-
InterfaceDescriptionUse
AuthorizationManager
insteadUse delegation withAuthorizationManager
Used only by now-deprecated classes. ConsiderSecuredAuthorizationManager
for `@Secured` methods.Use delegation withAuthorizationManager
This class will be removed from the public API. Please either use `spring-security-aspects`, Spring Security's method security support or create your own class that uses Spring AOP annotations.Authentication is now separated from authorization in Spring Security. This class is only used by now-deprecated components. There is not yet an equivalent replacement in Spring Security.Use theuse-authorization-manager
attribute for<method-security>
and<intercept-methods>
instead or use annotation-based orAuthorizationManager
-based authorizationUseAuthorizationManagerAfterMethodInterceptor
insteadUseAuthorizationManagerAfterMethodInterceptor
insteadUseAuthorizationManagerBeforeMethodInterceptor
insteadUseAuthorizationManagerBeforeMethodInterceptor
insteadUse delegation withAuthorizationManager
-
ClassDescriptionUse
Jsr250AuthorizationManager
insteadUseJsr250AuthorizationManager
insteadAuthorization events have moved. ConsiderAuthorizationGrantedEvent
andAuthorizationDeniedEvent
Authentication is now separated from authorization. ConsiderAbstractAuthenticationFailureEvent
instead.UseAuthorizationDeniedEvent
insteadUseAuthorizationGrantedEvent
insteadLogging is now embedded in Spring Security components. If you need further logging, please consider using your ownApplicationListener
Only used by now-deprecated classes. ConsiderEventObject.getSource()
to deduce public invocations.UseAuthorizationManager
interceptors insteadUseAuthorizationManagerAfterMethodInterceptor
insteadUseAuthorizationManagerAfterMethodInterceptor
insteadUseorg.springframework.security.web.access.intercept.AuthorizationFilter
instead for filter security,org.springframework.security.messaging.access.intercept.AuthorizationChannelInterceptor
for messaging security, orAuthorizationManagerBeforeMethodInterceptor
andAuthorizationManagerAfterMethodInterceptor
for method security.Use delegation withAuthorizationManager
Please useAuthorizationManagerBeforeMethodInterceptor
andAuthorizationManagerAfterMethodInterceptor
insteadUseEnableMethodSecurity
or publish interceptors directlyThis class will be removed from the public API. Please either use `spring-security-aspects`, Spring Security's method security support or create your own class that uses Spring AOP annotations.This class will be removed from the public API. See `JoinPointMethodInvocation` in `spring-security-aspects` for its replacementUse delegation withAuthorizationManager
UseAuthorizationManager
insteadAuthentication is now separated from authorization in Spring Security. This class is only used by now-deprecated components. There is not yet an equivalent replacement in Spring Security.Authentication is now separated from authorization in Spring Security. This class is only used by now-deprecated components. There is not yet an equivalent replacement in Spring Security.Authentication is now separated from authorization in Spring Security. This class is only used by now-deprecated components. There is not yet an equivalent replacement in Spring Security.Use theuse-authorization-manager
attribute for<method-security>
and<intercept-methods>
instead or use annotation-based orAuthorizationManager
-based authorizationUse theuse-authorization-manager
attribute for<method-security>
and<intercept-methods>
instead or use annotation-based orAuthorizationManager
-based authorizationUse theuse-authorization-manager
attribute for<method-security>
and<intercept-methods>
instead or use annotation-based orAuthorizationManager
-based authorizationUse theuse-authorization-manager
attribute for<method-security>
and<intercept-methods>
instead or use annotation-based orAuthorizationManager
-based authorizationUseAuthorizationManagerAfterMethodInterceptor
insteadUseAuthorizationManagerBeforeMethodInterceptor
insteadUsePreAuthorizeAuthorizationManager
andPostAuthorizeAuthorizationManager
insteadUseAuthorizationManager
insteadNow used by only-deprecated classes. Generally speaking, in-memory ACL is no longer advised, so no replacement is planned at this point.UseAuthorizationManager
insteadUseAuthorityAuthorizationManager
insteadUseAuthorizationManager
insteadUseAuthorityAuthorizationManager
insteadUseAuthorizationManager
insteadUseExpressionAuthorizationDecision
instead
-
Annotation InterfaceDescriptionuse @{code org.springframework.security.core.parameters.P}
-
MethodDescriptionUsing this method is not considered safe for production, but is acceptable for demos and getting started. For production purposes, ensure the password is encoded externally. See the method Javadoc for additional details. There are no plans to remove this support. It is deprecated to indicate that this is considered insecure for production purposes.
AuthorizationManager
instead