Deprecated API
Contents
-
Terminally Deprecated ElementsElementDescriptionThis existed for an old IE bug and is no longer need.This existed for an old IE bug and is no longer need.This is deprecated for removal. Users can compare
DefaultSavedRequest.getRedirectUrl()to theHttpServletRequestURL instead.
-
Deprecated InterfacesInterfaceDescriptionno replacement is planned, though consider using a custom
RequestMatcherfor any sophisticated decision-makingplease useHttpsRedirectFilterand its associatedPortMapperno replacement is planned, though consider using a customRequestMatcherfor any sophisticated decision-makingIn modern Spring Security APIs, each API manages its own configuration context. As such there is no direct replacement for this interface. In the case of method security, please seeSecurityAnnotationScannerandAuthorizationManager. In the case of channel security, please seeHttpsRedirectFilter. In the case of web security, please seeAuthorizationManager.ALLOW-FROM is an obsolete directive that no longer works in modern browsers. Instead use Content-Security-Policy with the frame-ancestors directive.This existed for an old IE bug and is no longer need.
-
Deprecated ClassesClassDescriptionplease use
HttpsRedirectFilterand its associatedPortMapperno replacement is planned, though consider using a customRequestMatcherfor any sophisticated decision-makingno replacement is planned, though consider using a customRequestMatcherfor any sophisticated decision-makingplease useHttpsRedirectFilterand its associatedPortMapperplease useHttpsRedirectFilterand its associatedPortMapperno replacement is planned, though consider using a customRequestMatcherfor any sophisticated decision-makingIn modern Spring Security APIs, each API manages its own configuration context. As such there is no direct replacement for this interface. In the case of method security, please seeSecurityAnnotationScannerandAuthorizationManager. In the case of channel security, please seeHttpsRedirectFilter. In the case of web security, please seeAuthorizationManager.UseWebExpressionAuthorizationManagerinsteadIn modern Spring Security APIs, each API manages its own configuration context. As such there is no direct replacement for this interface. In the case of method security, please seeSecurityAnnotationScannerandAuthorizationManager. In the case of channel security, please seeHttpsRedirectFilter. In the case of web security, please seeAuthorizationManager.UseAuthorizationFilterinsteadplease useAuthorizationManagerWebInvocationPrivilegeEvaluatorand adapt any delegateWebInvocationPrivilegeEvaluators intoAuthorizationManagersPlease useSubjectX500PrincipalExtractorinsteadUseAuthenticationPrincipalArgumentResolverinstead.ALLOW-FROM is an obsolete directive that no longer works in modern browsers. Instead use Content-Security-Policy with the frame-ancestors directive.ALLOW-FROM is an obsolete directive that no longer works in modern browsers. Instead use Content-Security-Policy with the frame-ancestors directive.ALLOW-FROM is an obsolete directive that no longer works in modern browsers. Instead use Content-Security-Policy with the frame-ancestors directive.ALLOW-FROM is an obsolete directive that no longer works in modern browsers. Instead use Content-Security-Policy with the frame-ancestors directive.see Certificate and Public Key Pinning for more contextThis existed for an old IE bug and is no longer need.useServerFormLoginAuthenticationConverterinstead.UseServerHttpBasicAuthenticationConverterinstead.
-
Deprecated Annotation InterfacesAnnotation InterfaceDescriptionUse
AuthenticationPrincipalinstead.
-
Deprecated MethodsMethodDescriptionUse
StrictHttpFirewall.getEncodedUrlBlocklist()insteadThis is deprecated for removal. Users can compareDefaultSavedRequest.getRedirectUrl()to theHttpServletRequestURL instead.As of 5.1 in favor ofAuthenticationWebFilter.setServerAuthenticationConverter(ServerAuthenticationConverter)
-
Deprecated ConstructorsConstructorDescriptionALLOW-FROM is an obsolete directive that no longer works in modern browsers. Instead use Content-Security-Policy with the frame-ancestors directive.
-
Deprecated Enum ConstantsEnum ConstantDescriptionALLOW-FROM is an obsolete directive that no longer works in modern browsers. Instead use Content-Security-Policy with the frame-ancestors directive.