|
Spring Security Framework | |||||||||
PREV NEXT | FRAMES NO FRAMES |
Authentication
.
AccessDecisionManager
.AfterInvocationProvider
which provides commonly-used ACL-related services.AuthByAdapter
implementations.AbstractAdapterAuthentication
should be
constructed.
AuthenticationManager
.Authentication
objects.GrantedAuthority[]
argument.
MethodDefinitionSource
that supports both Spring AOP and AspectJ and
caches configuration attribute resolution from: 1.ContextSource
provided.
MethodDefinitionSource
.Permission
implementations.AbstractPreAuthenticatedAuthenticationDetailsSource.buildDetails(Object)
.AuthenticationProvider
that allows subclasses to override and work with UserDetails
objects.Acl
.AccessControlEntry
.Tag
that allows its body through if some authorizations are granted to the request's
principal.Authentication
object does not hold a required authority.AccessDeniedException
with the specified
message.
AccessDeniedException
with the specified
message and root cause.
ExceptionTranslationFilter
to handle an
AccessDeniedException
.AccessDeniedHandler
.AccountExpiredException
with the specified
message.
AccountExpiredException
with the specified
message and root cause.
AclImpl
to determine whether a principal is permitted to call
adminstrative methods on the AclImpl
.AclAuthorizationStrategy
.JdbcAclService
.Collection
of domain object instances returned from a secure object invocation, remove
any Collection
elements the principal does not have appropriate permission to access as defined by the
AclService
.AclService
.AclService
.Acl
.MutableAclService.createAcl(ObjectIdentity)
.
Acl
instances.Tag
that allows its body through if some authorizations
are granted to the request's principal.User
.
UserDetails
for a given authentication request.
AccessDecisionManager
that grants access if any
AccessDecisionVoter
returns an affirmative response.Object
returned from a secure object invocation,
being able to modify the Object
or throw an AccessDeniedException
.AfterInvocationProviderManager
decision.AfterInvocationManager
.AuthenticationManager
and authentication failure
URL have been provided in the bean configuration file.
Token
.
Acl
entry already exists for the object.AlreadyExistsException
with the specified message.
AlreadyExistsException
with the specified message
and root cause.
AuthenticationProvider
implementation that validates AnonymousAuthenticationToken
s.Authentication
.Authentication
object in the SecurityContextHolder
, and
populates it with one if needed.AspectJAnnotationSecurityInterceptor
when it wishes for the
AspectJ processing to continue.AspectJSecurityInterceptor
when it wishes for the
AspectJ processing to continue.AclImpl
to log audit events.Authentication
class.AuthenticationProvider
implementation that can authenticate an AuthByAdapter
.authenticate
method that calls the abstract method
doAuthenticatation
to do its work.
Authentication
object, returning a fully populated
Authentication
object (including granted authorities) if successful.
AuthenticationManager.authenticate(Authentication)
.
X509AuthoritiesPopulator
to obtain the user details and authorities for the user identified by the
certificate.
ConfigAttribute.getAttribute()
of IS_AUTHENTICATED_FULLY
or
IS_AUTHENTICATED_REMEMBERED
or IS_AUTHENTICATED_ANONYMOUSLY
is present.Authentication
could not be obtained from
the SecurityContextHolder
.Authentication
object in the SecurityContext
.AuthenticationCredentialsNotFoundException
with the specified message.
AuthenticationCredentialsNotFoundException
with the specified message and root cause.
Authentication.getDetails()
object for
a given web request.AuthenticationDetailsSource
.ExceptionTranslationFilter
to commence an authentication
scheme.Authentication
object being invalid for whatever
reason.AuthenticationException
with the specified
message and root cause.
AuthenticationException
with the specified
message and no root cause.
AuthenticationProvider
that can process the request.AuthenticationManager
.Authentication
request.SecurityEnforcementFilter
to commence
authentication via the AuthenticationProcessingFilter
.Authentication
implementation.AuthenticationServiceException
with the
specified message.
AuthenticationServiceException
with the
specified message and root cause.
SimpleHttpInvokerRequestExecutor
.Tag
implementation that allows convenient access to the current
Authentication
object.Authentication
tokensAuthenticationTrustResolver
.AuthorizationServiceException
with the
specified message.
AuthorizationServiceException
with the
specified message and root cause.
Tag
that allows it's body through if some authorizations
are granted to the request's principal.AuthenticationTag
, AclTag
, AuthorizeTag
SecurityContextHolder
does not contain an
Authentication
object and Spring Security wishes to provide an implementation with an
opportunity to authenticate the request using remember-me capabilities.
BadCredentialsException
with the specified
message.
BadCredentialsException
with the specified
message and root cause.
BasicAclEntryHolder
.
BasicProcessingFilter
and BasicProcessingFilterEntryPoint
and
registers them in the application context.SecurityContextHolder
.SecurityEnforcementFilter
to commence authentication via the BasicProcessingFilter
.OpenIDConsumer.beginConsumption(javax.servlet.http.HttpServletRequest, String, String, String)
SpringSecurityContextSource
provided.
CumulativePermission
or BasePermission
representing the
active bits in the passed mask.
Authentication
object for the current secure object invocation, or
null
if replacement not required.
AuthenticationProvider
implementation that integrates with JA-SIG Central Authentication Service
(CAS).Authentication
.ExceptionTranslationFilter
to commence authentication via the JA-SIG Central
Authentication Service (CAS).BasicAclEntry
associated with the specified
AclObjectIdentity
and recipient Object
.
ChannelDecisionManager
.ChannelProcessor
to launch a web channel.Acl
cannot be deleted because children Acl
s exist.ChildrenExistException
with the specified
message.
ChildrenExistException
with the specified
message and root cause.
Subject
(phase two) by adding the Spring Security
Authentication
to the Subject
's principals.
ConcurrentSessionControllerImpl
if an attempt is made to login and the user has already
exceeded their maxmimum allowed sessions.AuthenticationManager
to integrate with the
concurrent session handling infrastructure.ConcurrentSessionControllerImpl
which prohibits simultaneous logins.ConcurrentSessionFilter
,
SessionRegistryImpl
and ConcurrentSessionControllerImpl
.ConfigAttribute
s that are associated with a given secure object target - effectively a
CollectionConfigAttributeDefinition
from a comma separated list of
values.AccessDecisionManager
that uses a consensus-based
approach.AuditLogger
.ConfigAttribute
is contained within this
ConfigAttributeDefinition
.
RemoteInvocation
that is passed from the client to the server, which contains the
contents of SecurityContextHolder
, being a SecurityContext
object.SecurityContextHolder
inside the object.
org.springframework.remoting.rmi.RmiProxyFactoryBean
when it
wishes to create a remote invocation.AclObjectIdentity
to a String
that can be located
in the RDBMS.
FilterInvocation
for the specified contextPath
and Uri
.
FilterInvocation
for the specified Uri
.
MethodInvocation
for specified methodName
on the passed object.
MethodInvocation
for specified methodName
on the passed object,
using the args
to locate the method.
Acl
object in the database.
MethodInvocation
for specified methodName
on the passed class.
MethodInvocation
for specified methodName
on the passed class,
using the args
to locate the method.
Authentication
object.
CredentialsExpiredException
with the specified
message.
CredentialsExpiredException
with the specified
message and root cause.
Permission
that is constructed at runtime from other permissions.AfterInvocationProvider
to the
AfterInvocationProviderManager's list.AuthenticationProvider
to the ProviderManager's
list.AuthenticationProvider
implementation that retrieves user details
from an UserDetailsService
.Object
, make an
access control decision or optionally modify the returned Object
.
FilterInvocation
provides the appropriate level of channel
security based on the requested ConfigAttributeDefinition
.
FilterInvocation
provides the appropriate level of channel
security based on the requested ConfigAttributeDefinition
.
AccessDecisionVoter
s and grants access
if any AccessDecisionVoter
voted affirmatively.
AccessDecisionVoter
s and upon
completion determines the consensus of granted vs denied responses.
AccessDecisionVoter
s for each ConfigAttribute
and grants access if only grant votes were received.
Throwable
instances.
servletPath
and
pathInfo
, which do not contain path parameters (as defined in
RFC 2396).DefaultSpringSecurityContextSource
instead.PermissionFactory
.Token
.AclObjectIdentity
.
BasicAclEntry
associated with the specified AclObjectIdentity
and
recipient Object
.
String
created using
BasePasswordEncoder.mergePasswordAndSalt(String,Object,boolean)
.
Throwable
.
SecurityContextHolder
.SecurityEnforcementFilter
to commence authentication via the DigestProcessingFilter
.DisabledException
with the specified message.
DisabledException
with the specified message
and root cause.
Authentication
object.
SavedRequest
.
AclCache
that delegates to EH-CACHE.User
objects using a Spring IoC defined EHCACHE.Enumeration
around a Java 2 collection Iterator
.java.lang.Object
documentation for the interface contract.
java.lang.Object
documentation for the interface contract.
AccessDeniedException
and AuthenticationException
thrown within the
filter chain.Throwable
.
Filter
requests to a list of Spring-managed beans.ObjectDefinitionSource
implementations
that are designed to perform lookups keyed on FilterInvocation
s.FilterInvocationDefinitionSource
bean for use with a FilterSecurityInterceptor.FilterInvocation
s usable within Spring Security.HttpFirewall
interface.getDateHeader()
.
response
portion of a Digest authentication header.
SecurityContext
object.
AclObjectIdentity
for this instance.
BasicAclEntry
.
Authentication
object
Authentication
object.
AclObjectIdentity
.
SessionRegistry
.
ConfigAttribute
can be represented as a String
and that
String
is sufficient in precision to be relied upon as a configuration parameter by a RunAsManager
, AccessDecisionManager
or AccessDecisionManager
delegate, this method should
return such a String
.
ConfigAttributeDefinition
that applies to a given secure object.
null
)
Authentication
request that caused the event.
AuthenticationManager
to indicate the authorities that the principal has been
granted.
GrantedAuthority
can be represented as a String
and that
String
is sufficient in precision to be relied upon for an access control decision by an AccessDecisionManager
(or delegate), this method should return such a String
.
JaasAuthenticationProvider.setAuthorityGranters(AuthorityGranter[])
method, or null if it none were ever set.
CasAuthenticationToken
associated with the
specified ticket.
ConfigAttributeDefinition
s defined by the implementing class.
ConfigAttribute
s defined by this
ConfigAttributeDefinition
.
SecurityContext
.
String
String
filterProcessesUrl
for the
implementation.
/j_spring_cas_security_check
.
/j_spring_security_check
.
BasicAclEntry
s from the cache.
null
.
Class
that generated this event.
SecurityContextHolderStrategy
.
AuthByAdapter
implementation.
String
representing this permission.
Authentication
object, such as a String or UserDetails
instance
BasicAclEntry
s.
SecurityContextHolder
.
User
to obtain the salt.
ServletRequest
was received on.
ConcurrentSessionController
is returned or the NullConcurrentSessionController
if a specific one has not been set.
HttpSession
id the authentication request was received from.
sessionId
.
UserDetails
from the cache.
Authentication
(which is a subclass of Principal
), or
null
if unavailable.
static
field-based implementation of SecurityContextHolderStrategy
.Authentication
object.GrantedAuthority
.GrantedAuthority
as a Sid
.java.lang.Object
documentation for the interface contract.
java.lang.Object
documentation for the interface contract.
HttpFirewall
bean reference into the FilterChainProxy
.SecurityContext
with the Authentication
obtained from the container's
HttpServletRequest.getUserPrincipal()
.SecurityContextHolder
with information obtained from
the HttpSession
.HttpSessionEventPublisher
when a HttpSession is destroyed by the containerHttpSessionEventPublisher
when a HttpSession is created in the containerIdentityUnavailableException
with the specified message.
IdentityUnavailableException
with the specified message
and root cause.
InheritableThreadLocal
-based implementation of SecurityContextHolderStrategy
.Throwable
s and ThrowableCauseExtractor
s.
LoginModule
.
Resource
interface.HttpServletRequest.isSecure()
responses.InsufficientAuthenticationException
with the
specified message.
InsufficientAuthenticationException
with the
specified message and root cause.
AbstractSecurityInterceptor
subclasses.InvocationTargetException
instances.
MethodInvocation
.
JoinPoint
.
JoinPoint
.
Authentication
token represents an anonymous user.
true
.
AbstractSecurityInterceptor
whether it should present the
authentication token to the AuthenticationManager
.
true
, indicates that SecurityEnforcementFilter
is permitted to store the target
URL and exception information in the HttpSession
(the default).
Acl.getParentAcl()
should flow down into the current
Acl.
true
if NTLM authentication is forced.
Authentication
token represents user that has been remembered
(ie not a user that has been fully authenticated).
renew
parameter should be sent to the CAS login URL and CAS
validation URL.
GrantedAuthority.getAuthority()
.
HttpServletRequest.isUserInRole(String)
) into GrantedAuthoritys and stores these in the authentication
details object (.JaasAuthenticationProvider
.AuthenticationProvider
implementation that retrieves user details from a JAAS login configuration.JaasAuthenticationProvider
after successfully logging the user into the LoginContext, handling all callbacks, and calling all
AuthorityGranters.AclService
.MutableAclService
.TokenService
that is compatible with clusters and across machine restarts,
without requiring database persistence.AuthenticationProvider
implementation that authenticates
against an LDAP server.ShaPasswordEncoder
which supports Ldap SHA and SSHA (salted-SHA) encodings.LdapUserSearch
and an LdapAuthoritiesPopulator
.LockedException
with the specified message.
LockedException
with the specified message and
root cause.
Subject
(phase one) by extracting the Spring Security
Authentication
from the current SecurityContext
.
Subject
.
ConfigAttributeDefinition
for the specified
Method
which is subject of the method invocation.
ConfigAttributeDefinition
for the specified
FilterInvocation
.
AclService
.ConfigAttributeDefinition
for a method or class signature.String
.
ConfigAttributeDefinition
s for a method signature (via the lookupAttributes method)
by delegating to a configured Attributes
object.ObjectDefinitionSource
implementations
that are designed to perform lookups keyed on Method
s.MethodDefinitionSource
, used to exclude a MethodSecurityInterceptor
from
public (ie non-secure) methods.MethodDefinitionSource
.MethodInvocation
s usable within Spring Security.grantAccess
is set to true
.Acl
instances.NamedEntityObjectIdentity
based on the passed
object instance.
the default authentication manager
which lazily initializes
the list of AuthenticationProvider
s.NonceExpiredException
with the specified
message.
NonceExpiredException
with the specified
message and root cause.
NotFoundException
with the specified message.
NotFoundException
with the specified message
and root cause.
AuthenticationException
s in the
NtlmProcessingFilterEntryPoint
.ExceptionTranslationFilter
to assist with the NTLM
negotiation.UsernamePasswordAuthenticationToken
that allows any provider to bypass the problem of an
empty password since NTLM does not retrieve the user's password from the PDC.UsernamePasswordAuthenticationToken
using the
JCIFS NtlmPasswordAuthentication
object.
ConcurrentSessionController
.NullRememberMeServices
that does nothing.RunAsManager
that does nothing.StatelessTicketCache
that has no backing cache.ConfigAttributeDefinition
that applies to a given secure object
invocation.ObjectIdentity
.ObjectIdentityImpl
based on the passed
object instance.
ObjectIdentity
will be returned for a particular domain objectObjectIdentityRetrievalStrategy
that uses the constructor of ObjectIdentityImpl
to create the ObjectIdentity
.Filter
instances registered in the map of
filter chains.
AclObjectIdentity
of a passed domain object instance.
PlaintextPasswordEncoder.encodePassword(String, Object)
String
.
BasicAclProvider
.HttpInvoker
extension points to
present the principal
and credentials
located
in the ContextHolder
via BASIC authentication.ContextHolder
(which should contain an
Authentication
request token)
from one JVM to the remote JVM.MethodInvocation
s, such as via
Spring AOP.JointPoint
s, delegating secure
object callbacks to the calling aspect.CasAuthenticationProvider
.User
objects for the DaoAuthenticationProvider
.Authentication
object.RememberMeAuthenticationToken
s.HttpServletRequest
so that it can subsequently be emulated by the
SavedRequestAwareWrapper
.HttpServletRequestWrapper
.String
literal and return associated value.
String
literals and return associated values.
LdapAuthenticator
which compares the login
password with the value stored in the directory using a remote LDAP "compare" operation.Sid
for a given domain object.Permission
instances from integer masks.RememberMeServices
implementation based on Barry Jaspan's
Improved Persistent Login Cookie
Best Practice.PersistentTokenBasedRememberMeServices
to store the persistent
login tokens for a user.SecurityContextHolder
with information obtained from the
PortletSession
.PortMapper
implementations provide callers with information
about which HTTP ports are associated with which HTTPS ports on the system,
and vice versa.PortMapper
that obtains HTTP:HTTPS pairs from the application context.PortMapperImpl
bean.PortResolver
determines the port a web request was received
on.PortResolver
that obtains the port from ServletRequest.getServerPort().Authentication
implementation for pre-authenticated
authentication.Authentication
object each time
Internet Explorer does a POST.
Authentication.getPrincipal()
as a Sid
.Principal
compatible Authentication
object.AbstractBasicAclEntry
's
mask.
MapBasedMethodDefinitionSource
.Authentication
request through a list of AuthenticationProvider
s.ProviderManager
if no AuthenticationProvider
could be found that supports the
presented Authentication
object.ProviderNotFoundException
with the specified
message.
ProviderNotFoundException
with the specified
message and root cause.
JaasAuthenticationFailedEvent
.
JaasAuthenticationSuccessEvent
.
BasicAclEntry
s in the cache.
CasAuthenticationToken
to the cache.
UserDetails
in the cache.