|
|||||||||
| PREV NEXT | FRAMES NO FRAMES | ||||||||
Authentication.
AccessDecisionManager.AfterInvocationProvider which provides commonly-used ACL-related services.AuthenticationManager.Authentication objects.MethodSecurityMetadataSource that supports both Spring AOP and AspectJ and
performs attribute resolution from: 1.ContextSource provided.
Permission implementations.AbstractPreAuthenticatedAuthenticationDetailsSource.buildDetails(Object).AuthenticationProvider that allows subclasses to override and work with UserDetails objects.Acl.AccessControlEntry.Tag that allows its body through if some authorizations are granted to the request's
principal.Authentication object does not hold a
required authority.AccessDeniedException with the specified
message.
AccessDeniedException with the specified
message and root cause.
ExceptionTranslationFilter to handle an
AccessDeniedException.AccessDeniedHandler.AccountExpiredException with the specified
message.
AccountExpiredException with the specified
message and root cause.
AclImpl to determine whether a principal is permitted to call
adminstrative methods on the AclImpl.AclAuthorizationStrategy.JdbcAclService.AclDataAccessException with the specified
message and root cause.
AclDataAccessException with the specified
message and no root cause.
Collection of domain object instances returned from a secure object invocation, remove
any Collection elements the principal does not have appropriate permission to access as defined by the
AclService.AclService.AclService.Acl.MutableAclService.createAcl(ObjectIdentity).
Acl instances.UserDetails
for a given authentication request.
AccessDecisionManager that grants access if any
AccessDecisionVoter returns an affirmative response.Object returned from a secure object invocation,
being able to modify the Object or throw an AccessDeniedException.AfterInvocationProviderManager decision.AfterInvocationManager.Token.
Acl entry already exists for the object.AlreadyExistsException with the specified message.
AlreadyExistsException with the specified message
and root cause.
Authentication object in the SecurityContextHolder, and
populates it with one if needed.AuthenticationProvider implementation that validates AnonymousAuthenticationTokens.Authentication.AspectJSecurityInterceptor when it wishes for the
AspectJ processing to continue.JoinPoint security interceptor which wraps the JoinPoint in a MethodInvocation
adapter to make it compatible with security infrastructure classes which only support MethodInvocations.AclImpl to log audit events.authenticate method that calls the abstract method
doAuthenticatation to do its work.
Authentication object, returning a fully populated
Authentication object (including granted authorities) if successful.
AuthenticationManager.authenticate(Authentication).
ConfigAttribute.getAttribute() of IS_AUTHENTICATED_FULLY or
IS_AUTHENTICATED_REMEMBERED or IS_AUTHENTICATED_ANONYMOUSLY is present.AuthenticationManager.authenticate(Authentication) method.Authentication could not be obtained from
the SecurityContextHolder.Authentication object in the SecurityContext.AuthenticationCredentialsNotFoundException
with the specified message.
AuthenticationCredentialsNotFoundException
with the specified message and root cause.
Authentication.getDetails() object for
a given web request.AuthenticationDetailsSource.ExceptionTranslationFilter to commence an authentication scheme.Authentication object being invalid for whatever
reason.AuthenticationException with the specified message and root cause.
AuthenticationException with the specified message and no root cause.
AuthenticationProvider that can process the request.AuthenticationManager.Authentication request.Authentication implementation.AuthenticationServiceException with the
specified message.
AuthenticationServiceException with the
specified message and root cause.
SimpleHttpInvokerRequestExecutor.Tag implementation that allows convenient access to the current
Authentication object.Authentication tokensAuthenticationTrustResolver.AuthorizationServiceException with the
specified message.
AuthorizationServiceException with the
specified message and root cause.
SecurityContextHolder does not contain an
Authentication object and Spring Security wishes to provide an implementation with an
opportunity to authenticate the request using remember-me capabilities.
BadCredentialsException with the specified
message.
BadCredentialsException with the specified
message and root cause.
ExceptionTraslationFilter to commence authentication via the BasicAuthenticationFilter.SecurityContextHolder.BaseLdapPathContextSource provided.
CumulativePermission or BasePermission representing the
active bits in the passed mask.
Authentication object for the current secure object invocation, or
null if replacement not required.
ExceptionTranslationFilter to commence authentication via the JA-SIG Central
Authentication Service (CAS).AuthenticationProvider implementation that integrates with JA-SIG Central Authentication Service
(CAS).Authentication.ChannelDecisionManager.ChannelProcessor to launch a web channel.Acl cannot be deleted because children Acls exist.ChildrenExistException with the specified
message.
ChildrenExistException with the specified
message and root cause.
Subject (phase two) by adding the Spring Security
Authentication to the Subject's principals.
AccessDecisionManager that uses a
consensus-based approach.AuditLogger.RemoteInvocation that is passed from the client to the server.org.springframework.remoting.rmi.RmiProxyFactoryBean when it
wishes to create a remote invocation.MethodInvocation for specified methodName on the passed object,
using the args to locate the method.
Acl object in the database.
MethodSecurityEvaluationContext as the EvaluationContext implementation and
configures it with a MethodSecurityExpressionRoot instance as the expression root object.
MethodInvocation for the specified methodName on the passed class.
MethodInvocation for specified methodName on the passed class,
using the args to locate the method.
acl_class, creating a new row if needed and the
allowCreate property is true.
Authentication object.
eraseCredentials method.CredentialsExpiredException with the specified
message.
CredentialsExpiredException with the specified
message and root cause.
Permission that is constructed at runtime from other permissions.AuthenticationProvider implementation that retrieves user details
from an UserDetailsService.Object, make an
access control decision or optionally modify the returned Object.
AccessDecisionVoters and grants access
if any AccessDecisionVoter voted affirmatively.
AccessDecisionVoters and upon
completion determines the consensus of granted against denied responses.
AccessDecisionVoters for each ConfigAttribute and grants access if only grant (or abstain) votes were received.
FilterInvocation provides the appropriate level of channel
security based on the requested list of ConfigAttributes.
FilterInvocation provides the appropriate level of channel
security based on the requested list of ConfigAttributes.
Throwable instances.
servletPath and
pathInfo, which do not contain path parameters (as defined in
RFC 2396).PermissionFactory.HttpServletRequest.Token.String created using
BasePasswordEncoder.mergePasswordAndSalt(String,Object,boolean).
Throwable.
SecurityEnforcementFilter to commence authentication via the DigestAuthenticationFilter.SecurityContextHolder.DisabledException with the specified message.
DisabledException with the specified message
and root cause.
Authentication object.
DefaultSavedRequest.
requiresAuthentication
method to determine whether the request is for authentication and should be handled by this filter.
AclCache that delegates to EH-CACHE.User objects using a Spring IoC defined EHCACHE.Enumeration around a Java 2 collection Iterator.java.lang.Object documentation for the interface contract.
true if the supplied object is a User instance with the
same username value.
credentials, principal and details objects, invoking the
eraseCredentials method on any which implement CredentialsContainer.
AccessDeniedException and AuthenticationException thrown within the
filter chain.PrePostInvocationAttributeFactory which interprets the annotation value as
an expression to be evaluated at runtime.Throwable.
Filter requests to a list of Spring-managed filter beans.SecurityMetadataSource implementations
that are designed to perform lookups keyed on FilterInvocations.FilterInvocationSecurityMetadataSource bean for use with a FilterSecurityInterceptor.HttpFirewall interface.getDateHeader().
ConfigAttributes defined by the implementing class.
SessionRegistry.
ConfigAttribute can be represented as a String and that
String is sufficient in precision to be relied upon as a configuration parameter by a RunAsManager, AccessDecisionManager or AccessDecisionManager delegate, this method should
return such a String.
ConfigAttributes that apply to a given secure object.
Authentication request that caused the event.
null)
AuthenticationManager to indicate the authorities that the principal has been
granted.
GrantedAuthority can be represented as a String and that
String is sufficient in precision to be relied upon for an access control decision by an AccessDecisionManager (or delegate), this method should return such a String.
CasAuthenticationToken associated with the
specified ticket.
SecurityContext.
String
String
Class that generated this event.
SecurityContextHolderStrategy.
String representing this permission.
credentialsRequestHeader is set, this
will be read and used as the credentials value.
principalRequestHeader from the request.
Authentication object, such as a String or UserDetails instance
SecurityContextHolder.
User to obtain the salt.
ServletRequest was received on.
HttpSession id the authentication request was received from.
sessionId.
UserDetails from the cache.
Authentication (which is a subclass of Principal), or
null if unavailable.
Authentication object.GrantedAuthoritys for a user by reading a list of attributes that were returned as
part of the CAS response.GrantedAuthority.GrantedAuthority as a Sid.RedirectStrategy with the URL returned by the determineTargetUrl method.
java.lang.Object documentation for the interface contract.
username.
HttpFirewall bean reference into the FilterChainProxy.SecurityContextRepository.loadContext(HttpRequestResponseHolder),
allowing the method to swap the request for a wrapped version, as well as returning the SecurityContext
value.HttpSessionEventPublisher when an HttpSession is created by the containerHttpSessionEventPublisher when a HttpSession is created in the containerSecurityContextRepository implementation which stores the security context in the HttpSession
between requests.IdentityUnavailableException with the specified message.
IdentityUnavailableException with the specified message
and root cause.
Throwables and ThrowableCauseExtractors.
LoginModule.
Resource interface.HttpServletRequest.isSecure() responses.InsufficientAuthenticationException with the
specified message.
InsufficientAuthenticationException with the
specified message and root cause.
AbstractSecurityInterceptor subclasses.InvocationTargetException instances.
MethodInvocation.
JoinPoint.
JoinPoint.
Authentication token represents an anonymous user.
AbstractSecurityInterceptor whether it should present the
authentication token to the AuthenticationManager.
saveContext() because of an error or redirect.
Acl.getParentAcl() should flow down into the current
Acl.
Authentication token represents user that has been remembered
(i.e.
renew parameter should be sent to the CAS login URL and CAS
validation URL.
GrantedAuthority.getAuthority().
HttpServletRequest.isUserInRole(String)) into GrantedAuthoritys and stores these in the authentication
details object.WebAuthenticationDetails
class to be used.
JaasAuthenticationProvider.AuthenticationProvider implementation that retrieves user details from a JAAS login configuration.JaasAuthenticationProvider
after successfully logging the user into the LoginContext, handling all callbacks, and calling all
AuthorityGranters.AclService.MutableAclService.TokenService that is compatible with clusters and across machine restarts,
without requiring database persistence.AuthenticationProvider implementation that authenticates
against an LDAP server.ShaPasswordEncoder which supports Ldap SHA and SSHA (salted-SHA) encodings.LdapUserSearch
and an LdapAuthoritiesPopulator.Tag that allows it's body through if some authorizations
are granted to the request's principal.UserDetails via the supplied CAS
assertion.
LockedException with the specified message.
LockedException with the specified message and
root cause.
Subject (phase one) by extracting the Spring Security
Authentication from the current SecurityContext.
ExceptionTranslationFilter to commence a form login
authentication via the UsernamePasswordAuthenticationFilter.Subject.
LogoutFilter, to handle redirection or
forwarding to the appropriate destination.FilterInvocation.
AclService.String.
MethodInvocation instances.MethodInvocations usable within Spring Security.SecurityMetadataSource implementations
that are designed to perform lookups keyed on Methods.MethodSecurityMetadataSource, used to exclude a MethodSecurityInterceptor from
public (non-secure) methods.Acl instances.NonceExpiredException with the specified
message.
NonceExpiredException with the specified
message and root cause.
NotFoundException with the specified message.
NotFoundException with the specified message
and root cause.
NullRememberMeServices that does nothing.StatelessTicketCache that has no backing cache.ObjectIdentity from an object identifier (such as a primary key)
and type information.ObjectIdentity.ObjectIdentityImpl based on the passed
object instance.
ObjectIdentity
will be returned for a particular domain objectObjectIdentityRetrievalStrategy and ObjectIdentityGenerator
that uses the constructors of ObjectIdentityImpl to create the ObjectIdentity.Filter instances registered in the map of
filter chains.
PlaintextPasswordEncoder.encodePassword(String, Object)String.
defaultFailureUrl if set, otherwise returns a 401 error code.
handle() method to forward or redirect to the target URL, and
then calls clearAuthenticationAttributes() to remove any leftover session data.
AccessDecisionManager interface.@Secured annotations.@PreAuthorize, @PreFilter,
@PostAuthorize and @PostFilter annotations.MethodInvocations, such as via Spring AOP.JointPoints, delegating secure object callbacks to the calling aspect.SecurityMetadataSource implementations for securing Java method invocations via different
AOP libraries.@PreAuthorize, @PreFilter, @PostAuthorize
and @PostFilter annotations.AuthenticationProvider which relies upon a data access object.Authentication object.AuthenticationProvider that can process CAS service tickets and proxy tickets.GrantedAuthority interface.GrantedAuthoritys.org.springframework.security.core.session.SessionInformation
SessionInformation class.UserCache.org.springframework.security.core.userdetails.UserDetailsService UserDetailsService.LdapUserSearch implementations.UserDetails implementations which map from a ubset of the data
contained in some of the standard LDAP types (such as InetOrgPerson).HttpInvoker extension points to
present the principal and credentials located
in the ContextHolder via BASIC authentication.SecurityContextHolder (which
should contain an Authentication request token) from one JVM to the remote JVM.HttpServletRequest which requires authentication.HttpServletRequestWrapper.HttpSession events and publisher classes.LdapAuthenticator which compares the login
password with the value stored in the directory using a remote LDAP "compare" operation.PasswordPolicyControl to make use of user account data stored in the directory.Permission instances from integer masks.RememberMeServices implementation based on Barry Jaspan's
Improved Persistent Login Cookie
Best Practice.PersistentTokenBasedRememberMeServices to store the persistent
login tokens for a user.PortMapper implementations provide callers with information
about which HTTP ports are associated with which HTTPS ports on the system,
and vice versa.PortMapper that obtains HTTP:HTTPS pairs from the application context.PortResolver determines the port a web request was received
on.PortResolver that obtains the port from ServletRequest.getServerPort().PostInvocationAuthorizationAdvice instance
passing it the PostInvocationAttribute created from @PostAuthorize and @PostFilter annotations.Authentication implementation for pre-authenticated
authentication.Authentication.getPrincipal() as a Sid.Authentication request through a list of AuthenticationProviders.ProviderManager if no AuthenticationProvider could be found that supports the
presented Authentication object.ProviderNotFoundException with the specified
message.
ProviderNotFoundException with the specified
message and root cause.
JaasAuthenticationFailedEvent.
JaasAuthenticationSuccessEvent.
CasAuthenticationToken to the cache.
UserDetails in the cache.
AclService.readAclsById(List) except it returns only a single Acl.
AclService.readAclsById(List, List) except it returns only a single Acl.
User object.sessionId so its last request time is equal to the present date and time.
ThrowableCauseExtractor for the specified type.
Permission for a give class.
Authentication object in the SecurityContext, and populates it
with a remember-me authentication token if a RememberMeServices
implementation so requests.AuthenticationProvider implementation that validates RememberMeAuthenticationTokens.Authentication.RemoteAuthenticationManager cannot validate the presented authentication request.RemoteAuthenticationException with the
specified message and no root cause.
RemoteAuthenticationManager to validate an authentication request.sessionId.
StatelessTicketCache.removeTicketFromCache(String).
UrlMatcher.pathMatchesUrl(Object, String).
UserDetails from an implementation-specific
location, with the option of throwing an AuthenticationException immediately if the presented
credentials are incorrect (this is especially useful if it is necessary to bind to a resource as the user in
order to obtain or generate a UserDetails).
RoleHierarchy definition to determine the
roles allocated to the current user before voting.ConfigAttribute.getAttribute() starts with a prefix
indicating that it is a role.AuthenticationProvider implementation that can authenticate a RunAsUserToken.Authentication object for the current secure
object invocation only.RunAsManager.Authentication implementation that supports RunAsManagerImpl.SecurityContext when a sendError() or sendRedirect
happens.DefaultSavedRequest which may have been stored in
the session by the ExceptionTranslationFilter.AuthenticationException for use in view rendering.
HttpServletRequest.isSecure() responses.Secured annotation.SecureRandom instance.ConfigAttribute as a String.SecurityContext with the current execution thread.Filter which populates the ServletRequest with a request wrapper
which implements the servlet API security methods.HttpServletRequestWrapper, which uses the
SecurityContext-defined Authentication object to implement the servlet API security
methods SecurityContextHolderAwareRequestWrapper.isUserInRole(String) and HttpServletRequestWrapper.getRemoteUser().SecurityContext.LoginModule that uses a Spring Security SecurityContext to provide authentication.SecurityContextHolder.SecurityContextHolder with information obtained from
the configured SecurityContextRepository prior to the request and stores it back in the repository
once the request has completed and clearing the context holder.SecurityContext between requests.ConfigAttributes that applies to a given secure object
invocation.sendError()
sendError()
sendRedirect()
HttpSessionCreatedEvent to the application
appContext.
HttpSessionDestroyedEvent to the application
appContext.
SessionAuthenticationStrategy.Authentication.getDetails()
implementations that are capable of returning a session ID.SessionAuthenticationStrategy to perform any session-related activity such as
activating session-fixation protection mechanisms or checking for multiple concurrent logins.SessionInformation instances.SessionRegistry
which listens for SessionDestroyedEvents
published in the Spring application context.AbstractSecurityInterceptor should
ignore the Authentication.isAuthenticated() property.
true, will always redirect to the value of defaultTargetUrl
(defaults to false).
Authentication.isAuthenticated() for a full description.
extraInformation property is deprecated
loadContext method and copy the created context instead.
SecurityContext with the current thread of execution.
AbstractAuthenticationProcessingFilter.successfulAuthentication(HttpServletRequest, HttpServletResponse,
Authentication), which may be useful in certain environment (such as
Tapestry applications).
true, indicates that it is permitted to store the target
URL and exception information in a new HttpSession (the default).
SearchControls instance used in the search.
Acl.isEntriesInheriting().
Authentication which implements the CredentialsContainer interface
will have its eraseCredentials method called before it is returned
from the authenticate() method.
AbstractUserDetailsAuthenticationProvider throws a
BadCredentialsException if a username is not found or the password is incorrect.
AbstractAuthenticationManager.setClearExtraInformation(boolean)
HttpSession to be invalidated when this LogoutHandler is invoked.
true, will only use DefaultSavedRequest to determine the target URL on successful
authentication if the request that caused the authentication request was a GET.
UsernamePasswordAuthenticationFilter login
page can be found.
PermissionFactory instance which will be used to convert loaded permission
data values to Permissions.
AuthenticationProvider objects to be used for authentication.
Configuration#refresh() will be made by #configureJaas(Resource)
method.
AbstractSecurityInterceptor has a configuration
attribute defined.
return_to URL which is assembled by OpenIDAuthenticationFilter.buildReturnToUrl(javax.servlet.http.HttpServletRequest).
ROLE_ to be overridden.
ROLE_ to be overridden.
SecureRandom
instance.
loginFormUrl using the RequestDispatcher,
instead of a 302 redirect.
LdapAuthenticationProvider.createSuccessfulAuthentication(UsernamePasswordAuthenticationToken, UserDetails) method.
true (the default), indicates the JdbcDaoImpl.getUsersByUsernameQuery() returns a username
in response to a query.
UserMap to reflect the Properties instance passed.
UserMap.
byte[].
byte[].
ShaPasswordEncoder encoder = new ShaPasswordEncoder(256); initializes with SHA-256
Sid instances applicable
for an Authentication.SidRetrievalStrategy that creates a Sid for the principal, as well as
every granted authority the principal holds.MethodInvocation.defaultFailureUrl property when the onAuthenticationFailure method is called.AbstractAuthenticationTargetUrlRequestHandler
base class logic.WebAttributes directly.
WebAttributes directly.
WebAttributes directly.
SecurityContextHolder.MessageSource used by Spring Security.X509Certificate.getSubjectDN()).Authentication instance returned by the
authentication manager into the secure context.
AccessDecisionManager is able to process authorization requests
presented with the passed ConfigAttribute.
AccessDecisionManager implementation is able to provide access
control decisions for the indicated secured object type.
AccessDecisionVoter is able to vote on the passed
ConfigAttribute.
AccessDecisionVoter implementation is able to provide access control
votes for the indicated secured object type.
AfterInvocationProvider is able to participate in a decision
involving the passed ConfigAttribute.
AfterInvocationProvider is able to provide "after invocation"
processing for the indicated secured object type.
Jsr250SecurityConfig.
AfterInvocationManager is able to process "after invocation"
requests presented with the passed ConfigAttribute.
AfterInvocationManager implementation is able to provide access
control decisions for the indicated secured object type.
AfterInvocationProviders and ensures each can support the presented
class.
RunAsManager is able to process the passed
ConfigAttribute.
RunAsManager implementation is able to provide run-as replacement for
the indicated secure object type.
SecurityMetadataSource implementation is able to provide
ConfigAttributes for the indicated secure object type.
AccessDecisionVoters and ensures each can support the presented class.
MethodSecurityInterceptor, because it queries the
presented MethodInvocation.
true if this AuthenticationProvider supports the indicated
Authentication object.
ChannelDecisionManager is able to process the passed
ConfigAttribute.
ChannelProcessor is able to process the passed
ConfigAttribute.
GrantedAuthority list that will be assigned to the principal
when they assume the identity of a different principal.GrantedAuthority used by SwitchUserFilterString as the salt.AuthenticationProvider implementation for the TestingAuthenticationToken.Authentication implementation that is designed for use whilst unit testing.Throwable instances.ThrowableAnalyzer instance.
Throwable type.TokenService.AccessDecisionManager that requires all
voters to abstain or grant access.Acl cannot perform an operation because it only loaded a subset of Sids and
the caller has requested details for an unloaded Sid.NotFoundException with the specified message.
NotFoundException with the specified message
and root cause.
Acl in the database.
UserDetailsService.User with the details required by
DaoAuthenticationProvider.
InMemoryDaoImpl to temporarily store the attributes associated with a user.UserAttribute from a comma separated list of values.UserDetails objects.UserDetailsService
as the service to delegate to.
UserDetailsService to check the status of the loaded
UserDetails object.UserDetailsService which provides the ability
to create new users and update existing ones.HttpSecurityBeanDefinitionParser to inject a UserDetailsService into
the X509Provider, RememberMeServices and OpenIDAuthenticationProvider instances created by
the namespace.RoleHierarchyVoter instead of populating the user Authentication object
with the additional authorities.RoleHierarchyVoter instead.UserMap.UserDetailsService implementation cannot locate a User by its username.UsernameNotFoundException with the specified
message.
UsernameNotFoundException with the specified message and root cause.
Authentication implementation that is designed for simple presentation
of a username and password.UsernamePasswordAuthenticationToken, as the AbstractAuthenticationToken.isAuthenticated() will return false.
AuthenticationManager or AuthenticationProvider
implementations that are satisfied with producing a trusted (i.e.
Token.getKey() was issued by this TokenService and
reconstructs the corresponding Token.
AuthenticationDetailsSource which builds the details object from
an HttpServletRequest object.WebXmlMappableAttributesRetriever.getMappableAttributes().
|
|||||||||
| PREV NEXT | FRAMES NO FRAMES | ||||||||