedSecurityContext
. - delete - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
- deleteGroup(String) - Method in interface org.springframework.security.provisioning.GroupManager
-
Removes a group, including all members and authorities.
- deleteGroup(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- deleteUser(String) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
- deleteUser(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- deleteUser(String) - Method in interface org.springframework.security.provisioning.UserDetailsManager
-
Remove the user with the given login name from the system.
- DENY_ALL_ATTRIBUTE - Static variable in class org.springframework.security.access.annotation.Jsr250SecurityConfig
-
Deprecated.
- denyAll - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
-
Allows "denyAll" expression
- denyAll() - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
-
Always denies access
- denyAll() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
- DenyAllPermissionEvaluator - Class in org.springframework.security.access.expression
-
A null PermissionEvaluator which denies all access.
- DenyAllPermissionEvaluator() - Constructor for class org.springframework.security.access.expression.DenyAllPermissionEvaluator
- disabled(boolean) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
-
Defines if the account is disabled or not.
- DisabledException - Exception in org.springframework.security.authentication
-
Thrown if an authentication request is rejected because the account is disabled.
- DisabledException(String) - Constructor for exception org.springframework.security.authentication.DisabledException
-
Constructs a
DisabledException
with the specified message. - DisabledException(String, Throwable) - Constructor for exception org.springframework.security.authentication.DisabledException
-
Constructs a
DisabledException
with the specified message and root cause. - doAfterPropertiesSet() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- doAfterPropertiesSet() - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
E
- enableDefaultTyping(ObjectMapper) - Static method in class org.springframework.security.jackson2.SecurityJackson2Modules
- equals(Object) - Method in class org.springframework.security.access.SecurityConfig
- equals(Object) - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
- equals(Object) - Method in class org.springframework.security.authentication.AnonymousAuthenticationToken
- equals(Object) - Method in class org.springframework.security.authentication.jaas.JaasGrantedAuthority
- equals(Object) - Method in class org.springframework.security.authentication.RememberMeAuthenticationToken
- equals(Object) - Method in class org.springframework.security.core.authority.SimpleGrantedAuthority
- equals(Object) - Method in class org.springframework.security.core.context.SecurityContextImpl
- equals(Object) - Method in class org.springframework.security.core.token.DefaultToken
- equals(Object) - Method in class org.springframework.security.core.userdetails.User
-
Returns
true
if the supplied object is aUser
instance with the sameusername
value. - equals(Object) - Method in class org.springframework.security.util.InMemoryResource
- eraseCredentials() - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
-
Checks the
credentials
,principal
anddetails
objects, invoking theeraseCredentials
method on any which implementCredentialsContainer
. - eraseCredentials() - Method in class org.springframework.security.authentication.UsernamePasswordAuthenticationToken
- eraseCredentials() - Method in interface org.springframework.security.core.CredentialsContainer
- eraseCredentials() - Method in class org.springframework.security.core.userdetails.User
- errorOnInvalidType() - Element in annotation interface org.springframework.security.core.annotation.AuthenticationPrincipal
-
True if a
ClassCastException
should be thrown when the currentAuthentication.getPrincipal()
is the incorrect type. - errorOnInvalidType() - Element in annotation interface org.springframework.security.core.annotation.CurrentSecurityContext
-
True if a
ClassCastException
should be thrown when the currentSecurityContext
is the incorrect type. - evaluateAsBoolean(Expression, EvaluationContext) - Static method in class org.springframework.security.access.expression.ExpressionUtils
- execute(Runnable) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutor
- execute(Runnable, long) - Method in class org.springframework.security.task.DelegatingSecurityContextAsyncTaskExecutor
- expireNow() - Method in class org.springframework.security.core.session.SessionInformation
- expression() - Element in annotation interface org.springframework.security.core.annotation.AuthenticationPrincipal
-
If specified will use the provided SpEL expression to resolve the principal.
- expression() - Element in annotation interface org.springframework.security.core.annotation.CurrentSecurityContext
-
If specified, will use the provided SpEL expression to resolve the security context.
- ExpressionAttributeAuthorizationDecision - Class in org.springframework.security.authorization.method
-
Deprecated.Use
ExpressionAuthorizationDecision
instead - ExpressionAttributeAuthorizationDecision(boolean, ExpressionAttribute) - Constructor for class org.springframework.security.authorization.method.ExpressionAttributeAuthorizationDecision
-
Deprecated.
- ExpressionAuthorizationDecision - Class in org.springframework.security.authorization
-
Represents an
AuthorizationDecision
based on aExpression
- ExpressionAuthorizationDecision(boolean, Expression) - Constructor for class org.springframework.security.authorization.ExpressionAuthorizationDecision
- ExpressionBasedAnnotationAttributeFactory - Class in org.springframework.security.access.expression.method
-
Deprecated.Use
AuthorizationManager
interceptors instead - ExpressionBasedAnnotationAttributeFactory(MethodSecurityExpressionHandler) - Constructor for class org.springframework.security.access.expression.method.ExpressionBasedAnnotationAttributeFactory
-
Deprecated.
- ExpressionBasedPostInvocationAdvice - Class in org.springframework.security.access.expression.method
-
Deprecated.Use
AuthorizationManagerAfterMethodInterceptor
instead - ExpressionBasedPostInvocationAdvice(MethodSecurityExpressionHandler) - Constructor for class org.springframework.security.access.expression.method.ExpressionBasedPostInvocationAdvice
-
Deprecated.
- ExpressionBasedPreInvocationAdvice - Class in org.springframework.security.access.expression.method
-
Deprecated.Use
AuthorizationManagerAfterMethodInterceptor
instead - ExpressionBasedPreInvocationAdvice() - Constructor for class org.springframework.security.access.expression.method.ExpressionBasedPreInvocationAdvice
-
Deprecated.
- ExpressionUtils - Class in org.springframework.security.access.expression
- extractAttributes(A) - Method in interface org.springframework.security.access.annotation.AnnotationMetadataExtractor
-
Deprecated.
F
- FieldUtils - Class in org.springframework.security.util
-
Offers static methods for directly manipulating fields.
- filter(Object, Expression, EvaluationContext) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
-
Filters the
filterTarget
object (which must be either a collection, array, map or stream), by evaluating the supplied expression. - filter(Object, Expression, EvaluationContext) - Method in interface org.springframework.security.access.expression.method.MethodSecurityExpressionHandler
-
Filters a target collection or array.
- filterTarget() - Element in annotation interface org.springframework.security.access.prepost.PreFilter
- finallyInvocation(InterceptorStatusToken) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
Deprecated.Cleans up the work of the AbstractSecurityInterceptor after the secure object invocation has been completed.
- findAllGroups() - Method in interface org.springframework.security.provisioning.GroupManager
-
Returns the names of all groups that this group manager controls.
- findAllGroups() - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- findAttributes(Class<?>) - Method in class org.springframework.security.access.annotation.Jsr250MethodSecurityMetadataSource
-
Deprecated.
- findAttributes(Class<?>) - Method in class org.springframework.security.access.annotation.SecuredAnnotationSecurityMetadataSource
-
Deprecated.
- findAttributes(Class<?>) - Method in class org.springframework.security.access.method.AbstractFallbackMethodSecurityMetadataSource
-
Deprecated.Obtains the security metadata registered against the specified class.
- findAttributes(Class<?>) - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
-
Deprecated.Implementation does not support class-level attributes.
- findAttributes(Method, Class<?>) - Method in class org.springframework.security.access.annotation.Jsr250MethodSecurityMetadataSource
-
Deprecated.
- findAttributes(Method, Class<?>) - Method in class org.springframework.security.access.annotation.SecuredAnnotationSecurityMetadataSource
-
Deprecated.
- findAttributes(Method, Class<?>) - Method in class org.springframework.security.access.method.AbstractFallbackMethodSecurityMetadataSource
-
Deprecated.Obtains the security metadata applicable to the specified method invocation.
- findAttributes(Method, Class<?>) - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
-
Deprecated.Will walk the method inheritance tree to find the most specific declaration applicable.
- findByUsername(String) - Method in class org.springframework.security.core.userdetails.MapReactiveUserDetailsService
- findByUsername(String) - Method in interface org.springframework.security.core.userdetails.ReactiveUserDetailsService
-
Find the
UserDetails
by username. - findGroupAuthorities(String) - Method in interface org.springframework.security.provisioning.GroupManager
-
Obtains the list of authorities which are assigned to a group.
- findGroupAuthorities(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- findUsersInGroup(String) - Method in interface org.springframework.security.provisioning.GroupManager
-
Locates the users who are members of a group
- findUsersInGroup(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- FIRST - Enum constant in enum class org.springframework.security.authorization.method.AuthorizationInterceptorsOrder
- fullyAuthenticated() - Static method in class org.springframework.security.authorization.AuthenticatedAuthorizationManager
-
Creates an instance of
AuthenticatedAuthorizationManager
that determines if theAuthentication
is authenticated without using remember me.
G
- getAccessDecisionManager() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
Deprecated.
- getAccessDeniedException() - Method in class org.springframework.security.access.event.AuthorizationFailureEvent
-
Deprecated.
- getAccessor() - Static method in class org.springframework.security.core.SpringSecurityMessageSource
- getAdvice() - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityMetadataSourceAdvisor
-
Deprecated.
- getAdvice() - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor
- getAdvice() - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterReactiveMethodInterceptor
- getAdvice() - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
- getAdvice() - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeReactiveMethodInterceptor
- getAdvice() - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationMethodInterceptor
- getAdvice() - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationReactiveMethodInterceptor
- getAdvice() - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationMethodInterceptor
- getAdvice() - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationReactiveMethodInterceptor
- getAfterInvocationManager() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
Deprecated.
- getAllConfigAttributes() - Method in class org.springframework.security.access.annotation.Jsr250MethodSecurityMetadataSource
-
Deprecated.
- getAllConfigAttributes() - Method in class org.springframework.security.access.annotation.SecuredAnnotationSecurityMetadataSource
-
Deprecated.
- getAllConfigAttributes() - Method in class org.springframework.security.access.method.DelegatingMethodSecurityMetadataSource
-
Deprecated.
- getAllConfigAttributes() - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
-
Deprecated.Obtains the configuration attributes explicitly defined against this bean.
- getAllConfigAttributes() - Method in class org.springframework.security.access.prepost.PrePostAnnotationSecurityMetadataSource
-
Deprecated.
- getAllConfigAttributes() - Method in interface org.springframework.security.access.SecurityMetadataSource
-
If available, returns all of the
ConfigAttribute
s defined by the implementing class. - getAllPrincipals() - Method in interface org.springframework.security.core.session.SessionRegistry
-
Obtains all the known principals in the
SessionRegistry
. - getAllPrincipals() - Method in class org.springframework.security.core.session.SessionRegistryImpl
- getAllSessions(Object, boolean) - Method in interface org.springframework.security.core.session.SessionRegistry
-
Obtains all the known sessions for the specified principal.
- getAllSessions(Object, boolean) - Method in class org.springframework.security.core.session.SessionRegistryImpl
- getAppConfigurationEntry(String) - Method in class org.springframework.security.authentication.jaas.memory.InMemoryConfiguration
- getApplicationEventPublisher() - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
- getArguments() - Method in class org.springframework.security.access.intercept.aspectj.MethodInvocationAdapter
-
Deprecated.
- getArguments() - Method in class org.springframework.security.util.SimpleMethodInvocation
- getAttribute() - Method in interface org.springframework.security.access.ConfigAttribute
-
If the
ConfigAttribute
can be represented as aString
and thatString
is sufficient in precision to be relied upon as a configuration parameter by aRunAsManager
,AccessDecisionManager
orAccessDecisionManager
delegate, this method should return such aString
. - getAttribute() - Method in class org.springframework.security.access.SecurityConfig
- getAttributes() - Method in class org.springframework.security.access.intercept.InterceptorStatusToken
-
Deprecated.
- getAttributes(Object) - Method in class org.springframework.security.access.method.AbstractMethodSecurityMetadataSource
-
Deprecated.
- getAttributes(Object) - Method in interface org.springframework.security.access.SecurityMetadataSource
-
Accesses the
ConfigAttribute
s that apply to a given secure object. - getAttributes(Method, Class<?>) - Method in class org.springframework.security.access.method.AbstractFallbackMethodSecurityMetadataSource
-
Deprecated.
- getAttributes(Method, Class<?>) - Method in class org.springframework.security.access.method.DelegatingMethodSecurityMetadataSource
-
Deprecated.
- getAttributes(Method, Class<?>) - Method in interface org.springframework.security.access.method.MethodSecurityMetadataSource
-
Deprecated.
- getAttributes(Method, Class<?>) - Method in class org.springframework.security.access.prepost.PrePostAnnotationSecurityMetadataSource
-
Deprecated.
- getAttributes2grantedAuthoritiesMap() - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
- getAuthentication() - Method in class org.springframework.security.access.event.AuthorizationFailureEvent
-
Deprecated.
- getAuthentication() - Method in class org.springframework.security.access.event.AuthorizedEvent
-
Deprecated.
- getAuthentication() - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
-
Gets the
Authentication
used for evaluating the expressions - getAuthentication() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
- getAuthentication() - Method in class org.springframework.security.authentication.event.AbstractAuthenticationEvent
-
Getters for the
Authentication
request that caused the event. - getAuthentication() - Method in class org.springframework.security.authentication.jaas.event.JaasAuthenticationEvent
-
Pre-casted method that returns the 'source' of the event.
- getAuthentication() - Method in class org.springframework.security.authorization.AuthorizationObservationContext
-
Get the observed
Authentication
for this authorization - getAuthentication() - Method in class org.springframework.security.authorization.event.AuthorizationEvent
-
Get the principal requiring access
- getAuthentication() - Method in interface org.springframework.security.core.context.SecurityContext
-
Obtains the currently authenticated principal, or an authentication request token.
- getAuthentication() - Method in class org.springframework.security.core.context.SecurityContextImpl
- getAuthenticationManager() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
Deprecated.
- getAuthenticationManagerClass() - Method in class org.springframework.security.authentication.AuthenticationObservationContext
-
Get the
AuthenticationManager
class that processed the authentication - getAuthenticationRequest() - Method in class org.springframework.security.authentication.AuthenticationObservationContext
-
Get the
Authentication
request that was observed - getAuthenticationResult() - Method in class org.springframework.security.authentication.AuthenticationObservationContext
-
Get the
Authentication
result that was observed - getAuthorities() - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
- getAuthorities() - Method in class org.springframework.security.authorization.AuthorityAuthorizationDecision
- getAuthorities() - Method in interface org.springframework.security.core.Authentication
-
Set by an
AuthenticationManager
to indicate the authorities that the principal has been granted. - getAuthorities() - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
- getAuthorities() - Method in class org.springframework.security.core.userdetails.User
- getAuthorities() - Method in interface org.springframework.security.core.userdetails.UserDetails
-
Returns the authorities granted to the user.
- getAuthoritiesByUsernameQuery() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- getAuthority() - Method in class org.springframework.security.authentication.jaas.JaasGrantedAuthority
- getAuthority() - Method in class org.springframework.security.core.authority.SimpleGrantedAuthority
- getAuthority() - Method in interface org.springframework.security.core.GrantedAuthority
-
If the
GrantedAuthority
can be represented as aString
and thatString
is sufficient in precision to be relied upon for an access control decision by anAccessDecisionManager
(or delegate), this method should return such aString
. - getAuthorizationDecision() - Method in class org.springframework.security.authorization.event.AuthorizationEvent
-
Get the response to the princpal's request
- getBeanResolver() - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
- getClock() - Method in class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
- getConfigAttributes() - Method in class org.springframework.security.access.event.AuthenticationCredentialsNotFoundEvent
-
Deprecated.
- getConfigAttributes() - Method in class org.springframework.security.access.event.AuthorizationFailureEvent
-
Deprecated.
- getConfigAttributes() - Method in class org.springframework.security.access.event.AuthorizedEvent
-
Deprecated.
- getConfiguration() - Method in class org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider
- getContext() - Method in class org.springframework.security.core.context.ListeningSecurityContextHolderStrategy
-
Obtains the current context.
- getContext() - Static method in class org.springframework.security.core.context.ReactiveSecurityContextHolder
-
Gets the
Mono<SecurityContext>
from ReactorContext
- getContext() - Static method in class org.springframework.security.core.context.SecurityContextHolder
-
Obtain the current
SecurityContext
. - getContext() - Method in interface org.springframework.security.core.context.SecurityContextHolderStrategy
-
Obtains the current context.
- getContextHolderStrategy() - Static method in class org.springframework.security.core.context.SecurityContextHolder
-
Allows retrieval of the context strategy.
- getContextualName(AuthenticationObservationContext) - Method in class org.springframework.security.authentication.AuthenticationObservationConvention
- getContextualName(AuthorizationObservationContext<?>) - Method in class org.springframework.security.authorization.AuthorizationObservationConvention
- getCredentials() - Method in class org.springframework.security.access.intercept.RunAsUserToken
-
Deprecated.
- getCredentials() - Method in class org.springframework.security.authentication.AnonymousAuthenticationToken
-
Always returns an empty
String
- getCredentials() - Method in class org.springframework.security.authentication.RememberMeAuthenticationToken
-
Always returns an empty
String
- getCredentials() - Method in class org.springframework.security.authentication.TestingAuthenticationToken
- getCredentials() - Method in class org.springframework.security.authentication.UsernamePasswordAuthenticationToken
- getCredentials() - Method in interface org.springframework.security.core.Authentication
-
The credentials that prove the principal is correct.
- getCredentialsNotFoundException() - Method in class org.springframework.security.access.event.AuthenticationCredentialsNotFoundEvent
-
Deprecated.
- getDecision() - Method in class org.springframework.security.authorization.AuthorizationObservationContext
-
Get the observed
AuthorizationDecision
- getDecisionVoters() - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager
-
Deprecated.
- getDefaultRolePrefix() - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
- getDeferredContext() - Method in class org.springframework.security.core.context.ListeningSecurityContextHolderStrategy
-
Obtains a
Supplier
that returns the current context. - getDeferredContext() - Static method in class org.springframework.security.core.context.SecurityContextHolder
-
Obtains a
Supplier
that returns the current context. - getDeferredContext() - Method in interface org.springframework.security.core.context.SecurityContextHolderStrategy
-
Obtains a
Supplier
that returns the current context. - getDelegateExecutor() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutor
- getDescription() - Method in class org.springframework.security.util.InMemoryResource
- getDetails() - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
- getDetails() - Method in interface org.springframework.security.core.Authentication
-
Stores additional details about the authentication request.
- getDomainObjectInstance(MethodInvocation) - Method in class org.springframework.security.access.vote.AbstractAclVoter
-
Deprecated.
- getEnableAuthorities() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- getEnableGroups() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- getException() - Method in class org.springframework.security.authentication.event.AbstractAuthenticationFailureEvent
- getException() - Method in class org.springframework.security.authentication.jaas.event.JaasAuthenticationFailedEvent
- getExpression() - Method in class org.springframework.security.authorization.ExpressionAuthorizationDecision
- getExpressionAttribute() - Method in class org.springframework.security.authorization.method.ExpressionAttributeAuthorizationDecision
-
Deprecated.
- getExpressionParser() - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
- getExpressionParser() - Method in interface org.springframework.security.access.expression.SecurityExpressionHandler
- getExtendedInformation() - Method in class org.springframework.security.core.token.DefaultToken
- getExtendedInformation() - Method in interface org.springframework.security.core.token.Token
-
Obtains the extended information associated within the token, which was presented when the token was first created.
- getField(Class<?>, String) - Static method in class org.springframework.security.util.FieldUtils
-
Attempts to locate the specified field on the class.
- getFieldValue(Object, String) - Static method in class org.springframework.security.util.FieldUtils
-
Returns the value of a (nested) field on a bean.
- getFilterObject() - Method in interface org.springframework.security.access.expression.method.MethodSecurityExpressionOperations
- getGeneratedBy() - Method in class org.springframework.security.authentication.event.InteractiveAuthenticationSuccessEvent
-
Getter for the
Class
that generated this event. - getGrantedAuthorities() - Method in interface org.springframework.security.core.authority.GrantedAuthoritiesContainer
- getGrantedAuthorities(Collection<String>) - Method in interface org.springframework.security.core.authority.mapping.Attributes2GrantedAuthoritiesMapper
-
Implementations of this method should map the given collection of attributes to a collection of Spring Security GrantedAuthorities.
- getGrantedAuthorities(Collection<String>) - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
-
Map the given array of attributes to Spring Security GrantedAuthorities.
- getGrantedAuthorities(Collection<String>) - Method in class org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper
-
Map the given list of string attributes one-to-one to Spring Security GrantedAuthorities.
- getHighCardinalityKeyValues(AuthorizationObservationContext<?>) - Method in class org.springframework.security.authorization.AuthorizationObservationConvention
- getId() - Method in class org.springframework.security.core.session.SessionDestroyedEvent
- getInitializeCount() - Static method in class org.springframework.security.core.context.SecurityContextHolder
-
Primarily for troubleshooting purposes, this method shows how many times the class has re-initialized its
SecurityContextHolderStrategy
. - getInputStream() - Method in class org.springframework.security.util.InMemoryResource
- getKey() - Method in class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider
-
Deprecated.
- getKey() - Method in class org.springframework.security.access.intercept.RunAsManagerImpl
-
Deprecated.
- getKey() - Method in class org.springframework.security.authentication.AnonymousAuthenticationProvider
- getKey() - Method in class org.springframework.security.authentication.RememberMeAuthenticationProvider
- getKey() - Method in class org.springframework.security.core.token.DefaultToken
- getKey() - Method in interface org.springframework.security.core.token.Token
-
Obtains the randomised, secure key assigned to this token.
- getKeyCreationTime() - Method in class org.springframework.security.core.token.DefaultToken
- getKeyCreationTime() - Method in interface org.springframework.security.core.token.Token
-
The time the token key was initially created is available from this method.
- getKeyHash() - Method in class org.springframework.security.access.intercept.RunAsUserToken
-
Deprecated.
- getKeyHash() - Method in class org.springframework.security.authentication.AnonymousAuthenticationToken
- getKeyHash() - Method in class org.springframework.security.authentication.RememberMeAuthenticationToken
- getLastRequest() - Method in class org.springframework.security.core.session.SessionInformation
- getLoginConfig() - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
- getLoginContext() - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationToken
- getLowCardinalityKeyValues(AuthenticationObservationContext) - Method in class org.springframework.security.authentication.AuthenticationObservationConvention
- getLowCardinalityKeyValues(AuthorizationObservationContext<?>) - Method in class org.springframework.security.authorization.AuthorizationObservationConvention
- getMappableAttributes() - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
- getMappableAttributes() - Method in interface org.springframework.security.core.authority.mapping.MappableAttributesRetriever
-
Implementations of this method should return a set of all string attributes which can be mapped to GrantedAuthoritys.
- getMappableAttributes() - Method in class org.springframework.security.core.authority.mapping.SimpleMappableAttributesRetriever
- getMessages() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- getMethod() - Method in class org.springframework.security.access.intercept.aspectj.MethodInvocationAdapter
-
Deprecated.
- getMethod() - Method in class org.springframework.security.util.SimpleMethodInvocation
- getMethodInvocation() - Method in class org.springframework.security.authorization.method.MethodInvocationResult
-
Return the already-invoked
MethodInvocation
- getMethodMapSize() - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
-
Deprecated.
- getMethodSecurityMetadataSources() - Method in class org.springframework.security.access.method.DelegatingMethodSecurityMetadataSource
-
Deprecated.
- getModules(ClassLoader) - Static method in class org.springframework.security.jackson2.SecurityJackson2Modules
- getName() - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
- getName() - Method in class org.springframework.security.authentication.AuthenticationObservationConvention
- getName() - Method in class org.springframework.security.authorization.AuthorizationObservationConvention
- getName() - Method in interface org.springframework.security.core.AuthenticatedPrincipal
-
Returns the name of the authenticated
Principal
. - getNewContext() - Method in class org.springframework.security.core.context.SecurityContextChangedEvent
-
Get the
SecurityContext
set on theSecurityContextHolder
as of this event - getNewSessionId() - Method in class org.springframework.security.core.session.SessionIdChangedEvent
-
Returns the new session ID.
- getObject() - Method in class org.springframework.security.authorization.AuthorizationObservationContext
-
Get the object for which access was requested
- getObject() - Method in class org.springframework.security.authorization.event.AuthorizationDeniedEvent
-
Get the object to which access was requested
- getObject() - Method in class org.springframework.security.authorization.event.AuthorizationEvent
-
Get the object to which access was requested
- getObject() - Method in class org.springframework.security.authorization.event.AuthorizationGrantedEvent
-
Get the object to which access was requested
- getObject() - Method in class org.springframework.security.core.token.SecureRandomFactoryBean
- getObjectType() - Method in class org.springframework.security.core.token.SecureRandomFactoryBean
- getOldContext() - Method in class org.springframework.security.core.context.SecurityContextChangedEvent
-
Get the
SecurityContext
set on theSecurityContextHolder
immediately previous to this event - getOldSessionId() - Method in class org.springframework.security.core.session.SessionIdChangedEvent
-
Returns the old session ID.
- getOrder() - Method in enum class org.springframework.security.authorization.method.AuthorizationInterceptorsOrder
- getOrder() - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor
- getOrder() - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterReactiveMethodInterceptor
- getOrder() - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
- getOrder() - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeReactiveMethodInterceptor
- getOrder() - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationMethodInterceptor
- getOrder() - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationReactiveMethodInterceptor
- getOrder() - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationMethodInterceptor
- getOrder() - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationReactiveMethodInterceptor
- getOriginalAuthentication() - Method in class org.springframework.security.access.intercept.RunAsUserToken
-
Deprecated.
- getParameterNameDiscoverer() - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
- getParameterNames(Constructor<?>) - Method in class org.springframework.security.core.parameters.AnnotationParameterNameDiscoverer
- getParameterNames(Method) - Method in class org.springframework.security.core.parameters.AnnotationParameterNameDiscoverer
- getPassword() - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
- getPassword() - Method in class org.springframework.security.core.userdetails.User
- getPassword() - Method in interface org.springframework.security.core.userdetails.UserDetails
-
Returns the password used to authenticate the user.
- getPasswordEncoder() - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
- getPermissionEvaluator() - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
- getPointcut() - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityMetadataSourceAdvisor
-
Deprecated.
- getPointcut() - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor
- getPointcut() - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterReactiveMethodInterceptor
- getPointcut() - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
- getPointcut() - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeReactiveMethodInterceptor
- getPointcut() - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationMethodInterceptor
- getPointcut() - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationReactiveMethodInterceptor
- getPointcut() - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationMethodInterceptor
- getPointcut() - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationReactiveMethodInterceptor
- getPostAuthenticationChecks() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- getPreAuthenticationChecks() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- getPrincipal() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
-
Convenience method to access
Authentication.getPrincipal()
fromSecurityExpressionRoot.getAuthentication()
- getPrincipal() - Method in class org.springframework.security.access.intercept.RunAsUserToken
-
Deprecated.
- getPrincipal() - Method in class org.springframework.security.authentication.AnonymousAuthenticationToken
- getPrincipal() - Method in class org.springframework.security.authentication.jaas.JaasGrantedAuthority
- getPrincipal() - Method in class org.springframework.security.authentication.RememberMeAuthenticationToken
- getPrincipal() - Method in class org.springframework.security.authentication.TestingAuthenticationToken
- getPrincipal() - Method in class org.springframework.security.authentication.UsernamePasswordAuthenticationToken
- getPrincipal() - Method in interface org.springframework.security.core.Authentication
-
The identity of the principal being authenticated.
- getPrincipal() - Method in class org.springframework.security.core.session.SessionInformation
- getProcessDomainObjectClass() - Method in class org.springframework.security.access.vote.AbstractAclVoter
-
Deprecated.
- getProtectedFieldValue(String, Object) - Static method in class org.springframework.security.util.FieldUtils
- getProviders() - Method in class org.springframework.security.access.intercept.AfterInvocationProviderManager
-
Deprecated.
- getProviders() - Method in class org.springframework.security.authentication.ProviderManager
- getReachableGrantedAuthorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.access.hierarchicalroles.NullRoleHierarchy
- getReachableGrantedAuthorities(Collection<? extends GrantedAuthority>) - Method in interface org.springframework.security.access.hierarchicalroles.RoleHierarchy
-
Returns an array of all reachable authorities.
- getReachableGrantedAuthorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl
- getResult() - Method in class org.springframework.security.authorization.method.MethodInvocationResult
-
Return the result of the already-invoked
MethodInvocation
- getReturnObject() - Method in interface org.springframework.security.access.expression.method.MethodSecurityExpressionOperations
- getRoleHierarchy() - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
- getRolePrefix() - Method in class org.springframework.security.access.intercept.RunAsManagerImpl
-
Deprecated.
- getRolePrefix() - Method in class org.springframework.security.access.vote.RoleVoter
-
Deprecated.
- getRolePrefix() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- getRunAsManager() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
Deprecated.
- getSecureObject() - Method in class org.springframework.security.access.intercept.InterceptorStatusToken
-
Deprecated.
- getSecureObjectClass() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
Deprecated.Indicates the type of secure objects the subclass will be presenting to the abstract parent for processing.
- getSecureObjectClass() - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor
-
Deprecated.
- getSecurityContext() - Method in class org.springframework.security.access.intercept.InterceptorStatusToken
-
Deprecated.
- getSecurityContexts() - Method in class org.springframework.security.core.session.SessionDestroyedEvent
-
Provides the
SecurityContext
instances which were associated with the destroyed session. - getSecurityMetadataSource() - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor
-
Deprecated.
- getSessionId() - Method in class org.springframework.security.core.session.SessionInformation
- getSessionInformation(String) - Method in interface org.springframework.security.core.session.SessionRegistry
-
Obtains the session information for the specified
sessionId
. - getSessionInformation(String) - Method in class org.springframework.security.core.session.SessionRegistryImpl
- getStaticPart() - Method in class org.springframework.security.access.intercept.aspectj.MethodInvocationAdapter
-
Deprecated.
- getStaticPart() - Method in class org.springframework.security.util.SimpleMethodInvocation
- getStringSeparator() - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
- getThis() - Method in interface org.springframework.security.access.expression.method.MethodSecurityExpressionOperations
- getThis() - Method in class org.springframework.security.access.intercept.aspectj.MethodInvocationAdapter
-
Deprecated.
- getThis() - Method in class org.springframework.security.util.SimpleMethodInvocation
- getTrustResolver() - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
- getUserCache() - Method in class org.springframework.security.authentication.CachingUserDetailsService
- getUserCache() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- getUserDetailsService() - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
- getUserFromCache(String) - Method in class org.springframework.security.core.userdetails.cache.NullUserCache
- getUserFromCache(String) - Method in class org.springframework.security.core.userdetails.cache.SpringCacheBasedUserCache
- getUserFromCache(String) - Method in interface org.springframework.security.core.userdetails.UserCache
-
Obtains a
UserDetails
from the cache. - getUsername() - Method in class org.springframework.security.core.userdetails.User
- getUsername() - Method in interface org.springframework.security.core.userdetails.UserDetails
-
Returns the username used to authenticate the user.
- getUsersByUsernameQuery() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- getVersion() - Static method in class org.springframework.security.core.SpringSecurityCoreVersion
- grant(Principal) - Method in interface org.springframework.security.authentication.jaas.AuthorityGranter
-
The grant method is called for each principal returned from the LoginContext subject.
- GrantedAuthoritiesContainer - Interface in org.springframework.security.core.authority
-
Indicates that a object stores GrantedAuthority objects.
- GrantedAuthoritiesMapper - Interface in org.springframework.security.core.authority.mapping
-
Mapping interface which can be injected into the authentication layer to convert the authorities loaded from storage into those which will be used in the
Authentication
object. - GrantedAuthority - Interface in org.springframework.security.core
-
Represents an authority granted to an
Authentication
object. - GroupManager - Interface in org.springframework.security.provisioning
-
Allows management of groups of authorities and their members.
H
- handle(Callback, Authentication) - Method in interface org.springframework.security.authentication.jaas.JaasAuthenticationCallbackHandler
-
Handle the Callback.
- handle(Callback, Authentication) - Method in class org.springframework.security.authentication.jaas.JaasNameCallbackHandler
-
If the callback passed to the 'handle' method is an instance of NameCallback, the JaasNameCallbackHandler will call, callback.setName(authentication.getPrincipal().toString()).
- handle(Callback, Authentication) - Method in class org.springframework.security.authentication.jaas.JaasPasswordCallbackHandler
-
If the callback passed to the 'handle' method is an instance of PasswordCallback, the JaasPasswordCallbackHandler will call, callback.setPassword(authentication.getCredentials().toString()).
- handleLogout(SessionDestroyedEvent) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
-
Handles the logout by getting the security contexts for the destroyed session and invoking
LoginContext.logout()
for any which contain aJaasAuthenticationToken
. - hasAnyAuthority(String...) - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
-
Determines if the
SecurityExpressionOperations.getAuthentication()
has any of the specified authorities withinAuthentication.getAuthorities()
. - hasAnyAuthority(String...) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
- hasAnyAuthority(String...) - Static method in class org.springframework.security.authorization.AuthorityAuthorizationManager
-
Creates an instance of
AuthorityAuthorizationManager
with the provided authorities. - hasAnyAuthority(String...) - Static method in class org.springframework.security.authorization.AuthorityReactiveAuthorizationManager
-
Creates an instance of
AuthorityReactiveAuthorizationManager
with the provided authorities. - hasAnyRole(String...) - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
-
Determines if the
SecurityExpressionOperations.getAuthentication()
has any of the specified authorities withinAuthentication.getAuthorities()
. - hasAnyRole(String...) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
- hasAnyRole(String...) - Static method in class org.springframework.security.authorization.AuthorityAuthorizationManager
-
Creates an instance of
AuthorityAuthorizationManager
with the provided authorities. - hasAnyRole(String...) - Static method in class org.springframework.security.authorization.AuthorityReactiveAuthorizationManager
-
Creates an instance of
AuthorityReactiveAuthorizationManager
with the provided authorities. - hasAnyRole(String, String[]) - Static method in class org.springframework.security.authorization.AuthorityAuthorizationManager
-
Creates an instance of
AuthorityAuthorizationManager
with the provided authorities. - hasAuthority(String) - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
-
Determines if the
SecurityExpressionOperations.getAuthentication()
has a particular authority withinAuthentication.getAuthorities()
. - hasAuthority(String) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
- hasAuthority(String) - Static method in class org.springframework.security.authorization.AuthorityAuthorizationManager
-
Creates an instance of
AuthorityAuthorizationManager
with the provided authority. - hasAuthority(String) - Static method in class org.springframework.security.authorization.AuthorityReactiveAuthorizationManager
-
Creates an instance of
AuthorityReactiveAuthorizationManager
with the provided authority. - hashCode() - Method in class org.springframework.security.access.SecurityConfig
- hashCode() - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
- hashCode() - Method in class org.springframework.security.authentication.AnonymousAuthenticationToken
- hashCode() - Method in class org.springframework.security.authentication.jaas.JaasGrantedAuthority
- hashCode() - Method in class org.springframework.security.authentication.RememberMeAuthenticationToken
- hashCode() - Method in class org.springframework.security.core.authority.SimpleGrantedAuthority
- hashCode() - Method in class org.springframework.security.core.context.SecurityContextImpl
- hashCode() - Method in class org.springframework.security.core.token.DefaultToken
- hashCode() - Method in class org.springframework.security.core.userdetails.User
-
Returns the hashcode of the
username
. - hashCode() - Method in class org.springframework.security.util.InMemoryResource
- hasPermission(Object, Object) - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
-
Determines if the
SecurityExpressionOperations.getAuthentication()
has permission to access the target given the permission - hasPermission(Object, Object) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
- hasPermission(Object, String, Object) - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
-
Determines if the
SecurityExpressionOperations.getAuthentication()
has permission to access the domain object with a given id, type, and permission. - hasPermission(Object, String, Object) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
- hasPermission(Authentication, Serializable, String, Object) - Method in class org.springframework.security.access.expression.DenyAllPermissionEvaluator
- hasPermission(Authentication, Serializable, String, Object) - Method in interface org.springframework.security.access.PermissionEvaluator
-
Alternative method for evaluating a permission where only the identifier of the target object is available, rather than the target instance itself.
- hasPermission(Authentication, Object, Object) - Method in class org.springframework.security.access.expression.DenyAllPermissionEvaluator
- hasPermission(Authentication, Object, Object) - Method in interface org.springframework.security.access.PermissionEvaluator
- hasRole(String) - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
-
Determines if the
SecurityExpressionOperations.getAuthentication()
has a particular authority withinAuthentication.getAuthorities()
. - hasRole(String) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
- hasRole(String) - Static method in class org.springframework.security.authorization.AuthorityAuthorizationManager
-
Creates an instance of
AuthorityAuthorizationManager
with the provided authority. - hasRole(String) - Static method in class org.springframework.security.authorization.AuthorityReactiveAuthorizationManager
-
Creates an instance of
AuthorityReactiveAuthorizationManager
with the provided authority. - hideUserNotFoundExceptions - Variable in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
I
- initDao() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- initDao() - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- initialize(Subject, CallbackHandler, Map, Map) - Method in class org.springframework.security.authentication.jaas.SecurityContextLoginModule
-
Initialize this
LoginModule
. - InMemoryConfiguration - Class in org.springframework.security.authentication.jaas.memory
-
An in memory representation of a JAAS configuration.
- InMemoryConfiguration(Map<String, AppConfigurationEntry[]>) - Constructor for class org.springframework.security.authentication.jaas.memory.InMemoryConfiguration
-
Creates a new instance with a mapping of login context name to an array of
AppConfigurationEntry
s. - InMemoryConfiguration(Map<String, AppConfigurationEntry[]>, AppConfigurationEntry[]) - Constructor for class org.springframework.security.authentication.jaas.memory.InMemoryConfiguration
-
Creates a new instance with a mapping of login context name to an array of
AppConfigurationEntry
s along with a default configuration that will be used if no mapping is found for the given login context name. - InMemoryConfiguration(AppConfigurationEntry[]) - Constructor for class org.springframework.security.authentication.jaas.memory.InMemoryConfiguration
-
Creates a new instance with only a defaultConfiguration.
- InMemoryResource - Class in org.springframework.security.util
-
An in memory implementation of Spring's
Resource
interface. - InMemoryResource(byte[]) - Constructor for class org.springframework.security.util.InMemoryResource
- InMemoryResource(byte[], String) - Constructor for class org.springframework.security.util.InMemoryResource
- InMemoryResource(String) - Constructor for class org.springframework.security.util.InMemoryResource
- InMemoryUserDetailsManager - Class in org.springframework.security.provisioning
-
Non-persistent implementation of
UserDetailsManager
which is backed by an in-memory map. - InMemoryUserDetailsManager() - Constructor for class org.springframework.security.provisioning.InMemoryUserDetailsManager
- InMemoryUserDetailsManager(Collection<UserDetails>) - Constructor for class org.springframework.security.provisioning.InMemoryUserDetailsManager
- InMemoryUserDetailsManager(Properties) - Constructor for class org.springframework.security.provisioning.InMemoryUserDetailsManager
- InMemoryUserDetailsManager(UserDetails...) - Constructor for class org.springframework.security.provisioning.InMemoryUserDetailsManager
- InsufficientAuthenticationException - Exception in org.springframework.security.authentication
-
Thrown if an authentication request is rejected because the credentials are not sufficiently trusted.
- InsufficientAuthenticationException(String) - Constructor for exception org.springframework.security.authentication.InsufficientAuthenticationException
-
Constructs an
InsufficientAuthenticationException
with the specified message. - InsufficientAuthenticationException(String, Throwable) - Constructor for exception org.springframework.security.authentication.InsufficientAuthenticationException
-
Constructs an
InsufficientAuthenticationException
with the specified message and root cause. - InteractiveAuthenticationSuccessEvent - Class in org.springframework.security.authentication.event
-
Indicates an interactive authentication was successful.
- InteractiveAuthenticationSuccessEvent(Authentication, Class<?>) - Constructor for class org.springframework.security.authentication.event.InteractiveAuthenticationSuccessEvent
- InterceptorStatusToken - Class in org.springframework.security.access.intercept
-
Deprecated.Use delegation with
AuthorizationManager
- InterceptorStatusToken(SecurityContext, boolean, Collection<ConfigAttribute>, Object) - Constructor for class org.springframework.security.access.intercept.InterceptorStatusToken
-
Deprecated.
- InternalAuthenticationServiceException - Exception in org.springframework.security.authentication
-
Thrown if an authentication request could not be processed due to a system problem that occurred internally.
- InternalAuthenticationServiceException(String) - Constructor for exception org.springframework.security.authentication.InternalAuthenticationServiceException
- InternalAuthenticationServiceException(String, Throwable) - Constructor for exception org.springframework.security.authentication.InternalAuthenticationServiceException
- invoke(MethodInvocation) - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor
-
Deprecated.This method should be used to enforce security on a
MethodInvocation
. - invoke(MethodInvocation) - Method in class org.springframework.security.access.prepost.PrePostAdviceReactiveMethodInterceptor
-
Deprecated.
- invoke(MethodInvocation) - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor
- invoke(MethodInvocation) - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterReactiveMethodInterceptor
-
Determines if an
Authentication
has access to the returned object from theMethodInvocation
using the configuredReactiveAuthorizationManager
. - invoke(MethodInvocation) - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
-
Determine if an
Authentication
has access to theMethodInvocation
using the configuredAuthorizationManager
. - invoke(MethodInvocation) - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeReactiveMethodInterceptor
-
Determines if an
Authentication
has access to theMethodInvocation
using the configuredReactiveAuthorizationManager
. - invoke(MethodInvocation) - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationMethodInterceptor
- invoke(MethodInvocation) - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationReactiveMethodInterceptor
-
Filters the returned object from the
MethodInvocation
by evaluating an expression from thePostFilter
annotation. - invoke(MethodInvocation) - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationMethodInterceptor
-
Filter the method argument specified in the
PreFilter
annotation thatMethodInvocation
specifies. - invoke(MethodInvocation) - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationReactiveMethodInterceptor
-
Filters a reactive method argument by evaluating an expression from the
PreFilter
annotation. - invoke(JoinPoint) - Method in class org.springframework.security.access.intercept.aspectj.AspectJMethodSecurityInterceptor
-
Deprecated.Method that is suitable for user with @Aspect notation.
- invoke(JoinPoint, AspectJCallback) - Method in class org.springframework.security.access.intercept.aspectj.AspectJMethodSecurityInterceptor
-
Deprecated.Method that is suitable for user with traditional AspectJ-code aspects.
- invokeAll(Collection) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
- invokeAll(Collection, long, TimeUnit) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
- invokeAny(Collection) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
- invokeAny(Collection, long, TimeUnit) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
- IS_AUTHENTICATED_ANONYMOUSLY - Static variable in class org.springframework.security.access.vote.AuthenticatedVoter
-
Deprecated.
- IS_AUTHENTICATED_FULLY - Static variable in class org.springframework.security.access.vote.AuthenticatedVoter
-
Deprecated.
- IS_AUTHENTICATED_REMEMBERED - Static variable in class org.springframework.security.access.vote.AuthenticatedVoter
-
Deprecated.
- isAccountNonExpired() - Method in class org.springframework.security.core.userdetails.User
- isAccountNonExpired() - Method in interface org.springframework.security.core.userdetails.UserDetails
-
Indicates whether the user's account has expired.
- isAccountNonLocked() - Method in class org.springframework.security.core.userdetails.User
- isAccountNonLocked() - Method in interface org.springframework.security.core.userdetails.UserDetails
-
Indicates whether the user is locked or unlocked.
- isAllowed(MethodInvocation, Authentication) - Method in class org.springframework.security.access.intercept.MethodInvocationPrivilegeEvaluator
-
Deprecated.
- isAllowIfAllAbstainDecisions() - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager
-
Deprecated.
- isAllowIfEqualGrantedDeniedDecisions() - Method in class org.springframework.security.access.vote.ConsensusBased
-
Deprecated.
- isAlwaysReauthenticate() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
Deprecated.
- isAnonymous() - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
-
Determines if the
SecurityExpressionOperations.getAuthentication()
is anonymous - isAnonymous() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
- isAnonymous(Authentication) - Method in interface org.springframework.security.authentication.AuthenticationTrustResolver
-
Indicates whether the passed
Authentication
token represents an anonymous user. - isAnonymous(Authentication) - Method in class org.springframework.security.authentication.AuthenticationTrustResolverImpl
- isAuthenticated() - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
-
Determines ifthe
SecurityExpressionOperations.getAuthentication()
is authenticated - isAuthenticated() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
- isAuthenticated() - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
- isAuthenticated() - Method in interface org.springframework.security.core.Authentication
-
Used to indicate to
AbstractSecurityInterceptor
whether it should present the authentication token to theAuthenticationManager
. - isCleared() - Method in class org.springframework.security.core.context.SecurityContextChangedEvent
-
Say whether the event is a context-clearing event.
- isContextHolderRefreshRequired() - Method in class org.springframework.security.access.intercept.InterceptorStatusToken
-
Deprecated.
- isCredentialsNonExpired() - Method in class org.springframework.security.core.userdetails.User
- isCredentialsNonExpired() - Method in interface org.springframework.security.core.userdetails.UserDetails
-
Indicates whether the user's credentials (password) has expired.
- isEnabled() - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
- isEnabled() - Method in class org.springframework.security.core.userdetails.User
- isEnabled() - Method in interface org.springframework.security.core.userdetails.UserDetails
-
Indicates whether the user is enabled or disabled.
- isEraseCredentialsAfterAuthentication() - Method in class org.springframework.security.authentication.ProviderManager
- isExpired() - Method in class org.springframework.security.core.session.SessionInformation
- isForcePrincipalAsString() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- isFullyAuthenticated() - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
-
Determines if the
SecurityExpressionOperations.getAuthentication()
authenticated without the use of remember me - isFullyAuthenticated() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
- isGenerated() - Method in interface org.springframework.security.core.context.DeferredSecurityContext
-
Returns true if
Supplier.get()
refers to a generatedSecurityContext
or false if it already existed. - isGranted() - Method in class org.springframework.security.authorization.AuthorizationDecision
- isHideUserNotFoundExceptions() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- isLogInteractiveAuthenticationSuccessEvents() - Method in class org.springframework.security.authentication.event.LoggerListener
- isPerInstance() - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor
- isPerInstance() - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterReactiveMethodInterceptor
- isPerInstance() - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
- isPerInstance() - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeReactiveMethodInterceptor
- isPerInstance() - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationMethodInterceptor
- isPerInstance() - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationReactiveMethodInterceptor
- isPerInstance() - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationMethodInterceptor
- isPerInstance() - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationReactiveMethodInterceptor
- isRejectPublicInvocations() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
Deprecated.
- isRememberMe() - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
-
Determines if the
SecurityExpressionOperations.getAuthentication()
was authenticated using remember me - isRememberMe() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
- isRememberMe(Authentication) - Method in interface org.springframework.security.authentication.AuthenticationTrustResolver
-
Indicates whether the passed
Authentication
token represents user that has been remembered (i.e. - isRememberMe(Authentication) - Method in class org.springframework.security.authentication.AuthenticationTrustResolverImpl
- isShutdown() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
- isSingleton() - Method in class org.springframework.security.core.token.SecureRandomFactoryBean
- isTerminated() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
- isUsernameBasedPrimaryKey() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- isValid() - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
- isValidateConfigAttributes() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
Deprecated.
J
- JaasAuthenticationCallbackHandler - Interface in org.springframework.security.authentication.jaas
-
The JaasAuthenticationCallbackHandler is similar to the javax.security.auth.callback.CallbackHandler interface in that it defines a handle method.
- JaasAuthenticationEvent - Class in org.springframework.security.authentication.jaas.event
-
Parent class for events fired by the
JaasAuthenticationProvider
. - JaasAuthenticationEvent(Authentication) - Constructor for class org.springframework.security.authentication.jaas.event.JaasAuthenticationEvent
-
The Authentication object is stored as the ApplicationEvent 'source'.
- JaasAuthenticationFailedEvent - Class in org.springframework.security.authentication.jaas.event
-
Fired when LoginContext.login throws a LoginException, or if any other exception is thrown during that time.
- JaasAuthenticationFailedEvent(Authentication, Exception) - Constructor for class org.springframework.security.authentication.jaas.event.JaasAuthenticationFailedEvent
- JaasAuthenticationProvider - Class in org.springframework.security.authentication.jaas
-
An
AuthenticationProvider
implementation that retrieves user details from a JAAS login configuration. - JaasAuthenticationProvider() - Constructor for class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
- JaasAuthenticationSuccessEvent - Class in org.springframework.security.authentication.jaas.event
-
Fired by the
JaasAuthenticationProvider
after successfully logging the user into the LoginContext, handling all callbacks, and calling all AuthorityGranters. - JaasAuthenticationSuccessEvent(Authentication) - Constructor for class org.springframework.security.authentication.jaas.event.JaasAuthenticationSuccessEvent
- JaasAuthenticationToken - Class in org.springframework.security.authentication.jaas
-
UsernamePasswordAuthenticationToken extension to carry the Jaas LoginContext that the user was logged into
- JaasAuthenticationToken(Object, Object, List<GrantedAuthority>, LoginContext) - Constructor for class org.springframework.security.authentication.jaas.JaasAuthenticationToken
- JaasAuthenticationToken(Object, Object, LoginContext) - Constructor for class org.springframework.security.authentication.jaas.JaasAuthenticationToken
- JaasGrantedAuthority - Class in org.springframework.security.authentication.jaas
-
GrantedAuthority
which, in addition to the assigned role, holds the principal that anAuthorityGranter
used as a reason to grant this authority. - JaasGrantedAuthority(String, Principal) - Constructor for class org.springframework.security.authentication.jaas.JaasGrantedAuthority
- JaasNameCallbackHandler - Class in org.springframework.security.authentication.jaas
-
The most basic Callbacks to be handled when using a LoginContext from JAAS, are the NameCallback and PasswordCallback.
- JaasNameCallbackHandler() - Constructor for class org.springframework.security.authentication.jaas.JaasNameCallbackHandler
- JaasPasswordCallbackHandler - Class in org.springframework.security.authentication.jaas
-
The most basic Callbacks to be handled when using a LoginContext from JAAS, are the NameCallback and PasswordCallback.
- JaasPasswordCallbackHandler() - Constructor for class org.springframework.security.authentication.jaas.JaasPasswordCallbackHandler
- JdbcDaoImpl - Class in org.springframework.security.core.userdetails.jdbc
-
UserDetailsService implementation which retrieves the user details (username, password, enabled flag, and authorities) from a database using JDBC queries.
- JdbcDaoImpl() - Constructor for class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- JdbcUserDetailsManager - Class in org.springframework.security.provisioning
-
Jdbc user management service, based on the same table structure as its parent class, JdbcDaoImpl.
- JdbcUserDetailsManager() - Constructor for class org.springframework.security.provisioning.JdbcUserDetailsManager
- JdbcUserDetailsManager(DataSource) - Constructor for class org.springframework.security.provisioning.JdbcUserDetailsManager
- jsr250() - Static method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
-
Creates an interceptor for the JSR-250 annotations
- jsr250(AuthorizationManager<MethodInvocation>) - Static method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
-
Creates an interceptor for the JSR-250 annotations
- jsr250(Jsr250AuthorizationManager) - Static method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
-
Creates an interceptor for the JSR-250 annotations
- JSR250 - Enum constant in enum class org.springframework.security.authorization.method.AuthorizationInterceptorsOrder
- Jsr250AuthorizationManager - Class in org.springframework.security.authorization.method
-
An
AuthorizationManager
which can determine if anAuthentication
may invoke theMethodInvocation
by evaluating if theAuthentication
contains a specified authority from the JSR-250 security annotations. - Jsr250AuthorizationManager() - Constructor for class org.springframework.security.authorization.method.Jsr250AuthorizationManager
- Jsr250MethodSecurityMetadataSource - Class in org.springframework.security.access.annotation
-
Deprecated.Use
Jsr250AuthorizationManager
instead - Jsr250MethodSecurityMetadataSource() - Constructor for class org.springframework.security.access.annotation.Jsr250MethodSecurityMetadataSource
-
Deprecated.
- Jsr250SecurityConfig - Class in org.springframework.security.access.annotation
-
Deprecated.
- Jsr250SecurityConfig(String) - Constructor for class org.springframework.security.access.annotation.Jsr250SecurityConfig
-
Deprecated.
- Jsr250Voter - Class in org.springframework.security.access.annotation
-
Deprecated.Use
Jsr250AuthorizationManager
instead - Jsr250Voter() - Constructor for class org.springframework.security.access.annotation.Jsr250Voter
-
Deprecated.
K
- KeyBasedPersistenceTokenService - Class in org.springframework.security.core.token
-
Basic implementation of
TokenService
that is compatible with clusters and across machine restarts, without requiring database persistence. - KeyBasedPersistenceTokenService() - Constructor for class org.springframework.security.core.token.KeyBasedPersistenceTokenService
L
- LAST - Enum constant in enum class org.springframework.security.authorization.method.AuthorizationInterceptorsOrder
- ListeningSecurityContextHolderStrategy - Class in org.springframework.security.core.context
-
An API for notifying when the
SecurityContext
changes. - ListeningSecurityContextHolderStrategy(Collection<SecurityContextChangedListener>) - Constructor for class org.springframework.security.core.context.ListeningSecurityContextHolderStrategy
-
Construct a
ListeningSecurityContextHolderStrategy
based onThreadLocalSecurityContextHolderStrategy
- ListeningSecurityContextHolderStrategy(SecurityContextChangedListener...) - Constructor for class org.springframework.security.core.context.ListeningSecurityContextHolderStrategy
-
Construct a
ListeningSecurityContextHolderStrategy
based onThreadLocalSecurityContextHolderStrategy
- ListeningSecurityContextHolderStrategy(SecurityContextHolderStrategy, Collection<SecurityContextChangedListener>) - Constructor for class org.springframework.security.core.context.ListeningSecurityContextHolderStrategy
-
Construct a
ListeningSecurityContextHolderStrategy
- ListeningSecurityContextHolderStrategy(SecurityContextHolderStrategy, SecurityContextChangedListener...) - Constructor for class org.springframework.security.core.context.ListeningSecurityContextHolderStrategy
-
Construct a
ListeningSecurityContextHolderStrategy
- loadGroupAuthorities(String) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
-
Loads authorities by executing the SQL from groupAuthoritiesByUsernameQuery.
- loadUserAuthorities(String) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
-
Loads authorities by executing the SQL from authoritiesByUsernameQuery.
- loadUserByUsername(String) - Method in class org.springframework.security.authentication.CachingUserDetailsService
- loadUserByUsername(String) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- loadUserByUsername(String) - Method in interface org.springframework.security.core.userdetails.UserDetailsService
-
Locates the user based on the username.
- loadUserByUsername(String) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
- loadUserDetails(T) - Method in interface org.springframework.security.core.userdetails.AuthenticationUserDetailsService
- loadUserDetails(T) - Method in class org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper
-
Get the UserDetails object from the wrapped UserDetailsService implementation
- loadUsersByUsername(String) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
-
Executes the SQL usersByUsernameQuery and returns a list of UserDetails objects.
- loadUsersByUsername(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
-
Executes the SQL usersByUsernameQuery and returns a list of UserDetails objects.
- LockedException - Exception in org.springframework.security.authentication
-
Thrown if an authentication request is rejected because the account is locked.
- LockedException(String) - Constructor for exception org.springframework.security.authentication.LockedException
-
Constructs a
LockedException
with the specified message. - LockedException(String, Throwable) - Constructor for exception org.springframework.security.authentication.LockedException
-
Constructs a
LockedException
with the specified message and root cause. - log - Variable in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
- log - Static variable in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
- logger - Variable in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
- logger - Variable in class org.springframework.security.access.expression.method.ExpressionBasedPostInvocationAdvice
-
Deprecated.
- logger - Variable in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
Deprecated.
- logger - Static variable in class org.springframework.security.access.intercept.AfterInvocationProviderManager
-
Deprecated.
- logger - Static variable in class org.springframework.security.access.intercept.MethodInvocationPrivilegeEvaluator
-
Deprecated.
- logger - Variable in class org.springframework.security.access.method.AbstractMethodSecurityMetadataSource
-
Deprecated.
- logger - Variable in class org.springframework.security.access.prepost.PostInvocationAdviceProvider
-
Deprecated.
- logger - Variable in class org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter
-
Deprecated.
- logger - Variable in class org.springframework.security.access.vote.AbstractAccessDecisionManager
-
Deprecated.
- logger - Variable in class org.springframework.security.authentication.AbstractUserDetailsReactiveAuthenticationManager
- logger - Variable in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- logger - Variable in class org.springframework.security.core.session.SessionRegistryImpl
- logger - Variable in class org.springframework.security.provisioning.InMemoryUserDetailsManager
- logger - Variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
- LoggerListener - Class in org.springframework.security.access.event
-
Deprecated.Logging is now embedded in Spring Security components. If you need further logging, please consider using your own
ApplicationListener
- LoggerListener - Class in org.springframework.security.authentication.event
-
Outputs authentication-related application events to Commons Logging.
- LoggerListener() - Constructor for class org.springframework.security.access.event.LoggerListener
-
Deprecated.
- LoggerListener() - Constructor for class org.springframework.security.authentication.event.LoggerListener
- login() - Method in class org.springframework.security.authentication.jaas.SecurityContextLoginModule
-
Authenticate the
Subject
(phase one) by extracting the Spring SecurityAuthentication
from the currentSecurityContext
. - LoginExceptionResolver - Interface in org.springframework.security.authentication.jaas
-
The JaasAuthenticationProvider takes an instance of LoginExceptionResolver to resolve LoginModule specific exceptions to Spring Security AuthenticationExceptions.
- logout() - Method in class org.springframework.security.authentication.jaas.SecurityContextLoginModule
-
Log out the
Subject
. - LogoutSuccessEvent - Class in org.springframework.security.authentication.event
-
Application event which indicates successful logout
- LogoutSuccessEvent(Authentication) - Constructor for class org.springframework.security.authentication.event.LogoutSuccessEvent
M
- mapAuthorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.access.hierarchicalroles.RoleHierarchyAuthoritiesMapper
- mapAuthorities(Collection<? extends GrantedAuthority>) - Method in interface org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper
- mapAuthorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.core.authority.mapping.NullAuthoritiesMapper
- mapAuthorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.core.authority.mapping.SimpleAuthorityMapper
-
Creates a mapping of the supplied authorities based on the case-conversion and prefix settings.
- MapBasedAttributes2GrantedAuthoritiesMapper - Class in org.springframework.security.core.authority.mapping
-
This class implements the Attributes2GrantedAuthoritiesMapper and MappableAttributesRetriever interfaces based on the supplied Map.
- MapBasedAttributes2GrantedAuthoritiesMapper() - Constructor for class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
- MapBasedMethodSecurityMetadataSource - Class in org.springframework.security.access.method
-
Deprecated.Use the
use-authorization-manager
attribute for<method-security>
and<intercept-methods>
instead or use annotation-based orAuthorizationManager
-based authorization - MapBasedMethodSecurityMetadataSource() - Constructor for class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
-
Deprecated.
- MapBasedMethodSecurityMetadataSource(Map<String, List<ConfigAttribute>>) - Constructor for class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
-
Deprecated.Creates the MapBasedMethodSecurityMetadataSource from a
- MappableAttributesRetriever - Interface in org.springframework.security.core.authority.mapping
-
Interface to be implemented by classes that can retrieve a list of mappable security attribute strings (for example the list of all available J2EE roles in a web or EJB application).
- MapReactiveUserDetailsService - Class in org.springframework.security.core.userdetails
-
A
Map
based implementation ofReactiveUserDetailsService
- MapReactiveUserDetailsService(Collection<UserDetails>) - Constructor for class org.springframework.security.core.userdetails.MapReactiveUserDetailsService
-
Creates a new instance
- MapReactiveUserDetailsService(Map<String, UserDetails>) - Constructor for class org.springframework.security.core.userdetails.MapReactiveUserDetailsService
-
Creates a new instance using a
Map
that must be non blocking. - MapReactiveUserDetailsService(UserDetails...) - Constructor for class org.springframework.security.core.userdetails.MapReactiveUserDetailsService
-
Creates a new instance
- messages - Variable in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
Deprecated.
- messages - Variable in class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider
-
Deprecated.
- messages - Variable in class org.springframework.security.access.vote.AbstractAccessDecisionManager
-
Deprecated.
- messages - Variable in class org.springframework.security.authentication.AbstractUserDetailsReactiveAuthenticationManager
- messages - Variable in class org.springframework.security.authentication.AccountStatusUserDetailsChecker
- messages - Variable in class org.springframework.security.authentication.AnonymousAuthenticationProvider
- messages - Variable in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- messages - Variable in class org.springframework.security.authentication.ProviderManager
- messages - Variable in class org.springframework.security.authentication.RememberMeAuthenticationProvider
- messages - Variable in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- MethodExpressionAuthorizationManager - Class in org.springframework.security.authorization.method
-
An expression-based
AuthorizationManager
that determines the access by evaluating the provided expression against theMethodInvocation
. - MethodExpressionAuthorizationManager(String) - Constructor for class org.springframework.security.authorization.method.MethodExpressionAuthorizationManager
-
Creates an instance.
- MethodInvocationAdapter - Class in org.springframework.security.access.intercept.aspectj
-
Deprecated.This class will be removed from the public API. See `JoinPointMethodInvocation` in `spring-security-aspects` for its replacement
- MethodInvocationPrivilegeEvaluator - Class in org.springframework.security.access.intercept
-
Deprecated.Use
AuthorizationManager
instead - MethodInvocationPrivilegeEvaluator() - Constructor for class org.springframework.security.access.intercept.MethodInvocationPrivilegeEvaluator
-
Deprecated.
- MethodInvocationResult - Class in org.springframework.security.authorization.method
-
A context object that contains a
MethodInvocation
and the result of thatMethodInvocation
. - MethodInvocationResult(MethodInvocation, Object) - Constructor for class org.springframework.security.authorization.method.MethodInvocationResult
-
Construct a
MethodInvocationResult
with the provided parameters - MethodInvocationUtils - Class in org.springframework.security.util
-
Static utility methods for creating
MethodInvocation
s usable within Spring Security. - methodMap - Variable in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
-
Deprecated.Map from RegisteredMethod to ConfigAttribute list
- MethodSecurityExpressionHandler - Interface in org.springframework.security.access.expression.method
-
Extended expression-handler facade which adds methods which are specific to securing method invocations.
- MethodSecurityExpressionOperations - Interface in org.springframework.security.access.expression.method
-
Interface which must be implemented if you want to use filtering in method security expressions.
- MethodSecurityInterceptor - Class in org.springframework.security.access.intercept.aopalliance
-
Deprecated.Please use
AuthorizationManagerBeforeMethodInterceptor
andAuthorizationManagerAfterMethodInterceptor
instead - MethodSecurityInterceptor() - Constructor for class org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor
-
Deprecated.
- MethodSecurityMetadataSource - Interface in org.springframework.security.access.method
-
Deprecated.Use the
use-authorization-manager
attribute for<method-security>
and<intercept-methods>
instead or use annotation-based orAuthorizationManager
-based authorization - MethodSecurityMetadataSourceAdvisor - Class in org.springframework.security.access.intercept.aopalliance
-
Deprecated.Use
EnableMethodSecurity
or publish interceptors directly - MethodSecurityMetadataSourceAdvisor(String, MethodSecurityMetadataSource, String) - Constructor for class org.springframework.security.access.intercept.aopalliance.MethodSecurityMetadataSourceAdvisor
-
Deprecated.Alternative constructor for situations where we want the advisor decoupled from the advice.
- MODE_GLOBAL - Static variable in class org.springframework.security.core.context.SecurityContextHolder
- MODE_INHERITABLETHREADLOCAL - Static variable in class org.springframework.security.core.context.SecurityContextHolder
- MODE_THREADLOCAL - Static variable in class org.springframework.security.core.context.SecurityContextHolder
N
- NO_AUTHORITIES - Static variable in class org.springframework.security.core.authority.AuthorityUtils
- NO_CONTEXT - Static variable in class org.springframework.security.core.context.SecurityContextChangedEvent
- NullAuthoritiesMapper - Class in org.springframework.security.core.authority.mapping
- NullAuthoritiesMapper() - Constructor for class org.springframework.security.core.authority.mapping.NullAuthoritiesMapper
- NullRoleHierarchy - Class in org.springframework.security.access.hierarchicalroles
- NullRoleHierarchy() - Constructor for class org.springframework.security.access.hierarchicalroles.NullRoleHierarchy
- NullUserCache - Class in org.springframework.security.core.userdetails.cache
-
Does not perform any caching.
- NullUserCache() - Constructor for class org.springframework.security.core.userdetails.cache.NullUserCache
O
- ObservationAuthenticationManager - Class in org.springframework.security.authentication
-
An
AuthenticationManager
that observes the authentication - ObservationAuthenticationManager(ObservationRegistry, AuthenticationManager) - Constructor for class org.springframework.security.authentication.ObservationAuthenticationManager
- ObservationAuthorizationManager<T> - Class in org.springframework.security.authorization
-
An
AuthorizationManager
that observes the authorization - ObservationAuthorizationManager(ObservationRegistry, AuthorizationManager<T>) - Constructor for class org.springframework.security.authorization.ObservationAuthorizationManager
- ObservationReactiveAuthenticationManager - Class in org.springframework.security.authentication
-
An
ReactiveAuthenticationManager
that observes the authentication - ObservationReactiveAuthenticationManager(ObservationRegistry, ReactiveAuthenticationManager) - Constructor for class org.springframework.security.authentication.ObservationReactiveAuthenticationManager
- ObservationReactiveAuthorizationManager<T> - Class in org.springframework.security.authorization
-
An
ReactiveAuthorizationManager
that observes the authentication - ObservationReactiveAuthorizationManager(ObservationRegistry, ReactiveAuthorizationManager<T>) - Constructor for class org.springframework.security.authorization.ObservationReactiveAuthorizationManager
- ObservationSecurityContextChangedListener - Class in org.springframework.security.core.context
-
A
SecurityContextChangedListener
that adds events to an existingObservation
If noObservation
is present when an event is fired, then the event is unrecorded. - ObservationSecurityContextChangedListener(ObservationRegistry) - Constructor for class org.springframework.security.core.context.ObservationSecurityContextChangedListener
- obtainSecurityMetadataSource() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
Deprecated.
- obtainSecurityMetadataSource() - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor
-
Deprecated.
- onApplicationEvent(ApplicationEvent) - Method in class org.springframework.security.context.DelegatingApplicationListener
- onApplicationEvent(AbstractAuthorizationEvent) - Method in class org.springframework.security.access.event.LoggerListener
-
Deprecated.
- onApplicationEvent(AbstractAuthenticationEvent) - Method in class org.springframework.security.authentication.event.LoggerListener
- onApplicationEvent(AbstractSessionEvent) - Method in class org.springframework.security.core.session.SessionRegistryImpl
- onApplicationEvent(SessionDestroyedEvent) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
- org.springframework.security.access - package org.springframework.security.access
-
Core access-control related code, including security metadata related classes, interception code, access control annotations, EL support and voter-based implementations of the central
AccessDecisionManager
interface. - org.springframework.security.access.annotation - package org.springframework.security.access.annotation
-
Support for JSR-250 and Spring Security
@Secured
annotations. - org.springframework.security.access.event - package org.springframework.security.access.event
-
Authorization event and listener classes.
- org.springframework.security.access.expression - package org.springframework.security.access.expression
-
Expression handling code to support the use of Spring-EL based expressions in
@PreAuthorize
,@PreFilter
,@PostAuthorize
and@PostFilter
annotations. - org.springframework.security.access.expression.method - package org.springframework.security.access.expression.method
-
Implementation of expression-based method security.
- org.springframework.security.access.hierarchicalroles - package org.springframework.security.access.hierarchicalroles
-
Role hierarchy implementation.
- org.springframework.security.access.intercept - package org.springframework.security.access.intercept
-
Abstract level security interception classes which are responsible for enforcing the configured security constraints for a secure object.
- org.springframework.security.access.intercept.aopalliance - package org.springframework.security.access.intercept.aopalliance
-
Enforces security for AOP Alliance
MethodInvocation
s, such as via Spring AOP. - org.springframework.security.access.intercept.aspectj - package org.springframework.security.access.intercept.aspectj
-
Enforces security for AspectJ
JointPoint
s, delegating secure object callbacks to the calling aspect. - org.springframework.security.access.method - package org.springframework.security.access.method
-
Provides
SecurityMetadataSource
implementations for securing Java method invocations via different AOP libraries. - org.springframework.security.access.prepost - package org.springframework.security.access.prepost
-
Contains the infrastructure classes for handling the
@PreAuthorize
,@PreFilter
,@PostAuthorize
and@PostFilter
annotations. - org.springframework.security.access.vote - package org.springframework.security.access.vote
-
Implements a vote-based approach to authorization decisions.
- org.springframework.security.authentication - package org.springframework.security.authentication
-
Core classes and interfaces related to user authentication, which are used throughout Spring Security.
- org.springframework.security.authentication.dao - package org.springframework.security.authentication.dao
-
An
AuthenticationProvider
which relies upon a data access object. - org.springframework.security.authentication.event - package org.springframework.security.authentication.event
-
Authentication success and failure events which can be published to the Spring application context.
- org.springframework.security.authentication.jaas - package org.springframework.security.authentication.jaas
-
An authentication provider for JAAS.
- org.springframework.security.authentication.jaas.event - package org.springframework.security.authentication.jaas.event
-
JAAS authentication events which can be published to the Spring application context by the JAAS authentication provider.
- org.springframework.security.authentication.jaas.memory - package org.springframework.security.authentication.jaas.memory
-
An in memory JAAS implementation.
- org.springframework.security.authorization - package org.springframework.security.authorization
- org.springframework.security.authorization.event - package org.springframework.security.authorization.event
- org.springframework.security.authorization.method - package org.springframework.security.authorization.method
- org.springframework.security.concurrent - package org.springframework.security.concurrent
- org.springframework.security.context - package org.springframework.security.context
- org.springframework.security.converter - package org.springframework.security.converter
- org.springframework.security.core - package org.springframework.security.core
-
Core classes and interfaces related to user authentication and authorization, as well as the maintenance of a security context.
- org.springframework.security.core.annotation - package org.springframework.security.core.annotation
- org.springframework.security.core.authority - package org.springframework.security.core.authority
-
The default implementation of the
GrantedAuthority
interface. - org.springframework.security.core.authority.mapping - package org.springframework.security.core.authority.mapping
-
Strategies for mapping a list of attributes (such as roles or LDAP groups) to a list of
GrantedAuthority
s. - org.springframework.security.core.context - package org.springframework.security.core.context
-
Classes related to the establishment of a security context for the duration of a request (such as an HTTP or RMI invocation).
- org.springframework.security.core.parameters - package org.springframework.security.core.parameters
- org.springframework.security.core.session - package org.springframework.security.core.session
-
Session abstraction which is provided by the
org.springframework.security.core.session.SessionInformation SessionInformation
class. - org.springframework.security.core.token - package org.springframework.security.core.token
-
A service for building secure random tokens.
- org.springframework.security.core.userdetails - package org.springframework.security.core.userdetails
-
The standard interfaces for implementing user data DAOs.
- org.springframework.security.core.userdetails.cache - package org.springframework.security.core.userdetails.cache
-
Implementations of
UserCache
. - org.springframework.security.core.userdetails.jdbc - package org.springframework.security.core.userdetails.jdbc
-
Exposes a JDBC-based authentication repository, implementing
org.springframework.security.core.userdetails.UserDetailsService UserDetailsService
. - org.springframework.security.core.userdetails.memory - package org.springframework.security.core.userdetails.memory
-
Exposes an in-memory authentication repository.
- org.springframework.security.jackson2 - package org.springframework.security.jackson2
-
Mix-in classes to add Jackson serialization support.
- org.springframework.security.provisioning - package org.springframework.security.provisioning
-
Contains simple user and authority group account provisioning interfaces together with a a JDBC-based implementation.
- org.springframework.security.scheduling - package org.springframework.security.scheduling
- org.springframework.security.task - package org.springframework.security.task
- org.springframework.security.util - package org.springframework.security.util
-
General utility classes used throughout the Spring Security framework.
P
- P - Annotation Interface in org.springframework.security.access.method
-
Deprecated.use @{code org.springframework.security.core.parameters.P}
- P - Annotation Interface in org.springframework.security.core.parameters
-
An annotation that can be used along with
AnnotationParameterNameDiscoverer
to specify parameter names. - password(String) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
-
Populates the password.
- passwordEncoder(Function<String, String>) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
-
Encodes the current password (if non-null) and any future passwords supplied to
User.UserBuilder.password(String)
. - PermissionCacheOptimizer - Interface in org.springframework.security.access
-
Allows permissions to be pre-cached when using pre or post filtering with expressions
- PermissionEvaluator - Interface in org.springframework.security.access
-
Strategy used in expression evaluation to determine whether a user has a permission or permissions for a given domain object.
- PERMIT_ALL_ATTRIBUTE - Static variable in class org.springframework.security.access.annotation.Jsr250SecurityConfig
-
Deprecated.
- permitAll - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
-
Allows "permitAll" expression
- permitAll() - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
-
Always grants access.
- permitAll() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
- pkcs8() - Static method in class org.springframework.security.converter.RsaKeyConverters
-
Construct a
Converter
for converting a PEM-encoded PKCS#8 RSA Private Key into aRSAPrivateKey
. - POST_AUTHORIZE - Enum constant in enum class org.springframework.security.authorization.method.AuthorizationInterceptorsOrder
- POST_FILTER - Enum constant in enum class org.springframework.security.authorization.method.AuthorizationInterceptorsOrder
- postAuthorize() - Static method in class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor
-
Creates an interceptor for the
PostAuthorize
annotation - postAuthorize() - Static method in class org.springframework.security.authorization.method.AuthorizationManagerAfterReactiveMethodInterceptor
-
Creates an instance for the
PostAuthorize
annotation. - postAuthorize(AuthorizationManager<MethodInvocationResult>) - Static method in class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor
-
Creates an interceptor for the
PostAuthorize
annotation - postAuthorize(PostAuthorizeAuthorizationManager) - Static method in class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor
-
Creates an interceptor for the
PostAuthorize
annotation - postAuthorize(ReactiveAuthorizationManager<MethodInvocationResult>) - Static method in class org.springframework.security.authorization.method.AuthorizationManagerAfterReactiveMethodInterceptor
-
Creates an instance for the
PostAuthorize
annotation. - PostAuthorize - Annotation Interface in org.springframework.security.access.prepost
-
Annotation for specifying a method access-control expression which will be evaluated after a method has been invoked.
- PostAuthorizeAuthorizationManager - Class in org.springframework.security.authorization.method
-
An
AuthorizationManager
which can determine if anAuthentication
may return the result from an invokedMethodInvocation
by evaluating an expression from thePostAuthorize
annotation. - PostAuthorizeAuthorizationManager() - Constructor for class org.springframework.security.authorization.method.PostAuthorizeAuthorizationManager
- PostAuthorizeReactiveAuthorizationManager - Class in org.springframework.security.authorization.method
-
A
ReactiveAuthorizationManager
which can determine if anAuthentication
has access to the returned object from theMethodInvocation
by evaluating an expression from thePostAuthorize
annotation. - PostAuthorizeReactiveAuthorizationManager() - Constructor for class org.springframework.security.authorization.method.PostAuthorizeReactiveAuthorizationManager
- PostAuthorizeReactiveAuthorizationManager(MethodSecurityExpressionHandler) - Constructor for class org.springframework.security.authorization.method.PostAuthorizeReactiveAuthorizationManager
- PostFilter - Annotation Interface in org.springframework.security.access.prepost
-
Annotation for specifying a method filtering expression which will be evaluated after a method has been invoked.
- PostFilterAuthorizationMethodInterceptor - Class in org.springframework.security.authorization.method
-
A
MethodInterceptor
which filters areturnedObject
from theMethodInvocation
by evaluating an expression from thePostFilter
annotation. - PostFilterAuthorizationMethodInterceptor() - Constructor for class org.springframework.security.authorization.method.PostFilterAuthorizationMethodInterceptor
-
Creates a
PostFilterAuthorizationMethodInterceptor
using the provided parameters - PostFilterAuthorizationReactiveMethodInterceptor - Class in org.springframework.security.authorization.method
-
A
MethodInterceptor
which filters the returned object from theMethodInvocation
by evaluating an expression from thePostFilter
annotation. - PostFilterAuthorizationReactiveMethodInterceptor() - Constructor for class org.springframework.security.authorization.method.PostFilterAuthorizationReactiveMethodInterceptor
-
Creates an instance.
- PostFilterAuthorizationReactiveMethodInterceptor(MethodSecurityExpressionHandler) - Constructor for class org.springframework.security.authorization.method.PostFilterAuthorizationReactiveMethodInterceptor
-
Creates an instance.
- PostInvocationAdviceProvider - Class in org.springframework.security.access.prepost
-
Deprecated.Use
AuthorizationManagerAfterMethodInterceptor
instead - PostInvocationAdviceProvider(PostInvocationAuthorizationAdvice) - Constructor for class org.springframework.security.access.prepost.PostInvocationAdviceProvider
-
Deprecated.
- PostInvocationAttribute - Interface in org.springframework.security.access.prepost
-
Deprecated.Use
AuthorizationManagerAfterMethodInterceptor
instead - PostInvocationAuthorizationAdvice - Interface in org.springframework.security.access.prepost
-
Deprecated.Use
AuthorizationManagerAfterMethodInterceptor
instead - PRE_AUTHORIZE - Enum constant in enum class org.springframework.security.authorization.method.AuthorizationInterceptorsOrder
- PRE_FILTER - Enum constant in enum class org.springframework.security.authorization.method.AuthorizationInterceptorsOrder
- preAuthorize() - Static method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
-
Creates an interceptor for the
PreAuthorize
annotation - preAuthorize() - Static method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeReactiveMethodInterceptor
-
Creates an instance for the
PreAuthorize
annotation. - preAuthorize(AuthorizationManager<MethodInvocation>) - Static method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
-
Creates an interceptor for the
PreAuthorize
annotation - preAuthorize(PreAuthorizeAuthorizationManager) - Static method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
-
Creates an interceptor for the
PreAuthorize
annotation - preAuthorize(ReactiveAuthorizationManager<MethodInvocation>) - Static method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeReactiveMethodInterceptor
-
Creates an instance for the
PreAuthorize
annotation. - PreAuthorize - Annotation Interface in org.springframework.security.access.prepost
-
Annotation for specifying a method access-control expression which will be evaluated to decide whether a method invocation is allowed or not.
- PreAuthorizeAuthorizationManager - Class in org.springframework.security.authorization.method
-
An
AuthorizationManager
which can determine if anAuthentication
may invoke theMethodInvocation
by evaluating an expression from thePreAuthorize
annotation. - PreAuthorizeAuthorizationManager() - Constructor for class org.springframework.security.authorization.method.PreAuthorizeAuthorizationManager
- PreAuthorizeReactiveAuthorizationManager - Class in org.springframework.security.authorization.method
-
A
ReactiveAuthorizationManager
which can determine if anAuthentication
has access to theMethodInvocation
by evaluating an expression from thePreAuthorize
annotation. - PreAuthorizeReactiveAuthorizationManager() - Constructor for class org.springframework.security.authorization.method.PreAuthorizeReactiveAuthorizationManager
- PreAuthorizeReactiveAuthorizationManager(MethodSecurityExpressionHandler) - Constructor for class org.springframework.security.authorization.method.PreAuthorizeReactiveAuthorizationManager
- prefersShortLivedTasks() - Method in class org.springframework.security.scheduling.DelegatingSecurityContextSchedulingTaskExecutor
- PreFilter - Annotation Interface in org.springframework.security.access.prepost
-
Annotation for specifying a method filtering expression which will be evaluated before a method has been invoked.
- PreFilterAuthorizationMethodInterceptor - Class in org.springframework.security.authorization.method
-
A
MethodInterceptor
which filters a method argument by evaluating an expression from thePreFilter
annotation. - PreFilterAuthorizationMethodInterceptor() - Constructor for class org.springframework.security.authorization.method.PreFilterAuthorizationMethodInterceptor
-
Creates a
PreFilterAuthorizationMethodInterceptor
using the provided parameters - PreFilterAuthorizationReactiveMethodInterceptor - Class in org.springframework.security.authorization.method
-
A
MethodInterceptor
which filters a reactive method argument by evaluating an expression from thePreFilter
annotation. - PreFilterAuthorizationReactiveMethodInterceptor() - Constructor for class org.springframework.security.authorization.method.PreFilterAuthorizationReactiveMethodInterceptor
- PreFilterAuthorizationReactiveMethodInterceptor(MethodSecurityExpressionHandler) - Constructor for class org.springframework.security.authorization.method.PreFilterAuthorizationReactiveMethodInterceptor
-
Creates an instance.
- PreInvocationAttribute - Interface in org.springframework.security.access.prepost
-
Deprecated.Use
AuthorizationManagerBeforeMethodInterceptor
instead - PreInvocationAuthorizationAdvice - Interface in org.springframework.security.access.prepost
-
Deprecated.Use
AuthorizationManagerBeforeMethodInterceptor
instead - PreInvocationAuthorizationAdviceVoter - Class in org.springframework.security.access.prepost
-
Deprecated.Use
AuthorizationManagerBeforeMethodInterceptor
instead - PreInvocationAuthorizationAdviceVoter(PreInvocationAuthorizationAdvice) - Constructor for class org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter
-
Deprecated.
- PrePostAdviceReactiveMethodInterceptor - Class in org.springframework.security.access.prepost
- PrePostAdviceReactiveMethodInterceptor(MethodSecurityMetadataSource, PreInvocationAuthorizationAdvice, PostInvocationAuthorizationAdvice) - Constructor for class org.springframework.security.access.prepost.PrePostAdviceReactiveMethodInterceptor
-
Deprecated.Creates a new instance
- PrePostAnnotationSecurityMetadataSource - Class in org.springframework.security.access.prepost
-
Deprecated.Use
PreAuthorizeAuthorizationManager
andPostAuthorizeAuthorizationManager
instead - PrePostAnnotationSecurityMetadataSource(PrePostInvocationAttributeFactory) - Constructor for class org.springframework.security.access.prepost.PrePostAnnotationSecurityMetadataSource
-
Deprecated.
- PrePostInvocationAttributeFactory - Interface in org.springframework.security.access.prepost
-
Deprecated.Use delegation with
AuthorizationManager
- proceed() - Method in class org.springframework.security.access.intercept.aspectj.MethodInvocationAdapter
-
Deprecated.
- proceed() - Method in class org.springframework.security.util.SimpleMethodInvocation
- proceedWithObject() - Method in interface org.springframework.security.access.intercept.aspectj.AspectJCallback
-
Deprecated.
- ProviderManager - Class in org.springframework.security.authentication
-
Iterates an
Authentication
request through a list ofAuthenticationProvider
s. - ProviderManager(List<AuthenticationProvider>) - Constructor for class org.springframework.security.authentication.ProviderManager
-
Construct a
ProviderManager
using the givenAuthenticationProvider
s - ProviderManager(List<AuthenticationProvider>, AuthenticationManager) - Constructor for class org.springframework.security.authentication.ProviderManager
-
Construct a
ProviderManager
using the provided parameters - ProviderManager(AuthenticationProvider...) - Constructor for class org.springframework.security.authentication.ProviderManager
-
Construct a
ProviderManager
using the givenAuthenticationProvider
s - ProviderNotFoundException - Exception in org.springframework.security.authentication
-
Thrown by
ProviderManager
if noAuthenticationProvider
could be found that supports the presentedAuthentication
object. - ProviderNotFoundException(String) - Constructor for exception org.springframework.security.authentication.ProviderNotFoundException
-
Constructs a
ProviderNotFoundException
with the specified message. - PublicInvocationEvent - Class in org.springframework.security.access.event
-
Deprecated.Only used by now-deprecated classes. Consider
EventObject.getSource()
to deduce public invocations. - PublicInvocationEvent(Object) - Constructor for class org.springframework.security.access.event.PublicInvocationEvent
-
Deprecated.Construct the event, passing in the public secure object.
- publishAuthenticationFailure(AuthenticationException, Authentication) - Method in interface org.springframework.security.authentication.AuthenticationEventPublisher
- publishAuthenticationFailure(AuthenticationException, Authentication) - Method in class org.springframework.security.authentication.DefaultAuthenticationEventPublisher
- publishAuthenticationSuccess(Authentication) - Method in interface org.springframework.security.authentication.AuthenticationEventPublisher
- publishAuthenticationSuccess(Authentication) - Method in class org.springframework.security.authentication.DefaultAuthenticationEventPublisher
- publishAuthorizationEvent(Supplier<Authentication>, T, AuthorizationDecision) - Method in interface org.springframework.security.authorization.AuthorizationEventPublisher
-
Publish the given details in the form of an event, typically
AuthorizationGrantedEvent
orAuthorizationDeniedEvent
. - publishAuthorizationEvent(Supplier<Authentication>, T, AuthorizationDecision) - Method in class org.springframework.security.authorization.SpringAuthorizationEventPublisher
-
Publish the given details in the form of an event, typically
AuthorizationGrantedEvent
orAuthorizationDeniedEvent
. - publishFailureEvent(UsernamePasswordAuthenticationToken, AuthenticationException) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
-
Publishes the
JaasAuthenticationFailedEvent
. - publishFailureEvent(UsernamePasswordAuthenticationToken, AuthenticationException) - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
-
Publishes the
JaasAuthenticationFailedEvent
. - publishSuccessEvent(UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
-
Publishes the
JaasAuthenticationSuccessEvent
. - putUserInCache(UserDetails) - Method in class org.springframework.security.core.userdetails.cache.NullUserCache
- putUserInCache(UserDetails) - Method in class org.springframework.security.core.userdetails.cache.SpringCacheBasedUserCache
- putUserInCache(UserDetails) - Method in interface org.springframework.security.core.userdetails.UserCache
-
Places a
UserDetails
in the cache.
R
- ReactiveAuthenticationManager - Interface in org.springframework.security.authentication
-
Determines if the provided
Authentication
can be authenticated. - ReactiveAuthenticationManagerAdapter - Class in org.springframework.security.authentication
-
Adapts an AuthenticationManager to the reactive APIs.
- ReactiveAuthenticationManagerAdapter(AuthenticationManager) - Constructor for class org.springframework.security.authentication.ReactiveAuthenticationManagerAdapter
- ReactiveAuthenticationManagerResolver<C> - Interface in org.springframework.security.authentication
-
An interface for resolving a
ReactiveAuthenticationManager
based on the provided context - ReactiveAuthorizationManager<T> - Interface in org.springframework.security.authorization
-
A reactive authorization manager which can determine if an
Authentication
has access to a specific object. - ReactiveSecurityContextHolder - Class in org.springframework.security.core.context
-
Allows getting and setting the Spring
SecurityContext
into aContext
. - ReactiveUserDetailsPasswordService - Interface in org.springframework.security.core.userdetails
-
An API for changing a
UserDetails
password. - ReactiveUserDetailsService - Interface in org.springframework.security.core.userdetails
-
An API for finding the
UserDetails
by username. - read - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
- refresh() - Method in class org.springframework.security.authentication.jaas.memory.InMemoryConfiguration
-
Does nothing, but required for JDK5
- refreshLastRequest() - Method in class org.springframework.security.core.session.SessionInformation
-
Refreshes the internal lastRequest to the current date and time.
- refreshLastRequest(String) - Method in interface org.springframework.security.core.session.SessionRegistry
-
Updates the given
sessionId
so its last request time is equal to the present date and time. - refreshLastRequest(String) - Method in class org.springframework.security.core.session.SessionRegistryImpl
- registerNewSession(String, Object) - Method in interface org.springframework.security.core.session.SessionRegistry
-
Registers a new session for the specified principal.
- registerNewSession(String, Object) - Method in class org.springframework.security.core.session.SessionRegistryImpl
- rememberMe() - Static method in class org.springframework.security.authorization.AuthenticatedAuthorizationManager
-
Creates an instance of
AuthenticatedAuthorizationManager
that determines if theAuthentication
is authenticated using remember me. - RememberMeAuthenticationProvider - Class in org.springframework.security.authentication
-
An
AuthenticationProvider
implementation that validatesRememberMeAuthenticationToken
s. - RememberMeAuthenticationProvider(String) - Constructor for class org.springframework.security.authentication.RememberMeAuthenticationProvider
- RememberMeAuthenticationToken - Class in org.springframework.security.authentication
-
Represents a remembered
Authentication
. - RememberMeAuthenticationToken(String, Object, Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.authentication.RememberMeAuthenticationToken
-
Constructor.
- removeGroupAuthority(String, GrantedAuthority) - Method in interface org.springframework.security.provisioning.GroupManager
-
Deletes an authority from those assigned to a group
- removeGroupAuthority(String, GrantedAuthority) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- removeSessionInformation(String) - Method in interface org.springframework.security.core.session.SessionRegistry
-
Deletes all the session information being maintained for the specified
sessionId
. - removeSessionInformation(String) - Method in class org.springframework.security.core.session.SessionRegistryImpl
- removeUserFromCache(String) - Method in class org.springframework.security.core.userdetails.cache.NullUserCache
- removeUserFromCache(String) - Method in class org.springframework.security.core.userdetails.cache.SpringCacheBasedUserCache
- removeUserFromCache(String) - Method in interface org.springframework.security.core.userdetails.UserCache
-
Removes the specified user from the cache.
- removeUserFromCache(UserDetails) - Method in class org.springframework.security.core.userdetails.cache.SpringCacheBasedUserCache
- removeUserFromGroup(String, String) - Method in interface org.springframework.security.provisioning.GroupManager
-
Deletes a user's membership of a group.
- removeUserFromGroup(String, String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- renameGroup(String, String) - Method in interface org.springframework.security.provisioning.GroupManager
-
Changes the name of a group without altering the assigned authorities or members.
- renameGroup(String, String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- resolve(C) - Method in interface org.springframework.security.authentication.AuthenticationManagerResolver
-
Resolve an
AuthenticationManager
from a provided context - resolve(C) - Method in interface org.springframework.security.authentication.ReactiveAuthenticationManagerResolver
- resolveException(LoginException) - Method in class org.springframework.security.authentication.jaas.DefaultLoginExceptionResolver
- resolveException(LoginException) - Method in interface org.springframework.security.authentication.jaas.LoginExceptionResolver
-
Translates a Jaas LoginException to an SpringSecurityException.
- retrieveUser(String) - Method in class org.springframework.security.authentication.AbstractUserDetailsReactiveAuthenticationManager
-
Allows subclasses to retrieve the
UserDetails
from an implementation-specific location. - retrieveUser(String) - Method in class org.springframework.security.authentication.UserDetailsRepositoryReactiveAuthenticationManager
- retrieveUser(String, UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
-
Allows subclasses to actually retrieve the
UserDetails
from an implementation-specific location, with the option of throwing anAuthenticationException
immediately if the presented credentials are incorrect (this is especially useful if it is necessary to bind to a resource as the user in order to obtain or generate aUserDetails
). - retrieveUser(String, UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
- RoleHierarchy - Interface in org.springframework.security.access.hierarchicalroles
-
The simple interface of a role hierarchy.
- RoleHierarchyAuthoritiesMapper - Class in org.springframework.security.access.hierarchicalroles
- RoleHierarchyAuthoritiesMapper(RoleHierarchy) - Constructor for class org.springframework.security.access.hierarchicalroles.RoleHierarchyAuthoritiesMapper
- roleHierarchyFromMap(Map<String, List<String>>) - Static method in class org.springframework.security.access.hierarchicalroles.RoleHierarchyUtils
-
Converts the supplied
Map
of role name to implied role name(s) to a string representation understood byRoleHierarchyImpl.setHierarchy(String)
. - RoleHierarchyImpl - Class in org.springframework.security.access.hierarchicalroles
-
This class defines a role hierarchy for use with various access checking components.
- RoleHierarchyImpl() - Constructor for class org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl
- RoleHierarchyUtils - Class in org.springframework.security.access.hierarchicalroles
-
Utility methods for
RoleHierarchy
. - RoleHierarchyVoter - Class in org.springframework.security.access.vote
- RoleHierarchyVoter(RoleHierarchy) - Constructor for class org.springframework.security.access.vote.RoleHierarchyVoter
-
Deprecated.
- roles(String...) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
-
Populates the roles.
- RoleVoter - Class in org.springframework.security.access.vote
-
Deprecated.Use
AuthorityAuthorizationManager
instead - RoleVoter() - Constructor for class org.springframework.security.access.vote.RoleVoter
-
Deprecated.
- RsaKeyConverters - Class in org.springframework.security.converter
-
Used for creating
Key
converter instances - run() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextRunnable
- RunAsImplAuthenticationProvider - Class in org.springframework.security.access.intercept
-
Deprecated.Authentication is now separated from authorization in Spring Security. This class is only used by now-deprecated components. There is not yet an equivalent replacement in Spring Security.
- RunAsImplAuthenticationProvider() - Constructor for class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider
-
Deprecated.
- RunAsManager - Interface in org.springframework.security.access.intercept
-
Deprecated.Authentication is now separated from authorization in Spring Security. This class is only used by now-deprecated components. There is not yet an equivalent replacement in Spring Security.
- RunAsManagerImpl - Class in org.springframework.security.access.intercept
-
Deprecated.Authentication is now separated from authorization in Spring Security. This class is only used by now-deprecated components. There is not yet an equivalent replacement in Spring Security.
- RunAsManagerImpl() - Constructor for class org.springframework.security.access.intercept.RunAsManagerImpl
-
Deprecated.
- RunAsUserToken - Class in org.springframework.security.access.intercept
-
Deprecated.Authentication is now separated from authorization in Spring Security. This class is only used by now-deprecated components. There is not yet an equivalent replacement in Spring Security.
- RunAsUserToken(String, Object, Object, Collection<? extends GrantedAuthority>, Class<? extends Authentication>) - Constructor for class org.springframework.security.access.intercept.RunAsUserToken
-
Deprecated.
S
- schedule(Runnable, long, TimeUnit) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextScheduledExecutorService
- schedule(Runnable, Instant) - Method in class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
- schedule(Runnable, Date) - Method in class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
- schedule(Runnable, Trigger) - Method in class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
- schedule(Callable<V>, long, TimeUnit) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextScheduledExecutorService
- scheduleAtFixedRate(Runnable, long) - Method in class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
- scheduleAtFixedRate(Runnable, long, long, TimeUnit) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextScheduledExecutorService
- scheduleAtFixedRate(Runnable, Duration) - Method in class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
- scheduleAtFixedRate(Runnable, Instant, Duration) - Method in class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
- scheduleAtFixedRate(Runnable, Date, long) - Method in class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
- scheduleWithFixedDelay(Runnable, long) - Method in class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
- scheduleWithFixedDelay(Runnable, long, long, TimeUnit) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextScheduledExecutorService
- scheduleWithFixedDelay(Runnable, Duration) - Method in class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
- scheduleWithFixedDelay(Runnable, Instant, Duration) - Method in class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
- scheduleWithFixedDelay(Runnable, Date, long) - Method in class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
- secured() - Static method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
-
Creates an interceptor for the
Secured
annotation - secured(AuthorizationManager<MethodInvocation>) - Static method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
-
Creates an interceptor for the
Secured
annotation - secured(SecuredAuthorizationManager) - Static method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
-
Creates an interceptor for the
Secured
annotation - Secured - Annotation Interface in org.springframework.security.access.annotation
-
Java 5 annotation for describing service layer security attributes.
- SECURED - Enum constant in enum class org.springframework.security.authorization.method.AuthorizationInterceptorsOrder
- SecuredAnnotationSecurityMetadataSource - Class in org.springframework.security.access.annotation
-
Deprecated.
- SecuredAnnotationSecurityMetadataSource() - Constructor for class org.springframework.security.access.annotation.SecuredAnnotationSecurityMetadataSource
-
Deprecated.
- SecuredAnnotationSecurityMetadataSource(AnnotationMetadataExtractor) - Constructor for class org.springframework.security.access.annotation.SecuredAnnotationSecurityMetadataSource
-
Deprecated.
- SecuredAuthorizationManager - Class in org.springframework.security.authorization.method
-
An
AuthorizationManager
which can determine if anAuthentication
may invoke theMethodInvocation
by evaluating if theAuthentication
contains a specified authority from the Spring Security'sSecured
annotation. - SecuredAuthorizationManager() - Constructor for class org.springframework.security.authorization.method.SecuredAuthorizationManager
- SecureRandomFactoryBean - Class in org.springframework.security.core.token
-
Creates a
SecureRandom
instance. - SecureRandomFactoryBean() - Constructor for class org.springframework.security.core.token.SecureRandomFactoryBean
- SecurityConfig - Class in org.springframework.security.access
-
Stores a
ConfigAttribute
as aString
. - SecurityConfig(String) - Constructor for class org.springframework.security.access.SecurityConfig
- SecurityContext - Interface in org.springframework.security.core.context
-
Interface defining the minimum security information associated with the current thread of execution.
- securityContextChanged(SecurityContextChangedEvent) - Method in class org.springframework.security.core.context.ObservationSecurityContextChangedListener
- securityContextChanged(SecurityContextChangedEvent) - Method in interface org.springframework.security.core.context.SecurityContextChangedListener
- SecurityContextChangedEvent - Class in org.springframework.security.core.context
-
An event that represents a change in
SecurityContext
- SecurityContextChangedEvent(Supplier<SecurityContext>, Supplier<SecurityContext>) - Constructor for class org.springframework.security.core.context.SecurityContextChangedEvent
-
Construct an event
- SecurityContextChangedEvent(SecurityContext, SecurityContext) - Constructor for class org.springframework.security.core.context.SecurityContextChangedEvent
-
Construct an event
- SecurityContextChangedListener - Interface in org.springframework.security.core.context
-
A listener for
SecurityContextChangedEvent
s - SecurityContextHolder - Class in org.springframework.security.core.context
-
Associates a given
SecurityContext
with the current execution thread. - SecurityContextHolder() - Constructor for class org.springframework.security.core.context.SecurityContextHolder
- SecurityContextHolderStrategy - Interface in org.springframework.security.core.context
-
A strategy for storing security context information against a thread.
- SecurityContextImpl - Class in org.springframework.security.core.context
-
Base implementation of
SecurityContext
. - SecurityContextImpl() - Constructor for class org.springframework.security.core.context.SecurityContextImpl
- SecurityContextImpl(Authentication) - Constructor for class org.springframework.security.core.context.SecurityContextImpl
- SecurityContextLoginModule - Class in org.springframework.security.authentication.jaas
-
An implementation of
LoginModule
that uses a Spring SecuritySecurityContext
to provide authentication. - SecurityContextLoginModule() - Constructor for class org.springframework.security.authentication.jaas.SecurityContextLoginModule
- SecurityExpressionHandler<T> - Interface in org.springframework.security.access.expression
-
Facade which isolates Spring Security's requirements for evaluating security expressions from the implementation of the underlying expression objects
- SecurityExpressionOperations - Interface in org.springframework.security.access.expression
-
Standard interface for expression root objects used with expression-based security.
- SecurityExpressionRoot - Class in org.springframework.security.access.expression
-
Base root object for use in Spring Security expression evaluations.
- SecurityExpressionRoot(Supplier<Authentication>) - Constructor for class org.springframework.security.access.expression.SecurityExpressionRoot
-
Creates a new instance that uses lazy initialization of the
Authentication
object. - SecurityExpressionRoot(Authentication) - Constructor for class org.springframework.security.access.expression.SecurityExpressionRoot
-
Creates a new instance
- SecurityJackson2Modules - Class in org.springframework.security.jackson2
-
This utility class will find all the SecurityModules in classpath.
- SecurityMetadataSource - Interface in org.springframework.security.access
-
Implemented by classes that store and can identify the
ConfigAttribute
s that applies to a given secure object invocation. - SERIAL_VERSION_UID - Static variable in class org.springframework.security.core.SpringSecurityCoreVersion
-
Global Serialization value for Spring Security classes.
- SessionCreationEvent - Class in org.springframework.security.core.session
-
Generic session creation event which indicates that a session (potentially represented by a security context) has begun.
- SessionCreationEvent(Object) - Constructor for class org.springframework.security.core.session.SessionCreationEvent
- SessionDestroyedEvent - Class in org.springframework.security.core.session
-
Generic "session termination" event which indicates that a session (potentially represented by a security context) has ended.
- SessionDestroyedEvent(Object) - Constructor for class org.springframework.security.core.session.SessionDestroyedEvent
- SessionIdChangedEvent - Class in org.springframework.security.core.session
-
Generic "session ID changed" event which indicates that a session identifier (potentially represented by a security context) has changed.
- SessionIdChangedEvent(Object) - Constructor for class org.springframework.security.core.session.SessionIdChangedEvent
- SessionInformation - Class in org.springframework.security.core.session
-
Represents a record of a session within the Spring Security framework.
- SessionInformation(Object, String, Date) - Constructor for class org.springframework.security.core.session.SessionInformation
- SessionRegistry - Interface in org.springframework.security.core.session
-
Maintains a registry of
SessionInformation
instances. - SessionRegistryImpl - Class in org.springframework.security.core.session
-
Default implementation of
SessionRegistry
which listens forSessionDestroyedEvent
s published in the Spring application context. - SessionRegistryImpl() - Constructor for class org.springframework.security.core.session.SessionRegistryImpl
- SessionRegistryImpl(ConcurrentMap<Object, Set<String>>, Map<String, SessionInformation>) - Constructor for class org.springframework.security.core.session.SessionRegistryImpl
- setAccessDecisionManager(AccessDecisionManager) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
Deprecated.
- setAdditionalExceptionMappings(Map<Class<? extends AuthenticationException>, Class<? extends AbstractAuthenticationFailureEvent>>) - Method in class org.springframework.security.authentication.DefaultAuthenticationEventPublisher
-
Sets additional exception to event mappings.
- setAdditionalExceptionMappings(Properties) - Method in class org.springframework.security.authentication.DefaultAuthenticationEventPublisher
- setAddPrefixIfAlreadyExisting(boolean) - Method in class org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper
- setAfterInvocationManager(AfterInvocationManager) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
Deprecated.
- setAlgorithm(String) - Method in class org.springframework.security.core.token.SecureRandomFactoryBean
-
Allows the Pseudo Random Number Generator (PRNG) algorithm to be nominated.
- setAllowIfAllAbstainDecisions(boolean) - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager
-
Deprecated.
- setAllowIfEqualGrantedDeniedDecisions(boolean) - Method in class org.springframework.security.access.vote.ConsensusBased
-
Deprecated.
- setAlwaysReauthenticate(boolean) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
Deprecated.Indicates whether the
AbstractSecurityInterceptor
should ignore theAuthentication.isAuthenticated()
property. - setAnonymousClass(Class<? extends Authentication>) - Method in class org.springframework.security.authentication.AuthenticationTrustResolverImpl
- setApplicationContext(ApplicationContext) - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
- setApplicationEventPublisher(ApplicationEventPublisher) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
Deprecated.
- setApplicationEventPublisher(ApplicationEventPublisher) - Method in class org.springframework.security.authentication.DefaultAuthenticationEventPublisher
- setApplicationEventPublisher(ApplicationEventPublisher) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
- setAsText(String) - Method in class org.springframework.security.core.userdetails.memory.UserAttributeEditor
- setAttributePrefix(String) - Method in class org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper
- setAttributes2grantedAuthoritiesMap(Map<?, ?>) - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
- setAuthenticated(boolean) - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
- setAuthenticated(boolean) - Method in class org.springframework.security.authentication.UsernamePasswordAuthenticationToken
- setAuthenticated(boolean) - Method in interface org.springframework.security.core.Authentication
-
See
Authentication.isAuthenticated()
for a full description. - setAuthentication(Authentication) - Method in class org.springframework.security.authorization.AuthorizationObservationContext
-
Set the observed
Authentication
for this authorization - setAuthentication(Authentication) - Method in interface org.springframework.security.core.context.SecurityContext
-
Changes the currently authenticated principal, or removes the authentication information.
- setAuthentication(Authentication) - Method in class org.springframework.security.core.context.SecurityContextImpl
- setAuthenticationEventPublisher(AuthenticationEventPublisher) - Method in class org.springframework.security.authentication.ProviderManager
- setAuthenticationManager(AuthenticationManager) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
Deprecated.
- setAuthenticationManager(AuthenticationManager) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
- setAuthenticationManager(AuthenticationManager) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setAuthenticationManagerClass(Class<?>) - Method in class org.springframework.security.authentication.AuthenticationObservationContext
-
Set the
AuthenticationManager
class that processed the authentication - setAuthenticationRequest(Authentication) - Method in class org.springframework.security.authentication.AuthenticationObservationContext
-
Set the
Authentication
request that was observed - setAuthenticationResult(Authentication) - Method in class org.springframework.security.authentication.AuthenticationObservationContext
-
Set the
Authentication
result that was observed - setAuthenticationTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.access.vote.AuthenticatedVoter
-
Deprecated.
- setAuthorities(List<GrantedAuthority>) - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
-
Set all authorities for this user.
- setAuthoritiesAsString(List<String>) - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
-
Set all authorities for this user from String values.
- setAuthoritiesByUsernameQuery(String) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
-
Allows the default query string used to retrieve authorities based on username to be overridden, if default table or column names need to be changed.
- setAuthoritiesMapper(GrantedAuthoritiesMapper) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- setAuthorityGranters(AuthorityGranter[]) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
-
Set the AuthorityGranters that should be consulted for role names to be granted to the Authentication.
- setAuthorizationEventPublisher(AuthorizationEventPublisher) - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor
-
Use this
AuthorizationEventPublisher
to publish theAuthorizationManager
result. - setAuthorizationEventPublisher(AuthorizationEventPublisher) - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
-
Use this
AuthorizationEventPublisher
to publish theAuthorizationManager
result. - setBeanClassLoader(ClassLoader) - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
-
Deprecated.
- setBeanFactory(BeanFactory) - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityMetadataSourceAdvisor
-
Deprecated.
- setCallbackHandlers(JaasAuthenticationCallbackHandler[]) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
-
Set the JAASAuthentcationCallbackHandler array to handle callback objects generated by the LoginContext.login method.
- setChangePasswordSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setConfiguration(Configuration) - Method in class org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider
-
Sets the Configuration to use for Authentication.
- setContext(SecurityContext) - Method in class org.springframework.security.core.context.ListeningSecurityContextHolderStrategy
-
Sets the current context.
- setContext(SecurityContext) - Static method in class org.springframework.security.core.context.SecurityContextHolder
-
Associates a new
SecurityContext
with the current thread of execution. - setContext(SecurityContext) - Method in interface org.springframework.security.core.context.SecurityContextHolderStrategy
-
Sets the current context.
- setContextHolderStrategy(SecurityContextHolderStrategy) - Static method in class org.springframework.security.core.context.SecurityContextHolder
-
Use this
SecurityContextHolderStrategy
. - setConvertAttributeToLowerCase(boolean) - Method in class org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper
- setConvertAttributeToUpperCase(boolean) - Method in class org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper
- setConvertToLowerCase(boolean) - Method in class org.springframework.security.core.authority.mapping.SimpleAuthorityMapper
-
Whether to convert the authority value to lower case in the mapping.
- setConvertToUpperCase(boolean) - Method in class org.springframework.security.core.authority.mapping.SimpleAuthorityMapper
-
Whether to convert the authority value to upper case in the mapping.
- setCreateAuthoritySql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setCreateUserSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setDecision(AuthorizationDecision) - Method in class org.springframework.security.authorization.AuthorizationObservationContext
-
Set the observed
AuthorizationDecision
- setDefaultAuthenticationFailureEvent(Class<? extends AbstractAuthenticationFailureEvent>) - Method in class org.springframework.security.authentication.DefaultAuthenticationEventPublisher
-
Sets a default authentication failure event as a fallback event for any unmapped exceptions not mapped in the exception mappings.
- setDefaultAuthority(String) - Method in class org.springframework.security.core.authority.mapping.SimpleAuthorityMapper
-
Sets a default authority to be assigned to all users
- setDefaultRolePrefix(String) - Method in class org.springframework.security.access.annotation.Jsr250MethodSecurityMetadataSource
-
Deprecated.Sets the default prefix to be added to
RolesAllowed
. - setDefaultRolePrefix(String) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
-
Sets the default prefix to be added to
SecurityExpressionRoot.hasAnyRole(String...)
orSecurityExpressionRoot.hasRole(String)
. - setDefaultRolePrefix(String) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
-
Sets the default prefix to be added to
SecurityExpressionRoot.hasAnyRole(String...)
orSecurityExpressionRoot.hasRole(String)
. - setDeferredContext(Supplier<SecurityContext>) - Method in class org.springframework.security.core.context.ListeningSecurityContextHolderStrategy
-
Sets a
Supplier
that will return the current context. - setDeferredContext(Supplier<SecurityContext>) - Static method in class org.springframework.security.core.context.SecurityContextHolder
-
Sets a
Supplier
that will return the current context. - setDeferredContext(Supplier<SecurityContext>) - Method in interface org.springframework.security.core.context.SecurityContextHolderStrategy
-
Sets a
Supplier
that will return the current context. - setDeleteGroupAuthoritiesSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setDeleteGroupAuthoritySql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setDeleteGroupMemberSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setDeleteGroupMembersSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setDeleteGroupSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setDeleteUserAuthoritiesSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setDeleteUserSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setDetails(Object) - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
- setEnableAuthorities(boolean) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
-
Enables loading of authorities (roles) from the authorities table.
- setEnabled(boolean) - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
- setEnableGroups(boolean) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
-
Enables support for group authorities.
- setEraseCredentialsAfterAuthentication(boolean) - Method in class org.springframework.security.authentication.ProviderManager
-
If set to, a resulting
Authentication
which implements theCredentialsContainer
interface will have itseraseCredentials
method called before it is returned from theauthenticate()
method. - setExpressionHandler(MethodSecurityExpressionHandler) - Method in class org.springframework.security.access.expression.method.ExpressionBasedPreInvocationAdvice
-
Deprecated.
- setExpressionHandler(MethodSecurityExpressionHandler) - Method in class org.springframework.security.authorization.method.PostAuthorizeAuthorizationManager
-
Use this the
MethodSecurityExpressionHandler
. - setExpressionHandler(MethodSecurityExpressionHandler) - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationMethodInterceptor
-
Use this
MethodSecurityExpressionHandler
. - setExpressionHandler(MethodSecurityExpressionHandler) - Method in class org.springframework.security.authorization.method.PreAuthorizeAuthorizationManager
-
Sets the
MethodSecurityExpressionHandler
. - setExpressionHandler(MethodSecurityExpressionHandler) - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationMethodInterceptor
-
Use this
MethodSecurityExpressionHandler
- setExpressionHandler(SecurityExpressionHandler<MethodInvocation>) - Method in class org.springframework.security.authorization.method.MethodExpressionAuthorizationManager
-
Sets the
SecurityExpressionHandler
to be used. - setExpressionParser(ExpressionParser) - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
- setFilterObject(Object) - Method in interface org.springframework.security.access.expression.method.MethodSecurityExpressionOperations
- setFindAllGroupsSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setFindGroupIdSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setFindUsersInGroupSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setForcePrincipalAsString(boolean) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- setGroupAuthoritiesByUsernameQuery(String) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
-
Allows the default query string used to retrieve group authorities based on username to be overridden, if default table or column names need to be changed.
- setGroupAuthoritiesSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setHideUserNotFoundExceptions(boolean) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
-
By default the
AbstractUserDetailsAuthenticationProvider
throws aBadCredentialsException
if a username is not found or the password is incorrect. - setHierarchy(String) - Method in class org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl
-
Set the role hierarchy and pre-calculate for every role the set of all reachable roles, i.e.
- setInsertGroupAuthoritySql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setInsertGroupMemberSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setInsertGroupSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setKey(String) - Method in class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider
-
Deprecated.
- setKey(String) - Method in class org.springframework.security.access.intercept.RunAsManagerImpl
-
Deprecated.
- setLoginConfig(Resource) - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
-
Set the JAAS login configuration file.
- setLoginContextName(String) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
-
Set the loginContextName, this name is used as the index to the configuration specified in the loginConfig property.
- setLoginExceptionResolver(LoginExceptionResolver) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
- setLogInteractiveAuthenticationSuccessEvents(boolean) - Method in class org.springframework.security.authentication.event.LoggerListener
- setMappableAttributes(Set<String>) - Method in class org.springframework.security.core.authority.mapping.SimpleMappableAttributesRetriever
- setMessageSource(MessageSource) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
Deprecated.
- setMessageSource(MessageSource) - Method in class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider
-
Deprecated.
- setMessageSource(MessageSource) - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager
-
Deprecated.
- setMessageSource(MessageSource) - Method in class org.springframework.security.authentication.AbstractUserDetailsReactiveAuthenticationManager
- setMessageSource(MessageSource) - Method in class org.springframework.security.authentication.AccountStatusUserDetailsChecker
- setMessageSource(MessageSource) - Method in class org.springframework.security.authentication.AnonymousAuthenticationProvider
- setMessageSource(MessageSource) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- setMessageSource(MessageSource) - Method in class org.springframework.security.authentication.ProviderManager
- setMessageSource(MessageSource) - Method in class org.springframework.security.authentication.RememberMeAuthenticationProvider
- setMessageSource(MessageSource) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- setOrder(int) - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor
- setOrder(int) - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterReactiveMethodInterceptor
- setOrder(int) - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
- setOrder(int) - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeReactiveMethodInterceptor
- setOrder(int) - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationMethodInterceptor
- setOrder(int) - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationReactiveMethodInterceptor
- setOrder(int) - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationMethodInterceptor
- setOrder(int) - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationReactiveMethodInterceptor
- setParameterNameDiscoverer(ParameterNameDiscoverer) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
-
Sets the
ParameterNameDiscoverer
to use. - setParameterNameDiscoverer(ParameterNameDiscoverer) - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationReactiveMethodInterceptor
-
Sets the
ParameterNameDiscoverer
. - setPassword(String) - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
- setPasswordEncoder(PasswordEncoder) - Method in class org.springframework.security.authentication.AbstractUserDetailsReactiveAuthenticationManager
-
The
PasswordEncoder
that is used for validating the password. - setPasswordEncoder(PasswordEncoder) - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
-
Sets the PasswordEncoder instance to be used to encode and validate passwords.
- setPermissionCacheOptimizer(PermissionCacheOptimizer) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
- setPermissionEvaluator(PermissionEvaluator) - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
- setPermissionEvaluator(PermissionEvaluator) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
- setPostAuthenticationChecks(UserDetailsChecker) - Method in class org.springframework.security.authentication.AbstractUserDetailsReactiveAuthenticationManager
-
Sets the strategy which will be used to validate the loaded UserDetails object after authentication occurs.
- setPostAuthenticationChecks(UserDetailsChecker) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- setPreAuthenticationChecks(UserDetailsChecker) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
-
Sets the policy will be used to verify the status of the loaded UserDetails before validation of the credentials takes place.
- setPrefix(String) - Method in class org.springframework.security.core.authority.mapping.SimpleAuthorityMapper
-
Sets the prefix which should be added to the authority name (if it doesn't already exist)
- setProcessDomainObjectClass(Class<?>) - Method in class org.springframework.security.access.vote.AbstractAclVoter
-
Deprecated.
- setProtectedFieldValue(String, Object, Object) - Static method in class org.springframework.security.util.FieldUtils
- setProviders(List<?>) - Method in class org.springframework.security.access.intercept.AfterInvocationProviderManager
-
Deprecated.
- setPseudoRandomNumberBytes(int) - Method in class org.springframework.security.core.token.KeyBasedPersistenceTokenService
- setPublishAuthorizationSuccess(boolean) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
Deprecated.Only
AuthorizationFailureEvent
will be published. - setRefreshConfigurationOnStartup(boolean) - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
-
If set, a call to
Configuration#refresh()
will be made by#configureJaas(Resource)
method. - setRejectPublicInvocations(boolean) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
Deprecated.By rejecting public invocations (and setting this property to true), essentially you are ensuring that every secure object invocation advised by
AbstractSecurityInterceptor
has a configuration attribute defined. - setRememberMeClass(Class<? extends Authentication>) - Method in class org.springframework.security.authentication.AuthenticationTrustResolverImpl
- setRenameGroupSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setReturnObject(Object) - Method in interface org.springframework.security.access.expression.method.MethodSecurityExpressionOperations
- setReturnObject(Object, EvaluationContext) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
- setReturnObject(Object, EvaluationContext) - Method in interface org.springframework.security.access.expression.method.MethodSecurityExpressionHandler
-
Used to inform the expression system of the return object for the given evaluation context.
- setRoleHierarchy(RoleHierarchy) - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
- setRoleHierarchy(RoleHierarchy) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
- setRoleHierarchy(RoleHierarchy) - Method in class org.springframework.security.authorization.AuthorityAuthorizationManager
-
Sets the
RoleHierarchy
to be used. - setRolePrefix(String) - Method in class org.springframework.security.access.intercept.RunAsManagerImpl
-
Deprecated.Allows the default role prefix of
ROLE_
to be overridden. - setRolePrefix(String) - Method in class org.springframework.security.access.vote.RoleVoter
-
Deprecated.Allows the default role prefix of
ROLE_
to be overridden. - setRolePrefix(String) - Method in class org.springframework.security.authorization.method.Jsr250AuthorizationManager
-
Sets the role prefix.
- setRolePrefix(String) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
-
Allows a default role prefix to be specified.
- setRunAsManager(RunAsManager) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
Deprecated.
- setScheduler(Scheduler) - Method in class org.springframework.security.authentication.AbstractUserDetailsReactiveAuthenticationManager
-
Sets the
Scheduler
used by theUserDetailsRepositoryReactiveAuthenticationManager
. - setScheduler(Scheduler) - Method in class org.springframework.security.authentication.ReactiveAuthenticationManagerAdapter
-
Set a scheduler that will be published on to perform the authentication logic.
- setSecureRandom(SecureRandom) - Method in class org.springframework.security.core.token.KeyBasedPersistenceTokenService
- setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
Deprecated.Sets the
SecurityContextHolderStrategy
to use. - setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.authentication.jaas.SecurityContextLoginModule
-
Sets the
SecurityContextHolderStrategy
to use. - setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor
-
Sets the
SecurityContextHolderStrategy
to use. - setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
-
Sets the
SecurityContextHolderStrategy
to use. - setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationMethodInterceptor
-
Sets the
SecurityContextHolderStrategy
to use. - setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationMethodInterceptor
-
Sets the
SecurityContextHolderStrategy
to use. - setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextCallable
-
Sets the
SecurityContextHolderStrategy
to use. - setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutor
-
Sets the
SecurityContextHolderStrategy
to use. - setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextRunnable
-
Sets the
SecurityContextHolderStrategy
to use. - setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
-
Sets the
SecurityContextHolderStrategy
to use. - setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
-
Sets the
SecurityContextHolderStrategy
to use. - setSecurityInterceptor(AbstractSecurityInterceptor) - Method in class org.springframework.security.access.intercept.MethodInvocationPrivilegeEvaluator
-
Deprecated.
- setSecurityMetadataSource(MethodSecurityMetadataSource) - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor
-
Deprecated.
- setSeed(Resource) - Method in class org.springframework.security.core.token.SecureRandomFactoryBean
-
Allows the user to specify a resource which will act as a seed for the
SecureRandom
instance. - setServerInteger(Integer) - Method in class org.springframework.security.core.token.KeyBasedPersistenceTokenService
- setServerSecret(String) - Method in class org.springframework.security.core.token.KeyBasedPersistenceTokenService
- setStrategyName(String) - Static method in class org.springframework.security.core.context.SecurityContextHolder
-
Changes the preferred strategy.
- setStringSeparator(String) - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
- setTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
-
Sets the
AuthenticationTrustResolver
to be used. - setTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
- setTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.authorization.AuthenticatedAuthorizationManager
-
Sets the
AuthenticationTrustResolver
to be used. - setUpdateUserSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setupModule(Module.SetupContext) - Method in class org.springframework.security.jackson2.CoreJackson2Module
- setUserCache(UserCache) - Method in class org.springframework.security.authentication.CachingUserDetailsService
- setUserCache(UserCache) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- setUserCache(UserCache) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
-
Optionally sets the UserCache if one is in use in the application.
- setUserDetailsPasswordService(ReactiveUserDetailsPasswordService) - Method in class org.springframework.security.authentication.AbstractUserDetailsReactiveAuthenticationManager
-
Sets the service to use for upgrading passwords on successful authentication.
- setUserDetailsPasswordService(UserDetailsPasswordService) - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
- setUserDetailsService(UserDetailsService) - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
- setUserDetailsService(UserDetailsService) - Method in class org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper
-
Set the wrapped UserDetailsService implementation
- setUserExistsSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- setUsernameBasedPrimaryKey(boolean) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
-
If
true
(the default), indicates theJdbcDaoImpl.getUsersByUsernameQuery()
returns a username in response to a query. - setUsersByUsernameQuery(String) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
-
Allows the default query string used to retrieve users based on username to be overridden, if default table or column names need to be changed.
- setValidateConfigAttributes(boolean) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
-
Deprecated.
- sha(byte[]) - Static method in class org.springframework.security.core.token.Sha512DigestUtils
-
Calculates the SHA digest and returns the value as a
byte[]
. - sha(String) - Static method in class org.springframework.security.core.token.Sha512DigestUtils
-
Calculates the SHA digest and returns the value as a
byte[]
. - Sha512DigestUtils - Class in org.springframework.security.core.token
-
Provides SHA512 digest methods.
- Sha512DigestUtils() - Constructor for class org.springframework.security.core.token.Sha512DigestUtils
- shaHex(byte[]) - Static method in class org.springframework.security.core.token.Sha512DigestUtils
-
Calculates the SHA digest and returns the value as a hex string.
- shaHex(String) - Static method in class org.springframework.security.core.token.Sha512DigestUtils
-
Calculates the SHA digest and returns the value as a hex string.
- shutdown() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
- shutdownNow() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
- SimpleAttributes2GrantedAuthoritiesMapper - Class in org.springframework.security.core.authority.mapping
-
This class implements the Attributes2GrantedAuthoritiesMapper interface by doing a one-to-one mapping from roles to Spring Security GrantedAuthorities.
- SimpleAttributes2GrantedAuthoritiesMapper() - Constructor for class org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper
- SimpleAuthorityMapper - Class in org.springframework.security.core.authority.mapping
-
Simple one-to-one
GrantedAuthoritiesMapper
which allows for case conversion of the authority name and the addition of a string prefix (which defaults toROLE_
). - SimpleAuthorityMapper() - Constructor for class org.springframework.security.core.authority.mapping.SimpleAuthorityMapper
- SimpleGrantedAuthority - Class in org.springframework.security.core.authority
-
Basic concrete implementation of a
GrantedAuthority
. - SimpleGrantedAuthority(String) - Constructor for class org.springframework.security.core.authority.SimpleGrantedAuthority
- SimpleGrantedAuthorityMixin - Class in org.springframework.security.jackson2
-
Jackson Mixin class helps in serialize/deserialize
SimpleGrantedAuthority
. - SimpleGrantedAuthorityMixin(String) - Constructor for class org.springframework.security.jackson2.SimpleGrantedAuthorityMixin
-
Mixin Constructor.
- SimpleMappableAttributesRetriever - Class in org.springframework.security.core.authority.mapping
-
This class implements the MappableAttributesRetriever interface by just returning a list of mappable attributes as previously set using the corresponding setter method.
- SimpleMappableAttributesRetriever() - Constructor for class org.springframework.security.core.authority.mapping.SimpleMappableAttributesRetriever
- SimpleMethodInvocation - Class in org.springframework.security.util
-
Represents the AOP Alliance
MethodInvocation
. - SimpleMethodInvocation() - Constructor for class org.springframework.security.util.SimpleMethodInvocation
- SimpleMethodInvocation(Object, Method, Object...) - Constructor for class org.springframework.security.util.SimpleMethodInvocation
- SpringAuthorizationEventPublisher - Class in org.springframework.security.authorization
-
An implementation of
AuthorizationEventPublisher
that uses Spring's event publishing support. - SpringAuthorizationEventPublisher(ApplicationEventPublisher) - Constructor for class org.springframework.security.authorization.SpringAuthorizationEventPublisher
-
Construct this publisher using Spring's
ApplicationEventPublisher
- SpringCacheBasedUserCache - Class in org.springframework.security.core.userdetails.cache
-
Caches
UserDetails
instances in a Spring definedCache
. - SpringCacheBasedUserCache(Cache) - Constructor for class org.springframework.security.core.userdetails.cache.SpringCacheBasedUserCache
- SpringSecurityCoreVersion - Class in org.springframework.security.core
-
Internal class used for checking version compatibility in a deployed application.
- SpringSecurityMessageSource - Class in org.springframework.security.core
-
The default
MessageSource
used by Spring Security. - SpringSecurityMessageSource() - Constructor for class org.springframework.security.core.SpringSecurityMessageSource
- submit(Runnable) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
- submit(Runnable) - Method in class org.springframework.security.task.DelegatingSecurityContextAsyncTaskExecutor
- submit(Runnable, T) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
- submit(Callable<T>) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
- submit(Callable<T>) - Method in class org.springframework.security.task.DelegatingSecurityContextAsyncTaskExecutor
- supports(Class<?>) - Method in interface org.springframework.security.access.AccessDecisionManager
-
Deprecated.Indicates whether the
AccessDecisionManager
implementation is able to provide access control decisions for the indicated secured object type. - supports(Class<?>) - Method in interface org.springframework.security.access.AccessDecisionVoter
-
Deprecated.Indicates whether the
AccessDecisionVoter
implementation is able to provide access control votes for the indicated secured object type. - supports(Class<?>) - Method in interface org.springframework.security.access.AfterInvocationProvider
-
Deprecated.Indicates whether the
AfterInvocationProvider
is able to provide "after invocation" processing for the indicated secured object type. - supports(Class<?>) - Method in class org.springframework.security.access.annotation.Jsr250Voter
-
Deprecated.All classes are supported.
- supports(Class<?>) - Method in interface org.springframework.security.access.intercept.AfterInvocationManager
-
Deprecated.Indicates whether the
AfterInvocationManager
implementation is able to provide access control decisions for the indicated secured object type. - supports(Class<?>) - Method in class org.springframework.security.access.intercept.AfterInvocationProviderManager
-
Deprecated.Iterates through all
AfterInvocationProvider
s and ensures each can support the presented class. - supports(Class<?>) - Method in class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider
-
Deprecated.
- supports(Class<?>) - Method in interface org.springframework.security.access.intercept.RunAsManager
-
Deprecated.Indicates whether the
RunAsManager
implementation is able to provide run-as replacement for the indicated secure object type. - supports(Class<?>) - Method in class org.springframework.security.access.intercept.RunAsManagerImpl
-
Deprecated.This implementation supports any type of class, because it does not query the presented secure object.
- supports(Class<?>) - Method in class org.springframework.security.access.method.AbstractMethodSecurityMetadataSource
-
Deprecated.
- supports(Class<?>) - Method in class org.springframework.security.access.prepost.PostInvocationAdviceProvider
-
Deprecated.
- supports(Class<?>) - Method in class org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter
-
Deprecated.
- supports(Class<?>) - Method in interface org.springframework.security.access.SecurityMetadataSource
-
Indicates whether the
SecurityMetadataSource
implementation is able to provideConfigAttribute
s for the indicated secure object type. - supports(Class<?>) - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager
-
Deprecated.Iterates through all
AccessDecisionVoter
s and ensures each can support the presented class. - supports(Class<?>) - Method in class org.springframework.security.access.vote.AbstractAclVoter
-
Deprecated.This implementation supports only
MethodSecurityInterceptor
, because it queries the presentedMethodInvocation
. - supports(Class<?>) - Method in class org.springframework.security.access.vote.AuthenticatedVoter
-
Deprecated.This implementation supports any type of class, because it does not query the presented secure object.
- supports(Class<?>) - Method in class org.springframework.security.access.vote.RoleVoter
-
Deprecated.This implementation supports any type of class, because it does not query the presented secure object.
- supports(Class<?>) - Method in class org.springframework.security.authentication.AnonymousAuthenticationProvider
- supports(Class<?>) - Method in interface org.springframework.security.authentication.AuthenticationProvider
-
Returns
true
if thisAuthenticationProvider
supports the indicatedAuthentication
object. - supports(Class<?>) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
- supports(Class<?>) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
- supports(Class<?>) - Method in class org.springframework.security.authentication.RememberMeAuthenticationProvider
- supports(Class<?>) - Method in class org.springframework.security.authentication.TestingAuthenticationProvider
- supports(ConfigAttribute) - Method in interface org.springframework.security.access.AccessDecisionManager
-
Deprecated.Indicates whether this
AccessDecisionManager
is able to process authorization requests presented with the passedConfigAttribute
. - supports(ConfigAttribute) - Method in interface org.springframework.security.access.AccessDecisionVoter
-
Deprecated.Indicates whether this
AccessDecisionVoter
is able to vote on the passedConfigAttribute
. - supports(ConfigAttribute) - Method in interface org.springframework.security.access.AfterInvocationProvider
-
Deprecated.Indicates whether this
AfterInvocationProvider
is able to participate in a decision involving the passedConfigAttribute
. - supports(ConfigAttribute) - Method in class org.springframework.security.access.annotation.Jsr250Voter
-
Deprecated.The specified config attribute is supported if its an instance of a
Jsr250SecurityConfig
. - supports(ConfigAttribute) - Method in interface org.springframework.security.access.intercept.AfterInvocationManager
-
Deprecated.Indicates whether this
AfterInvocationManager
is able to process "after invocation" requests presented with the passedConfigAttribute
. - supports(ConfigAttribute) - Method in class org.springframework.security.access.intercept.AfterInvocationProviderManager
-
Deprecated.
- supports(ConfigAttribute) - Method in interface org.springframework.security.access.intercept.RunAsManager
-
Deprecated.Indicates whether this
RunAsManager
is able to process the passedConfigAttribute
. - supports(ConfigAttribute) - Method in class org.springframework.security.access.intercept.RunAsManagerImpl
-
Deprecated.
- supports(ConfigAttribute) - Method in class org.springframework.security.access.prepost.PostInvocationAdviceProvider
-
Deprecated.
- supports(ConfigAttribute) - Method in class org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter
-
Deprecated.
- supports(ConfigAttribute) - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager
-
Deprecated.
- supports(ConfigAttribute) - Method in class org.springframework.security.access.vote.AuthenticatedVoter
-
Deprecated.
- supports(ConfigAttribute) - Method in class org.springframework.security.access.vote.RoleVoter
-
Deprecated.
- supportsContext(Observation.Context) - Method in class org.springframework.security.authentication.AuthenticationObservationConvention
- supportsContext(Observation.Context) - Method in class org.springframework.security.authorization.AuthorizationObservationConvention
- SYSTEM_PROPERTY - Static variable in class org.springframework.security.core.context.SecurityContextHolder
T
- TestingAuthenticationProvider - Class in org.springframework.security.authentication
-
An
AuthenticationProvider
implementation for theTestingAuthenticationToken
. - TestingAuthenticationProvider() - Constructor for class org.springframework.security.authentication.TestingAuthenticationProvider
- TestingAuthenticationToken - Class in org.springframework.security.authentication
-
An
Authentication
implementation that is designed for use whilst unit testing. - TestingAuthenticationToken(Object, Object) - Constructor for class org.springframework.security.authentication.TestingAuthenticationToken
- TestingAuthenticationToken(Object, Object, String...) - Constructor for class org.springframework.security.authentication.TestingAuthenticationToken
- TestingAuthenticationToken(Object, Object, List<GrantedAuthority>) - Constructor for class org.springframework.security.authentication.TestingAuthenticationToken
- Token - Interface in org.springframework.security.core.token
-
A token issued by
TokenService
. - TokenService - Interface in org.springframework.security.core.token
-
Provides a mechanism to allocate and rebuild secure, randomised tokens.
- toString() - Method in class org.springframework.security.access.intercept.RunAsUserToken
-
Deprecated.
- toString() - Method in class org.springframework.security.access.SecurityConfig
- toString() - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager
-
Deprecated.
- toString() - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
- toString() - Method in class org.springframework.security.authentication.jaas.JaasGrantedAuthority
- toString() - Method in class org.springframework.security.authorization.AuthorityAuthorizationDecision
- toString() - Method in class org.springframework.security.authorization.AuthorityAuthorizationManager
- toString() - Method in class org.springframework.security.authorization.AuthorizationDecision
- toString() - Method in class org.springframework.security.authorization.ExpressionAuthorizationDecision
- toString() - Method in class org.springframework.security.authorization.method.ExpressionAttributeAuthorizationDecision
-
Deprecated.
- toString() - Method in class org.springframework.security.authorization.method.MethodExpressionAuthorizationManager
- toString() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextCallable
- toString() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextRunnable
- toString() - Method in class org.springframework.security.core.authority.SimpleGrantedAuthority
- toString() - Method in class org.springframework.security.core.context.SecurityContextHolder
- toString() - Method in class org.springframework.security.core.context.SecurityContextImpl
- toString() - Method in class org.springframework.security.core.token.DefaultToken
- toString() - Method in class org.springframework.security.core.userdetails.User
- toString() - Method in class org.springframework.security.util.SimpleMethodInvocation
- Transient - Annotation Interface in org.springframework.security.core
-
A marker for
Authentication
s that should never be stored across requests, for example a bearer token authentication - TransientSecurityContext - Class in org.springframework.security.core.context
-
A
SecurityContext
that is annotated with @Transient
and thus should never be stored across requests. - TransientSecurityContext() - Constructor for class org.springframework.security.core.context.TransientSecurityContext
- TransientSecurityContext(Authentication) - Constructor for class org.springframework.security.core.context.TransientSecurityContext
U
- UnanimousBased - Class in org.springframework.security.access.vote
-
Deprecated.Use
AuthorizationManager
instead - UnanimousBased(List<AccessDecisionVoter<?>>) - Constructor for class org.springframework.security.access.vote.UnanimousBased
-
Deprecated.
- unauthenticated(Object, Object) - Static method in class org.springframework.security.authentication.UsernamePasswordAuthenticationToken
-
This factory method can be safely used by any code that wishes to create a unauthenticated
UsernamePasswordAuthenticationToken
. - updatePassword(UserDetails, String) - Method in class org.springframework.security.core.userdetails.MapReactiveUserDetailsService
- updatePassword(UserDetails, String) - Method in interface org.springframework.security.core.userdetails.ReactiveUserDetailsPasswordService
-
Modify the specified user's password.
- updatePassword(UserDetails, String) - Method in interface org.springframework.security.core.userdetails.UserDetailsPasswordService
-
Modify the specified user's password.
- updatePassword(UserDetails, String) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
- updateUser(UserDetails) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
- updateUser(UserDetails) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- updateUser(UserDetails) - Method in interface org.springframework.security.provisioning.UserDetailsManager
-
Update the specified user.
- User - Class in org.springframework.security.core.userdetails
-
Models core user information retrieved by a
UserDetailsService
. - User(String, String, boolean, boolean, boolean, boolean, Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.core.userdetails.User
-
Construct the
User
with the details required byDaoAuthenticationProvider
. - User(String, String, Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.core.userdetails.User
-
Calls the more complex constructor with all boolean arguments set to
true
. - User.UserBuilder - Class in org.springframework.security.core.userdetails
-
Builds the user to be added.
- UserAttribute - Class in org.springframework.security.core.userdetails.memory
-
Used by
InMemoryUserDetailsManager
to temporarily store the attributes associated with a user. - UserAttribute() - Constructor for class org.springframework.security.core.userdetails.memory.UserAttribute
- UserAttributeEditor - Class in org.springframework.security.core.userdetails.memory
-
Property editor that creates a
UserAttribute
from a comma separated list of values. - UserAttributeEditor() - Constructor for class org.springframework.security.core.userdetails.memory.UserAttributeEditor
- UserCache - Interface in org.springframework.security.core.userdetails
-
Provides a cache of
UserDetails
objects. - UserDetails - Interface in org.springframework.security.core.userdetails
-
Provides core user information.
- UserDetailsByNameServiceWrapper<T extends Authentication> - Class in org.springframework.security.core.userdetails
-
This implementation for AuthenticationUserDetailsService wraps a regular Spring Security UserDetailsService implementation, to retrieve a UserDetails object based on the user name contained in an Authentication object.
- UserDetailsByNameServiceWrapper() - Constructor for class org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper
-
Constructs an empty wrapper for compatibility with Spring Security 2.0.x's method of using a setter.
- UserDetailsByNameServiceWrapper(UserDetailsService) - Constructor for class org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper
-
Constructs a new wrapper using the supplied
UserDetailsService
as the service to delegate to. - UserDetailsChecker - Interface in org.springframework.security.core.userdetails
-
Called by classes which make use of a
UserDetailsService
to check the status of the loaded UserDetails object. - UserDetailsManager - Interface in org.springframework.security.provisioning
-
An extension of the
UserDetailsService
which provides the ability to create new users and update existing ones. - UserDetailsPasswordService - Interface in org.springframework.security.core.userdetails
-
An API for changing a
UserDetails
password. - UserDetailsRepositoryReactiveAuthenticationManager - Class in org.springframework.security.authentication
-
A
ReactiveAuthenticationManager
that uses aReactiveUserDetailsService
to validate the provided username and password. - UserDetailsRepositoryReactiveAuthenticationManager(ReactiveUserDetailsService) - Constructor for class org.springframework.security.authentication.UserDetailsRepositoryReactiveAuthenticationManager
- UserDetailsService - Interface in org.springframework.security.core.userdetails
-
Core interface which loads user-specific data.
- userExists(String) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
- userExists(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
- userExists(String) - Method in interface org.springframework.security.provisioning.UserDetailsManager
-
Check if a user with the supplied login name exists in the system.
- username(String) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
-
Populates the username.
- UsernameNotFoundException - Exception in org.springframework.security.core.userdetails
-
Thrown if an
UserDetailsService
implementation cannot locate aUser
by its username. - UsernameNotFoundException(String) - Constructor for exception org.springframework.security.core.userdetails.UsernameNotFoundException
-
Constructs a
UsernameNotFoundException
with the specified message. - UsernameNotFoundException(String, Throwable) - Constructor for exception org.springframework.security.core.userdetails.UsernameNotFoundException
-
Constructs a
UsernameNotFoundException
with the specified message and root cause. - UsernamePasswordAuthenticationToken - Class in org.springframework.security.authentication
-
An
Authentication
implementation that is designed for simple presentation of a username and password. - UsernamePasswordAuthenticationToken(Object, Object) - Constructor for class org.springframework.security.authentication.UsernamePasswordAuthenticationToken
-
This constructor can be safely used by any code that wishes to create a
UsernamePasswordAuthenticationToken
, as theAbstractAuthenticationToken.isAuthenticated()
will returnfalse
. - UsernamePasswordAuthenticationToken(Object, Object, Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.authentication.UsernamePasswordAuthenticationToken
-
This constructor should only be used by
AuthenticationManager
orAuthenticationProvider
implementations that are satisfied with producing a trusted (i.e.
V
- value() - Element in annotation interface org.springframework.security.access.annotation.Secured
-
Returns the list of security configuration attributes (e.g. ROLE_USER, ROLE_ADMIN).
- value() - Element in annotation interface org.springframework.security.access.method.P
-
Deprecated.The parameter name
- value() - Element in annotation interface org.springframework.security.access.prepost.PostAuthorize
- value() - Element in annotation interface org.springframework.security.access.prepost.PostFilter
- value() - Element in annotation interface org.springframework.security.access.prepost.PreAuthorize
- value() - Element in annotation interface org.springframework.security.access.prepost.PreFilter
- value() - Element in annotation interface org.springframework.security.core.parameters.P
-
The parameter name
- valueOf(String) - Static method in enum class org.springframework.security.authorization.method.AuthorizationInterceptorsOrder
-
Returns the enum constant of this class with the specified name.
- values() - Static method in enum class org.springframework.security.authorization.method.AuthorizationInterceptorsOrder
-
Returns an array containing the constants of this enum class, in the order they are declared.
- verify(Supplier<Authentication>, T) - Method in interface org.springframework.security.authorization.AuthorizationManager
-
Determines if access should be granted for a specific authentication and object.
- verify(Mono<Authentication>, T) - Method in interface org.springframework.security.authorization.ReactiveAuthorizationManager
-
Determines if access should be granted for a specific authentication and object
- verifyToken(String) - Method in class org.springframework.security.core.token.KeyBasedPersistenceTokenService
- verifyToken(String) - Method in interface org.springframework.security.core.token.TokenService
-
Permits verification the
Token.getKey()
was issued by thisTokenService
and reconstructs the correspondingToken
. - vote(Authentication, Object, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.annotation.Jsr250Voter
-
Deprecated.Votes according to JSR 250.
- vote(Authentication, Object, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.vote.AuthenticatedVoter
-
Deprecated.
- vote(Authentication, Object, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.vote.RoleVoter
-
Deprecated.
- vote(Authentication, MethodInvocation, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter
-
Deprecated.
- vote(Authentication, S, Collection<ConfigAttribute>) - Method in interface org.springframework.security.access.AccessDecisionVoter
-
Deprecated.Indicates whether or not access is granted.
W
- withAuthentication(Authentication) - Static method in class org.springframework.security.core.context.ReactiveSecurityContextHolder
-
A shortcut for
ReactiveSecurityContextHolder.withSecurityContext(Mono)
- withDefaultPasswordEncoder() - Static method in class org.springframework.security.core.userdetails.User
-
Deprecated.Using this method is not considered safe for production, but is acceptable for demos and getting started. For production purposes, ensure the password is encoded externally. See the method Javadoc for additional details. There are no plans to remove this support. It is deprecated to indicate that this is considered insecure for production purposes.
- withSecurityContext(Mono<? extends SecurityContext>) - Static method in class org.springframework.security.core.context.ReactiveSecurityContextHolder
-
Creates a Reactor
Context
that contains theMono<SecurityContext>
that can be merged into anotherContext
- withUserDetails(UserDetails) - Static method in class org.springframework.security.core.userdetails.User
- withUsername(String) - Static method in class org.springframework.security.core.userdetails.User
-
Creates a UserBuilder with a specified user name
- wrap(Runnable) - Method in class org.springframework.security.scheduling.DelegatingSecurityContextSchedulingTaskExecutor
- wrap(Callable<T>) - Method in class org.springframework.security.scheduling.DelegatingSecurityContextSchedulingTaskExecutor
- write - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
X
- x509() - Static method in class org.springframework.security.converter.RsaKeyConverters
-
Construct a
Converter
for converting a PEM-encoded X.509 RSA Public Key or X.509 Certificate into aRSAPublicKey
.
All Classes and Interfaces|All Packages|Constant Field Values|Serialized Form
AuthorizationManager
instead