spring-security-core 6.2.2 API

Packages
Package
Description
Core access-control related code, including security metadata related classes, interception code, access control annotations, EL support and voter-based implementations of the central AccessDecisionManager interface.
Support for JSR-250 and Spring Security @Secured annotations.
Authorization event and listener classes.
Expression handling code to support the use of Spring-EL based expressions in @PreAuthorize, @PreFilter, @PostAuthorize and @PostFilter annotations.
Implementation of expression-based method security.
Role hierarchy implementation.
Abstract level security interception classes which are responsible for enforcing the configured security constraints for a secure object.
Enforces security for AOP Alliance MethodInvocations, such as via Spring AOP.
Enforces security for AspectJ JointPoints, delegating secure object callbacks to the calling aspect.
Provides SecurityMetadataSource implementations for securing Java method invocations via different AOP libraries.
Contains the infrastructure classes for handling the @PreAuthorize, @PreFilter, @PostAuthorize and @PostFilter annotations.
Implements a vote-based approach to authorization decisions.
Core classes and interfaces related to user authentication, which are used throughout Spring Security.
An AuthenticationProvider which relies upon a data access object.
Authentication success and failure events which can be published to the Spring application context.
An authentication provider for JAAS.
JAAS authentication events which can be published to the Spring application context by the JAAS authentication provider.
An in memory JAAS implementation.
 
 
 
 
 
 
Core classes and interfaces related to user authentication and authorization, as well as the maintenance of a security context.
 
The default implementation of the GrantedAuthority interface.
Strategies for mapping a list of attributes (such as roles or LDAP groups) to a list of GrantedAuthoritys.
Classes related to the establishment of a security context for the duration of a request (such as an HTTP or RMI invocation).
 
Session abstraction which is provided by the org.springframework.security.core.session.SessionInformation SessionInformation class.
A service for building secure random tokens.
The standard interfaces for implementing user data DAOs.
Implementations of UserCache.
Exposes a JDBC-based authentication repository, implementing org.springframework.security.core.userdetails.UserDetailsService UserDetailsService.
Exposes an in-memory authentication repository.
Mix-in classes to add Jackson serialization support.
Contains simple user and authority group account provisioning interfaces together with a a JDBC-based implementation.
 
 
General utility classes used throughout the Spring Security framework.