Spring Security 3.2.0.RC1 API

Spring Security Core
org.springframework.security.access Core access-control related code, including security metadata related classes, interception code, access control annotations, EL support and voter-based implementations of the central AccessDecisionManager interface.
org.springframework.security.access.annotation Support for JSR-250 and Spring Security @Secured annotations.
org.springframework.security.access.event Authorization event and listener classes.
org.springframework.security.access.expression Expression handling code to support the use of Spring-EL based expressions in @PreAuthorize, @PreFilter, @PostAuthorize and @PostFilter annotations.
org.springframework.security.access.expression.method Implementation of expression-based method security.
org.springframework.security.access.hierarchicalroles Role hierarchy implementation.
org.springframework.security.access.intercept Abstract level security interception classes which are responsible for enforcing the configured security constraints for a secure object.
org.springframework.security.access.intercept.aopalliance Enforces security for AOP Alliance MethodInvocations, such as via Spring AOP.
org.springframework.security.access.intercept.aspectj Enforces security for AspectJ JointPoints, delegating secure object callbacks to the calling aspect.
org.springframework.security.access.method Provides SecurityMetadataSource implementations for securing Java method invocations via different AOP libraries.
org.springframework.security.access.prepost Contains the infrastructure classes for handling the @PreAuthorize, @PreFilter, @PostAuthorize and @PostFilter annotations.
org.springframework.security.access.vote Implements a vote-based approach to authorization decisions.
org.springframework.security.authentication Core classes and interfaces related to user authentication, which are used throughout Spring Security.
org.springframework.security.authentication.dao An AuthenticationProvider which relies upon a data access object.
org.springframework.security.authentication.encoding Password encoding implementations.
org.springframework.security.authentication.event Authentication success and failure events which can be published to the Spring application context.
org.springframework.security.authentication.jaas An authentication provider for JAAS.
org.springframework.security.authentication.jaas.event JAAS authentication events which can be published to the Spring application context by the JAAS authentication provider.
org.springframework.security.authentication.jaas.memory An in memory JAAS implementation.
org.springframework.security.authentication.rcp Allows remote clients to authenticate and obtain a populated Authentication object.
org.springframework.security.core Core classes and interfaces related to user authentication and authorization, as well as the maintenance of a security context.
org.springframework.security.core.authority The default implementation of the GrantedAuthority interface.
org.springframework.security.core.authority.mapping Strategies for mapping a list of attributes (such as roles or LDAP groups) to a list of GrantedAuthoritys.
org.springframework.security.core.context Classes related to the establishment of a security context for the duration of a request (such as an HTTP or RMI invocation).
org.springframework.security.core.session Session abstraction which is provided by the org.springframework.security.core.session.SessionInformation SessionInformation class.
org.springframework.security.core.token A service for building secure random tokens.
org.springframework.security.core.userdetails The standard interfaces for implementing user data DAOs.
org.springframework.security.core.userdetails.cache Implementations of UserCache.
org.springframework.security.core.userdetails.jdbc Exposes a JDBC-based authentication repository, implementing org.springframework.security.core.userdetails.UserDetailsService UserDetailsService.
org.springframework.security.core.userdetails.memory Exposes an in-memory authentication repository.
org.springframework.security.provisioning Contains simple user and authority group account provisioning interfaces together with a a JDBC-based implementation.
org.springframework.security.remoting.dns DNS resolution.
org.springframework.security.remoting.httpinvoker Enables use of Spring's HttpInvoker extension points to present the principal and credentials located in the ContextHolder via BASIC authentication.
org.springframework.security.remoting.rmi Enables use of Spring's RMI remoting extension points to propagate the SecurityContextHolder (which should contain an Authentication request token) from one JVM to the remote JVM.
org.springframework.security.util General utility classes used throughout the Spring Security framework.

 

Spring Security Web
org.springframework.security.web Spring Security's web security module.
org.springframework.security.web.access Access-control related classes and packages.
org.springframework.security.web.access.channel Classes that ensure web requests are received over required transport channels.
org.springframework.security.web.access.expression Implementation of web security expressions.
org.springframework.security.web.access.intercept Enforcement of security for HTTP requests, typically by the URL requested.
org.springframework.security.web.authentication Authentication processing mechanisms, which respond to the submission of authentication credentials using various protocols (eg BASIC, CAS, form login etc).
org.springframework.security.web.authentication.logout Logout functionality based around a filter which handles a specific logout URL.
org.springframework.security.web.authentication.preauth Support for "pre-authenticated" scenarios, where Spring Security assumes the incoming request has already been authenticated by some externally configured system.
org.springframework.security.web.authentication.preauth.j2ee Pre-authentication support for container-authenticated requests.
org.springframework.security.web.authentication.preauth.websphere Websphere-specific pre-authentication classes.
org.springframework.security.web.authentication.preauth.x509 X.509 client certificate authentication support.
org.springframework.security.web.authentication.rememberme Support for remembering a user between different web sessions.
org.springframework.security.web.authentication.session Strategy interface and implementations for handling session-related behaviour for a newly authenticated user.
org.springframework.security.web.authentication.switchuser Provides HTTP-based "switch user" (su) capabilities.
org.springframework.security.web.authentication.ui Authentication user-interface rendering code.
org.springframework.security.web.authentication.www WWW-Authenticate based authentication mechanism implementations: Basic and Digest authentication.
org.springframework.security.web.context Classes which are responsible for maintaining the security context between HTTP requests.
org.springframework.security.web.context.request.async  
org.springframework.security.web.csrf  
org.springframework.security.web.firewall  
org.springframework.security.web.header  
org.springframework.security.web.header.writers  
org.springframework.security.web.header.writers.frameoptions  
org.springframework.security.web.jaasapi Makes a JAAS Subject available as the current Subject.
org.springframework.security.web.savedrequest Classes related to the caching of an HttpServletRequest which requires authentication.
org.springframework.security.web.servlet.support.csrf  
org.springframework.security.web.servletapi Populates a Servlet request with a new Spring Security compliant HttpServletRequestWrapper.
org.springframework.security.web.session Session management filters, HttpSession events and publisher classes.
org.springframework.security.web.util Web utility classes.

 

Spring Security LDAP
org.springframework.security.ldap Spring Security's LDAP module.
org.springframework.security.ldap.authentication The LDAP authentication provider package.
org.springframework.security.ldap.authentication.ad  
org.springframework.security.ldap.ppolicy Implementation of password policy functionality based on the Password Policy for LDAP Directories.
org.springframework.security.ldap.search LdapUserSearch implementations.
org.springframework.security.ldap.server Embedded Apache Directory Server implementation, as used by the configuration namespace.
org.springframework.security.ldap.userdetails LDAP-focused UserDetails implementations which map from a ubset of the data contained in some of the standard LDAP types (such as InetOrgPerson).

 

Spring Security Crypto
org.springframework.security.crypto.bcrypt  
org.springframework.security.crypto.codec Internal codec classes.
org.springframework.security.crypto.encrypt  
org.springframework.security.crypto.keygen  
org.springframework.security.crypto.password  
org.springframework.security.crypto.util  

 

Spring Security OpenID
org.springframework.security.openid Authenticates standard web browser users via OpenID.

 

Spring Security CAS
org.springframework.security.cas Spring Security support for Jasig's Central Authentication Service (CAS).
org.springframework.security.cas.authentication An AuthenticationProvider that can process CAS service tickets and proxy tickets.
org.springframework.security.cas.userdetails  
org.springframework.security.cas.web Authenticates standard web browser users via CAS.
org.springframework.security.cas.web.authentication Authentication processing mechanisms which respond to the submission of authentication credentials using CAS.

 

Spring Security ACL
org.springframework.security.acls The Spring Security ACL package which implements instance-based security for domain objects.
org.springframework.security.acls.afterinvocation After-invocation providers for collection and array filtering.
org.springframework.security.acls.domain Basic implementation of access control lists (ACLs) interfaces.
org.springframework.security.acls.jdbc JDBC-based persistence of ACL information
org.springframework.security.acls.model Interfaces and shared classes to manage access control lists (ACLs) for domain object instances.

 

Spring Security Config
org.springframework.security.config Support classes for the Spring Security namespace.
org.springframework.security.config.annotation  
org.springframework.security.config.annotation.authentication  
org.springframework.security.config.annotation.authentication.builders  
org.springframework.security.config.annotation.authentication.configuration  
org.springframework.security.config.annotation.authentication.configurers.ldap  
org.springframework.security.config.annotation.authentication.configurers.provisioning  
org.springframework.security.config.annotation.authentication.configurers.userdetails  
org.springframework.security.config.annotation.configuration  
org.springframework.security.config.annotation.method.configuration  
org.springframework.security.config.annotation.web  
org.springframework.security.config.annotation.web.builders  
org.springframework.security.config.annotation.web.configuration  
org.springframework.security.config.annotation.web.configurers  
org.springframework.security.config.annotation.web.configurers.openid  
org.springframework.security.config.authentication Parsing of <authentication-manager> and related elements.
org.springframework.security.config.debug  
org.springframework.security.config.http Parsing of the <http> namespace element.
org.springframework.security.config.ldap Security namespace support for LDAP authentication.
org.springframework.security.config.method Support for parsing of the <global-method-security> and <intercept-methods> elements.

 

Spring Security Taglibs
org.springframework.security.taglibs Security related tag libraries that can be used in JSPs and templates.
org.springframework.security.taglibs.authz JSP Security tag library implementation.
org.springframework.security.taglibs.velocity  

 

Other Packages
org.springframework.security.concurrent  
org.springframework.security.scheduling  
org.springframework.security.task