|
|||||||||
PREV NEXT | FRAMES NO FRAMES |
Authentication
.
AccessDecisionManager
.AfterInvocationProvider
which provides commonly-used ACL-related services.AuthenticationManager
.Authentication
objects.MethodSecurityMetadataSource
that supports both Spring AOP and AspectJ and
performs attribute resolution from: 1.ContextSource
provided.
Permission
implementations.AbstractPreAuthenticatedAuthenticationDetailsSource.buildDetails(Object)
.AuthenticationProvider
that allows subclasses to override and work with UserDetails
objects.Acl
.AccessControlEntry
.Tag
that allows its body through if some authorizations are granted to the request's
principal.Authentication
object does not hold a
required authority.AccessDeniedException
with the specified
message.
AccessDeniedException
with the specified
message and root cause.
ExceptionTranslationFilter
to handle an
AccessDeniedException
.AccessDeniedHandler
.AccountExpiredException
with the specified
message.
AccountExpiredException
with the specified
message and root cause.
AclImpl
to determine whether a principal is permitted to call
adminstrative methods on the AclImpl
.AclAuthorizationStrategy
.JdbcAclService
.AclDataAccessException
with the specified
message and root cause.
AclDataAccessException
with the specified
message and no root cause.
Collection
of domain object instances returned from a secure object invocation, remove
any Collection
elements the principal does not have appropriate permission to access as defined by the
AclService
.AclService
.AclService
.Acl
.MutableAclService.createAcl(ObjectIdentity)
.
Acl
instances.UserDetails
for a given authentication request.
AccessDecisionManager
that grants access if any
AccessDecisionVoter
returns an affirmative response.Object
returned from a secure object invocation,
being able to modify the Object
or throw an AccessDeniedException
.AfterInvocationProviderManager
decision.AfterInvocationManager
.Token
.
Acl
entry already exists for the object.AlreadyExistsException
with the specified message.
AlreadyExistsException
with the specified message
and root cause.
Authentication
object in the SecurityContextHolder
, and
populates it with one if needed.AuthenticationProvider
implementation that validates AnonymousAuthenticationToken
s.Authentication
.AspectJSecurityInterceptor
when it wishes for the
AspectJ processing to continue.JoinPoint
security interceptor which wraps the JoinPoint
in a MethodInvocation
adapter to make it compatible with security infrastructure classes which only support MethodInvocation
s.AclImpl
to log audit events.authenticate
method that calls the abstract method
doAuthenticatation
to do its work.
Authentication
object, returning a fully populated
Authentication
object (including granted authorities) if successful.
AuthenticationManager.authenticate(Authentication)
.
ConfigAttribute.getAttribute()
of IS_AUTHENTICATED_FULLY
or
IS_AUTHENTICATED_REMEMBERED
or IS_AUTHENTICATED_ANONYMOUSLY
is present.AuthenticationManager.authenticate(Authentication)
method.Authentication
could not be obtained from
the SecurityContextHolder
.Authentication
object in the SecurityContext
.AuthenticationCredentialsNotFoundException
with the specified message.
AuthenticationCredentialsNotFoundException
with the specified message and root cause.
Authentication.getDetails()
object for
a given web request.AuthenticationDetailsSource
.ExceptionTranslationFilter
to commence an authentication scheme.Authentication
object being invalid for whatever
reason.AuthenticationException
with the specified message and root cause.
AuthenticationException
with the specified message and no root cause.
AuthenticationProvider
that can process the request.AuthenticationManager
.Authentication
request.Authentication
implementation.AuthenticationServiceException
with the
specified message.
AuthenticationServiceException
with the
specified message and root cause.
SimpleHttpInvokerRequestExecutor
.Tag
implementation that allows convenient access to the current
Authentication
object.Authentication
tokensAuthenticationTrustResolver
.AuthorizationServiceException
with the
specified message.
AuthorizationServiceException
with the
specified message and root cause.
SecurityContextHolder
does not contain an
Authentication
object and Spring Security wishes to provide an implementation with an
opportunity to authenticate the request using remember-me capabilities.
BadCredentialsException
with the specified
message.
BadCredentialsException
with the specified
message and root cause.
ExceptionTraslationFilter
to commence authentication via the BasicAuthenticationFilter
.SecurityContextHolder
.BaseLdapPathContextSource
provided.
CumulativePermission
or BasePermission
representing the
active bits in the passed mask.
Authentication
object for the current secure object invocation, or
null
if replacement not required.
ExceptionTranslationFilter
to commence authentication via the JA-SIG Central
Authentication Service (CAS).AuthenticationProvider
implementation that integrates with JA-SIG Central Authentication Service
(CAS).Authentication
.ChannelDecisionManager
.ChannelProcessor
to launch a web channel.Acl
cannot be deleted because children Acl
s exist.ChildrenExistException
with the specified
message.
ChildrenExistException
with the specified
message and root cause.
Subject
(phase two) by adding the Spring Security
Authentication
to the Subject
's principals.
AccessDecisionManager
that uses a
consensus-based approach.AuditLogger
.RemoteInvocation
that is passed from the client to the server.org.springframework.remoting.rmi.RmiProxyFactoryBean
when it
wishes to create a remote invocation.MethodInvocation
for specified methodName
on the passed object,
using the args
to locate the method.
Acl
object in the database.
MethodSecurityEvaluationContext
as the EvaluationContext implementation and
configures it with a MethodSecurityExpressionRoot
instance as the expression root object.
MethodInvocation
for the specified methodName
on the passed class.
MethodInvocation
for specified methodName
on the passed class,
using the args
to locate the method.
acl_class
, creating a new row if needed and the
allowCreate
property is true
.
Authentication
object.
eraseCredentials
method.CredentialsExpiredException
with the specified
message.
CredentialsExpiredException
with the specified
message and root cause.
Permission
that is constructed at runtime from other permissions.AuthenticationProvider
implementation that retrieves user details
from an UserDetailsService
.Object
, make an
access control decision or optionally modify the returned Object
.
AccessDecisionVoter
s and grants access
if any AccessDecisionVoter
voted affirmatively.
AccessDecisionVoter
s and upon
completion determines the consensus of granted against denied responses.
AccessDecisionVoter
s for each ConfigAttribute
and grants access if only grant (or abstain) votes were received.
FilterInvocation
provides the appropriate level of channel
security based on the requested list of ConfigAttributes.
FilterInvocation
provides the appropriate level of channel
security based on the requested list of ConfigAttributes.
Throwable
instances.
servletPath
and
pathInfo
, which do not contain path parameters (as defined in
RFC 2396).PermissionFactory
.HttpServletRequest
.Token
.String
created using
BasePasswordEncoder.mergePasswordAndSalt(String,Object,boolean)
.
Throwable
.
SecurityEnforcementFilter
to commence authentication via the DigestAuthenticationFilter
.SecurityContextHolder
.DisabledException
with the specified message.
DisabledException
with the specified message
and root cause.
Authentication
object.
DefaultSavedRequest
.
requiresAuthentication
method to determine whether the request is for authentication and should be handled by this filter.
AclCache
that delegates to EH-CACHE.User
objects using a Spring IoC defined EHCACHE.Enumeration
around a Java 2 collection Iterator
.java.lang.Object
documentation for the interface contract.
true
if the supplied object is a User
instance with the
same username
value.
credentials
, principal
and details
objects, invoking the
eraseCredentials
method on any which implement CredentialsContainer
.
AccessDeniedException
and AuthenticationException
thrown within the
filter chain.PrePostInvocationAttributeFactory
which interprets the annotation value as
an expression to be evaluated at runtime.Throwable
.
Filter
requests to a list of Spring-managed filter beans.SecurityMetadataSource
implementations
that are designed to perform lookups keyed on FilterInvocation
s.FilterInvocationSecurityMetadataSource
bean for use with a FilterSecurityInterceptor.HttpFirewall
interface.flushBuffer()
getDateHeader()
.
ConfigAttribute
s defined by the implementing class.
SessionRegistry
.
ConfigAttribute
can be represented as a String
and that
String
is sufficient in precision to be relied upon as a configuration parameter by a RunAsManager
, AccessDecisionManager
or AccessDecisionManager
delegate, this method should
return such a String
.
ConfigAttribute
s that apply to a given secure object.
Authentication
request that caused the event.
null
)
AuthenticationManager
to indicate the authorities that the principal has been
granted.
GrantedAuthority
can be represented as a String
and that
String
is sufficient in precision to be relied upon for an access control decision by an AccessDecisionManager
(or delegate), this method should return such a String
.
CasAuthenticationToken
associated with the
specified ticket.
SecurityContext
.
String
String
Class
that generated this event.
SecurityContextHolderStrategy
.
getOutputStream().close()
or
getOutputStream().flush()
String
representing this permission.
credentialsRequestHeader
is set, this
will be read and used as the credentials value.
principalRequestHeader
from the request.
Authentication
object, such as a String or UserDetails
instance
SecurityContextHolder
.
User
to obtain the salt.
ServletRequest
was received on.
HttpSession
id the authentication request was received from.
sessionId
.
UserDetails
from the cache.
Authentication
(which is a subclass of Principal
), or
null
if unavailable.
getWriter().close()
or
getWriter().flush()
Authentication
object.GrantedAuthority
s for a user by reading a list of attributes that were returned as
part of the CAS response.GrantedAuthority
.GrantedAuthority
as a Sid
.RedirectStrategy
with the URL returned by the determineTargetUrl
method.
java.lang.Object
documentation for the interface contract.
username
.
HttpFirewall
bean reference into the FilterChainProxy
.SecurityContextRepository.loadContext(HttpRequestResponseHolder)
,
allowing the method to swap the request for a wrapped version, as well as returning the SecurityContext
value.HttpSessionEventPublisher
when an HttpSession
is created by the containerHttpSessionEventPublisher
when a HttpSession is created in the containerSecurityContextRepository
implementation which stores the security context in the HttpSession
between requests.IdentityUnavailableException
with the specified message.
IdentityUnavailableException
with the specified message
and root cause.
Throwable
s and ThrowableCauseExtractor
s.
LoginModule
.
Resource
interface.HttpServletRequest.isSecure()
responses.InsufficientAuthenticationException
with the
specified message.
InsufficientAuthenticationException
with the
specified message and root cause.
AbstractSecurityInterceptor
subclasses.InvocationTargetException
instances.
MethodInvocation
.
JoinPoint
.
JoinPoint
.
Authentication
token represents an anonymous user.
AbstractSecurityInterceptor
whether it should present the
authentication token to the AuthenticationManager
.
saveContext()
because of this wrapper.
Acl.getParentAcl()
should flow down into the current
Acl.
Authentication
token represents user that has been remembered
(i.e.
renew
parameter should be sent to the CAS login URL and CAS
validation URL.
GrantedAuthority.getAuthority()
.
HttpServletRequest.isUserInRole(String)
) into GrantedAuthority
s and stores these in the authentication
details object.WebAuthenticationDetails
class to be used.
JaasAuthenticationProvider
.AuthenticationProvider
implementation that retrieves user details from a JAAS login configuration.JaasAuthenticationProvider
after successfully logging the user into the LoginContext, handling all callbacks, and calling all
AuthorityGranters.AclService
.MutableAclService
.TokenService
that is compatible with clusters and across machine restarts,
without requiring database persistence.AuthenticationProvider
implementation that authenticates
against an LDAP server.ShaPasswordEncoder
which supports Ldap SHA and SSHA (salted-SHA) encodings.LdapUserSearch
and an LdapAuthoritiesPopulator
.Tag
that allows it's body through if some authorizations
are granted to the request's principal.UserDetails
via the supplied CAS
assertion.
LockedException
with the specified message.
LockedException
with the specified message and
root cause.
Subject
(phase one) by extracting the Spring Security
Authentication
from the current SecurityContext
.
ExceptionTranslationFilter
to commence a form login
authentication via the UsernamePasswordAuthenticationFilter
.Subject
.
LogoutFilter
, to handle redirection or
forwarding to the appropriate destination.FilterInvocation
.
AclService
.String
.
MethodInvocation
instances.MethodInvocation
s usable within Spring Security.SecurityMetadataSource
implementations
that are designed to perform lookups keyed on Method
s.MethodSecurityMetadataSource
, used to exclude a MethodSecurityInterceptor
from
public (non-secure) methods.Acl
instances.NonceExpiredException
with the specified
message.
NonceExpiredException
with the specified
message and root cause.
NotFoundException
with the specified message.
NotFoundException
with the specified message
and root cause.
NullRememberMeServices
that does nothing.StatelessTicketCache
that has no backing cache.ObjectIdentity
from an object identifier (such as a primary key)
and type information.ObjectIdentity
.ObjectIdentityImpl
based on the passed
object instance.
ObjectIdentity
will be returned for a particular domain objectObjectIdentityRetrievalStrategy
and ObjectIdentityGenerator
that uses the constructors of ObjectIdentityImpl
to create the ObjectIdentity
.Filter
instances registered in the map of
filter chains.
PlaintextPasswordEncoder.encodePassword(String, Object)
String
.
defaultFailureUrl
if set, otherwise returns a 401 error code.
handle()
method to forward or redirect to the target URL, and
then calls clearAuthenticationAttributes()
to remove any leftover session data.
AccessDecisionManager
interface.@Secured
annotations.@PreAuthorize
, @PreFilter
,
@PostAuthorize
and @PostFilter
annotations.MethodInvocation
s, such as via Spring AOP.JointPoint
s, delegating secure object callbacks to the calling aspect.SecurityMetadataSource
implementations for securing Java method invocations via different
AOP libraries.@PreAuthorize
, @PreFilter
, @PostAuthorize
and @PostFilter
annotations.AuthenticationProvider
which relies upon a data access object.Authentication
object.AuthenticationProvider
that can process CAS service tickets and proxy tickets.GrantedAuthority
interface.GrantedAuthority
s.org.springframework.security.core.session.SessionInformation
SessionInformation
class.UserCache
.org.springframework.security.core.userdetails.UserDetailsService UserDetailsService
.LdapUserSearch
implementations.UserDetails
implementations which map from a ubset of the data
contained in some of the standard LDAP types (such as InetOrgPerson
).HttpInvoker
extension points to
present the principal
and credentials
located
in the ContextHolder
via BASIC authentication.SecurityContextHolder
(which
should contain an Authentication
request token) from one JVM to the remote JVM.HttpServletRequest
which requires authentication.HttpServletRequestWrapper
.HttpSession
events and publisher classes.LdapAuthenticator
which compares the login
password with the value stored in the directory using a remote LDAP "compare" operation.PasswordPolicyControl
to make use of user account data stored in the directory.Permission
instances from integer masks.RememberMeServices
implementation based on Barry Jaspan's
Improved Persistent Login Cookie
Best Practice.PersistentTokenBasedRememberMeServices
to store the persistent
login tokens for a user.PortMapper
implementations provide callers with information
about which HTTP ports are associated with which HTTPS ports on the system,
and vice versa.PortMapper
that obtains HTTP:HTTPS pairs from the application context.PortResolver
determines the port a web request was received
on.PortResolver
that obtains the port from ServletRequest.getServerPort().PostInvocationAuthorizationAdvice
instance
passing it the PostInvocationAttribute created from @PostAuthorize and @PostFilter annotations.Authentication
implementation for pre-authenticated
authentication.Authentication.getPrincipal()
as a Sid
.Authentication
request through a list of AuthenticationProvider
s.ProviderManager
if no AuthenticationProvider
could be found that supports the
presented Authentication
object.ProviderNotFoundException
with the specified
message.
ProviderNotFoundException
with the specified
message and root cause.
JaasAuthenticationFailedEvent
.
JaasAuthenticationSuccessEvent
.
CasAuthenticationToken
to the cache.
UserDetails
in the cache.
AclService.readAclsById(List)
except it returns only a single Acl.
AclService.readAclsById(List, List)
except it returns only a single Acl.
User
object.sessionId
so its last request time is equal to the present date and time.
ThrowableCauseExtractor
for the specified type.
Permission
for a give class.
Authentication
object in the SecurityContext
, and populates it
with a remember-me authentication token if a RememberMeServices
implementation so requests.AuthenticationProvider
implementation that validates RememberMeAuthenticationToken
s.Authentication
.RemoteAuthenticationManager
cannot validate the presented authentication request.RemoteAuthenticationException
with the
specified message and no root cause.
RemoteAuthenticationManager
to validate an authentication request.sessionId
.
StatelessTicketCache.removeTicketFromCache(String)
.
UrlMatcher.pathMatchesUrl(Object, String)
.