Package org.springframework.security.web.access

@NullMarked package org.springframework.security.web.access

Access-control related classes and packages.

Related Packages

Package	Description
org.springframework.security.web	Spring Security's web security module.
org.springframework.security.web.access.channel	Classes that ensure web requests are received over required transport channels.
org.springframework.security.web.access.expression	Implementation of web security expressions.
org.springframework.security.web.access.intercept	Enforcement of security for HTTP requests, typically by the URL requested.

Class	Description
AccessDeniedHandler	Used by ExceptionTranslationFilter to handle an AccessDeniedException.
AccessDeniedHandlerImpl	Base implementation of AccessDeniedHandler.
AuthorizationManagerWebInvocationPrivilegeEvaluator	An implementation of WebInvocationPrivilegeEvaluator which delegates the checks to an instance of AuthorizationManager
AuthorizationManagerWebInvocationPrivilegeEvaluator.HttpServletRequestTransformer	Used to transform the HttpServletRequest prior to passing it into the AuthorizationManager.
CompositeAccessDeniedHandler
DefaultWebInvocationPrivilegeEvaluator	Deprecated. Use AuthorizationManagerWebInvocationPrivilegeEvaluator instead
DelegatingAccessDeniedHandler	An AccessDeniedHandler that delegates to other AccessDeniedHandler instances based upon the type of AccessDeniedException passed into DelegatingAccessDeniedHandler.handle(HttpServletRequest, HttpServletResponse, AccessDeniedException).
DelegatingMissingAuthorityAccessDeniedHandler	An AccessDeniedHandler that adapts AuthenticationEntryPoints based on missing GrantedAuthoritys.
DelegatingMissingAuthorityAccessDeniedHandler.Builder	A builder for configuring the set of authority/entry-point pairs
ExceptionTranslationFilter	Handles any AccessDeniedException and AuthenticationException thrown within the filter chain.
HttpStatusAccessDeniedHandler	An AccessDeniedHandler that sends an HttpStatus as a response.
IpAddressAuthorizationManager	A AuthorizationManager, that determines if the current request contains the specified address or range of addresses
NoOpAccessDeniedHandler	An AccessDeniedHandler implementation that does nothing.
ObservationMarkingAccessDeniedHandler
PathPatternRequestTransformer	Prepares the privilege evaluator's request for PathPatternRequestMatcher authorization rules.
RequestMatcherDelegatingAccessDeniedHandler	An AccessDeniedHandler that delegates to other AccessDeniedHandler instances based upon the type of HttpServletRequest passed into RequestMatcherDelegatingAccessDeniedHandler.handle(HttpServletRequest, HttpServletResponse, AccessDeniedException).
RequestMatcherDelegatingWebInvocationPrivilegeEvaluator	Deprecated. please use AuthorizationManagerWebInvocationPrivilegeEvaluator and adapt any delegate WebInvocationPrivilegeEvaluators into AuthorizationManagers
WebInvocationPrivilegeEvaluator	Allows users to determine whether they have privileges for a given web URI.