spring-security-core 6.2.3 API
Packages
Package
Description
Core access-control related code, including security metadata related classes,
interception code, access control annotations, EL support and voter-based
implementations of the central
AccessDecisionManager
interface.Support for JSR-250 and Spring Security
@Secured annotations.Authorization event and listener classes.
Expression handling code to support the use of Spring-EL based expressions in
@PreAuthorize, @PreFilter, @PostAuthorize and
@PostFilter annotations.Implementation of expression-based method security.
Role hierarchy implementation.
Abstract level security interception classes which are responsible for enforcing the
configured security constraints for a secure object.
Enforces security for AOP Alliance
MethodInvocations, such as via Spring
AOP.Enforces security for AspectJ
JointPoints, delegating secure object
callbacks to the calling aspect.Provides
SecurityMetadataSource implementations for securing Java method
invocations via different AOP libraries.Contains the infrastructure classes for handling the
@PreAuthorize,
@PreFilter, @PostAuthorize and @PostFilter annotations.Implements a vote-based approach to authorization decisions.
Core classes and interfaces related to user authentication, which are used throughout
Spring Security.
An
AuthenticationProvider which relies upon a data access object.Authentication success and failure events which can be published to the Spring
application context.
An authentication provider for JAAS.
JAAS authentication events which can be published to the Spring application context by
the JAAS authentication provider.
An in memory JAAS implementation.
Core classes and interfaces related to user authentication and authorization, as well
as the maintenance of a security context.
The default implementation of the
GrantedAuthority interface.Strategies for mapping a list of attributes (such as roles or LDAP groups) to a list of
GrantedAuthoritys.Classes related to the establishment of a security context for the duration of a
request (such as an HTTP or RMI invocation).
Session abstraction which is provided by the
org.springframework.security.core.session.SessionInformation
SessionInformation class.A service for building secure random tokens.
The standard interfaces for implementing user data DAOs.
Implementations of
UserCache.Exposes a JDBC-based authentication repository, implementing
org.springframework.security.core.userdetails.UserDetailsService UserDetailsService.Exposes an in-memory authentication repository.
Mix-in classes to add Jackson serialization support.
Contains simple user and authority group account provisioning interfaces together with
a a JDBC-based implementation.
General utility classes used throughout the Spring Security framework.