A B C D E F G H I J K L M N O P Q R S T U V W X 

A

abort() - Method in class org.springframework.security.authentication.jaas.SecurityContextLoginModule
Abort the authentication process by forgetting the Spring Security Authentication.
AbstractAccessDecisionManager - Class in org.springframework.security.access.vote
Abstract implementation of AccessDecisionManager.
AbstractAccessDecisionManager(List<AccessDecisionVoter<? extends Object>>) - Constructor for class org.springframework.security.access.vote.AbstractAccessDecisionManager
 
AbstractAclProvider - Class in org.springframework.security.acls.afterinvocation
Abstract AfterInvocationProvider which provides commonly-used ACL-related services.
AbstractAclProvider(AclService, String, List<Permission>) - Constructor for class org.springframework.security.acls.afterinvocation.AbstractAclProvider
 
AbstractAclVoter - Class in org.springframework.security.access.vote
Provides helper methods for writing domain object ACL voters.
AbstractAclVoter() - Constructor for class org.springframework.security.access.vote.AbstractAclVoter
 
AbstractAuthenticationEvent - Class in org.springframework.security.authentication.event
Represents an application authentication event.
AbstractAuthenticationEvent(Authentication) - Constructor for class org.springframework.security.authentication.event.AbstractAuthenticationEvent
 
AbstractAuthenticationFailureEvent - Class in org.springframework.security.authentication.event
Abstract application event which indicates authentication failure for some reason.
AbstractAuthenticationFailureEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AbstractAuthenticationFailureEvent
 
AbstractAuthenticationFilterConfigurer<B extends HttpSecurityBuilder<B>,T extends AbstractAuthenticationFilterConfigurer<B,T,F>,F extends AbstractAuthenticationProcessingFilter> - Class in org.springframework.security.config.annotation.web.configurers
Base class for confuring AbstractAuthenticationFilterConfigurer.
AbstractAuthenticationFilterConfigurer(F, String) - Constructor for class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Creates a new instance
AbstractAuthenticationProcessingFilter - Class in org.springframework.security.web.authentication
Abstract processor of browser-based HTTP-based authentication requests.
AbstractAuthenticationProcessingFilter(String) - Constructor for class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
 
AbstractAuthenticationProcessingFilter(RequestMatcher) - Constructor for class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
Creates a new instance
AbstractAuthenticationTargetUrlRequestHandler - Class in org.springframework.security.web.authentication
Base class containing the logic used by strategies which handle redirection to a URL and are passed an Authentication object as part of the contract.
AbstractAuthenticationTargetUrlRequestHandler() - Constructor for class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
 
AbstractAuthenticationToken - Class in org.springframework.security.authentication
Base class for Authentication objects.
AbstractAuthenticationToken(Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.authentication.AbstractAuthenticationToken
Creates a token with the supplied array of authorities.
AbstractAuthorizationEvent - Class in org.springframework.security.access.event
Abstract superclass for all security interception related events.
AbstractAuthorizationEvent(Object) - Constructor for class org.springframework.security.access.event.AbstractAuthorizationEvent
Construct the event, passing in the secure object being intercepted.
AbstractAuthorizeTag - Class in org.springframework.security.taglibs.authz
A base class for an <authorize> tag that is independent of the tag rendering technology (JSP, Facelets).
AbstractAuthorizeTag() - Constructor for class org.springframework.security.taglibs.authz.AbstractAuthorizeTag
 
AbstractCasAssertionUserDetailsService - Class in org.springframework.security.cas.userdetails
Abstract class for using the provided CAS assertion to construct a new User object.
AbstractCasAssertionUserDetailsService() - Constructor for class org.springframework.security.cas.userdetails.AbstractCasAssertionUserDetailsService
 
AbstractConfigAttributeRequestMatcherRegistry<C> - Class in org.springframework.security.config.annotation.web.configurers
A base class for registering RequestMatcher's.
AbstractConfigAttributeRequestMatcherRegistry() - Constructor for class org.springframework.security.config.annotation.web.configurers.AbstractConfigAttributeRequestMatcherRegistry
 
AbstractConfiguredSecurityBuilder<O,B extends SecurityBuilder<O>> - Class in org.springframework.security.config.annotation
A base SecurityBuilder that allows SecurityConfigurer to be applied to it.
AbstractConfiguredSecurityBuilder(ObjectPostProcessor<Object>) - Constructor for class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Creates a new instance with the provided ObjectPostProcessor.
AbstractConfiguredSecurityBuilder(ObjectPostProcessor<Object>, boolean) - Constructor for class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Creates a new instance with the provided ObjectPostProcessor.
AbstractFallbackMethodSecurityMetadataSource - Class in org.springframework.security.access.method
Abstract implementation of MethodSecurityMetadataSource that supports both Spring AOP and AspectJ and performs attribute resolution from: 1.
AbstractFallbackMethodSecurityMetadataSource() - Constructor for class org.springframework.security.access.method.AbstractFallbackMethodSecurityMetadataSource
 
AbstractJaasAuthenticationProvider - Class in org.springframework.security.authentication.jaas
An AuthenticationProvider implementation that retrieves user details from a JAAS login configuration.
AbstractJaasAuthenticationProvider() - Constructor for class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
 
AbstractLdapAuthenticationProvider - Class in org.springframework.security.ldap.authentication
Base class for the standard LdapAuthenticationProvider and the ActiveDirectoryLdapAuthenticationProvider.
AbstractLdapAuthenticationProvider() - Constructor for class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
 
AbstractLdapAuthenticator - Class in org.springframework.security.ldap.authentication
Base class for the authenticator implementations.
AbstractLdapAuthenticator(ContextSource) - Constructor for class org.springframework.security.ldap.authentication.AbstractLdapAuthenticator
Create an initialized instance with the ContextSource provided.
AbstractMethodSecurityMetadataSource - Class in org.springframework.security.access.method
Abstract implementation of MethodSecurityMetadataSource which resolves the secured object type to a MethodInvocation.
AbstractMethodSecurityMetadataSource() - Constructor for class org.springframework.security.access.method.AbstractMethodSecurityMetadataSource
 
AbstractPermission - Class in org.springframework.security.acls.domain
Provides an abstract superclass for Permission implementations.
AbstractPermission(int) - Constructor for class org.springframework.security.acls.domain.AbstractPermission
Sets the permission mask and uses the '*' character to represent active bits when represented as a bit pattern string.
AbstractPermission(int, char) - Constructor for class org.springframework.security.acls.domain.AbstractPermission
Sets the permission mask and uses the specified character for active bits.
AbstractPreAuthenticatedProcessingFilter - Class in org.springframework.security.web.authentication.preauth
Base class for processing filters that handle pre-authenticated authentication requests, where it is assumed that the principal has already been authenticated by an external system.
AbstractPreAuthenticatedProcessingFilter() - Constructor for class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
 
AbstractRememberMeServices - Class in org.springframework.security.web.authentication.rememberme
Base class for RememberMeServices implementations.
AbstractRememberMeServices(String, UserDetailsService) - Constructor for class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
 
AbstractRequestMatcherRegistry<C> - Class in org.springframework.security.config.annotation.web
A base class for registering RequestMatcher's.
AbstractRequestMatcherRegistry() - Constructor for class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
 
AbstractRetryEntryPoint - Class in org.springframework.security.web.access.channel
 
AbstractRetryEntryPoint(String, int) - Constructor for class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
 
AbstractSecurityBuilder<O> - Class in org.springframework.security.config.annotation
A base SecurityBuilder that ensures the object being built is only built one time.
AbstractSecurityBuilder() - Constructor for class org.springframework.security.config.annotation.AbstractSecurityBuilder
 
AbstractSecurityExpressionHandler<T> - Class in org.springframework.security.access.expression
Base implementation of the facade which isolates Spring Security's requirements for evaluating security expressions from the implementation of the underlying expression objects.
AbstractSecurityExpressionHandler() - Constructor for class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
 
AbstractSecurityInterceptor - Class in org.springframework.security.access.intercept
Abstract class that implements security interception for secure objects.
AbstractSecurityInterceptor() - Constructor for class org.springframework.security.access.intercept.AbstractSecurityInterceptor
 
AbstractSecurityWebApplicationInitializer - Class in org.springframework.security.web.context
Registers the DelegatingFilterProxy to use the springSecurityFilterChain before any other registered Filter.
AbstractSecurityWebApplicationInitializer() - Constructor for class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
Creates a new instance that assumes the Spring Security configuration is loaded by some other means than this class.
AbstractSecurityWebApplicationInitializer(Class<?>...) - Constructor for class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
Creates a new instance that will instantiate the ContextLoaderListener with the specified classes.
AbstractSecurityWebSocketMessageBrokerConfigurer - Class in org.springframework.security.config.annotation.web.socket
Allows configuring WebSocket Authorization.
AbstractSecurityWebSocketMessageBrokerConfigurer() - Constructor for class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
 
AbstractUserDetailsAuthenticationProvider - Class in org.springframework.security.authentication.dao
A base AuthenticationProvider that allows subclasses to override and work with UserDetails objects.
AbstractUserDetailsAuthenticationProvider() - Constructor for class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
 
AbstractUserDetailsServiceBeanDefinitionParser - Class in org.springframework.security.config.authentication
 
AbstractUserDetailsServiceBeanDefinitionParser() - Constructor for class org.springframework.security.config.authentication.AbstractUserDetailsServiceBeanDefinitionParser
 
access(String) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
Allows specifying that URLs are secured by an arbitrary expression
access(String...) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.AuthorizedUrl
Specifies that the user must have the specified ConfigAttribute's
access(String) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
Allows specifying that Messages are secured by an arbitrary expression
ACCESS_ABSTAIN - Static variable in interface org.springframework.security.access.AccessDecisionVoter
 
ACCESS_DENIED - Static variable in interface org.springframework.security.access.AccessDecisionVoter
 
ACCESS_DENIED_403 - Static variable in class org.springframework.security.web.WebAttributes
Used to cache an AccessDeniedException in the request for rendering.
ACCESS_DENIED_HANDLER - Static variable in class org.springframework.security.config.Elements
 
ACCESS_GRANTED - Static variable in interface org.springframework.security.access.AccessDecisionVoter
 
AccessControlEntry - Interface in org.springframework.security.acls.model
Represents an individual permission assignment within an Acl.
AccessControlEntryImpl - Class in org.springframework.security.acls.domain
An immutable default implementation of AccessControlEntry.
AccessControlEntryImpl(Serializable, Acl, Sid, Permission, boolean, boolean, boolean) - Constructor for class org.springframework.security.acls.domain.AccessControlEntryImpl
 
AccessControlListTag - Class in org.springframework.security.taglibs.authz
An implementation of Tag that allows its body through if all authorizations are granted to the request's principal.
AccessControlListTag() - Constructor for class org.springframework.security.taglibs.authz.AccessControlListTag
 
AccessDecisionManager - Interface in org.springframework.security.access
Makes a final access control (authorization) decision.
accessDecisionManager() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
Allows subclasses to provide a custom AccessDecisionManager.
AccessDecisionVoter<S> - Interface in org.springframework.security.access
Indicates a class is responsible for voting on authorization decisions.
AccessDeniedException - Exception in org.springframework.security.access
Thrown if an Authentication object does not hold a required authority.
AccessDeniedException(String) - Constructor for exception org.springframework.security.access.AccessDeniedException
Constructs an AccessDeniedException with the specified message.
AccessDeniedException(String, Throwable) - Constructor for exception org.springframework.security.access.AccessDeniedException
Constructs an AccessDeniedException with the specified message and root cause.
accessDeniedHandler(AccessDeniedHandler) - Method in class org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer
Specifies the AccessDeniedHandler to be used
AccessDeniedHandler - Interface in org.springframework.security.web.access
Used by ExceptionTranslationFilter to handle an AccessDeniedException.
AccessDeniedHandlerImpl - Class in org.springframework.security.web.access
Base implementation of AccessDeniedHandler.
AccessDeniedHandlerImpl() - Constructor for class org.springframework.security.web.access.AccessDeniedHandlerImpl
 
accessDeniedPage(String) - Method in class org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer
Shortcut to specify the AccessDeniedHandler to be used is a specific error page
accountExpired(boolean) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
Defines if the account is expired or not.
AccountExpiredException - Exception in org.springframework.security.authentication
Thrown if an authentication request is rejected because the account has expired.
AccountExpiredException(String) - Constructor for exception org.springframework.security.authentication.AccountExpiredException
Constructs a AccountExpiredException with the specified message.
AccountExpiredException(String, Throwable) - Constructor for exception org.springframework.security.authentication.AccountExpiredException
Constructs a AccountExpiredException with the specified message and root cause.
accountLocked(boolean) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
Defines if the account is locked or not.
AccountStatusException - Exception in org.springframework.security.authentication
Base class for authentication exceptions which are caused by a particular user account status (locked, disabled etc).
AccountStatusException(String) - Constructor for exception org.springframework.security.authentication.AccountStatusException
 
AccountStatusException(String, Throwable) - Constructor for exception org.springframework.security.authentication.AccountStatusException
 
AccountStatusUserDetailsChecker - Class in org.springframework.security.authentication
 
AccountStatusUserDetailsChecker() - Constructor for class org.springframework.security.authentication.AccountStatusUserDetailsChecker
 
Acl - Interface in org.springframework.security.acls.model
Represents an access control list (ACL) for a domain object.
AclAuthorizationStrategy - Interface in org.springframework.security.acls.domain
Strategy used by AclImpl to determine whether a principal is permitted to call adminstrative methods on the AclImpl.
AclAuthorizationStrategyImpl - Class in org.springframework.security.acls.domain
Default implementation of AclAuthorizationStrategy.
AclAuthorizationStrategyImpl(GrantedAuthority...) - Constructor for class org.springframework.security.acls.domain.AclAuthorizationStrategyImpl
Constructor.
AclCache - Interface in org.springframework.security.acls.model
A caching layer for JdbcAclService.
AclDataAccessException - Exception in org.springframework.security.acls.model
Abstract base class for Acl data operations.
AclDataAccessException(String, Throwable) - Constructor for exception org.springframework.security.acls.model.AclDataAccessException
Constructs an AclDataAccessException with the specified message and root cause.
AclDataAccessException(String) - Constructor for exception org.springframework.security.acls.model.AclDataAccessException
Constructs an AclDataAccessException with the specified message and no root cause.
AclEntryAfterInvocationCollectionFilteringProvider - Class in org.springframework.security.acls.afterinvocation
Given a Collection of domain object instances returned from a secure object invocation, remove any Collection elements the principal does not have appropriate permission to access as defined by the AclService.
AclEntryAfterInvocationCollectionFilteringProvider(AclService, List<Permission>) - Constructor for class org.springframework.security.acls.afterinvocation.AclEntryAfterInvocationCollectionFilteringProvider
 
AclEntryAfterInvocationProvider - Class in org.springframework.security.acls.afterinvocation
Given a domain object instance returned from a secure object invocation, ensures the principal has appropriate permission as defined by the AclService.
AclEntryAfterInvocationProvider(AclService, List<Permission>) - Constructor for class org.springframework.security.acls.afterinvocation.AclEntryAfterInvocationProvider
 
AclEntryAfterInvocationProvider(AclService, String, List<Permission>) - Constructor for class org.springframework.security.acls.afterinvocation.AclEntryAfterInvocationProvider
 
AclEntryVoter - Class in org.springframework.security.acls
Given a domain object instance passed as a method argument, ensures the principal has appropriate permission as indicated by the AclService.
AclEntryVoter(AclService, String, Permission[]) - Constructor for class org.springframework.security.acls.AclEntryVoter
 
AclFormattingUtils - Class in org.springframework.security.acls.domain
Utility methods for displaying ACL information.
AclFormattingUtils() - Constructor for class org.springframework.security.acls.domain.AclFormattingUtils
 
AclImpl - Class in org.springframework.security.acls.domain
Base implementation of Acl.
AclImpl(ObjectIdentity, Serializable, AclAuthorizationStrategy, AuditLogger) - Constructor for class org.springframework.security.acls.domain.AclImpl
Minimal constructor, which should be used MutableAclService.createAcl(ObjectIdentity) .
AclImpl(ObjectIdentity, Serializable, AclAuthorizationStrategy, PermissionGrantingStrategy, Acl, List<Sid>, boolean, Sid) - Constructor for class org.springframework.security.acls.domain.AclImpl
Full constructor, which should be used by persistence tools that do not provide field-level access features.
AclPermissionCacheOptimizer - Class in org.springframework.security.acls
Batch loads ACLs for collections of objects to allow optimised filtering.
AclPermissionCacheOptimizer(AclService) - Constructor for class org.springframework.security.acls.AclPermissionCacheOptimizer
 
AclPermissionEvaluator - Class in org.springframework.security.acls
Used by Spring Security's expression-based access control implementation to evaluate permissions for a particular object using the ACL module.
AclPermissionEvaluator(AclService) - Constructor for class org.springframework.security.acls.AclPermissionEvaluator
 
aclService - Variable in class org.springframework.security.acls.afterinvocation.AbstractAclProvider
 
AclService - Interface in org.springframework.security.acls.model
Provides retrieval of Acl instances.
ActiveDirectoryAuthenticationException - Exception in org.springframework.security.ldap.authentication.ad
Thrown as a translation of an AuthenticationException when attempting to authenticate against Active Directory using ActiveDirectoryLdapAuthenticationProvider.
ActiveDirectoryLdapAuthenticationProvider - Class in org.springframework.security.ldap.authentication.ad
Specialized LDAP authentication provider which uses Active Directory configuration conventions.
ActiveDirectoryLdapAuthenticationProvider(String, String, String) - Constructor for class org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider
 
ActiveDirectoryLdapAuthenticationProvider(String, String) - Constructor for class org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider
 
addArgumentResolvers(List<HandlerMethodArgumentResolver>) - Method in class org.springframework.security.config.annotation.web.servlet.configuration.WebMvcSecurityConfiguration
Deprecated.
 
addArgumentResolvers(List<HandlerMethodArgumentResolver>) - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
 
addAuthorities(DistinguishedName, Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
 
addAuthority(GrantedAuthority) - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
 
addAuthority(GrantedAuthority) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
Adds the authority to the list, unless it is already there, in which case it is ignored
addCn(String) - Method in class org.springframework.security.ldap.userdetails.Person.Essence
 
addCustomAuthorities(String, List<GrantedAuthority>) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
Allows subclasses to add their own granted authorities to the list to be returned in the UserDetails.
addFilter(Filter) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
 
addFilter(Filter) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder
Adds a Filter that must be an instance of or extend one of the Filters provided within the Security framework.
addFilterAfter(Filter, Class<? extends Filter>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
 
addFilterAfter(Filter, Class<? extends Filter>) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder
Allows adding a Filter after one of the known Filter classes.
addFilterBefore(Filter, Class<? extends Filter>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
 
addFilterBefore(Filter, Class<? extends Filter>) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder
Allows adding a Filter before one of the known Filter classes.
addGroupAuthority(String, GrantedAuthority) - Method in interface org.springframework.security.provisioning.GroupManager
Assigns a new authority to a group.
addGroupAuthority(String, GrantedAuthority) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
addHeaderWriter(HeaderWriter) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
Adds a HeaderWriter instance
additionalAuthenticationChecks(UserDetails, UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
Allows subclasses to perform any additional checks of a returned (or cached) UserDetails for a given authentication request.
additionalAuthenticationChecks(UserDetails, UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
 
addListener(SmartApplicationListener) - Method in class org.springframework.security.context.DelegatingApplicationListener
Adds a new SmartApplicationListener to use.
addLogoutHandler(LogoutHandler) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
addObjectPostProcessor(ObjectPostProcessor<?>) - Method in class org.springframework.security.config.annotation.SecurityConfigurerAdapter
Adds an ObjectPostProcessor to be used for this SecurityConfigurerAdapter.
addSecureMethod(Class<?>, String, List<ConfigAttribute>) - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
Add configuration attributes for a secure method.
addSecureMethod(Class<?>, Method, List<ConfigAttribute>) - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
Adds configuration attributes for a specific method, for example where the method has been matched using a pointcut expression.
addSecurityFilterChainBuilder(SecurityBuilder<? extends SecurityFilterChain>) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
Adds builders to create SecurityFilterChain instances.
addUserToGroup(String, String) - Method in interface org.springframework.security.provisioning.GroupManager
Makes a user a member of a particular group.
addUserToGroup(String, String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
admin - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
 
ADMINISTRATION - Static variable in class org.springframework.security.acls.domain.BasePermission
 
AffirmativeBased - Class in org.springframework.security.access.vote
Simple concrete implementation of AccessDecisionManager that grants access if any AccessDecisionVoter returns an affirmative response.
AffirmativeBased(List<AccessDecisionVoter<? extends Object>>) - Constructor for class org.springframework.security.access.vote.AffirmativeBased
 
after(Authentication, MethodInvocation, PostInvocationAttribute, Object) - Method in class org.springframework.security.access.expression.method.ExpressionBasedPostInvocationAdvice
 
after(Authentication, MethodInvocation, PostInvocationAttribute, Object) - Method in interface org.springframework.security.access.prepost.PostInvocationAuthorizationAdvice
 
AFTER_INVOCATION_PROVIDER - Static variable in class org.springframework.security.config.Elements
 
afterHandshake(ServerHttpRequest, ServerHttpResponse, WebSocketHandler, Exception) - Method in class org.springframework.security.messaging.web.socket.server.CsrfTokenHandshakeInterceptor
 
afterInvocation(InterceptorStatusToken, Object) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
Completes the work of the AbstractSecurityInterceptor after the secure object invocation has been completed.
AfterInvocationManager - Interface in org.springframework.security.access.intercept
Reviews the Object returned from a secure object invocation, being able to modify the Object or throw an AccessDeniedException.
afterInvocationManager() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
AfterInvocationProvider - Interface in org.springframework.security.access
Indicates a class is responsible for participating in an AfterInvocationProviderManager decision.
AfterInvocationProviderManager - Class in org.springframework.security.access.intercept
Provider-based implementation of AfterInvocationManager.
AfterInvocationProviderManager() - Constructor for class org.springframework.security.access.intercept.AfterInvocationProviderManager
 
afterMessageHandled(Message<?>, MessageChannel, MessageHandler, Exception) - Method in class org.springframework.security.messaging.context.SecurityContextChannelInterceptor
 
afterPropertiesSet() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
 
afterPropertiesSet() - Method in class org.springframework.security.access.intercept.AfterInvocationProviderManager
 
afterPropertiesSet() - Method in class org.springframework.security.access.intercept.MethodInvocationPrivilegeEvaluator
 
afterPropertiesSet() - Method in class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider
 
afterPropertiesSet() - Method in class org.springframework.security.access.intercept.RunAsManagerImpl
 
afterPropertiesSet() - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager
 
afterPropertiesSet() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
 
afterPropertiesSet() - Method in class org.springframework.security.authentication.dao.ReflectionSaltSource
 
afterPropertiesSet() - Method in class org.springframework.security.authentication.dao.SystemWideSaltSource
 
afterPropertiesSet() - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
Validates the required properties are set.
afterPropertiesSet() - Method in class org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider
 
afterPropertiesSet() - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
 
afterPropertiesSet() - Method in class org.springframework.security.authentication.ProviderManager
 
afterPropertiesSet() - Method in class org.springframework.security.authentication.rcp.RemoteAuthenticationManagerImpl
 
afterPropertiesSet() - Method in class org.springframework.security.authentication.rcp.RemoteAuthenticationProvider
 
afterPropertiesSet() - Method in class org.springframework.security.authentication.RememberMeAuthenticationProvider
 
afterPropertiesSet() - Method in class org.springframework.security.cas.authentication.CasAuthenticationProvider
 
afterPropertiesSet() - Method in class org.springframework.security.cas.authentication.EhCacheBasedTicketCache
 
afterPropertiesSet() - Method in class org.springframework.security.cas.ServiceProperties
 
afterPropertiesSet() - Method in class org.springframework.security.cas.web.CasAuthenticationEntryPoint
 
afterPropertiesSet() - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
 
afterPropertiesSet() - Method in class org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper
Check whether all properties have been set to correct values.
afterPropertiesSet() - Method in class org.springframework.security.core.authority.mapping.SimpleAuthorityMapper
 
afterPropertiesSet() - Method in class org.springframework.security.core.token.KeyBasedPersistenceTokenService
 
afterPropertiesSet() - Method in class org.springframework.security.core.userdetails.cache.EhCacheBasedUserCache
 
afterPropertiesSet() - Method in class org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper
Check whether all required properties have been set.
afterPropertiesSet() - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticator
 
afterPropertiesSet() - Method in class org.springframework.security.ldap.server.ApacheDSContainer
 
afterPropertiesSet() - Method in class org.springframework.security.openid.OpenIDAuthenticationFilter
 
afterPropertiesSet() - Method in class org.springframework.security.openid.OpenIDAuthenticationProvider
 
afterPropertiesSet() - Method in class org.springframework.security.web.access.channel.ChannelDecisionManagerImpl
 
afterPropertiesSet() - Method in class org.springframework.security.web.access.channel.ChannelProcessingFilter
 
afterPropertiesSet() - Method in class org.springframework.security.web.access.channel.InsecureChannelProcessor
 
afterPropertiesSet() - Method in class org.springframework.security.web.access.channel.SecureChannelProcessor
 
afterPropertiesSet() - Method in class org.springframework.security.web.access.ExceptionTranslationFilter
 
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
 
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.AnonymousAuthenticationFilter
 
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint
 
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
 
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
Check whether all required properties have been set.
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource
Check that all required properties have been set.
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.preauth.j2ee.WebXmlMappableAttributesRetriever
Loads the web.xml file using the configured ResourceLoader and parses the role-name elements from it, using these as the set of mappableAttributes.
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider
Check whether all required properties have been set.
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
 
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter
 
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
 
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint
 
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
 
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
 
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
 
afterPropertiesSet() - Method in class org.springframework.security.web.FilterChainProxy
 
afterPropertiesSet() - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter
 
afterPropertiesSet() - Method in class org.springframework.security.web.session.ConcurrentSessionFilter
 
afterReceiveCompletion(Message<?>, MessageChannel, Exception) - Method in class org.springframework.security.messaging.access.intercept.ChannelSecurityInterceptor
 
afterSendCompletion(Message<?>, MessageChannel, boolean, Exception) - Method in class org.springframework.security.messaging.access.intercept.ChannelSecurityInterceptor
 
afterSendCompletion(Message<?>, MessageChannel, boolean, Exception) - Method in class org.springframework.security.messaging.context.SecurityContextChannelInterceptor
 
afterSingletonsInstantiated() - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
 
afterSpringSecurityFilterChain(ServletContext) - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
Invoked after the springSecurityFilterChain is added.
afterTestMethod(TestContext) - Method in class org.springframework.security.test.context.support.WithSecurityContextTestExecutionListener
Clears out the TestSecurityContextHolder and the SecurityContextHolder after each test method.
allocateToken(String) - Method in class org.springframework.security.core.token.KeyBasedPersistenceTokenService
 
allocateToken(String) - Method in interface org.springframework.security.core.token.TokenService
Forces the allocation of a new Token.
allowableSessionsExceeded(List<SessionInformation>, int, SessionRegistry) - Method in class org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy
Allows subclasses to customise behaviour when too many sessions are detected.
allowed(String) - Method in class org.springframework.security.web.header.writers.frameoptions.RegExpAllowFromStrategy
 
allowed(String) - Method in class org.springframework.security.web.header.writers.frameoptions.WhiteListedAllowFromStrategy
 
AllowFromStrategy - Interface in org.springframework.security.web.header.writers.frameoptions
Strategy interfaces used by the FrameOptionsHeaderWriter to determine the actual value to use for the X-Frame-Options header when using the ALLOW-FROM directive.
AlreadyBuiltException - Exception in org.springframework.security.config.annotation
Thrown when AbstractSecurityBuilder.build() is two or more times.
AlreadyBuiltException(String) - Constructor for exception org.springframework.security.config.annotation.AlreadyBuiltException
 
AlreadyExistsException - Exception in org.springframework.security.acls.model
Thrown if an Acl entry already exists for the object.
AlreadyExistsException(String) - Constructor for exception org.springframework.security.acls.model.AlreadyExistsException
Constructs an AlreadyExistsException with the specified message.
AlreadyExistsException(String, Throwable) - Constructor for exception org.springframework.security.acls.model.AlreadyExistsException
Constructs an AlreadyExistsException with the specified message and root cause.
and() - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.ContextSourceBuilder
Gets the LdapAuthenticationProviderConfigurer for further customizations
and() - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.PasswordCompareConfigurer
Allows obtaining a reference to the LdapAuthenticationProviderConfigurer for further customizations
and() - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
Returns the UserDetailsManagerRegistry for method chaining (i.e.
and() - Method in class org.springframework.security.config.annotation.SecurityConfigurerAdapter
Return the SecurityBuilder when done using the SecurityConfigurer.
and() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity.RequestMatcherConfigurer
Return the HttpSecurity for further customizations
and() - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity.IgnoredRequestConfigurer
Returns the WebSecurity to be returned for chaining.
and() - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.ChannelRequestMatcherRegistry
Return the SecurityBuilder when done using the SecurityConfigurer.
and() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry
 
and() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.CacheControlConfig
Allows completing configuration of Strict Transport Security and continuing configuration of headers.
and() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.ContentTypeOptionsConfig
Allows customizing the HeadersConfigurer
and() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.FrameOptionsConfig
Allows continuing customizing the headers configuration.
and() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.HstsConfig
Allows completing configuration of Strict Transport Security and continuing configuration of headers.
and() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.XXssConfig
Allows completing configuration of Strict Transport Security and continuing configuration of headers.
and() - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer.AttributeExchangeConfigurer
Get the OpenIDLoginConfigurer to customize the OpenID configuration further
and() - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer.AttributeExchangeConfigurer.AttributeConfigurer
Gets the OpenIDLoginConfigurer.AttributeExchangeConfigurer for further customization of the attributes
and() - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.ConcurrencyControlConfigurer
Used to chain back to the SessionManagementConfigurer
and() - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.StandardInterceptUrlRegistry
 
AndMessageMatcher<T> - Class in org.springframework.security.messaging.util.matcher
MessageMatcher that will return true if all of the passed in MessageMatcher instances match.
AndMessageMatcher(List<MessageMatcher<T>>) - Constructor for class org.springframework.security.messaging.util.matcher.AndMessageMatcher
Creates a new instance
AndMessageMatcher(MessageMatcher<T>...) - Constructor for class org.springframework.security.messaging.util.matcher.AndMessageMatcher
Creates a new instance
AndRequestMatcher - Class in org.springframework.security.web.util.matcher
RequestMatcher that will return true if all of the passed in RequestMatcher instances match.
AndRequestMatcher(List<RequestMatcher>) - Constructor for class org.springframework.security.web.util.matcher.AndRequestMatcher
Creates a new instance
AndRequestMatcher(RequestMatcher...) - Constructor for class org.springframework.security.web.util.matcher.AndRequestMatcher
Creates a new instance
AnnotationMetadataExtractor<A extends Annotation> - Interface in org.springframework.security.access.annotation
Strategy to process a custom security annotation to extract the relevant ConfigAttributes for securing a method.
AnnotationParameterNameDiscoverer - Class in org.springframework.security.core.parameters
Allows finding parameter names using the value attribute of any number of Annotation instances.
AnnotationParameterNameDiscoverer(String...) - Constructor for class org.springframework.security.core.parameters.AnnotationParameterNameDiscoverer
 
AnnotationParameterNameDiscoverer(Set<String>) - Constructor for class org.springframework.security.core.parameters.AnnotationParameterNameDiscoverer
 
anonymous() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Allows configuring how an anonymous user is represented.
anonymous() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
Specify that URLs are allowed by anonymous users.
anonymous() - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.AuthorizedUrl
Specifies that an anonymous user is allowed access
anonymous() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
Specify that Messages are allowed by anonymous users.
ANONYMOUS - Static variable in class org.springframework.security.config.Elements
 
AnonymousAuthenticationFilter - Class in org.springframework.security.web.authentication
Detects if there is no Authentication object in the SecurityContextHolder, and populates it with one if needed.
AnonymousAuthenticationFilter(String) - Constructor for class org.springframework.security.web.authentication.AnonymousAuthenticationFilter
Creates a filter with a principal named "anonymousUser" and the single authority "ROLE_ANONYMOUS".
AnonymousAuthenticationFilter(String, Object, List<GrantedAuthority>) - Constructor for class org.springframework.security.web.authentication.AnonymousAuthenticationFilter
 
AnonymousAuthenticationProvider - Class in org.springframework.security.authentication
An AuthenticationProvider implementation that validates AnonymousAuthenticationTokens.
AnonymousAuthenticationProvider(String) - Constructor for class org.springframework.security.authentication.AnonymousAuthenticationProvider
 
AnonymousAuthenticationToken - Class in org.springframework.security.authentication
Represents an anonymous Authentication.
AnonymousAuthenticationToken(String, Object, Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.authentication.AnonymousAuthenticationToken
Constructor.
AnonymousConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Configures Anonymous authentication (i.e.
AnonymousConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
Creates a new instance
antMatcher(String) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Allows configuring the HttpSecurity to only be invoked when matching the provided ant pattern.
antMatchers(HttpMethod, String...) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
Maps a List of AntPathRequestMatcher instances.
antMatchers(String...) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
Maps a List of AntPathRequestMatcher instances that do not care which HttpMethod is used.
AntPathRequestMatcher - Class in org.springframework.security.web.util.matcher
Matcher which compares a pre-defined ant-style pattern against the URL ( servletPath + pathInfo) of an HttpServletRequest.
AntPathRequestMatcher(String) - Constructor for class org.springframework.security.web.util.matcher.AntPathRequestMatcher
Creates a matcher with the specific pattern which will match all HTTP methods in a case insensitive manner.
AntPathRequestMatcher(String, String) - Constructor for class org.springframework.security.web.util.matcher.AntPathRequestMatcher
Creates a matcher with the supplied pattern and HTTP method in a case insensitive manner.
AntPathRequestMatcher(String, String, boolean) - Constructor for class org.springframework.security.web.util.matcher.AntPathRequestMatcher
Creates a matcher with the supplied pattern which will match the specified Http method
ANY_CHANNEL - Static variable in class org.springframework.security.web.access.channel.ChannelDecisionManagerImpl
 
ANY_MESSAGE - Static variable in interface org.springframework.security.messaging.util.matcher.MessageMatcher
Matches every Message
anyMessage() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry
Maps any Message to a security expression.
anyRequest() - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
Maps any request.
AnyRequestMatcher - Class in org.springframework.security.web.util.matcher
Matches any supplied request.
ApacheDSContainer - Class in org.springframework.security.ldap.server
Provides lifecycle services for the embedded apacheDS server defined by the supplied configuration.
ApacheDSContainer(String, String) - Constructor for class org.springframework.security.ldap.server.ApacheDSContainer
 
appendFilters(ServletContext, Filter...) - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
apply(C) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
apply(C) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Applies a SecurityConfigurer to this SecurityBuilder overriding any SecurityConfigurer of the exact same class.
asHeader() - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.CsrfRequestPostProcessor
Instead of using the CsrfToken as a request parameter (default) will populate the CsrfToken as a header.
AspectJCallback - Interface in org.springframework.security.access.intercept.aspectj
Called by the AspectJMethodSecurityInterceptor when it wishes for the AspectJ processing to continue.
AspectJMethodSecurityInterceptor - Class in org.springframework.security.access.intercept.aspectj
AspectJ JoinPoint security interceptor which wraps the JoinPoint in a MethodInvocation adapter to make it compatible with security infrastructure classes which only support MethodInvocations.
AspectJMethodSecurityInterceptor() - Constructor for class org.springframework.security.access.intercept.aspectj.AspectJMethodSecurityInterceptor
 
ATT_GROUP_ROLE_ATTRIBUTE - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
ATT_GROUP_SEARCH_BASE - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
ATT_GROUP_SEARCH_FILTER - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
ATT_HASH - Static variable in class org.springframework.security.config.authentication.PasswordEncoderParser
 
ATT_LDIF_FILE - Static variable in class org.springframework.security.config.ldap.LdapServerBeanDefinitionParser
Optionally defines an ldif resource to be loaded.
ATT_PORT - Static variable in class org.springframework.security.config.ldap.LdapServerBeanDefinitionParser
Defines the port the LDAP_PROVIDER server should run on
ATT_ROOT_SUFFIX - Static variable in class org.springframework.security.config.ldap.LdapServerBeanDefinitionParser
sets the configuration suffix (default is "dc=springframework,dc=org").
ATT_SERVER - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
ATT_USER_SEARCH_BASE - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
ATT_USER_SEARCH_FILTER - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
attemptAuthentication(String, String) - Method in interface org.springframework.security.authentication.rcp.RemoteAuthenticationManager
Attempts to authenticate the remote client using the presented username and password.
attemptAuthentication(String, String) - Method in class org.springframework.security.authentication.rcp.RemoteAuthenticationManagerImpl
 
attemptAuthentication(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.cas.web.CasAuthenticationFilter
 
attemptAuthentication(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.openid.OpenIDAuthenticationFilter
Authentication has two phases.
attemptAuthentication(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
Performs actual authentication.
attemptAuthentication(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
 
attemptExitUser(HttpServletRequest) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
Attempt to exit from an already switched user.
attemptSwitchUser(HttpServletRequest) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
Attempt to switch to another user.
attribute(OpenIDAttribute) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer.AttributeExchangeConfigurer
Adds an OpenIDAttribute to be obtained for the configured OpenID pattern.
attribute(String) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer.AttributeExchangeConfigurer
Adds an OpenIDAttribute with the given name
attributeExchange(String) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer
Sets up OpenID attribute exchange for OpenID's matching the specified pattern.
Attributes2GrantedAuthoritiesMapper - Interface in org.springframework.security.core.authority.mapping
Interface to be implemented by classes that can map a list of security attributes (such as roles or group names) to a collection of Spring Security GrantedAuthoritys.
AuditableAccessControlEntry - Interface in org.springframework.security.acls.model
Represents an ACE that provides auditing information.
AuditableAcl - Interface in org.springframework.security.acls.model
A mutable ACL that provides audit capabilities.
AuditLogger - Interface in org.springframework.security.acls.domain
Used by AclImpl to log audit events.
authenticate(Authentication) - Method in class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider
 
authenticate(Authentication) - Method in class org.springframework.security.authentication.AnonymousAuthenticationProvider
 
authenticate(Authentication) - Method in interface org.springframework.security.authentication.AuthenticationManager
Attempts to authenticate the passed Authentication object, returning a fully populated Authentication object (including granted authorities) if successful.
authenticate(Authentication) - Method in interface org.springframework.security.authentication.AuthenticationProvider
Performs authentication with the same contract as AuthenticationManager.authenticate(Authentication) .
authenticate(Authentication) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
 
authenticate(Authentication) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
Attempts to login the user given the Authentication objects principal and credential
authenticate(Authentication) - Method in class org.springframework.security.authentication.ProviderManager
Attempts to authenticate the passed Authentication object.
authenticate(Authentication) - Method in class org.springframework.security.authentication.rcp.RemoteAuthenticationProvider
 
authenticate(Authentication) - Method in class org.springframework.security.authentication.RememberMeAuthenticationProvider
 
authenticate(Authentication) - Method in class org.springframework.security.authentication.TestingAuthenticationProvider
 
authenticate(Authentication) - Method in class org.springframework.security.cas.authentication.CasAuthenticationProvider
 
authenticate(Authentication) - Method in class org.springframework.security.config.authentication.AuthenticationManagerBeanDefinitionParser.NullAuthenticationProvider
 
authenticate(Authentication) - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
 
authenticate(Authentication) - Method in class org.springframework.security.ldap.authentication.BindAuthenticator
 
authenticate(Authentication) - Method in interface org.springframework.security.ldap.authentication.LdapAuthenticator
Authenticates as a user and obtains additional user information from the directory.
authenticate(Authentication) - Method in class org.springframework.security.ldap.authentication.PasswordComparisonAuthenticator
 
authenticate(Authentication) - Method in class org.springframework.security.openid.OpenIDAuthenticationProvider
 
authenticate(Authentication) - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider
Authenticate the given PreAuthenticatedAuthenticationToken.
authenticated() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
Specify that URLs are allowed by any authenticated user.
authenticated() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
Specify that Messages are allowed by any authenticated user.
authenticated() - Static method in class org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers
ResultMatcher that verifies that a specified user is authenticated.
authenticatedUserDetailsService(AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken>) - Method in class org.springframework.security.config.annotation.web.configurers.JeeConfigurer
AuthenticatedVoter - Class in org.springframework.security.access.vote
Votes if a ConfigAttribute.getAttribute() of IS_AUTHENTICATED_FULLY or IS_AUTHENTICATED_REMEMBERED or IS_AUTHENTICATED_ANONYMOUSLY is present.
AuthenticatedVoter() - Constructor for class org.springframework.security.access.vote.AuthenticatedVoter
 
authentication - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
 
Authentication - Interface in org.springframework.security.core
Represents the token for an authentication request or for an authenticated principal once the request has been processed by the AuthenticationManager.authenticate(Authentication) method.
authentication(Authentication) - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors
Establish a SecurityContext that uses the specified Authentication for the Authentication.getPrincipal() and a custom UserDetails.
AUTHENTICATION_EXCEPTION - Static variable in class org.springframework.security.web.WebAttributes
Used to cache an authentication-failure exception in the session.
AUTHENTICATION_MANAGER - Static variable in class org.springframework.security.config.BeanIds
The "global" AuthenticationManager instance, registered by the <authentication-manager> element
AUTHENTICATION_MANAGER - Static variable in class org.springframework.security.config.Elements
 
AUTHENTICATION_PROVIDER - Static variable in class org.springframework.security.config.Elements
 
AuthenticationCancelledException - Exception in org.springframework.security.openid
Indicates that OpenID authentication was cancelled
AuthenticationCancelledException(String) - Constructor for exception org.springframework.security.openid.AuthenticationCancelledException
 
AuthenticationCancelledException(String, Throwable) - Constructor for exception org.springframework.security.openid.AuthenticationCancelledException
 
AuthenticationConfiguration - Class in org.springframework.security.config.annotation.authentication.configuration
Exports the authentication Configuration
AuthenticationConfiguration() - Constructor for class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
 
AuthenticationCredentialsNotFoundEvent - Class in org.springframework.security.access.event
Indicates a secure object invocation failed because the Authentication could not be obtained from the SecurityContextHolder.
AuthenticationCredentialsNotFoundEvent(Object, Collection<ConfigAttribute>, AuthenticationCredentialsNotFoundException) - Constructor for class org.springframework.security.access.event.AuthenticationCredentialsNotFoundEvent
Construct the event.
AuthenticationCredentialsNotFoundException - Exception in org.springframework.security.authentication
Thrown if an authentication request is rejected because there is no Authentication object in the SecurityContext.
AuthenticationCredentialsNotFoundException(String) - Constructor for exception org.springframework.security.authentication.AuthenticationCredentialsNotFoundException
Constructs an AuthenticationCredentialsNotFoundException with the specified message.
AuthenticationCredentialsNotFoundException(String, Throwable) - Constructor for exception org.springframework.security.authentication.AuthenticationCredentialsNotFoundException
Constructs an AuthenticationCredentialsNotFoundException with the specified message and root cause.
AuthenticationDetailsSource<C,T> - Interface in org.springframework.security.authentication
Provides a Authentication.getDetails() object for a given web request.
authenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Specifies a custom AuthenticationDetailsSource.
authenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.config.annotation.web.configurers.HttpBasicConfigurer
Specifies a custom AuthenticationDetailsSource to use for basic authentication.
authenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails>) - Method in class org.springframework.security.config.annotation.web.configurers.X509Configurer
authenticationDetailsSource - Variable in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
 
authenticationEntryPoint(AuthenticationEntryPoint) - Method in class org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer
Sets the AuthenticationEntryPoint to be used.
authenticationEntryPoint(AuthenticationEntryPoint) - Method in class org.springframework.security.config.annotation.web.configurers.HttpBasicConfigurer
The AuthenticationEntryPoint to be populated on BasicAuthenticationFilter in the event that authentication fails.
AuthenticationEntryPoint - Interface in org.springframework.security.web
Used by ExceptionTranslationFilter to commence an authentication scheme.
AuthenticationEventPublisher - Interface in org.springframework.security.authentication
 
authenticationEventPublisher(AuthenticationEventPublisher) - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
AuthenticationException - Exception in org.springframework.security.core
Abstract superclass for all exceptions related to an Authentication object being invalid for whatever reason.
AuthenticationException(String, Throwable) - Constructor for exception org.springframework.security.core.AuthenticationException
Constructs an AuthenticationException with the specified message and root cause.
AuthenticationException(String) - Constructor for exception org.springframework.security.core.AuthenticationException
Constructs an AuthenticationException with the specified message and no root cause.
AuthenticationFailureBadCredentialsEvent - Class in org.springframework.security.authentication.event
Application event which indicates authentication failure due to invalid credentials being presented.
AuthenticationFailureBadCredentialsEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureBadCredentialsEvent
 
AuthenticationFailureCredentialsExpiredEvent - Class in org.springframework.security.authentication.event
Application event which indicates authentication failure due to the user's credentials having expired.
AuthenticationFailureCredentialsExpiredEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureCredentialsExpiredEvent
 
AuthenticationFailureDisabledEvent - Class in org.springframework.security.authentication.event
Application event which indicates authentication failure due to the user's account being disabled.
AuthenticationFailureDisabledEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureDisabledEvent
 
AuthenticationFailureExpiredEvent - Class in org.springframework.security.authentication.event
Application event which indicates authentication failure due to the user's account having expired.
AuthenticationFailureExpiredEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureExpiredEvent
 
AuthenticationFailureHandler - Interface in org.springframework.security.web.authentication
Strategy used to handle a failed authentication attempt.
AuthenticationFailureLockedEvent - Class in org.springframework.security.authentication.event
Application event which indicates authentication failure due to the user's account having been locked.
AuthenticationFailureLockedEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureLockedEvent
 
AuthenticationFailureProviderNotFoundEvent - Class in org.springframework.security.authentication.event
Application event which indicates authentication failure due to there being no registered AuthenticationProvider that can process the request.
AuthenticationFailureProviderNotFoundEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureProviderNotFoundEvent
 
AuthenticationFailureProxyUntrustedEvent - Class in org.springframework.security.authentication.event
Application event which indicates authentication failure due to the CAS user's ticket being generated by an untrusted proxy.
AuthenticationFailureProxyUntrustedEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureProxyUntrustedEvent
 
AuthenticationFailureServiceExceptionEvent - Class in org.springframework.security.authentication.event
Application event which indicates authentication failure due to there being a problem internal to the AuthenticationManager.
AuthenticationFailureServiceExceptionEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureServiceExceptionEvent
 
authenticationFilter(AnonymousAuthenticationFilter) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
Sets the AnonymousAuthenticationFilter used to populate an anonymous user.
AuthenticationManager - Interface in org.springframework.security.authentication
Processes an Authentication request.
authenticationManager() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
Allows providing a custom AuthenticationManager.
authenticationManager() - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
Gets the AuthenticationManager to use.
authenticationManagerBean() - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
Override this method to expose the AuthenticationManager from WebSecurityConfigurerAdapter.configure(AuthenticationManagerBuilder) to be exposed as a Bean.
AuthenticationManagerBeanDefinitionParser - Class in org.springframework.security.config.authentication
Registers the central ProviderManager used by the namespace configuration, and allows the configuration of an alias, allowing users to reference it in their beans and clearly see where the name is coming from.
AuthenticationManagerBeanDefinitionParser() - Constructor for class org.springframework.security.config.authentication.AuthenticationManagerBeanDefinitionParser
 
AuthenticationManagerBeanDefinitionParser.NullAuthenticationProvider - Class in org.springframework.security.config.authentication
Provider which doesn't provide any service.
AuthenticationManagerBeanDefinitionParser.NullAuthenticationProvider() - Constructor for class org.springframework.security.config.authentication.AuthenticationManagerBeanDefinitionParser.NullAuthenticationProvider
 
AuthenticationManagerBuilder - Class in org.springframework.security.config.annotation.authentication.builders
AuthenticationManagerBuilder(ObjectPostProcessor<Object>) - Constructor for class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
Creates a new instance
authenticationManagerBuilder(ObjectPostProcessor<Object>) - Method in class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
 
AuthenticationManagerFactoryBean - Class in org.springframework.security.config.authentication
Factory bean for the namespace AuthenticationManager, which allows a more meaningful error message to be reported in the NoSuchBeanDefinitionException, if the user has forgotten to declare the <authentication-manager> element.
AuthenticationManagerFactoryBean() - Constructor for class org.springframework.security.config.authentication.AuthenticationManagerFactoryBean
 
AuthenticationPrincipal - Annotation Type in org.springframework.security.core.annotation
Annotation that is used to resolve Authentication.getPrincipal() to a method argument.
AuthenticationPrincipal - Annotation Type in org.springframework.security.web.bind.annotation
Deprecated.
Use org.springframework.security.core.annotation.AuthenticationPrincipal instead
AuthenticationPrincipalArgumentResolver - Class in org.springframework.security.messaging.context
Allows resolving the Authentication.getPrincipal() using the AuthenticationPrincipal annotation.
AuthenticationPrincipalArgumentResolver() - Constructor for class org.springframework.security.messaging.context.AuthenticationPrincipalArgumentResolver
 
AuthenticationPrincipalArgumentResolver - Class in org.springframework.security.web.bind.support
Deprecated.
use org.springframework.security.web.method.annotation. AuthenticationPrincipalArgumentResolver
AuthenticationPrincipalArgumentResolver() - Constructor for class org.springframework.security.web.bind.support.AuthenticationPrincipalArgumentResolver
Deprecated.
 
AuthenticationPrincipalArgumentResolver - Class in org.springframework.security.web.method.annotation
Allows resolving the Authentication.getPrincipal() using the AuthenticationPrincipal annotation.
AuthenticationPrincipalArgumentResolver() - Constructor for class org.springframework.security.web.method.annotation.AuthenticationPrincipalArgumentResolver
 
AuthenticationProvider - Interface in org.springframework.security.authentication
Indicates a class can process a specific Authentication implementation.
authenticationProvider(AuthenticationProvider) - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
Add authentication based upon the custom AuthenticationProvider that is passed in.
authenticationProvider(AuthenticationProvider) - Method in interface org.springframework.security.config.annotation.authentication.ProviderManagerBuilder
Add authentication based upon the custom AuthenticationProvider that is passed in.
authenticationProvider(AuthenticationProvider) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
 
authenticationProvider(AuthenticationProvider) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
Sets the AuthenticationProvider used to validate an anonymous user.
authenticationProvider(AuthenticationProvider) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder
Allows adding an additional AuthenticationProvider to be used
AuthenticationProviderBeanDefinitionParser - Class in org.springframework.security.config.authentication
Wraps a UserDetailsService bean with a DaoAuthenticationProvider and registers the latter with the ProviderManager.
AuthenticationProviderBeanDefinitionParser() - Constructor for class org.springframework.security.config.authentication.AuthenticationProviderBeanDefinitionParser
 
AuthenticationServiceException - Exception in org.springframework.security.authentication
Thrown if an authentication request could not be processed due to a system problem.
AuthenticationServiceException(String) - Constructor for exception org.springframework.security.authentication.AuthenticationServiceException
Constructs an AuthenticationServiceException with the specified message.
AuthenticationServiceException(String, Throwable) - Constructor for exception org.springframework.security.authentication.AuthenticationServiceException
Constructs an AuthenticationServiceException with the specified message and root cause.
AuthenticationSimpleHttpInvokerRequestExecutor - Class in org.springframework.security.remoting.httpinvoker
Adds BASIC authentication support to SimpleHttpInvokerRequestExecutor.
AuthenticationSimpleHttpInvokerRequestExecutor() - Constructor for class org.springframework.security.remoting.httpinvoker.AuthenticationSimpleHttpInvokerRequestExecutor
 
AuthenticationSuccessEvent - Class in org.springframework.security.authentication.event
Application event which indicates successful authentication.
AuthenticationSuccessEvent(Authentication) - Constructor for class org.springframework.security.authentication.event.AuthenticationSuccessEvent
 
authenticationSuccessHandler(AuthenticationSuccessHandler) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
Allows control over the destination a remembered user is sent to when they are successfully authenticated.
AuthenticationSuccessHandler - Interface in org.springframework.security.web.authentication
Strategy used to handle a successful user authentication.
AuthenticationSwitchUserEvent - Class in org.springframework.security.web.authentication.switchuser
Application event which indicates that a user context switch.
AuthenticationSwitchUserEvent(Authentication, UserDetails) - Constructor for class org.springframework.security.web.authentication.switchuser.AuthenticationSwitchUserEvent
Switch user context event constructor
AuthenticationTag - Class in org.springframework.security.taglibs.authz
An Tag implementation that allows convenient access to the current Authentication object.
AuthenticationTag() - Constructor for class org.springframework.security.taglibs.authz.AuthenticationTag
 
AuthenticationTrustResolver - Interface in org.springframework.security.authentication
Evaluates Authentication tokens
AuthenticationTrustResolverImpl - Class in org.springframework.security.authentication
Basic implementation of AuthenticationTrustResolver.
AuthenticationTrustResolverImpl() - Constructor for class org.springframework.security.authentication.AuthenticationTrustResolverImpl
 
authenticationUserDetailsService(AuthenticationUserDetailsService<OpenIDAuthenticationToken>) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer
authenticationUserDetailsService(AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken>) - Method in class org.springframework.security.config.annotation.web.configurers.X509Configurer
Specifies the AuthenticationUserDetailsService to use.
AuthenticationUserDetailsService<T extends Authentication> - Interface in org.springframework.security.core.userdetails
Interface that allows for retrieving a UserDetails object based on an Authentication object.
authorities(GrantedAuthority...) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
Populates the authorities.
authorities(List<? extends GrantedAuthority>) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
Populates the authorities.
authorities(String...) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
Populates the authorities.
authorities(List<GrantedAuthority>) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
Sets the Authentication.getAuthorities() for anonymous users
authorities(String...) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
Sets the Authentication.getAuthorities() for anonymous users
authorities(GrantedAuthority...) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.UserRequestPostProcessor
Populates the user's GrantedAuthority's.
authorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.UserRequestPostProcessor
Populates the user's GrantedAuthority's.
authoritiesByUsernameQuery(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
Sets the query to be used for finding a user's authorities by their username.
AuthorityGranter - Interface in org.springframework.security.authentication.jaas
The AuthorityGranter interface is used to map a given principal to role names.
authorityListToSet(Collection<? extends GrantedAuthority>) - Static method in class org.springframework.security.core.authority.AuthorityUtils
Converts an array of GrantedAuthority objects to a Set.
AuthorityUtils - Class in org.springframework.security.core.authority
Utility method for manipulating GrantedAuthority collections etc.
AuthorityUtils() - Constructor for class org.springframework.security.core.authority.AuthorityUtils
 
AuthorizationFailureEvent - Class in org.springframework.security.access.event
Indicates a secure object invocation failed because the principal could not be authorized for the request.
AuthorizationFailureEvent(Object, Collection<ConfigAttribute>, Authentication, AccessDeniedException) - Constructor for class org.springframework.security.access.event.AuthorizationFailureEvent
Construct the event.
AuthorizationServiceException - Exception in org.springframework.security.access
Thrown if an authorization request could not be processed due to a system problem.
AuthorizationServiceException(String) - Constructor for exception org.springframework.security.access.AuthorizationServiceException
Constructs an AuthorizationServiceException with the specified message.
AuthorizationServiceException(String, Throwable) - Constructor for exception org.springframework.security.access.AuthorizationServiceException
Constructs an AuthorizationServiceException with the specified message and root cause.
authorize() - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag
Make an authorization decision by considering all <authorize> tag attributes.
AuthorizedEvent - Class in org.springframework.security.access.event
Event indicating a secure object was invoked successfully.
AuthorizedEvent(Object, Collection<ConfigAttribute>, Authentication) - Constructor for class org.springframework.security.access.event.AuthorizedEvent
Construct the event.
authorizeRequests() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Allows restricting access based upon the HttpServletRequest using
authorizeUsingAccessExpression() - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag
Make an authorization decision based on a Spring EL expression.
authorizeUsingUrlCheck() - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag
Make an authorization decision based on the URL and HTTP method attributes.
autoLogin(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.NullRememberMeServices
 
autoLogin(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
Template implementation which locates the Spring Security cookie, decodes it into a delimited array of tokens and submits it to subclasses for processing via the processAutoLoginCookie method.
autoLogin(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.authentication.RememberMeServices
This method will be called whenever the SecurityContextHolder does not contain an Authentication object and Spring Security wishes to provide an implementation with an opportunity to authenticate the request using remember-me capabilities.
autowiredWebSecurityConfigurersIgnoreParents(ConfigurableListableBeanFactory) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
 
awaitTermination(long, TimeUnit) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
 
AxFetchListFactory - Interface in org.springframework.security.openid
A strategy which can be used by an OpenID consumer implementation, to dynamically determine the attribute exchange information based on the OpenID identifier.

B

BadCredentialsException - Exception in org.springframework.security.authentication
Thrown if an authentication request is rejected because the credentials are invalid.
BadCredentialsException(String) - Constructor for exception org.springframework.security.authentication.BadCredentialsException
Constructs a BadCredentialsException with the specified message.
BadCredentialsException(String, Throwable) - Constructor for exception org.springframework.security.authentication.BadCredentialsException
Constructs a BadCredentialsException with the specified message and root cause.
Base64 - Class in org.springframework.security.crypto.codec
Base64 encoder which is a reduced version of Robert Harder's public domain implementation (version 2.3.7).
Base64() - Constructor for class org.springframework.security.crypto.codec.Base64
 
BaseDigestPasswordEncoder - Class in org.springframework.security.authentication.encoding
Convenience base for digest password encoders.
BaseDigestPasswordEncoder() - Constructor for class org.springframework.security.authentication.encoding.BaseDigestPasswordEncoder
 
BasePasswordEncoder - Class in org.springframework.security.authentication.encoding
Convenience base for all password encoders.
BasePasswordEncoder() - Constructor for class org.springframework.security.authentication.encoding.BasePasswordEncoder
 
BasePermission - Class in org.springframework.security.acls.domain
A set of standard permissions.
BasePermission(int) - Constructor for class org.springframework.security.acls.domain.BasePermission
 
BasePermission(int, char) - Constructor for class org.springframework.security.acls.domain.BasePermission
 
BASIC_AUTH - Static variable in class org.springframework.security.config.Elements
 
BasicAuthenticationEntryPoint - Class in org.springframework.security.web.authentication.www
Used by the ExceptionTraslationFilter to commence authentication via the BasicAuthenticationFilter.
BasicAuthenticationEntryPoint() - Constructor for class org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint
 
BasicAuthenticationFilter - Class in org.springframework.security.web.authentication.www
Processes a HTTP request's BASIC authorization headers, putting the result into the SecurityContextHolder.
BasicAuthenticationFilter(AuthenticationManager) - Constructor for class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
Creates an instance which will authenticate against the supplied AuthenticationManager and which will ignore failed authentication attempts, allowing the request to proceed down the filter chain.
BasicAuthenticationFilter(AuthenticationManager, AuthenticationEntryPoint) - Constructor for class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
Creates an instance which will authenticate against the supplied AuthenticationManager and use the supplied AuthenticationEntryPoint to handle authentication failures.
BasicLookupStrategy - Class in org.springframework.security.acls.jdbc
Performs lookups in a manner that is compatible with ANSI SQL.
BasicLookupStrategy(DataSource, AclCache, AclAuthorizationStrategy, AuditLogger) - Constructor for class org.springframework.security.acls.jdbc.BasicLookupStrategy
Constructor accepting mandatory arguments
BasicLookupStrategy(DataSource, AclCache, AclAuthorizationStrategy, PermissionGrantingStrategy) - Constructor for class org.springframework.security.acls.jdbc.BasicLookupStrategy
Creates a new instance
BCrypt - Class in org.springframework.security.crypto.bcrypt
BCrypt implements OpenBSD-style Blowfish password hashing using the scheme described in "A Future-Adaptable Password Scheme" by Niels Provos and David Mazieres.
BCrypt() - Constructor for class org.springframework.security.crypto.bcrypt.BCrypt
 
BCryptPasswordEncoder - Class in org.springframework.security.crypto.bcrypt
Implementation of PasswordEncoder that uses the BCrypt strong hashing function.
BCryptPasswordEncoder() - Constructor for class org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
 
BCryptPasswordEncoder(int) - Constructor for class org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
 
BCryptPasswordEncoder(int, SecureRandom) - Constructor for class org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
 
BeanIds - Class in org.springframework.security.config
Contains globally used default Bean IDs for beans created by the namespace support in Spring Security 2.
BeanIds() - Constructor for class org.springframework.security.config.BeanIds
 
before(Authentication, MethodInvocation, PreInvocationAttribute) - Method in class org.springframework.security.access.expression.method.ExpressionBasedPreInvocationAdvice
 
before(Authentication, MethodInvocation, PreInvocationAttribute) - Method in interface org.springframework.security.access.prepost.PreInvocationAuthorizationAdvice
The "before" advice which should be executed to perform any filtering necessary and to decide whether the method call is authorised.
beforeConcurrentHandling(NativeWebRequest, Callable<T>) - Method in class org.springframework.security.web.context.request.async.SecurityContextCallableProcessingInterceptor
 
beforeConfigure() - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Invoked prior to invoking each SecurityConfigurer.configure(SecurityBuilder) method.
beforeConfigure() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
 
beforeHandle(Message<?>, MessageChannel, MessageHandler) - Method in class org.springframework.security.messaging.context.SecurityContextChannelInterceptor
 
beforeHandshake(ServerHttpRequest, ServerHttpResponse, WebSocketHandler, Map<String, Object>) - Method in class org.springframework.security.messaging.web.socket.server.CsrfTokenHandshakeInterceptor
 
beforeInit() - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Invoked prior to invoking each SecurityConfigurer.init(SecurityBuilder) method.
beforeInvocation(Object) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
 
beforeSpringSecurityFilterChain(ServletContext) - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
Invoked before the springSecurityFilterChain is added.
beforeTestMethod(TestContext) - Method in class org.springframework.security.test.context.support.WithSecurityContextTestExecutionListener
Sets up the SecurityContext for each test method.
beginConsumption(HttpServletRequest, String, String, String) - Method in class org.springframework.security.openid.OpenID4JavaConsumer
 
beginConsumption(HttpServletRequest, String, String, String) - Method in interface org.springframework.security.openid.OpenIDConsumer
Given the request, the claimedIdentity, the return to url, and a realm, lookup the openId authentication page the user should be redirected to.
BindAuthenticator - Class in org.springframework.security.ldap.authentication
An authenticator which binds as a user.
BindAuthenticator(BaseLdapPathContextSource) - Constructor for class org.springframework.security.ldap.authentication.BindAuthenticator
Create an initialized instance using the BaseLdapPathContextSource provided.
block(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.XXssConfig
If false, will not specify the mode as blocked.
build() - Method in class org.springframework.security.config.annotation.AbstractSecurityBuilder
 
build() - Method in interface org.springframework.security.config.annotation.SecurityBuilder
Builds the object and returns it or null.
buildDetails(C) - Method in interface org.springframework.security.authentication.AuthenticationDetailsSource
Called by a class when it wishes a new authentication details instance to be created.
buildDetails(HttpServletRequest) - Method in class org.springframework.security.cas.web.authentication.ServiceAuthenticationDetailsSource
 
buildDetails(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource
Builds the authentication details object.
buildDetails(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.websphere.WebSpherePreAuthenticatedWebAuthenticationDetailsSource
 
buildDetails(HttpServletRequest) - Method in class org.springframework.security.web.authentication.WebAuthenticationDetailsSource
 
buildDn(String) - Method in class org.springframework.security.ldap.DefaultLdapUsernameToDnMapper
Assembles the Distinguished Name that should be used the given username.
buildDn(String) - Method in interface org.springframework.security.ldap.LdapUsernameToDnMapper
 
buildFromMask(int) - Method in class org.springframework.security.acls.domain.DefaultPermissionFactory
 
buildFromMask(int) - Method in interface org.springframework.security.acls.domain.PermissionFactory
Dynamically creates a CumulativePermission or BasePermission representing the active bits in the passed mask.
buildFromName(String) - Method in class org.springframework.security.acls.domain.DefaultPermissionFactory
 
buildFromName(String) - Method in interface org.springframework.security.acls.domain.PermissionFactory
 
buildFromNames(List<String>) - Method in class org.springframework.security.acls.domain.DefaultPermissionFactory
 
buildFromNames(List<String>) - Method in interface org.springframework.security.acls.domain.PermissionFactory
 
buildFullRequestUrl(HttpServletRequest) - Static method in class org.springframework.security.web.util.UrlUtils
 
buildFullRequestUrl(String, String, int, String, String) - Static method in class org.springframework.security.web.util.UrlUtils
Obtains the full URL the client used to make the request.
buildGroupDn(String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
Creates a DN from a group name.
buildHttpsRedirectUrlForRequest(HttpServletRequest) - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
Builds a URL to redirect the supplied request to HTTPS.
buildRedirectUrlToLoginPage(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
 
buildRequest(ServletContext) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.FormLoginRequestBuilder
 
buildRequest(ServletContext) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.LogoutRequestBuilder
 
buildRequestUrl(HttpServletRequest) - Static method in class org.springframework.security.web.util.UrlUtils
Obtains the web application-specific fragment of the request URL.
buildReturnToUrl(HttpServletRequest) - Method in class org.springframework.security.openid.OpenIDAuthenticationFilter
Builds the return_to URL that will be sent to the OpenID service provider.
buildRunAs(Authentication, Object, Collection<ConfigAttribute>) - Method in interface org.springframework.security.access.intercept.RunAsManager
Returns a replacement Authentication object for the current secure object invocation, or null if replacement not required.
buildRunAs(Authentication, Object, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.intercept.RunAsManagerImpl
 
BytesEncryptor - Interface in org.springframework.security.crypto.encrypt
Service interface for symmetric data encryption.
BytesKeyGenerator - Interface in org.springframework.security.crypto.keygen
A generator for unique byte array-based keys.

C

cacheControl() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
Allows customizing the CacheControlHeadersWriter.
CacheControlHeadersWriter - Class in org.springframework.security.web.header.writers
A StaticHeadersWriter that inserts headers to prevent caching.
CacheControlHeadersWriter() - Constructor for class org.springframework.security.web.header.writers.CacheControlHeadersWriter
Creates a new instance
cachePermissionsFor(Authentication, Collection<?>) - Method in interface org.springframework.security.access.PermissionCacheOptimizer
Optimises the permission cache for anticipated operation on the supplied collection of objects.
cachePermissionsFor(Authentication, Collection<?>) - Method in class org.springframework.security.acls.AclPermissionCacheOptimizer
 
CACHING_SUFFIX - Static variable in class org.springframework.security.config.authentication.AbstractUserDetailsServiceBeanDefinitionParser
 
CachingUserDetailsService - Class in org.springframework.security.config.authentication
 
calculateLoginLifetime(HttpServletRequest, Authentication) - Method in class org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices
Calculates the validity period in seconds for a newly generated remember-me login.
call() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextCallable
 
cancelCookie(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
Sets a "cancel cookie" (with maxAge = 0) on the response to disable persistent logins.
CAS_STATEFUL_IDENTIFIER - Static variable in class org.springframework.security.cas.web.CasAuthenticationFilter
Used to identify a CAS request for a stateful user agent, such as a web browser.
CAS_STATELESS_IDENTIFIER - Static variable in class org.springframework.security.cas.web.CasAuthenticationFilter
Used to identify a CAS request for a stateless user agent, such as a remoting protocol client (e.g.
CasAssertionAuthenticationToken - Class in org.springframework.security.cas.authentication
Temporary authentication object needed to load the user details service.
CasAssertionAuthenticationToken(Assertion, String) - Constructor for class org.springframework.security.cas.authentication.CasAssertionAuthenticationToken
 
CasAuthenticationEntryPoint - Class in org.springframework.security.cas.web
Used by the ExceptionTranslationFilter to commence authentication via the JA-SIG Central Authentication Service (CAS).
CasAuthenticationEntryPoint() - Constructor for class org.springframework.security.cas.web.CasAuthenticationEntryPoint
 
CasAuthenticationFilter - Class in org.springframework.security.cas.web
Processes a CAS service ticket, obtains proxy granting tickets, and processes proxy tickets.
CasAuthenticationFilter() - Constructor for class org.springframework.security.cas.web.CasAuthenticationFilter
 
CasAuthenticationProvider - Class in org.springframework.security.cas.authentication
An AuthenticationProvider implementation that integrates with JA-SIG Central Authentication Service (CAS).
CasAuthenticationProvider() - Constructor for class org.springframework.security.cas.authentication.CasAuthenticationProvider
 
CasAuthenticationToken - Class in org.springframework.security.cas.authentication
Represents a successful CAS Authentication.
CasAuthenticationToken(String, Object, Object, Collection<? extends GrantedAuthority>, UserDetails, Assertion) - Constructor for class org.springframework.security.cas.authentication.CasAuthenticationToken
Constructor.
chainRequestMatchers(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
Subclasses should implement this method for returning the object that is chained to the creation of the RequestMatcher instances.
chainRequestMatchers(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity.RequestMatcherConfigurer
 
chainRequestMatchers(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity.IgnoredRequestConfigurer
 
chainRequestMatchers(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractConfigAttributeRequestMatcherRegistry
chainRequestMatchersInternal(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractConfigAttributeRequestMatcherRegistry
Subclasses should implement this method for returning the object that is chained to the creation of the RequestMatcher instances.
chainRequestMatchersInternal(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.ChannelRequestMatcherRegistry
 
chainRequestMatchersInternal(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry
 
chainRequestMatchersInternal(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.StandardInterceptUrlRegistry
 
CHANGE_AUDITING - Static variable in interface org.springframework.security.acls.domain.AclAuthorizationStrategy
 
CHANGE_GENERAL - Static variable in interface org.springframework.security.acls.domain.AclAuthorizationStrategy
 
CHANGE_OWNERSHIP - Static variable in interface org.springframework.security.acls.domain.AclAuthorizationStrategy
 
changePassword(String, String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
Changes the password for the current user.
changePassword(String, String) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
 
changePassword(String, String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
changePassword(String, String) - Method in interface org.springframework.security.provisioning.UserDetailsManager
Modify the current user's password.
changeSessionId() - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.SessionFixationConfigurer
Specifies that the Servlet container-provided session fixation protection should be used.
ChangeSessionIdAuthenticationStrategy - Class in org.springframework.security.web.authentication.session
Uses HttpServletRequest#changeSessionId() to protect against session fixation attacks.
ChangeSessionIdAuthenticationStrategy() - Constructor for class org.springframework.security.web.authentication.session.ChangeSessionIdAuthenticationStrategy
 
ChannelAttributeFactory - Class in org.springframework.security.config.http
Used as a factory bean to create config attribute values for the requires-channel attribute.
ChannelAttributeFactory() - Constructor for class org.springframework.security.config.http.ChannelAttributeFactory
 
ChannelDecisionManager - Interface in org.springframework.security.web.access.channel
Decides whether a web channel provides sufficient security.
ChannelDecisionManagerImpl - Class in org.springframework.security.web.access.channel
Implementation of ChannelDecisionManager.
ChannelDecisionManagerImpl() - Constructor for class org.springframework.security.web.access.channel.ChannelDecisionManagerImpl
 
ChannelEntryPoint - Interface in org.springframework.security.web.access.channel
May be used by a ChannelProcessor to launch a web channel.
ChannelProcessingFilter - Class in org.springframework.security.web.access.channel
Ensures a web request is delivered over the required channel.
ChannelProcessingFilter() - Constructor for class org.springframework.security.web.access.channel.ChannelProcessingFilter
 
ChannelProcessor - Interface in org.springframework.security.web.access.channel
Decides whether a web channel meets a specific security condition.
channelProcessors(List<ChannelProcessor>) - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.ChannelRequestMatcherRegistry
Sets the ChannelProcessor instances to use in ChannelDecisionManagerImpl
ChannelSecurityConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Adds channel security (i.e.
ChannelSecurityConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer
Creates a new instance
ChannelSecurityConfigurer.ChannelRequestMatcherRegistry - Class in org.springframework.security.config.annotation.web.configurers
 
ChannelSecurityConfigurer.RequiresChannelUrl - Class in org.springframework.security.config.annotation.web.configurers
 
ChannelSecurityInterceptor - Class in org.springframework.security.messaging.access.intercept
Performs security handling of Message resources via a ChannelInterceptor implementation.
ChannelSecurityInterceptor(MessageSecurityMetadataSource) - Constructor for class org.springframework.security.messaging.access.intercept.ChannelSecurityInterceptor
Creates a new instance
check(UserDetails) - Method in class org.springframework.security.authentication.AccountStatusUserDetailsChecker
 
check(UserDetails) - Method in interface org.springframework.security.core.userdetails.UserDetailsChecker
Examines the User
checkAllowIfAllAbstainDecisions() - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager
 
checkpw(String, String) - Static method in class org.springframework.security.crypto.bcrypt.BCrypt
Check that a plaintext password matches a previously hashed one
ChildrenExistException - Exception in org.springframework.security.acls.model
Thrown if an Acl cannot be deleted because children Acls exist.
ChildrenExistException(String) - Constructor for exception org.springframework.security.acls.model.ChildrenExistException
Constructs an ChildrenExistException with the specified message.
ChildrenExistException(String, Throwable) - Constructor for exception org.springframework.security.acls.model.ChildrenExistException
Constructs an ChildrenExistException with the specified message and root cause.
clear(Permission) - Method in class org.springframework.security.acls.domain.CumulativePermission
 
clear() - Method in class org.springframework.security.acls.domain.CumulativePermission
 
clearAuthenticationAttributes(HttpServletRequest) - Method in class org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler
Removes temporary authentication-related data which may have been stored in the session during the authentication process.
clearCache() - Method in class org.springframework.security.acls.domain.EhCacheBasedAclCache
 
clearCache() - Method in class org.springframework.security.acls.domain.SpringCacheBasedAclCache
 
clearCache() - Method in interface org.springframework.security.acls.model.AclCache
 
clearContext() - Static method in class org.springframework.security.core.context.SecurityContextHolder
Explicitly clears the context value from the current thread.
clearContext() - Method in interface org.springframework.security.core.context.SecurityContextHolderStrategy
Clears the current context.
clearContext() - Static method in class org.springframework.security.test.context.TestSecurityContextHolder
closeContext(Context) - Static method in class org.springframework.security.ldap.LdapUtils
 
closeEnumeration(NamingEnumeration) - Static method in class org.springframework.security.ldap.LdapUtils
 
code - Variable in class org.springframework.security.acls.domain.AbstractPermission
 
commaSeparatedStringToAuthorityList(String) - Static method in class org.springframework.security.core.authority.AuthorityUtils
Creates a array of GrantedAuthority objects from a comma-separated string representation (e.g.
commence(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.cas.web.CasAuthenticationEntryPoint
 
commence(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
 
commence(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.access.channel.ChannelEntryPoint
Commences a secure channel.
commence(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint
 
commence(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.Http403ForbiddenEntryPoint
Always returns a 403 error code to the client.
commence(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.HttpStatusEntryPoint
 
commence(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
Performs the redirect (or forward) to the login form URL.
commence(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint
 
commence(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
 
commence(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in interface org.springframework.security.web.AuthenticationEntryPoint
Commences an authentication scheme.
commit() - Method in class org.springframework.security.authentication.jaas.SecurityContextLoginModule
Authenticate the Subject (phase two) by adding the Spring Security Authentication to the Subject's principals.
compare(String, String, Object) - Method in class org.springframework.security.ldap.SpringSecurityLdapTemplate
Performs an LDAP compare operation of the value of an attribute for a particular directory entry.
CompositeSessionAuthenticationStrategy - Class in org.springframework.security.web.authentication.session
A SessionAuthenticationStrategy that accepts multiple SessionAuthenticationStrategy implementations to delegate to.
CompositeSessionAuthenticationStrategy(List<SessionAuthenticationStrategy>) - Constructor for class org.springframework.security.web.authentication.session.CompositeSessionAuthenticationStrategy
 
concatenate(byte[]...) - Static method in class org.springframework.security.crypto.util.EncodingUtils
Combine the individual byte arrays into one array.
CONCURRENT_SESSIONS - Static variable in class org.springframework.security.config.Elements
 
ConcurrentSessionControlAuthenticationStrategy - Class in org.springframework.security.web.authentication.session
Strategy which handles concurrent session-control.
ConcurrentSessionControlAuthenticationStrategy(SessionRegistry) - Constructor for class org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy
 
ConcurrentSessionFilter - Class in org.springframework.security.web.session
Filter required by concurrent session handling package.
ConcurrentSessionFilter(SessionRegistry) - Constructor for class org.springframework.security.web.session.ConcurrentSessionFilter
 
ConcurrentSessionFilter(SessionRegistry, String) - Constructor for class org.springframework.security.web.session.ConcurrentSessionFilter
 
ConfigAttribute - Interface in org.springframework.security.access
Stores a security system related configuration attribute.
configure(AuthenticationManagerBuilder) - Method in class org.springframework.security.config.annotation.authentication.configurers.GlobalAuthenticationConfigurerAdapter
 
configure(B) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
 
configure(B) - Method in class org.springframework.security.config.annotation.authentication.configurers.userdetails.UserDetailsServiceConfigurer
 
configure(AuthenticationManagerBuilder) - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
Sub classes can override this method to register different types of authentication.
configure(B) - Method in interface org.springframework.security.config.annotation.SecurityConfigurer
Configure the SecurityBuilder by setting the necessary properties on the SecurityBuilder.
configure(B) - Method in class org.springframework.security.config.annotation.SecurityConfigurerAdapter
 
configure(AuthenticationManagerBuilder) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
Used by the default implementation of WebSecurityConfigurerAdapter.authenticationManager() to attempt to obtain an AuthenticationManager.
configure(WebSecurity) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
Override this method to configure WebSecurity.
configure(HttpSecurity) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
Override this method to configure the HttpSecurity.
configure(B) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.CsrfConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.DefaultLoginPageConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
 
configure(B) - Method in class org.springframework.security.config.annotation.web.configurers.HttpBasicConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.JeeConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.RequestCacheConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.SecurityContextConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.ServletApiConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.X509Configurer
 
configureClientInboundChannel(ChannelRegistration) - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
 
configureInbound(MessageSecurityMetadataSourceRegistry) - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
 
configureJaas(Resource) - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
Hook method for configuring Jaas.
ConsensusBased - Class in org.springframework.security.access.vote
Simple concrete implementation of AccessDecisionManager that uses a consensus-based approach.
ConsensusBased(List<AccessDecisionVoter<? extends Object>>) - Constructor for class org.springframework.security.access.vote.ConsensusBased
 
ConsoleAuditLogger - Class in org.springframework.security.acls.domain
A basic implementation of AuditLogger.
ConsoleAuditLogger() - Constructor for class org.springframework.security.acls.domain.ConsoleAuditLogger
 
consumer(OpenIDConsumer) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer
Allows specifying the OpenIDConsumer to be used.
consumerManager(ConsumerManager) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer
Allows specifying the ConsumerManager to be used.
containsContext(HttpServletRequest) - Method in class org.springframework.security.web.context.HttpSessionSecurityContextRepository
 
containsContext(HttpServletRequest) - Method in class org.springframework.security.web.context.NullSecurityContextRepository
 
containsContext(HttpServletRequest) - Method in interface org.springframework.security.web.context.SecurityContextRepository
Allows the repository to be queried as to whether it contains a security context for the current request.
containsMapping() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry
Allows determining if a mapping was added.
contentTypeOptions() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
CONTEXT_SOURCE - Static variable in class org.springframework.security.config.BeanIds
 
CONTEXT_SOURCE_SETTING_POST_PROCESSOR - Static variable in class org.springframework.security.config.BeanIds
 
ContextPropagatingRemoteInvocation - Class in org.springframework.security.remoting.rmi
The actual RemoteInvocation that is passed from the client to the server.
ContextPropagatingRemoteInvocation(MethodInvocation) - Constructor for class org.springframework.security.remoting.rmi.ContextPropagatingRemoteInvocation
Constructs the object, storing the principal and credentials extracted from the client-side security context.
ContextPropagatingRemoteInvocationFactory - Class in org.springframework.security.remoting.rmi
Called by a client-side instance of org.springframework.remoting.rmi.RmiProxyFactoryBean when it wishes to create a remote invocation.
ContextPropagatingRemoteInvocationFactory() - Constructor for class org.springframework.security.remoting.rmi.ContextPropagatingRemoteInvocationFactory
 
contextSource(BaseLdapPathContextSource) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
Specifies the BaseLdapPathContextSource to be used.
contextSource() - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
Allows easily configuring of a BaseLdapPathContextSource with defaults pointing to an embedded LDAP server that is created.
convertPasswordToString(Object) - Static method in class org.springframework.security.ldap.LdapUtils
 
CookieClearingLogoutHandler - Class in org.springframework.security.web.authentication.logout
A logout handler which clears a defined list of cookies, using the context path as the cookie path.
CookieClearingLogoutHandler(String...) - Constructor for class org.springframework.security.web.authentication.logout.CookieClearingLogoutHandler
 
CookieTheftException - Exception in org.springframework.security.web.authentication.rememberme
 
CookieTheftException(String) - Constructor for exception org.springframework.security.web.authentication.rememberme.CookieTheftException
 
copyToContext(UserDetails, DirContextAdapter) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
 
count(int) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer.AttributeExchangeConfigurer.AttributeConfigurer
Specifies the number of attribute values to request.
create - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
 
CREATE - Static variable in class org.springframework.security.acls.domain.BasePermission
 
create(Callable<V>, SecurityContext) - Static method in class org.springframework.security.concurrent.DelegatingSecurityContextCallable
Creates a DelegatingSecurityContextCallable and with the given Callable and SecurityContext, but if the securityContext is null will defaults to the current SecurityContext on the SecurityContextHolder
create(Runnable, SecurityContext) - Static method in class org.springframework.security.concurrent.DelegatingSecurityContextRunnable
Factory method for creating a DelegatingSecurityContextRunnable.
create(Object, String, Object...) - Static method in class org.springframework.security.util.MethodInvocationUtils
Generates a MethodInvocation for specified methodName on the passed object, using the args to locate the method.
CREATE_TABLE_SQL - Static variable in class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl
Default SQL for creating the database table to store the tokens
createAcl(ObjectIdentity) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
 
createAcl(ObjectIdentity) - Method in interface org.springframework.security.acls.model.MutableAclService
Creates an empty Acl object in the database.
createAttributeList(String) - Method in interface org.springframework.security.openid.AxFetchListFactory
Builds the list of attributes which should be added to the fetch request for the supplied OpenID identifier.
createAttributeList(String) - Method in class org.springframework.security.openid.NullAxFetchListFactory
 
createAttributeList(String) - Method in class org.springframework.security.openid.RegexBasedAxFetchListFactory
Iterates through the patterns stored in the map and returns the list of attributes defined for the first match.
createAuthentication(HttpServletRequest) - Method in class org.springframework.security.web.authentication.AnonymousAuthenticationFilter
 
createAuthenticationRequest(String, String) - Method in class org.springframework.security.remoting.rmi.ContextPropagatingRemoteInvocation
Creates the server-side authentication request object.
createAuthority(Object) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsMapper
Creates a GrantedAuthority from a role attribute.
createAuthorityList(String...) - Static method in class org.springframework.security.core.authority.AuthorityUtils
 
createChannelAttributes(String) - Static method in class org.springframework.security.config.http.ChannelAttributeFactory
 
createCurrentUser(Authentication) - Method in class org.springframework.security.acls.domain.AclAuthorizationStrategyImpl
Creates a principal-like sid from the authentication information.
createELContext(HttpServletRequest) - Method in class org.springframework.security.web.util.matcher.ELRequestMatcher
Subclasses can override this methode if they want to use a different EL root context
createEmptyContext() - Static method in class org.springframework.security.core.context.SecurityContextHolder
Delegates the creation of a new, empty context to the configured strategy.
createEmptyContext() - Method in interface org.springframework.security.core.context.SecurityContextHolderStrategy
Creates a new, empty context implementation, for use by SecurityContextRepository implementations, when creating a new context for the first time.
createEntries(MutableAcl) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
Creates a new row in acl_entry for every ACE defined in the passed MutableAcl object.
createEvaluationContext(Authentication, T) - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
Invokes the internal template methods to create StandardEvaluationContext and SecurityExpressionRoot objects.
createEvaluationContext(Authentication, T) - Method in interface org.springframework.security.access.expression.SecurityExpressionHandler
Provides an evaluation context in which to evaluate security expressions for the invocation type.
createEvaluationContextInternal(Authentication, T) - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
Override to create a custom instance of StandardEvaluationContext.
createEvaluationContextInternal(Authentication, MethodInvocation) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
Uses a MethodSecurityEvaluationContext as the EvaluationContext implementation.
createExpressionEvaluationContext(SecurityExpressionHandler<FilterInvocation>) - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag
Allows the EvaluationContext to be customized for variable lookup etc.
createExpressionEvaluationContext(SecurityExpressionHandler<FilterInvocation>) - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
 
createExpressionHandler() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
createExpressionMessageMetadataSource(LinkedHashMap<MessageMatcher<?>, String>) - Static method in class org.springframework.security.messaging.access.expression.ExpressionBasedMessageSecurityMetadataSourceFactory
Create a MessageSecurityMetadataSource that uses MessageMatcher mapped to Spring Expressions.
createExpressionMessageMetadataSource(LinkedHashMap<MessageMatcher<?>, String>, SecurityExpressionHandler<Message<Object>>) - Static method in class org.springframework.security.messaging.access.expression.ExpressionBasedMessageSecurityMetadataSourceFactory
Create a MessageSecurityMetadataSource that uses MessageMatcher mapped to Spring Expressions.
createFromClass(Class<?>, String) - Static method in class org.springframework.security.util.MethodInvocationUtils
Generates a MethodInvocation for the specified methodName on the passed class.
createFromClass(Object, Class<?>, String, Class<?>[], Object[]) - Static method in class org.springframework.security.util.MethodInvocationUtils
Generates a MethodInvocation for specified methodName on the passed class, using the args to locate the method.
createGroup(String, List<GrantedAuthority>) - Method in interface org.springframework.security.provisioning.GroupManager
Creates a new group with the specified list of authorities.
createGroup(String, List<GrantedAuthority>) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
createList(String...) - Static method in class org.springframework.security.access.SecurityConfig
 
createListFromCommaDelimitedString(String) - Static method in class org.springframework.security.access.SecurityConfig
 
createLoginContext(CallbackHandler) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
Creates the LoginContext to be used for authentication.
createLoginContext(CallbackHandler) - Method in class org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider
Creates a LoginContext using the Configuration that was specified in DefaultJaasAuthenticationProvider.setConfiguration(Configuration).
createLoginContext(CallbackHandler) - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
 
createLoginProcessingUrlMatcher(String) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Create the RequestMatcher given a loginProcessingUrl
createLoginProcessingUrlMatcher(String) - Method in class org.springframework.security.config.annotation.web.configurers.FormLoginConfigurer
 
createLoginProcessingUrlMatcher(String) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer
 
createMatcher(String, String) - Method in enum org.springframework.security.config.http.MatcherType
 
createMessageMatcher(String, PathMatcher) - Static method in class org.springframework.security.messaging.util.matcher.SimpDestinationMessageMatcher
Creates a new instance with the specified pattern, SimpMessageType.MESSAGE, and PathMatcher.
createMetadataSource() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry
Allows subclasses to create creating a MessageSecurityMetadataSource.
createNewAuthentication(Authentication, String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
createNewToken(PersistentRememberMeToken) - Method in class org.springframework.security.web.authentication.rememberme.InMemoryTokenRepositoryImpl
 
createNewToken(PersistentRememberMeToken) - Method in class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl
 
createNewToken(PersistentRememberMeToken) - Method in interface org.springframework.security.web.authentication.rememberme.PersistentTokenRepository
 
createObjectIdentity(Serializable, String) - Method in class org.springframework.security.acls.domain.ObjectIdentityRetrievalStrategyImpl
 
createObjectIdentity(ObjectIdentity, Sid) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
Creates an entry in the acl_object_identity table for the passed ObjectIdentity.
createObjectIdentity(Serializable, String) - Method in interface org.springframework.security.acls.model.ObjectIdentityGenerator
 
createOrRetrieveClassPrimaryKey(String, boolean) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
Retrieves the primary key from acl_class, creating a new row if needed and the allowCreate property is true.
createOrRetrieveSidPrimaryKey(Sid, boolean) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
Retrieves the primary key from acl_sid, creating a new row if needed and the allowCreate property is true.
createOrRetrieveSidPrimaryKey(String, boolean, boolean) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
Retrieves the primary key from acl_sid, creating a new row if needed and the allowCreate property is true.
createPasswordEncoderBeanDefinition(String, boolean) - Static method in class org.springframework.security.config.authentication.PasswordEncoderParser
 
createPostInvocationAttribute(String, String) - Method in class org.springframework.security.access.expression.method.ExpressionBasedAnnotationAttributeFactory
 
createPostInvocationAttribute(String, String) - Method in interface org.springframework.security.access.prepost.PrePostInvocationAttributeFactory
 
createPreInvocationAttribute(String, String, String) - Method in class org.springframework.security.access.expression.method.ExpressionBasedAnnotationAttributeFactory
 
createPreInvocationAttribute(String, String, String) - Method in interface org.springframework.security.access.prepost.PrePostInvocationAttributeFactory
 
createRedirectUrl(String) - Method in class org.springframework.security.cas.web.CasAuthenticationEntryPoint
Constructs the Url for Redirection to the CAS server.
createRemoteInvocation(MethodInvocation) - Method in class org.springframework.security.remoting.rmi.ContextPropagatingRemoteInvocationFactory
 
createSecurityContext(A) - Method in interface org.springframework.security.test.context.support.WithSecurityContextFactory
Create a SecurityContext given an Annotation.
createSecurityExpressionRoot(Authentication, T) - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
Implement in order to create a root object of the correct type for the supported invocation type.
createSecurityExpressionRoot(Authentication, MethodInvocation) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
Creates the root object for expression evaluation.
createSecurityExpressionRoot(Authentication, Message<T>) - Method in class org.springframework.security.messaging.access.expression.DefaultMessageSecurityExpressionHandler
 
createSecurityExpressionRoot(Authentication, FilterInvocation) - Method in class org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler
 
createServiceUrl(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.cas.web.CasAuthenticationEntryPoint
Constructs a new Service Url.
createSid(boolean, String) - Method in class org.springframework.security.acls.jdbc.BasicLookupStrategy
Creates a particular implementation of Sid depending on the arguments.
createSubscribeMatcher(String, PathMatcher) - Static method in class org.springframework.security.messaging.util.matcher.SimpDestinationMessageMatcher
Creates a new instance with the specified pattern, SimpMessageType.SUBSCRIBE, and PathMatcher.
createSuccessAuthentication(Object, Authentication, UserDetails) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
Creates a successful Authentication object.
createSuccessfulAuthentication(UsernamePasswordAuthenticationToken, UserDetails) - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
Creates the final Authentication object which will be returned from the authenticate method.
createSuccessfulAuthentication(UserDetails, OpenIDAuthenticationToken) - Method in class org.springframework.security.openid.OpenIDAuthenticationProvider
Handles the creation of the final Authentication object which will be returned by the provider.
createSuccessfulAuthentication(HttpServletRequest, UserDetails) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
Creates the final Authentication object returned from the autoLogin method.
createTarget() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
 
createTarget() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
 
createTarget() - Method in class org.springframework.security.ldap.userdetails.Person.Essence
 
createUser(UserDetails) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
 
createUser(UserDetails) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
 
createUser(UserDetails) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
createUser(UserDetails) - Method in interface org.springframework.security.provisioning.UserDetailsManager
Create a new user with the supplied details.
createUserDetails(String, UserDetails, List<GrantedAuthority>) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
Can be overridden to customize the creation of the final UserDetailsObject which is returned by the loadUserByUsername method.
createUserDetails() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
 
createUserDetails() - Method in class org.springframework.security.ldap.userdetails.Person.Essence
 
createUserDetails(Authentication, Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesUserDetailsService
Creates the final UserDetails object.
CredentialsContainer - Interface in org.springframework.security.core
Indicates that the implementing object contains sensitive data, which can be erased using the eraseCredentials method.
credentialsExpired(boolean) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
Defines if the credentials are expired or not.
CredentialsExpiredException - Exception in org.springframework.security.authentication
Thrown if an authentication request is rejected because the account's credentials have expired.
CredentialsExpiredException(String) - Constructor for exception org.springframework.security.authentication.CredentialsExpiredException
Constructs a CredentialsExpiredException with the specified message.
CredentialsExpiredException(String, Throwable) - Constructor for exception org.springframework.security.authentication.CredentialsExpiredException
Constructs a CredentialsExpiredException with the specified message and root cause.
csrf() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Adds CSRF support.
CSRF - Static variable in class org.springframework.security.config.Elements
 
csrf() - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors
Creates a RequestPostProcessor that will automatically populate a valid CsrfToken in the request.
CsrfAuthenticationStrategy - Class in org.springframework.security.web.csrf
CsrfAuthenticationStrategy is in charge of removing the CsrfToken upon authenticating.
CsrfAuthenticationStrategy(CsrfTokenRepository) - Constructor for class org.springframework.security.web.csrf.CsrfAuthenticationStrategy
Creates a new instance
CsrfBeanDefinitionParser - Class in org.springframework.security.config.http
Parser for the CsrfFilter.
CsrfBeanDefinitionParser() - Constructor for class org.springframework.security.config.http.CsrfBeanDefinitionParser
 
csrfChannelInterceptor() - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
 
CsrfChannelInterceptor - Class in org.springframework.security.messaging.web.csrf
ChannelInterceptorAdapter that validates that a valid CSRF is included in the header of any SimpMessageType.CONNECT message.
CsrfChannelInterceptor() - Constructor for class org.springframework.security.messaging.web.csrf.CsrfChannelInterceptor
 
CsrfConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Adds CSRF protection for the methods as specified by CsrfConfigurer.requireCsrfProtectionMatcher(RequestMatcher).
CsrfConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.CsrfConfigurer
Creates a new instance
CsrfException - Exception in org.springframework.security.web.csrf
Thrown when an invalid or missing CsrfToken is found in the HttpServletRequest
CsrfException(String) - Constructor for exception org.springframework.security.web.csrf.CsrfException
 
CsrfFilter - Class in org.springframework.security.web.csrf
Applies CSRF protection using a synchronizer token pattern.
CsrfFilter(CsrfTokenRepository) - Constructor for class org.springframework.security.web.csrf.CsrfFilter
 
CsrfInputTag - Class in org.springframework.security.taglibs.csrf
A JSP tag that prints out a hidden form field for the CSRF token.
CsrfInputTag() - Constructor for class org.springframework.security.taglibs.csrf.CsrfInputTag
 
CsrfLogoutHandler - Class in org.springframework.security.web.csrf
CsrfLogoutHandler is in charge of removing the CsrfToken upon logout.
CsrfLogoutHandler(CsrfTokenRepository) - Constructor for class org.springframework.security.web.csrf.CsrfLogoutHandler
Creates a new instance
CsrfMetaTagsTag - Class in org.springframework.security.taglibs.csrf
A JSP tag that prints out a meta tags holding the CSRF form field name and token value for use in JavaScrip code.
CsrfMetaTagsTag() - Constructor for class org.springframework.security.taglibs.csrf.CsrfMetaTagsTag
 
CsrfRequestDataValueProcessor - Class in org.springframework.security.web.servlet.support.csrf
Integration with Spring Web MVC that automatically adds the CsrfToken into forms with hidden inputs when using Spring tag libraries.
CsrfRequestDataValueProcessor() - Constructor for class org.springframework.security.web.servlet.support.csrf.CsrfRequestDataValueProcessor
 
CsrfToken - Interface in org.springframework.security.web.csrf
Provides the information about an expected CSRF token.
CsrfTokenArgumentResolver - Class in org.springframework.security.web.method.annotation
Allows resolving the current CsrfToken.
CsrfTokenArgumentResolver() - Constructor for class org.springframework.security.web.method.annotation.CsrfTokenArgumentResolver
 
CsrfTokenHandshakeInterceptor - Class in org.springframework.security.messaging.web.socket.server
Copies a CsrfToken from the HttpServletRequest's attributes to the WebSocket attributes.
CsrfTokenHandshakeInterceptor() - Constructor for class org.springframework.security.messaging.web.socket.server.CsrfTokenHandshakeInterceptor
 
csrfTokenRepository(CsrfTokenRepository) - Method in class org.springframework.security.config.annotation.web.configurers.CsrfConfigurer
Specify the CsrfTokenRepository to use.
CsrfTokenRepository - Interface in org.springframework.security.web.csrf
An API to allow changing the method in which the expected CsrfToken is associated to the HttpServletRequest.
CumulativePermission - Class in org.springframework.security.acls.domain
Represents a Permission that is constructed at runtime from other permissions.
CumulativePermission() - Constructor for class org.springframework.security.acls.domain.CumulativePermission
 
currentDate - Static variable in class org.springframework.security.web.savedrequest.FastHttpDateFormat
Current formatted date.
currentDateGenerated - Static variable in class org.springframework.security.web.savedrequest.FastHttpDateFormat
Instant on which the currentDate object was generated.
CUSTOM_FILTER - Static variable in class org.springframework.security.config.Elements
 
customizeClientInboundChannel(ChannelRegistration) - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
Allows subclasses to customize the configuration of the ChannelRegistration .
customMethodSecurityMetadataSource() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
CycleInRoleHierarchyException - Exception in org.springframework.security.access.hierarchicalroles
Exception that is thrown because of a cycle in the role hierarchy definition
CycleInRoleHierarchyException() - Constructor for exception org.springframework.security.access.hierarchicalroles.CycleInRoleHierarchyException
 

D

DaoAuthenticationConfigurer<B extends ProviderManagerBuilder<B>,U extends UserDetailsService> - Class in org.springframework.security.config.annotation.authentication.configurers.userdetails
Allows configuring a DaoAuthenticationProvider
DaoAuthenticationConfigurer(U) - Constructor for class org.springframework.security.config.annotation.authentication.configurers.userdetails.DaoAuthenticationConfigurer
Creates a new instance
DaoAuthenticationProvider - Class in org.springframework.security.authentication.dao
An AuthenticationProvider implementation that retrieves user details from a UserDetailsService.
DaoAuthenticationProvider() - Constructor for class org.springframework.security.authentication.dao.DaoAuthenticationProvider
 
dataSource(DataSource) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
Populates the DataSource to be used.
debug(boolean) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
Controls debugging support for Spring Security.
DEBUG - Static variable in class org.springframework.security.config.Elements
 
DEBUG_FILTER - Static variable in class org.springframework.security.config.BeanIds
 
DebugBeanDefinitionParser - Class in org.springframework.security.config
 
DebugBeanDefinitionParser() - Constructor for class org.springframework.security.config.DebugBeanDefinitionParser
 
DebugFilter - Class in org.springframework.security.web.debug
Spring Security debugging filter.
DebugFilter(FilterChainProxy) - Constructor for class org.springframework.security.web.debug.DebugFilter
 
decide(Authentication, Object, Collection<ConfigAttribute>) - Method in interface org.springframework.security.access.AccessDecisionManager
Resolves an access control decision for the passed parameters.
decide(Authentication, Object, Collection<ConfigAttribute>, Object) - Method in interface org.springframework.security.access.AfterInvocationProvider
 
decide(Authentication, Object, Collection<ConfigAttribute>, Object) - Method in interface org.springframework.security.access.intercept.AfterInvocationManager
Given the details of a secure object invocation including its returned Object, make an access control decision or optionally modify the returned Object.
decide(Authentication, Object, Collection<ConfigAttribute>, Object) - Method in class org.springframework.security.access.intercept.AfterInvocationProviderManager
 
decide(Authentication, Object, Collection<ConfigAttribute>, Object) - Method in class org.springframework.security.access.prepost.PostInvocationAdviceProvider
 
decide(Authentication, Object, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.vote.AffirmativeBased
This concrete implementation simply polls all configured AccessDecisionVoters and grants access if any AccessDecisionVoter voted affirmatively.
decide(Authentication, Object, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.vote.ConsensusBased
This concrete implementation simply polls all configured AccessDecisionVoters and upon completion determines the consensus of granted against denied responses.
decide(Authentication, Object, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.vote.UnanimousBased
This concrete implementation polls all configured AccessDecisionVoters for each ConfigAttribute and grants access if only grant (or abstain) votes were received.
decide(Authentication, Object, Collection<ConfigAttribute>, Object) - Method in class org.springframework.security.acls.afterinvocation.AclEntryAfterInvocationCollectionFilteringProvider
 
decide(Authentication, Object, Collection<ConfigAttribute>, Object) - Method in class org.springframework.security.acls.afterinvocation.AclEntryAfterInvocationProvider
 
decide(FilterInvocation, Collection<ConfigAttribute>) - Method in interface org.springframework.security.web.access.channel.ChannelDecisionManager
Decided whether the presented FilterInvocation provides the appropriate level of channel security based on the requested list of ConfigAttributes.
decide(FilterInvocation, Collection<ConfigAttribute>) - Method in class org.springframework.security.web.access.channel.ChannelDecisionManagerImpl
 
decide(FilterInvocation, Collection<ConfigAttribute>) - Method in interface org.springframework.security.web.access.channel.ChannelProcessor
Decided whether the presented FilterInvocation provides the appropriate level of channel security based on the requested list of ConfigAttributes.
decide(FilterInvocation, Collection<ConfigAttribute>) - Method in class org.springframework.security.web.access.channel.InsecureChannelProcessor
 
decide(FilterInvocation, Collection<ConfigAttribute>) - Method in class org.springframework.security.web.access.channel.SecureChannelProcessor
 
DECODE - Static variable in class org.springframework.security.crypto.codec.Base64
Specify decoding in first bit.
decode(byte[]) - Static method in class org.springframework.security.crypto.codec.Base64
 
decode(CharSequence) - Static method in class org.springframework.security.crypto.codec.Hex
 
decode(byte[]) - Static method in class org.springframework.security.crypto.codec.Utf8
Decode the bytes in UTF-8 form into a String.
decodeCookie(String) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
Decodes the cookie and splits it into a set of token strings using the ":" delimiter.
decorate(Node, BeanDefinitionHolder, ParserContext) - Method in class org.springframework.security.config.http.FilterChainMapBeanDefinitionDecorator
 
decorate(Node, BeanDefinitionHolder, ParserContext) - Method in class org.springframework.security.config.method.InterceptMethodsBeanDefinitionDecorator
 
decorate(Node, BeanDefinitionHolder, ParserContext) - Method in class org.springframework.security.config.SecurityNamespaceHandler
 
decrypt(byte[]) - Method in interface org.springframework.security.crypto.encrypt.BytesEncryptor
Decrypt the byte array.
decrypt(String) - Method in interface org.springframework.security.crypto.encrypt.TextEncryptor
Decrypt the encrypted text string.
DEF_AUTHORITIES_BY_USERNAME_QUERY - Static variable in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
 
DEF_CHANGE_PASSWORD_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_CREATE_USER_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_DELETE_GROUP_AUTHORITIES_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_DELETE_GROUP_AUTHORITY_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_DELETE_GROUP_MEMBER_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_DELETE_GROUP_MEMBERS_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_DELETE_GROUP_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_DELETE_USER_AUTHORITIES_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_DELETE_USER_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_FIND_GROUP_ID_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_FIND_GROUPS_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_FIND_USERS_IN_GROUP_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_GROUP_AUTHORITIES_BY_USERNAME_QUERY - Static variable in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
 
DEF_GROUP_AUTHORITIES_QUERY_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_GROUP_SEARCH_BASE - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
DEF_GROUP_SEARCH_FILTER - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
DEF_INSERT_AUTHORITY_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_INSERT_GROUP_AUTHORITY_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_INSERT_GROUP_MEMBER_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_INSERT_GROUP_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_INSERT_TOKEN_SQL - Static variable in class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl
The default SQL used by createNewToken
DEF_REMOVE_USER_TOKENS_SQL - Static variable in class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl
The default SQL used by removeUserTokens
DEF_RENAME_GROUP_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_TOKEN_BY_SERIES_SQL - Static variable in class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl
The default SQL used by the getTokenBySeries query
DEF_UPDATE_TOKEN_SQL - Static variable in class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl
The default SQL used by updateToken
DEF_UPDATE_USER_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_USER_EXISTS_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_USER_SEARCH_BASE - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
DEF_USERS_BY_USERNAME_QUERY - Static variable in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
 
DEFAULT_CAS_ARTIFACT_PARAMETER - Static variable in class org.springframework.security.cas.ServiceProperties
 
DEFAULT_CAS_SERVICE_PARAMETER - Static variable in class org.springframework.security.cas.ServiceProperties
 
DEFAULT_CLAIMED_IDENTITY_FIELD - Static variable in class org.springframework.security.openid.OpenIDAuthenticationFilter
 
DEFAULT_CSRF_MATCHER - Static variable in class org.springframework.security.web.csrf.CsrfFilter
The default RequestMatcher that indicates if CSRF protection is required or not.
DEFAULT_EXTRACTOR - Static variable in class org.springframework.security.web.util.ThrowableAnalyzer
Default extractor for Throwable instances.
DEFAULT_FILTER_NAME - Static variable in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
 
DEFAULT_LOGIN_PAGE_URL - Static variable in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
 
DEFAULT_ORDER_BY_CLAUSE - Static variable in class org.springframework.security.acls.jdbc.BasicLookupStrategy
 
DEFAULT_PARAMETER - Static variable in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
 
DEFAULT_SAML_ARTIFACT_PARAMETER - Static variable in class org.springframework.security.cas.SamlServiceProperties
 
DEFAULT_SAML_SERVICE_PARAMETER - Static variable in class org.springframework.security.cas.SamlServiceProperties
 
DEFAULT_SELECT_CLAUSE - Static variable in class org.springframework.security.acls.jdbc.BasicLookupStrategy
 
DEFAULT_SERIES_LENGTH - Static variable in class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices
 
DEFAULT_TOKEN_LENGTH - Static variable in class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices
 
defaultAuthenticationEntryPointFor(AuthenticationEntryPoint, RequestMatcher) - Method in class org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer
Sets a default AuthenticationEntryPoint to be used which prefers being invoked for the provided RequestMatcher.
DefaultAuthenticationEventPublisher - Class in org.springframework.security.authentication
The default strategy for publishing authentication events.
DefaultAuthenticationEventPublisher() - Constructor for class org.springframework.security.authentication.DefaultAuthenticationEventPublisher
 
DefaultAuthenticationEventPublisher(ApplicationEventPublisher) - Constructor for class org.springframework.security.authentication.DefaultAuthenticationEventPublisher
 
DefaultCsrfToken - Class in org.springframework.security.web.csrf
A CSRF token that is used to protect against CSRF attacks.
DefaultCsrfToken(String, String, String) - Constructor for class org.springframework.security.web.csrf.DefaultCsrfToken
Creates a new instance
DefaultFilterChainValidator - Class in org.springframework.security.config.http
 
DefaultFilterChainValidator() - Constructor for class org.springframework.security.config.http.DefaultFilterChainValidator
 
DefaultFilterInvocationSecurityMetadataSource - Class in org.springframework.security.web.access.intercept
Default implementation of FilterInvocationDefinitionSource.
DefaultFilterInvocationSecurityMetadataSource(LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>) - Constructor for class org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource
Sets the internal request map from the supplied map.
DefaultHttpFirewall - Class in org.springframework.security.web.firewall
Default implementation which wraps requests in order to provide consistent values of the servletPath and pathInfo, which do not contain path parameters (as defined in RFC 2396).
DefaultHttpFirewall() - Constructor for class org.springframework.security.web.firewall.DefaultHttpFirewall
 
DefaultJaasAuthenticationProvider - Class in org.springframework.security.authentication.jaas
Creates a LoginContext using the Configuration provided to it.
DefaultJaasAuthenticationProvider() - Constructor for class org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider
 
DefaultLdapAuthoritiesPopulator - Class in org.springframework.security.ldap.userdetails
The default strategy for obtaining user role information from the directory.
DefaultLdapAuthoritiesPopulator(ContextSource, String) - Constructor for class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
Constructor for group search scenarios.
DefaultLdapUsernameToDnMapper - Class in org.springframework.security.ldap
This implementation appends a name component to the userDnBase context using the usernameAttributeName property.
DefaultLdapUsernameToDnMapper(String, String) - Constructor for class org.springframework.security.ldap.DefaultLdapUsernameToDnMapper
 
DefaultLoginExceptionResolver - Class in org.springframework.security.authentication.jaas
This LoginExceptionResolver simply wraps the LoginException with an AuthenticationServiceException.
DefaultLoginExceptionResolver() - Constructor for class org.springframework.security.authentication.jaas.DefaultLoginExceptionResolver
 
DefaultLoginPageConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Adds a Filter that will generate a login page if one is not specified otherwise when using WebSecurityConfigurerAdapter.
DefaultLoginPageConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.DefaultLoginPageConfigurer
 
DefaultLoginPageGeneratingFilter - Class in org.springframework.security.web.authentication.ui
For internal use with namespace configuration in the case where a user doesn't configure a login page.
DefaultLoginPageGeneratingFilter() - Constructor for class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
 
DefaultLoginPageGeneratingFilter(AbstractAuthenticationProcessingFilter) - Constructor for class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
 
DefaultLoginPageGeneratingFilter(UsernamePasswordAuthenticationFilter, AbstractAuthenticationProcessingFilter) - Constructor for class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
 
DefaultMessageSecurityExpressionHandler<T> - Class in org.springframework.security.messaging.access.expression
The default implementation of SecurityExpressionHandler which uses a MessageSecurityExpressionRoot.
DefaultMessageSecurityExpressionHandler() - Constructor for class org.springframework.security.messaging.access.expression.DefaultMessageSecurityExpressionHandler
 
DefaultMessageSecurityMetadataSource - Class in org.springframework.security.messaging.access.intercept
A default implementation of MessageSecurityMetadataSource that looks up the ConfigAttribute instances using a MessageMatcher.
DefaultMessageSecurityMetadataSource(LinkedHashMap<MessageMatcher<?>, Collection<ConfigAttribute>>) - Constructor for class org.springframework.security.messaging.access.intercept.DefaultMessageSecurityMetadataSource
 
DefaultMethodSecurityExpressionHandler - Class in org.springframework.security.access.expression.method
The standard implementation of MethodSecurityExpressionHandler.
DefaultMethodSecurityExpressionHandler() - Constructor for class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
 
DefaultPermissionFactory - Class in org.springframework.security.acls.domain
Default implementation of PermissionFactory.
DefaultPermissionFactory() - Constructor for class org.springframework.security.acls.domain.DefaultPermissionFactory
Registers the Permission fields from the BasePermission class.
DefaultPermissionFactory(Class<? extends Permission>) - Constructor for class org.springframework.security.acls.domain.DefaultPermissionFactory
Registers the Permission fields from the supplied class.
DefaultPermissionFactory(Map<String, ? extends Permission>) - Constructor for class org.springframework.security.acls.domain.DefaultPermissionFactory
Registers a map of named Permission instances.
DefaultPermissionGrantingStrategy - Class in org.springframework.security.acls.domain
 
DefaultPermissionGrantingStrategy(AuditLogger) - Constructor for class org.springframework.security.acls.domain.DefaultPermissionGrantingStrategy
Creates an instance with the logger which will be used to record granting and denial of requested permissions.
DefaultRedirectStrategy - Class in org.springframework.security.web
Simple implementation of RedirectStrategy which is the default used throughout the framework.
DefaultRedirectStrategy() - Constructor for class org.springframework.security.web.DefaultRedirectStrategy
 
DefaultSavedRequest - Class in org.springframework.security.web.savedrequest
Represents central information from a HttpServletRequest.
DefaultSavedRequest(HttpServletRequest, PortResolver) - Constructor for class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
defaultsDisabled() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
Clears all of the default headers from the response.
DefaultSecurityFilterChain - Class in org.springframework.security.web
Standard implementation of SecurityFilterChain.
DefaultSecurityFilterChain(RequestMatcher, Filter...) - Constructor for class org.springframework.security.web.DefaultSecurityFilterChain
 
DefaultSecurityFilterChain(RequestMatcher, List<Filter>) - Constructor for class org.springframework.security.web.DefaultSecurityFilterChain
 
DefaultSecurityParameterNameDiscoverer - Class in org.springframework.security.core.parameters
Spring Security's default ParameterNameDiscoverer which tries a number of ParameterNameDiscoverer depending on what is found on the classpath.
DefaultSecurityParameterNameDiscoverer() - Constructor for class org.springframework.security.core.parameters.DefaultSecurityParameterNameDiscoverer
Creates a new instance with only the default ParameterNameDiscoverer instances.
DefaultSecurityParameterNameDiscoverer(List<? extends ParameterNameDiscoverer>) - Constructor for class org.springframework.security.core.parameters.DefaultSecurityParameterNameDiscoverer
Creates a new instance that first tries the passed in ParameterNameDiscoverer instances.
DefaultSpringSecurityContextSource - Class in org.springframework.security.ldap
ContextSource implementation which uses Spring LDAP's LdapContextSource as a base class.
DefaultSpringSecurityContextSource(String) - Constructor for class org.springframework.security.ldap.DefaultSpringSecurityContextSource
Create and initialize an instance which will connect to the supplied LDAP URL.
DefaultSpringSecurityContextSource(List<String>, String) - Constructor for class org.springframework.security.ldap.DefaultSpringSecurityContextSource
Create and initialize an instance which will connect of the LDAP Spring Security Context Source.
defaultSuccessUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Specifies where users will go after authenticating successfully if they have not visited a secured page prior to authenticating.
defaultSuccessUrl(String, boolean) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Specifies where users will go after authenticating successfully if they have not visited a secured page prior to authenticating or alwaysUse is true.
DefaultToken - Class in org.springframework.security.core.token
The default implementation of Token.
DefaultToken(String, long, String) - Constructor for class org.springframework.security.core.token.DefaultToken
 
DefaultWebInvocationPrivilegeEvaluator - Class in org.springframework.security.web.access
Allows users to determine whether they have privileges for a given web URI.
DefaultWebInvocationPrivilegeEvaluator(AbstractSecurityInterceptor) - Constructor for class org.springframework.security.web.access.DefaultWebInvocationPrivilegeEvaluator
 
DefaultWebSecurityExpressionHandler - Class in org.springframework.security.web.access.expression
 
DefaultWebSecurityExpressionHandler() - Constructor for class org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler
 
DelegatingAccessDeniedHandler - Class in org.springframework.security.web.access
DelegatingAccessDeniedHandler(LinkedHashMap<Class<? extends AccessDeniedException>, AccessDeniedHandler>, AccessDeniedHandler) - Constructor for class org.springframework.security.web.access.DelegatingAccessDeniedHandler
Creates a new instance
delegatingApplicationListener() - Static method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
 
DelegatingApplicationListener - Class in org.springframework.security.context
Used for delegating to a number of SmartApplicationListener instances.
DelegatingApplicationListener() - Constructor for class org.springframework.security.context.DelegatingApplicationListener
 
DelegatingAuthenticationEntryPoint - Class in org.springframework.security.web.authentication
An AuthenticationEntryPoint which selects a concrete AuthenticationEntryPoint based on a RequestMatcher evaluation.
DelegatingAuthenticationEntryPoint(LinkedHashMap<RequestMatcher, AuthenticationEntryPoint>) - Constructor for class org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint
 
DelegatingAuthenticationFailureHandler - Class in org.springframework.security.web.authentication
DelegatingAuthenticationFailureHandler(LinkedHashMap<Class<? extends AuthenticationException>, AuthenticationFailureHandler>, AuthenticationFailureHandler) - Constructor for class org.springframework.security.web.authentication.DelegatingAuthenticationFailureHandler
Creates a new instance
DelegatingMethodSecurityMetadataSource - Class in org.springframework.security.access.method
Automatically tries a series of method definition sources, relying on the first source of metadata that provides a non-null/non-empty response.
DelegatingMethodSecurityMetadataSource(List<MethodSecurityMetadataSource>) - Constructor for class org.springframework.security.access.method.DelegatingMethodSecurityMetadataSource
 
DelegatingRequestMatcherHeaderWriter - Class in org.springframework.security.web.header.writers
Delegates to the provided HeaderWriter when RequestMatcher.matches(HttpServletRequest) returns true.
DelegatingRequestMatcherHeaderWriter(RequestMatcher, HeaderWriter) - Constructor for class org.springframework.security.web.header.writers.DelegatingRequestMatcherHeaderWriter
Creates a new instance
DelegatingSecurityContextAsyncTaskExecutor - Class in org.springframework.security.task
DelegatingSecurityContextAsyncTaskExecutor(AsyncTaskExecutor, SecurityContext) - Constructor for class org.springframework.security.task.DelegatingSecurityContextAsyncTaskExecutor
Creates a new DelegatingSecurityContextAsyncTaskExecutor that uses the specified SecurityContext.
DelegatingSecurityContextAsyncTaskExecutor(AsyncTaskExecutor) - Constructor for class org.springframework.security.task.DelegatingSecurityContextAsyncTaskExecutor
Creates a new DelegatingSecurityContextAsyncTaskExecutor that uses the current SecurityContext.
DelegatingSecurityContextCallable<V> - Class in org.springframework.security.concurrent
Wraps a delegate Callable with logic for setting up a SecurityContext before invoking the delegate Callable and then removing the SecurityContext after the delegate has completed.
DelegatingSecurityContextCallable(Callable<V>, SecurityContext) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextCallable
Creates a new DelegatingSecurityContextCallable with a specific SecurityContext.
DelegatingSecurityContextCallable(Callable<V>) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextCallable
DelegatingSecurityContextExecutor - Class in org.springframework.security.concurrent
DelegatingSecurityContextExecutor(Executor, SecurityContext) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextExecutor
Creates a new DelegatingSecurityContextExecutor that uses the specified SecurityContext.
DelegatingSecurityContextExecutor(Executor) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextExecutor
Creates a new DelegatingSecurityContextExecutor that uses the current SecurityContext from the SecurityContextHolder at the time the task is submitted.
DelegatingSecurityContextExecutorService - Class in org.springframework.security.concurrent
DelegatingSecurityContextExecutorService(ExecutorService, SecurityContext) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
Creates a new DelegatingSecurityContextExecutorService that uses the specified SecurityContext.
DelegatingSecurityContextExecutorService(ExecutorService) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
DelegatingSecurityContextRunnable - Class in org.springframework.security.concurrent
Wraps a delegate Runnable with logic for setting up a SecurityContext before invoking the delegate Runnable and then removing the SecurityContext after the delegate has completed.
DelegatingSecurityContextRunnable(Runnable, SecurityContext) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextRunnable
Creates a new DelegatingSecurityContextRunnable with a specific SecurityContext.
DelegatingSecurityContextRunnable(Runnable) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextRunnable
DelegatingSecurityContextScheduledExecutorService - Class in org.springframework.security.concurrent
DelegatingSecurityContextScheduledExecutorService(ScheduledExecutorService, SecurityContext) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextScheduledExecutorService
DelegatingSecurityContextScheduledExecutorService(ScheduledExecutorService) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextScheduledExecutorService
DelegatingSecurityContextSchedulingTaskExecutor - Class in org.springframework.security.scheduling
DelegatingSecurityContextSchedulingTaskExecutor(SchedulingTaskExecutor, SecurityContext) - Constructor for class org.springframework.security.scheduling.DelegatingSecurityContextSchedulingTaskExecutor
DelegatingSecurityContextSchedulingTaskExecutor(SchedulingTaskExecutor) - Constructor for class org.springframework.security.scheduling.DelegatingSecurityContextSchedulingTaskExecutor
DelegatingSecurityContextTaskExecutor - Class in org.springframework.security.task
DelegatingSecurityContextTaskExecutor(TaskExecutor, SecurityContext) - Constructor for class org.springframework.security.task.DelegatingSecurityContextTaskExecutor
Creates a new DelegatingSecurityContextTaskExecutor that uses the specified SecurityContext.
DelegatingSecurityContextTaskExecutor(TaskExecutor) - Constructor for class org.springframework.security.task.DelegatingSecurityContextTaskExecutor
delete - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
 
DELETE - Static variable in class org.springframework.security.acls.domain.BasePermission
 
deleteAce(int) - Method in class org.springframework.security.acls.domain.AclImpl
 
deleteAce(int) - Method in interface org.springframework.security.acls.model.MutableAcl
 
deleteAcl(ObjectIdentity, boolean) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
 
deleteAcl(ObjectIdentity, boolean) - Method in interface org.springframework.security.acls.model.MutableAclService
Removes the specified entry from the database.
deleteCookies(String...) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
Allows specifying the names of cookies to be removed on logout success.
deleteEntries(Long) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
Deletes all ACEs defined in the acl_entry table belonging to the presented ObjectIdentity primary key.
deleteGroup(String) - Method in interface org.springframework.security.provisioning.GroupManager
Removes a group, including all members and authorities.
deleteGroup(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
deleteObjectIdentity(Long) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
Deletes a single row from acl_object_identity that is associated with the presented ObjectIdentity primary key.
deleteUser(String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
 
deleteUser(String) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
 
deleteUser(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
deleteUser(String) - Method in interface org.springframework.security.provisioning.UserDetailsManager
Remove the user with the given login name from the system.
delux(CharSequence, CharSequence) - Static method in class org.springframework.security.crypto.encrypt.Encryptors
Creates a text encryptor that uses "stronger" password-based encryption.
demergePasswordAndSalt(String) - Method in class org.springframework.security.authentication.encoding.BasePasswordEncoder
Used by subclasses to extract the password and salt from a merged String created using BasePasswordEncoder.mergePasswordAndSalt(String,Object,boolean).
demergePatterns(String, String) - Static method in class org.springframework.security.acls.domain.AclFormattingUtils
 
deny() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.FrameOptionsConfig
Specify to DENY framing any content from this application.
DENY_ALL_ATTRIBUTE - Static variable in class org.springframework.security.access.annotation.Jsr250SecurityConfig
 
denyAll() - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
Always denies access
denyAll - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
Allows "denyAll" expression
denyAll() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
 
denyAll() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
Specify that URLs are not allowed by anyone.
denyAll() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
Specify that Messages are not allowed by anyone.
DenyAllPermissionEvaluator - Class in org.springframework.security.access.expression
A null PermissionEvaluator which denies all access.
DenyAllPermissionEvaluator() - Constructor for class org.springframework.security.access.expression.DenyAllPermissionEvaluator
 
destroy() - Method in class org.springframework.security.ldap.server.ApacheDSContainer
 
destroy() - Method in class org.springframework.security.web.access.intercept.FilterSecurityInterceptor
Not used (we rely on IoC container lifecycle services instead)
destroy() - Method in class org.springframework.security.web.debug.DebugFilter
 
determineCauseChain(Throwable) - Method in class org.springframework.security.web.util.ThrowableAnalyzer
Determines the cause chain of the provided Throwable.
determineExpiredUrl(HttpServletRequest, SessionInformation) - Method in class org.springframework.security.web.session.ConcurrentSessionFilter
 
determineTargetUrl(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
Builds the target URL according to the logic defined in the main class Javadoc.
determineUrlToUseForThisRequest(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
Allows subclasses to modify the login form URL that should be applicable for a given request.
digest() - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors
Creates a DigestRequestPostProcessor that enables easily adding digest based authentication to a request.
digest(String) - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors
Creates a DigestRequestPostProcessor that enables easily adding digest based authentication to a request.
DigestAuthenticationEntryPoint - Class in org.springframework.security.web.authentication.www
Used by the SecurityEnforcementFilter to commence authentication via the DigestAuthenticationFilter.
DigestAuthenticationEntryPoint() - Constructor for class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
 
DigestAuthenticationFilter - Class in org.springframework.security.web.authentication.www
Processes a HTTP request's Digest authorization headers, putting the result into the SecurityContextHolder.
DigestAuthenticationFilter() - Constructor for class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
 
disable() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.CacheControlConfig
Disables Cache Control
disable() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.ContentTypeOptionsConfig
Removes the X-XSS-Protection header.
disable() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.FrameOptionsConfig
Prevents the header from being added to the response.
disable() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.HstsConfig
Disables Strict Transport Security
disable() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.XXssConfig
Disables X-XSS-Protection header (does not include it)
disabled(boolean) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
Defines if the account is disabled or not.
DisabledException - Exception in org.springframework.security.authentication
Thrown if an authentication request is rejected because the account is disabled.
DisabledException(String) - Constructor for exception org.springframework.security.authentication.DisabledException
Constructs a DisabledException with the specified message.
DisabledException(String, Throwable) - Constructor for exception org.springframework.security.authentication.DisabledException
Constructs a DisabledException with the specified message and root cause.
disableSaveOnResponseCommitted() - Method in class org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper
Invoke this method to disable automatic saving of the SecurityContext when the HttpServletResponse is committed.
DN_KEY - Static variable in class org.springframework.security.ldap.SpringSecurityLdapTemplate
Every search results where a record is defined by a Map<String,String[]> contains at least this key - the DN of the record itself.
DnsEntryNotFoundException - Exception in org.springframework.security.remoting.dns
This will be thrown if no entry matches the specified DNS query.
DnsEntryNotFoundException(String) - Constructor for exception org.springframework.security.remoting.dns.DnsEntryNotFoundException
 
DnsEntryNotFoundException(String, Throwable) - Constructor for exception org.springframework.security.remoting.dns.DnsEntryNotFoundException
 
DnsLookupException - Exception in org.springframework.security.remoting.dns
This will be thrown for unknown DNS errors.
DnsLookupException(String, Throwable) - Constructor for exception org.springframework.security.remoting.dns.DnsLookupException
 
DnsLookupException(String) - Constructor for exception org.springframework.security.remoting.dns.DnsLookupException
 
DnsResolver - Interface in org.springframework.security.remoting.dns
Helper class for DNS operations.
DO_BREAK_LINES - Static variable in class org.springframework.security.crypto.codec.Base64
Do break lines when encoding.
doAfterPropertiesSet() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
 
doAfterPropertiesSet() - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
 
doAuthentication(UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
 
doAuthentication(UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider
 
doAuthentication(UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.ldap.authentication.LdapAuthenticationProvider
 
doBuild() - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Executes the build using the SecurityConfigurer's that have been applied using the following steps: Invokes AbstractConfiguredSecurityBuilder.beforeInit() for any subclass to hook into Invokes SecurityConfigurer.init(SecurityBuilder) for any SecurityConfigurer that was applied to this builder. Invokes AbstractConfiguredSecurityBuilder.beforeConfigure() for any subclass to hook into Invokes AbstractConfiguredSecurityBuilder.performBuild() which actually builds the Object
doBuild() - Method in class org.springframework.security.config.annotation.AbstractSecurityBuilder
Subclasses should implement this to perform the build.
doEndTag() - Method in class org.springframework.security.taglibs.authz.AuthenticationTag
 
doEndTag() - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
Default processing of the end tag returning EVAL_PAGE.
doesRequestMatch(HttpServletRequest, PortResolver) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
Determines if the current request matches the DefaultSavedRequest.
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.access.channel.ChannelProcessingFilter
 
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.access.ExceptionTranslationFilter
 
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.access.intercept.FilterSecurityInterceptor
Method that is actually called by the filter chain.
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
Invokes the requiresAuthentication method to determine whether the request is for authentication and should be handled by this filter.
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.authentication.AnonymousAuthenticationFilter
 
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.authentication.logout.LogoutFilter
 
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
Try to authenticate a pre-authenticated user with Spring Security if the user has not yet been authenticated.
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter
 
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
 
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
 
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
 
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.context.SecurityContextPersistenceFilter
 
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.debug.DebugFilter
 
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.FilterChainProxy
 
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.jaasapi.JaasApiIntegrationFilter
Attempts to obtain and run as a JAAS Subject using JaasApiIntegrationFilter.obtainSubject(ServletRequest).
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.savedrequest.RequestCacheAwareFilter
 
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter
 
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.session.ConcurrentSessionFilter
 
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.session.SessionManagementFilter
 
doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
 
doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter
 
doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class org.springframework.security.web.csrf.CsrfFilter
 
doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class org.springframework.security.web.header.HeaderWriterFilter
 
doParse(Element, ParserContext, BeanDefinitionBuilder) - Method in class org.springframework.security.config.authentication.AbstractUserDetailsServiceBeanDefinitionParser
 
doParse(Element, ParserContext, BeanDefinitionBuilder) - Method in class org.springframework.security.config.authentication.JdbcUserServiceBeanDefinitionParser
 
doParse(Element, ParserContext, BeanDefinitionBuilder) - Method in class org.springframework.security.config.authentication.UserServiceBeanDefinitionParser
 
doParse(Element, ParserContext, BeanDefinitionBuilder) - Method in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
doPrepareConnection(HttpURLConnection, int) - Method in class org.springframework.security.remoting.httpinvoker.AuthenticationSimpleHttpInvokerRequestExecutor
Provided so subclasses can perform additional configuration if required (eg set additional request headers for non-security related information etc).
doStartTag() - Method in class org.springframework.security.taglibs.authz.AccessControlListTag
 
doStartTag() - Method in class org.springframework.security.taglibs.authz.AuthenticationTag
 
doStartTag() - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
Invokes the base class AbstractAuthorizeTag.authorize() method to decide if the body of the tag should be skipped or not.

E

EhCacheBasedAclCache - Class in org.springframework.security.acls.domain
Simple implementation of AclCache that delegates to EH-CACHE.
EhCacheBasedAclCache(Ehcache, PermissionGrantingStrategy, AclAuthorizationStrategy) - Constructor for class org.springframework.security.acls.domain.EhCacheBasedAclCache
 
EhCacheBasedTicketCache - Class in org.springframework.security.cas.authentication
Caches tickets using a Spring IoC defined EHCACHE.
EhCacheBasedTicketCache() - Constructor for class org.springframework.security.cas.authentication.EhCacheBasedTicketCache
 
EhCacheBasedUserCache - Class in org.springframework.security.core.userdetails.cache
Caches User objects using a Spring IoC defined EHCACHE.
EhCacheBasedUserCache() - Constructor for class org.springframework.security.core.userdetails.cache.EhCacheBasedUserCache
 
Elements - Class in org.springframework.security.config
Contains all the element names used by Spring Security 3 namespace support.
Elements() - Constructor for class org.springframework.security.config.Elements
 
ELRequestMatcher - Class in org.springframework.security.web.util.matcher
A RequestMatcher implementation which uses a SpEL expression
ELRequestMatcher(String) - Constructor for class org.springframework.security.web.util.matcher.ELRequestMatcher
 
EMBEDDED_APACHE_DS - Static variable in class org.springframework.security.config.BeanIds
 
EnableGlobalAuthentication - Annotation Type in org.springframework.security.config.annotation.authentication.configuration
The EnableGlobalAuthentication annotation signals that the annotated class can be used to configure a global instance of AuthenticationManagerBuilder.
enableGlobalAuthenticationAutowiredConfigurer(ApplicationContext) - Static method in class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
 
EnableGlobalMethodSecurity - Annotation Type in org.springframework.security.config.annotation.method.configuration
Enables Spring Security global method security similar to the xml support.
enableHttpSessionEventPublisher() - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
Override this if HttpSessionEventPublisher should be added as a listener.
enableSessionUrlRewriting(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
If set to true, allows HTTP sessions to be rewritten in the URLs when using HttpServletResponse.encodeRedirectURL(String) or HttpServletResponse.encodeURL(String), otherwise disallows HTTP sessions to be included in the URL.
EnableWebMvcSecurity - Annotation Type in org.springframework.security.config.annotation.web.servlet.configuration
Deprecated.
Use EnableWebSecurity instead which will automatically add the Spring MVC related Security items.
EnableWebSecurity - Annotation Type in org.springframework.security.config.annotation.web.configuration
Add this annotation to an @Configuration class to have the Spring Security configuration defined in any WebSecurityConfigurer or more likely by extending the WebSecurityConfigurerAdapter base class and overriding individual methods:
 @Configuration
 @EnableWebSecurity
 public class MyWebSecurityConfiguration extends WebSecurityConfigurerAdapter {
 
        @Override
        public void configure(WebSecurity web) throws Exception {
                web.ignoring()
                // Spring Security should completely ignore URLs starting with /resources/
                                .antMatchers("/resources/**");
        }
 
        @Override
        protected void configure(HttpSecurity http) throws Exception {
                http.authorizeRequests().antMatchers("/public/**").permitAll().anyRequest()
                                .hasRole("USER").and()
                                // Possibly more configuration ...
encode(CharSequence) - Method in class org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
 
ENCODE - Static variable in class org.springframework.security.crypto.codec.Base64
Specify encoding in first bit.
encode(byte[]) - Static method in class org.springframework.security.crypto.codec.Base64
 
encode(byte[]) - Static method in class org.springframework.security.crypto.codec.Hex
 
encode(CharSequence) - Static method in class org.springframework.security.crypto.codec.Utf8
Get the bytes of the String in UTF-8 encoded form.
encode(CharSequence) - Method in class org.springframework.security.crypto.password.NoOpPasswordEncoder
 
encode(CharSequence) - Method in interface org.springframework.security.crypto.password.PasswordEncoder
Encode the raw password.
encode(CharSequence) - Method in class org.springframework.security.crypto.password.StandardPasswordEncoder
 
encodeCookie(String[]) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
Inverse operation of decodeCookie.
encodePassword(String, Object) - Method in class org.springframework.security.authentication.encoding.LdapShaPasswordEncoder
Calculates the hash of password (and salt bytes, if supplied) and returns a base64 encoded concatenation of the hash and salt, prefixed with {SHA} (or {SSHA} if salt was used).
encodePassword(String, Object) - Method in class org.springframework.security.authentication.encoding.Md4PasswordEncoder
Encodes the rawPass using an MD4 message digest.
encodePassword(String, Object) - Method in class org.springframework.security.authentication.encoding.MessageDigestPasswordEncoder
Encodes the rawPass using a MessageDigest.
encodePassword(String, Object) - Method in interface org.springframework.security.authentication.encoding.PasswordEncoder
Deprecated.
Encodes the specified raw password with an implementation specific algorithm.
encodePassword(String, Object) - Method in class org.springframework.security.authentication.encoding.PlaintextPasswordEncoder
 
encodeRedirectUrl(String) - Method in class org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper
 
encodeRedirectURL(String) - Method in class org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper
 
encodeUrl(String) - Method in class org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper
 
encodeURL(String) - Method in class org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper
 
EncodingUtils - Class in org.springframework.security.crypto.util
Static helper for encoding data.
encrypt(byte[]) - Method in interface org.springframework.security.crypto.encrypt.BytesEncryptor
Encrypt the byte array.
encrypt(String) - Method in interface org.springframework.security.crypto.encrypt.TextEncryptor
Encrypt the raw text string.
Encryptors - Class in org.springframework.security.crypto.encrypt
Factory for commonly used encryptors.
endConsumption(HttpServletRequest) - Method in class org.springframework.security.openid.OpenID4JavaConsumer
 
endConsumption(HttpServletRequest) - Method in interface org.springframework.security.openid.OpenIDConsumer
 
Enumerator<T> - Class in org.springframework.security.web.savedrequest
Adapter that wraps an Enumeration around a Java 2 collection Iterator.
Enumerator(Collection<T>) - Constructor for class org.springframework.security.web.savedrequest.Enumerator
Return an Enumeration over the values of the specified Collection.
Enumerator(Collection<T>, boolean) - Constructor for class org.springframework.security.web.savedrequest.Enumerator
Return an Enumeration over the values of the specified Collection.
Enumerator(Iterator<T>) - Constructor for class org.springframework.security.web.savedrequest.Enumerator
Return an Enumeration over the values returned by the specified Iterator.
Enumerator(Iterator<T>, boolean) - Constructor for class org.springframework.security.web.savedrequest.Enumerator
Return an Enumeration over the values returned by the specified Iterator.
Enumerator(Map<?, T>) - Constructor for class org.springframework.security.web.savedrequest.Enumerator
Return an Enumeration over the values of the specified Map.
Enumerator(Map<?, T>, boolean) - Constructor for class org.springframework.security.web.savedrequest.Enumerator
Return an Enumeration over the values of the specified Map.
equals(Object) - Method in class org.springframework.security.access.SecurityConfig
 
equals(Object) - Method in class org.springframework.security.acls.domain.AbstractPermission
 
equals(Object) - Method in class org.springframework.security.acls.domain.AccessControlEntryImpl
 
equals(Object) - Method in class org.springframework.security.acls.domain.AclImpl
 
equals(Object) - Method in class org.springframework.security.acls.domain.GrantedAuthoritySid
 
equals(Object) - Method in class org.springframework.security.acls.domain.ObjectIdentityImpl
Important so caching operates properly.
equals(Object) - Method in class org.springframework.security.acls.domain.PrincipalSid
 
equals(Object) - Method in interface org.springframework.security.acls.model.ObjectIdentity
 
equals(Object) - Method in interface org.springframework.security.acls.model.Sid
Refer to the java.lang.Object documentation for the interface contract.
equals(Object) - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
 
equals(Object) - Method in class org.springframework.security.authentication.AnonymousAuthenticationToken
 
equals(Object) - Method in class org.springframework.security.authentication.jaas.JaasGrantedAuthority
 
equals(Object) - Method in class org.springframework.security.authentication.RememberMeAuthenticationToken
 
equals(Object) - Method in class org.springframework.security.cas.authentication.CasAuthenticationToken
 
equals(Object) - Method in class org.springframework.security.core.authority.SimpleGrantedAuthority
 
equals(Object) - Method in class org.springframework.security.core.context.SecurityContextImpl
 
equals(Object) - Method in class org.springframework.security.core.token.DefaultToken
 
equals(Object) - Method in class org.springframework.security.core.userdetails.User
Returns true if the supplied object is a User instance with the same username value.
equals(Object) - Method in class org.springframework.security.ldap.userdetails.LdapAuthority
Compares the LdapAuthority based on LdapAuthority.getAuthority() and LdapAuthority.getDn() values
equals(Object) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
 
equals(Object) - Method in class org.springframework.security.messaging.util.matcher.SimpMessageTypeMatcher
 
equals(Object) - Method in class org.springframework.security.util.InMemoryResource
 
equals(Object) - Method in class org.springframework.security.web.access.intercept.RequestKey
 
equals(Object) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority
 
equals(Object) - Method in class org.springframework.security.web.authentication.WebAuthenticationDetails
 
equals(Object) - Method in class org.springframework.security.web.util.matcher.AntPathRequestMatcher
 
equals(Object) - Method in class org.springframework.security.web.util.matcher.AnyRequestMatcher
 
eraseCredentials() - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
Checks the credentials, principal and details objects, invoking the eraseCredentials method on any which implement CredentialsContainer.
eraseCredentials() - Method in class org.springframework.security.authentication.UsernamePasswordAuthenticationToken
 
eraseCredentials(boolean) - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
 
eraseCredentials() - Method in interface org.springframework.security.core.CredentialsContainer
 
eraseCredentials() - Method in class org.springframework.security.core.userdetails.User
 
ERROR_PARAMETER_NAME - Static variable in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
 
escapeEntities(String) - Static method in class org.springframework.security.web.util.TextEscapeUtils
 
evalOrSkip(boolean) - Static method in class org.springframework.security.taglibs.TagLibConfig
Returns EVAL_BODY_INCLUDE if the authorized flag is true or UI security has been disabled.
evaluateAsBoolean(Expression, EvaluationContext) - Static method in class org.springframework.security.access.expression.ExpressionUtils
 
eventPublisher - Variable in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
 
evictFromCache(Serializable) - Method in class org.springframework.security.acls.domain.EhCacheBasedAclCache
 
evictFromCache(ObjectIdentity) - Method in class org.springframework.security.acls.domain.EhCacheBasedAclCache
 
evictFromCache(Serializable) - Method in class org.springframework.security.acls.domain.SpringCacheBasedAclCache
 
evictFromCache(ObjectIdentity) - Method in class org.springframework.security.acls.domain.SpringCacheBasedAclCache
 
evictFromCache(Serializable) - Method in interface org.springframework.security.acls.model.AclCache
 
evictFromCache(ObjectIdentity) - Method in interface org.springframework.security.acls.model.AclCache
 
exceptionHandling() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Allows configuring exception handling.
ExceptionHandlingConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Adds exception handling for Spring Security related exceptions to an application.
ExceptionHandlingConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer
Creates a new instance
ExceptionMappingAuthenticationFailureHandler - Class in org.springframework.security.web.authentication
Uses the internal map of exceptions types to URLs to determine the destination on authentication failure.
ExceptionMappingAuthenticationFailureHandler() - Constructor for class org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler
 
ExceptionTranslationFilter - Class in org.springframework.security.web.access
Handles any AccessDeniedException and AuthenticationException thrown within the filter chain.
ExceptionTranslationFilter(AuthenticationEntryPoint) - Constructor for class org.springframework.security.web.access.ExceptionTranslationFilter
 
ExceptionTranslationFilter(AuthenticationEntryPoint, RequestCache) - Constructor for class org.springframework.security.web.access.ExceptionTranslationFilter
 
execute(Runnable) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutor
 
execute(Runnable, long) - Method in class org.springframework.security.task.DelegatingSecurityContextAsyncTaskExecutor
 
expiredUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.ConcurrencyControlConfigurer
The URL to redirect to if a user tries to access a resource and their session has been expired due to too many sessions for the current user.
expireNow() - Method in class org.springframework.security.core.session.SessionInformation
 
EXPRESSION_HANDLER - Static variable in class org.springframework.security.config.Elements
 
ExpressionBasedAnnotationAttributeFactory - Class in org.springframework.security.access.expression.method
PrePostInvocationAttributeFactory which interprets the annotation value as an expression to be evaluated at runtime.
ExpressionBasedAnnotationAttributeFactory(MethodSecurityExpressionHandler) - Constructor for class org.springframework.security.access.expression.method.ExpressionBasedAnnotationAttributeFactory
 
ExpressionBasedFilterInvocationSecurityMetadataSource - Class in org.springframework.security.web.access.expression
Expression-based FilterInvocationSecurityMetadataSource.
ExpressionBasedFilterInvocationSecurityMetadataSource(LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>, SecurityExpressionHandler<FilterInvocation>) - Constructor for class org.springframework.security.web.access.expression.ExpressionBasedFilterInvocationSecurityMetadataSource
 
ExpressionBasedMessageSecurityMetadataSourceFactory - Class in org.springframework.security.messaging.access.expression
A class used to create a MessageSecurityMetadataSource that uses MessageMatcher mapped to Spring Expressions.
ExpressionBasedPostInvocationAdvice - Class in org.springframework.security.access.expression.method
 
ExpressionBasedPostInvocationAdvice(MethodSecurityExpressionHandler) - Constructor for class org.springframework.security.access.expression.method.ExpressionBasedPostInvocationAdvice
 
ExpressionBasedPreInvocationAdvice - Class in org.springframework.security.access.expression.method
Method pre-invocation handling based on expressions.
ExpressionBasedPreInvocationAdvice() - Constructor for class org.springframework.security.access.expression.method.ExpressionBasedPreInvocationAdvice
 
expressionHandler(SecurityExpressionHandler<FilterInvocation>) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
Set the SecurityExpressionHandler to be used.
expressionHandler(SecurityExpressionHandler<FilterInvocation>) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry
Allows customization of the SecurityExpressionHandler to be used.
expressionHandler(SecurityExpressionHandler<Message<Object>>) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry
ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Adds URL based authorization based upon SpEL expressions to an application.
ExpressionUrlAuthorizationConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer
Creates a new instance
ExpressionUrlAuthorizationConfigurer.AuthorizedUrl - Class in org.springframework.security.config.annotation.web.configurers
 
ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry - Class in org.springframework.security.config.annotation.web.configurers
 
ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry() - Constructor for class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry
 
ExpressionUtils - Class in org.springframework.security.access.expression
 
ExpressionUtils() - Constructor for class org.springframework.security.access.expression.ExpressionUtils
 
extractAttributes(A) - Method in interface org.springframework.security.access.annotation.AnnotationMetadataExtractor
 
extractAttributes(HttpSession) - Method in class org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy
Called to extract the existing attributes from the session, prior to invalidating it.
extractCause(Throwable) - Method in interface org.springframework.security.web.util.ThrowableCauseExtractor
Extracts the cause from the provided Throwable.
extractControl(DirContext) - Static method in class org.springframework.security.ldap.ppolicy.PasswordPolicyControlExtractor
 
extractPrincipal(X509Certificate) - Method in class org.springframework.security.web.authentication.preauth.x509.SubjectDnX509PrincipalExtractor
 
extractPrincipal(X509Certificate) - Method in interface org.springframework.security.web.authentication.preauth.x509.X509PrincipalExtractor
Returns the principal (usually a String) for the given certificate.
extractRememberMeCookie(HttpServletRequest) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
Locates the Spring Security remember me cookie in the request and returns its value.

F

failureHandler(AuthenticationFailureHandler) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Specifies the AuthenticationFailureHandler to use when authentication fails.
failureUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
The URL to send users if authentication fails.
FastHttpDateFormat - Class in org.springframework.security.web.savedrequest
Utility class to generate HTTP dates.
FastHttpDateFormat() - Constructor for class org.springframework.security.web.savedrequest.FastHttpDateFormat
 
FieldUtils - Class in org.springframework.security.util
Offers static methods for directly manipulating fields.
FieldUtils() - Constructor for class org.springframework.security.util.FieldUtils
 
filter(Object, Expression, EvaluationContext) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
Filters the filterTarget object (which must be either a collection or an array), by evaluating the supplied expression.
filter(Object, Expression, EvaluationContext) - Method in interface org.springframework.security.access.expression.method.MethodSecurityExpressionHandler
Filters a target collection or array.
FILTER_CHAIN - Static variable in class org.springframework.security.config.Elements
 
FILTER_CHAIN_MAP - Static variable in class org.springframework.security.config.Elements
 
FILTER_CHAIN_PROXY - Static variable in class org.springframework.security.config.BeanIds
 
FILTER_CHAINS - Static variable in class org.springframework.security.config.BeanIds
 
FILTER_SECURITY_METADATA_SOURCE - Static variable in class org.springframework.security.config.Elements
 
FilterBasedLdapUserSearch - Class in org.springframework.security.ldap.search
LdapUserSearch implementation which uses an Ldap filter to locate the user.
FilterBasedLdapUserSearch(String, String, BaseLdapPathContextSource) - Constructor for class org.springframework.security.ldap.search.FilterBasedLdapUserSearch
 
FilterChainBeanDefinitionParser - Class in org.springframework.security.config.http
 
FilterChainBeanDefinitionParser() - Constructor for class org.springframework.security.config.http.FilterChainBeanDefinitionParser
 
FilterChainMapBeanDefinitionDecorator - Class in org.springframework.security.config.http
Sets the filter chain Map for a FilterChainProxy bean declaration.
FilterChainMapBeanDefinitionDecorator() - Constructor for class org.springframework.security.config.http.FilterChainMapBeanDefinitionDecorator
 
FilterChainProxy - Class in org.springframework.security.web
Delegates Filter requests to a list of Spring-managed filter beans.
FilterChainProxy() - Constructor for class org.springframework.security.web.FilterChainProxy
 
FilterChainProxy(SecurityFilterChain) - Constructor for class org.springframework.security.web.FilterChainProxy
 
FilterChainProxy(List<SecurityFilterChain>) - Constructor for class org.springframework.security.web.FilterChainProxy
 
FilterChainProxy.FilterChainValidator - Interface in org.springframework.security.web
 
FilterInvocation - Class in org.springframework.security.web
Holds objects associated with a HTTP filter.
FilterInvocation(ServletRequest, ServletResponse, FilterChain) - Constructor for class org.springframework.security.web.FilterInvocation
 
FilterInvocation(String, String) - Constructor for class org.springframework.security.web.FilterInvocation
 
FilterInvocation(String, String, String) - Constructor for class org.springframework.security.web.FilterInvocation
 
FilterInvocation(String, String, String, String, String) - Constructor for class org.springframework.security.web.FilterInvocation
 
FilterInvocationSecurityMetadataSource - Interface in org.springframework.security.web.access.intercept
Marker interface for SecurityMetadataSource implementations that are designed to perform lookups keyed on FilterInvocations.
FilterInvocationSecurityMetadataSourceParser - Class in org.springframework.security.config.http
Allows for convenient creation of a FilterInvocationSecurityMetadataSource bean for use with a FilterSecurityInterceptor.
FilterInvocationSecurityMetadataSourceParser() - Constructor for class org.springframework.security.config.http.FilterInvocationSecurityMetadataSourceParser
 
FilterSecurityInterceptor - Class in org.springframework.security.web.access.intercept
Performs security handling of HTTP resources via a filter implementation.
FilterSecurityInterceptor() - Constructor for class org.springframework.security.web.access.intercept.FilterSecurityInterceptor
 
finallyInvocation(InterceptorStatusToken) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
Cleans up the work of the AbstractSecurityInterceptor after the secure object invocation has been completed.
findAllGroups() - Method in interface org.springframework.security.provisioning.GroupManager
Returns the names of all groups that this group manager controls.
findAllGroups() - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
findAttributes(Class<?>) - Method in class org.springframework.security.access.annotation.Jsr250MethodSecurityMetadataSource
 
findAttributes(Method, Class<?>) - Method in class org.springframework.security.access.annotation.Jsr250MethodSecurityMetadataSource
 
findAttributes(Class<?>) - Method in class org.springframework.security.access.annotation.SecuredAnnotationSecurityMetadataSource
 
findAttributes(Method, Class<?>) - Method in class org.springframework.security.access.annotation.SecuredAnnotationSecurityMetadataSource
 
findAttributes(Method, Class<?>) - Method in class org.springframework.security.access.method.AbstractFallbackMethodSecurityMetadataSource
Obtains the security metadata applicable to the specified method invocation.
findAttributes(Class<?>) - Method in class org.springframework.security.access.method.AbstractFallbackMethodSecurityMetadataSource
Obtains the security metadata registered against the specified class.
findAttributes(Class<?>) - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
Implementation does not support class-level attributes.
findAttributes(Method, Class<?>) - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
Will walk the method inheritance tree to find the most specific declaration applicable.
findChildren(ObjectIdentity) - Method in class org.springframework.security.acls.jdbc.JdbcAclService
 
findChildren(ObjectIdentity) - Method in interface org.springframework.security.acls.model.AclService
Locates all object identities that use the specified parent.
findGroupAuthorities(String) - Method in interface org.springframework.security.provisioning.GroupManager
Obtains the list of authorities which are assigned to a group.
findGroupAuthorities(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
findUsersInGroup(String) - Method in interface org.springframework.security.provisioning.GroupManager
Locates the users who are members of a group
findUsersInGroup(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
FirewalledRequest - Class in org.springframework.security.web.firewall
Request wrapper which is returned by the HttpFirewall interface.
FirewalledRequest(HttpServletRequest) - Constructor for class org.springframework.security.web.firewall.FirewalledRequest
Constructs a request object wrapping the given request.
FORM_LOGIN - Static variable in class org.springframework.security.config.Elements
 
format - Static variable in class org.springframework.security.web.savedrequest.FastHttpDateFormat
HTTP date format.
formatCache - Static variable in class org.springframework.security.web.savedrequest.FastHttpDateFormat
Formatter cache.
formatDate(long, DateFormat) - Static method in class org.springframework.security.web.savedrequest.FastHttpDateFormat
Formats a specified date to HTTP format.
formats - Static variable in class org.springframework.security.web.savedrequest.FastHttpDateFormat
The set of SimpleDateFormat formats to use in getDateHeader().
formLogin() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Specifies to support form based authentication.
formLogin() - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders
Creates a request (including any necessary CsrfToken) that will submit a form based login to POST "/login".
formLogin(String) - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders
Creates a request (including any necessary CsrfToken) that will submit a form based login to POST loginProcessingUrl.
FormLoginBeanDefinitionParser - Class in org.springframework.security.config.http
 
FormLoginConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Adds form based authentication.
FormLoginConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.FormLoginConfigurer
Creates a new instance
frameOptions() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
Allows customizing the XFrameOptionsHeaderWriter.
fullyAuthenticated() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
Specify that URLs are allowed by users who have authenticated and were not "remembered".
fullyAuthenticated() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
Specify that Messages are allowed by users who have authenticated and were not "remembered".

G

generateKey() - Method in interface org.springframework.security.crypto.keygen.BytesKeyGenerator
Generate a new key.
generateKey() - Method in interface org.springframework.security.crypto.keygen.StringKeyGenerator
 
generateNewContext() - Method in class org.springframework.security.web.context.HttpSessionSecurityContextRepository
By default, calls SecurityContextHolder.createEmptyContext() to obtain a new context (there should be no context present in the holder when this method is called).
generateSeriesData() - Method in class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices
 
generateToken(HttpServletRequest) - Method in interface org.springframework.security.web.csrf.CsrfTokenRepository
Generates a CsrfToken
generateToken(HttpServletRequest) - Method in class org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository
 
generateTokenData() - Method in class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices
 
gensalt(int, SecureRandom) - Static method in class org.springframework.security.crypto.bcrypt.BCrypt
Generate a salt for use with the BCrypt.hashpw() method
gensalt(int) - Static method in class org.springframework.security.crypto.bcrypt.BCrypt
Generate a salt for use with the BCrypt.hashpw() method
gensalt() - Static method in class org.springframework.security.crypto.bcrypt.BCrypt
Generate a salt for use with the BCrypt.hashpw() method, selecting a reasonable default for the number of hashing rounds to apply
getAccess() - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag
 
getAccessDecisionManager() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
 
getAccessDeniedException() - Method in class org.springframework.security.access.event.AuthorizationFailureEvent
 
getAccessor() - Static method in class org.springframework.security.core.SpringSecurityMessageSource
 
getAcl() - Method in class org.springframework.security.acls.domain.AccessControlEntryImpl
 
getAcl() - Method in interface org.springframework.security.acls.model.AccessControlEntry
 
getAdditionalRoles(DirContextOperations, String) - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
This method should be overridden if required to obtain any additional roles for the given user (on top of those obtained from the standard search implemented by this class).
getAdvice() - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityMetadataSourceAdvisor
 
getAfterInvocationManager() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
 
getAlgorithm() - Method in class org.springframework.security.authentication.encoding.Md4PasswordEncoder
 
getAlgorithm() - Method in class org.springframework.security.authentication.encoding.MessageDigestPasswordEncoder
 
getAllConfigAttributes() - Method in class org.springframework.security.access.annotation.Jsr250MethodSecurityMetadataSource
 
getAllConfigAttributes() - Method in class org.springframework.security.access.annotation.SecuredAnnotationSecurityMetadataSource
 
getAllConfigAttributes() - Method in class org.springframework.security.access.method.DelegatingMethodSecurityMetadataSource
 
getAllConfigAttributes() - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
Obtains the configuration attributes explicitly defined against this bean.
getAllConfigAttributes() - Method in class org.springframework.security.access.prepost.PrePostAnnotationSecurityMetadataSource
 
getAllConfigAttributes() - Method in interface org.springframework.security.access.SecurityMetadataSource
If available, returns all of the ConfigAttributes defined by the implementing class.
getAllConfigAttributes() - Method in class org.springframework.security.messaging.access.intercept.DefaultMessageSecurityMetadataSource
 
getAllConfigAttributes() - Method in class org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource
 
getAllowFromValue(HttpServletRequest) - Method in interface org.springframework.security.web.header.writers.frameoptions.AllowFromStrategy
Gets the value for ALLOW-FROM excluding the ALLOW-FROM.
getAllowFromValue(HttpServletRequest) - Method in class org.springframework.security.web.header.writers.frameoptions.StaticAllowFromStrategy
 
getAllowSessionCreation() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
 
getAllPrincipals() - Method in interface org.springframework.security.core.session.SessionRegistry
Obtains all the known principals in the SessionRegistry.
getAllPrincipals() - Method in class org.springframework.security.core.session.SessionRegistryImpl
 
getAllSessions(Object, boolean) - Method in interface org.springframework.security.core.session.SessionRegistry
Obtains all the known sessions for the specified principal.
getAllSessions(Object, boolean) - Method in class org.springframework.security.core.session.SessionRegistryImpl
 
getAppConfigurationEntry(String) - Method in class org.springframework.security.authentication.jaas.memory.InMemoryConfiguration
 
getApplicationEventPublisher() - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
 
getArguments() - Method in class org.springframework.security.access.intercept.aspectj.MethodInvocationAdapter
 
getArguments() - Method in class org.springframework.security.util.SimpleMethodInvocation
 
getArtifactParameter() - Method in class org.springframework.security.cas.ServiceProperties
 
getAssertion() - Method in class org.springframework.security.cas.authentication.CasAssertionAuthenticationToken
 
getAssertion() - Method in class org.springframework.security.cas.authentication.CasAuthenticationToken
 
getAttribute() - Method in interface org.springframework.security.access.ConfigAttribute
If the ConfigAttribute can be represented as a String and that String is sufficient in precision to be relied upon as a configuration parameter by a RunAsManager, AccessDecisionManager or AccessDecisionManager delegate, this method should return such a String.
getAttribute() - Method in class org.springframework.security.access.SecurityConfig
 
getAttributes() - Method in class org.springframework.security.access.intercept.InterceptorStatusToken
 
getAttributes(Method, Class<?>) - Method in class org.springframework.security.access.method.AbstractFallbackMethodSecurityMetadataSource
 
getAttributes(Object) - Method in class org.springframework.security.access.method.AbstractMethodSecurityMetadataSource
 
getAttributes(Method, Class<?>) - Method in class org.springframework.security.access.method.DelegatingMethodSecurityMetadataSource
 
getAttributes(Method, Class<?>) - Method in interface org.springframework.security.access.method.MethodSecurityMetadataSource
 
getAttributes(Method, Class<?>) - Method in class org.springframework.security.access.prepost.PrePostAnnotationSecurityMetadataSource
 
getAttributes(Object) - Method in interface org.springframework.security.access.SecurityMetadataSource
Accesses the ConfigAttributes that apply to a given secure object.
getAttributes() - Method in class org.springframework.security.ldap.userdetails.LdapAuthority
Returns the LDAP attributes
getAttributes(Object) - Method in class org.springframework.security.messaging.access.intercept.DefaultMessageSecurityMetadataSource
 
getAttributes() - Method in class org.springframework.security.openid.OpenIDAuthenticationToken
 
getAttributes(Object) - Method in class org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource
 
getAttributes2grantedAuthoritiesMap() - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
 
getAttributeValues(String) - Method in class org.springframework.security.ldap.userdetails.LdapAuthority
Returns the values for a specific attribute
getAuthenticatedEnv(String, String) - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyAwareContextSource
 
getAuthentication() - Method in class org.springframework.security.access.event.AuthorizationFailureEvent
 
getAuthentication() - Method in class org.springframework.security.access.event.AuthorizedEvent
 
getAuthentication() - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
Gets the Authentication used for evaluating the expressions
getAuthentication() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
 
getAuthentication() - Method in class org.springframework.security.authentication.event.AbstractAuthenticationEvent
Getters for the Authentication request that caused the event.
getAuthentication() - Method in class org.springframework.security.authentication.jaas.event.JaasAuthenticationEvent
Pre-casted method that returns the 'source' of the event.
getAuthentication() - Method in interface org.springframework.security.core.context.SecurityContext
Obtains the currently authenticated principal, or an authentication request token.
getAuthentication() - Method in class org.springframework.security.core.context.SecurityContextImpl
 
getAuthenticationDetailsSource() - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
 
getAuthenticationDetailsSource() - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
 
getAuthenticationEntryPoint() - Method in class org.springframework.security.web.access.ExceptionTranslationFilter
 
getAuthenticationEntryPoint() - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
 
getAuthenticationEntryPoint() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
 
getAuthenticationFilter() - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Gets the Authentication Filter
getAuthenticationManager() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
 
getAuthenticationManager() - Method in class org.springframework.security.authentication.rcp.RemoteAuthenticationManagerImpl
 
getAuthenticationManager() - Method in class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
 
getAuthenticationManager() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
 
getAuthenticationManager() - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
 
getAuthenticationTrustResolver() - Method in class org.springframework.security.web.access.ExceptionTranslationFilter
 
getAuthorities() - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
 
getAuthorities() - Method in interface org.springframework.security.core.Authentication
Set by an AuthenticationManager to indicate the authorities that the principal has been granted.
getAuthorities() - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
 
getAuthorities() - Method in class org.springframework.security.core.userdetails.User
 
getAuthorities() - Method in interface org.springframework.security.core.userdetails.UserDetails
Returns the authorities granted to the user.
getAuthorities() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
 
getAuthorities() - Method in class org.springframework.security.web.authentication.AnonymousAuthenticationFilter
 
getAuthoritiesByUsernameQuery() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
 
getAuthoritiesPopulator() - Method in class org.springframework.security.ldap.authentication.LdapAuthenticationProvider
 
getAuthority() - Method in class org.springframework.security.authentication.jaas.JaasGrantedAuthority
 
getAuthority() - Method in class org.springframework.security.core.authority.SimpleGrantedAuthority
 
getAuthority() - Method in interface org.springframework.security.core.GrantedAuthority
If the GrantedAuthority can be represented as a String and that String is sufficient in precision to be relied upon for an access control decision by an AccessDecisionManager (or delegate), this method should return such a String.
getAuthority() - Method in class org.springframework.security.ldap.userdetails.LdapAuthority
If the GrantedAuthority can be represented as a String and that String is sufficient in precision to be relied upon for an access control decision by an AccessDecisionManager (or delegate), this method should return such a String.
getAuthority() - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority
 
getBeanClassName(Element) - Method in class org.springframework.security.config.authentication.AbstractUserDetailsServiceBeanDefinitionParser
 
getBeanClassName(Element) - Method in class org.springframework.security.config.authentication.JdbcUserServiceBeanDefinitionParser
 
getBeanClassName(Element) - Method in class org.springframework.security.config.authentication.UserServiceBeanDefinitionParser
 
getBeanClassName(Element) - Method in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
getBuilder() - Method in class org.springframework.security.config.annotation.SecurityConfigurerAdapter
Gets the SecurityBuilder.
getByTicketId(String) - Method in class org.springframework.security.cas.authentication.EhCacheBasedTicketCache
 
getByTicketId(String) - Method in class org.springframework.security.cas.authentication.NullStatelessTicketCache
 
getByTicketId(String) - Method in class org.springframework.security.cas.authentication.SpringCacheBasedTicketCache
 
getByTicketId(String) - Method in interface org.springframework.security.cas.authentication.StatelessTicketCache
Retrieves the CasAuthenticationToken associated with the specified ticket.
getCache() - Method in class org.springframework.security.cas.authentication.EhCacheBasedTicketCache
 
getCache() - Method in class org.springframework.security.core.userdetails.cache.EhCacheBasedUserCache
 
getCarLicense() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getChain() - Method in class org.springframework.security.web.FilterInvocation
 
getChannelDecisionManager() - Method in class org.springframework.security.web.access.channel.ChannelProcessingFilter
 
getChannelProcessors() - Method in class org.springframework.security.web.access.channel.ChannelDecisionManagerImpl
 
getCn() - Method in class org.springframework.security.ldap.userdetails.Person
 
getComment() - Method in class org.springframework.security.web.savedrequest.SavedCookie
 
getConfigAttributes() - Method in class org.springframework.security.access.event.AuthenticationCredentialsNotFoundEvent
 
getConfigAttributes() - Method in class org.springframework.security.access.event.AuthorizationFailureEvent
 
getConfigAttributes() - Method in class org.springframework.security.access.event.AuthorizedEvent
 
getConfiguration() - Method in class org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider
 
getConfigurer(Class<C>) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Gets the SecurityConfigurer by its class name or null if not found.
getConfigurer(Class<C>) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder
Gets the SecurityConfigurer by its class name or null if not found.
getConfigurers(Class<C>) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Gets all the SecurityConfigurer instances by its class name or an empty List if not found.
getContext() - Static method in class org.springframework.security.core.context.SecurityContextHolder
Obtain the current SecurityContext.
getContext() - Method in interface org.springframework.security.core.context.SecurityContextHolderStrategy
Obtains the current context.
getContext(String, String) - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyAwareContextSource
 
getContext(PageContext) - Method in class org.springframework.security.taglibs.authz.AccessControlListTag
Allows test cases to override where application context obtained from.
getContext() - Static method in class org.springframework.security.test.context.TestSecurityContextHolder
getContextHolderStrategy() - Static method in class org.springframework.security.core.context.SecurityContextHolder
Allows retrieval of the context strategy.
getContextPath() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getContextSource() - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticator
 
getContextSource() - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
 
getControlInstance(Control) - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyControlFactory
Creates an instance of PasswordPolicyResponseControl if the passed control is a response control of this type.
getCookie() - Method in class org.springframework.security.web.savedrequest.SavedCookie
 
getCookieName() - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
 
getCookies() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getCookies() - Method in interface org.springframework.security.web.savedrequest.SavedRequest
 
getCount() - Method in class org.springframework.security.openid.OpenIDAttribute
The requested count for the attribute when it is used as part of an authentication request.
getCredentials() - Method in class org.springframework.security.access.intercept.RunAsUserToken
 
getCredentials() - Method in class org.springframework.security.authentication.AnonymousAuthenticationToken
Always returns an empty String
getCredentials() - Method in class org.springframework.security.authentication.RememberMeAuthenticationToken
Always returns an empty String
getCredentials() - Method in class org.springframework.security.authentication.TestingAuthenticationToken
 
getCredentials() - Method in class org.springframework.security.authentication.UsernamePasswordAuthenticationToken
 
getCredentials() - Method in class org.springframework.security.cas.authentication.CasAssertionAuthenticationToken
 
getCredentials() - Method in class org.springframework.security.cas.authentication.CasAuthenticationToken
 
getCredentials() - Method in interface org.springframework.security.core.Authentication
The credentials that prove the principal is correct.
getCredentials() - Method in class org.springframework.security.ldap.authentication.SpringSecurityAuthenticationSource
 
getCredentials() - Method in class org.springframework.security.openid.OpenIDAuthenticationToken
Returns 'null' always, as no credentials are processed by the OpenID provider.
getCredentials() - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken
Get the credentials
getCredentialsCharset(HttpServletRequest) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
 
getCredentialsNotFoundException() - Method in class org.springframework.security.access.event.AuthenticationCredentialsNotFoundEvent
 
getCsrfTokenRepository(HttpServletRequest) - Static method in class org.springframework.security.test.web.support.WebTestUtils
Gets the CsrfTokenRepository for the specified HttpServletRequest.
getCtx() - Method in interface org.springframework.security.remoting.dns.InitialContextFactory
Must return a DirContext which can be used for DNS queries
getCurrentDate() - Static method in class org.springframework.security.web.savedrequest.FastHttpDateFormat
Gets the current date in HTTP format.
getDatabasePopulator() - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
 
getDataCode() - Method in exception org.springframework.security.ldap.authentication.ad.ActiveDirectoryAuthenticationException
 
getDate() - Method in class org.springframework.security.web.authentication.rememberme.PersistentRememberMeToken
 
getDecisionVoters() - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager
 
getDefaultMessage() - Method in enum org.springframework.security.ldap.ppolicy.PasswordPolicyErrorStatus
 
getDefaultTargetUrl() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
Supplies the default target Url that will be used if no saved request is found or the alwaysUseDefaultTargetUrl property is set to true.
getDefaultUserDetailsService() - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
getDelegateExecutor() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutor
 
getDepartmentNumber() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getDescription() - Method in class org.springframework.security.ldap.userdetails.Person
 
getDescription() - Method in class org.springframework.security.util.InMemoryResource
 
getDestinationIndicator() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getDetails() - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
 
getDetails() - Method in interface org.springframework.security.core.Authentication
Stores additional details about the authentication request.
getDispatcherWebApplicationContextSuffix() - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
Return the to use the DispatcherServlet's WebApplicationContext to find the DelegatingFilterProxy or null to use the parent ApplicationContext.
getDisplayName() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getDn() - Method in class org.springframework.security.ldap.userdetails.LdapAuthority
Returns the DN for this LDAP authority
getDn() - Method in interface org.springframework.security.ldap.userdetails.LdapUserDetails
The DN of the entry for this user's account.
getDn() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
 
getDomain() - Method in class org.springframework.security.web.savedrequest.SavedCookie
 
getDomainObject() - Method in class org.springframework.security.taglibs.authz.AccessControlListTag
 
getDomainObjectInstance(MethodInvocation) - Method in class org.springframework.security.access.vote.AbstractAclVoter
 
getEmployeeNumber() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getEnableAuthorities() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
 
getEnableGroups() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
 
getEncodedValue() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyControl
Retrieves the ASN.1 BER encoded value of the LDAP control.
getEncodedValue() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyResponseControl
Returns the unchanged value of the response control.
getEncodeHashAsBase64() - Method in class org.springframework.security.authentication.encoding.BaseDigestPasswordEncoder
 
getEncodeServiceUrlWithSessionId() - Method in class org.springframework.security.cas.web.CasAuthenticationEntryPoint
Sets whether to encode the service url with the session id or not.
getEntries() - Method in class org.springframework.security.acls.domain.AclImpl
 
getEntries() - Method in interface org.springframework.security.acls.model.Acl
Returns all of the entries represented by the present Acl.
getEntryPoint() - Method in class org.springframework.security.web.access.channel.InsecureChannelProcessor
 
getEntryPoint() - Method in class org.springframework.security.web.access.channel.SecureChannelProcessor
 
getErrorCode() - Method in enum org.springframework.security.ldap.ppolicy.PasswordPolicyErrorStatus
 
getErrorStatus() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyResponseControl
 
getException() - Method in class org.springframework.security.authentication.event.AbstractAuthenticationFailureEvent
 
getException() - Method in class org.springframework.security.authentication.jaas.event.JaasAuthenticationFailedEvent
 
getExpressionHandler() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
getExpressionHandler() - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
Gets the SecurityExpressionHandler to be used.
getExpressionParser() - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
 
getExpressionParser() - Method in interface org.springframework.security.access.expression.SecurityExpressionHandler
 
getExtendedInformation() - Method in class org.springframework.security.core.token.DefaultToken
 
getExtendedInformation() - Method in interface org.springframework.security.core.token.Token
Obtains the extended information associated within the token, which was presented when the token was first created.
getExtensionId() - Method in class org.springframework.security.data.repository.query.SecurityEvaluationContextExtension
 
getExtraHiddenFields(HttpServletRequest) - Method in class org.springframework.security.web.servlet.support.csrf.CsrfRequestDataValueProcessor
 
getFailureHandler() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
 
getFailureUrl() - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Gets the URL to send users to if authentication fails
getField(Class<?>, String) - Static method in class org.springframework.security.util.FieldUtils
Attempts to locate the specified field on the class.
getFieldValue(Object, String) - Static method in class org.springframework.security.util.FieldUtils
Returns the value of a (nested) field on a bean.
getFilterChains() - Method in class org.springframework.security.web.FilterChainProxy
 
getFilterObject() - Method in interface org.springframework.security.access.expression.method.MethodSecurityExpressionOperations
 
getFilters() - Method in class org.springframework.security.web.DefaultSecurityFilterChain
 
getFilters(String) - Method in class org.springframework.security.web.FilterChainProxy
Convenience method, mainly for testing.
getFilters() - Method in interface org.springframework.security.web.SecurityFilterChain
 
getFirewalledRequest(HttpServletRequest) - Method in class org.springframework.security.web.firewall.DefaultHttpFirewall
 
getFirewalledRequest(HttpServletRequest) - Method in interface org.springframework.security.web.firewall.HttpFirewall
Provides the request object which will be passed through the filter chain.
getFirewalledResponse(HttpServletResponse) - Method in class org.springframework.security.web.firewall.DefaultHttpFirewall
 
getFirewalledResponse(HttpServletResponse) - Method in interface org.springframework.security.web.firewall.HttpFirewall
Provides the response which will be passed through the filter chain.
getFirstAttributeValue(String) - Method in class org.springframework.security.ldap.userdetails.LdapAuthority
Returns the first attribute value for a specified attribute
getFirstThrowableOfType(Class<? extends Throwable>, Throwable[]) - Method in class org.springframework.security.web.util.ThrowableAnalyzer
Returns the first throwable from the passed in array that is assignable to the provided type.
getFromCache(ObjectIdentity) - Method in class org.springframework.security.acls.domain.EhCacheBasedAclCache
 
getFromCache(Serializable) - Method in class org.springframework.security.acls.domain.EhCacheBasedAclCache
 
getFromCache(ObjectIdentity) - Method in class org.springframework.security.acls.domain.SpringCacheBasedAclCache
 
getFromCache(Serializable) - Method in class org.springframework.security.acls.domain.SpringCacheBasedAclCache
 
getFromCache(ObjectIdentity) - Method in interface org.springframework.security.acls.model.AclCache
 
getFromCache(Serializable) - Method in interface org.springframework.security.acls.model.AclCache
 
getFullDn(DistinguishedName, Context) - Static method in class org.springframework.security.ldap.LdapUtils
Gets the full dn of a name by prepending the name of the context it is relative to.
getFullRequestUrl() - Method in class org.springframework.security.web.FilterInvocation
Indicates the URL that the user agent used for this request.
getGeneratedBy() - Method in class org.springframework.security.authentication.event.InteractiveAuthenticationSuccessEvent
Getter for the Class that generated this event.
getGivenName() - Method in class org.springframework.security.ldap.userdetails.Person
 
getGraceLoginsRemaining() - Method in interface org.springframework.security.ldap.ppolicy.PasswordPolicyData
 
getGraceLoginsRemaining() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyResponseControl
Returns the graceLoginsRemaining.
getGraceLoginsRemaining() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
 
getGrantedAuthorities() - Method in interface org.springframework.security.core.authority.GrantedAuthoritiesContainer
 
getGrantedAuthorities(Collection<String>) - Method in interface org.springframework.security.core.authority.mapping.Attributes2GrantedAuthoritiesMapper
Implementations of this method should map the given collection of attributes to a collection of Spring Security GrantedAuthorities.
getGrantedAuthorities(Collection<String>) - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
Map the given array of attributes to Spring Security GrantedAuthorities.
getGrantedAuthorities(Collection<String>) - Method in class org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper
Map the given list of string attributes one-to-one to Spring Security GrantedAuthorities.
getGrantedAuthorities(DirContextOperations, String) - Method in class org.springframework.security.ldap.authentication.NullLdapAuthoritiesPopulator
 
getGrantedAuthorities(DirContextOperations, String) - Method in class org.springframework.security.ldap.authentication.UserDetailsServiceLdapAuthoritiesPopulator
 
getGrantedAuthorities(DirContextOperations, String) - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
Obtains the authorities for the user who's directory entry is represented by the supplied LdapUserDetails object.
getGrantedAuthorities(DirContextOperations, String) - Method in interface org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator
Get the list of authorities for the user.
getGrantedAuthorities() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
 
getGrantedAuthorities() - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails
 
getGrantedAuthority() - Method in class org.springframework.security.acls.domain.GrantedAuthoritySid
 
getGroupMembershipRoles(String, String) - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
 
getGroupMembershipRoles(String, String) - Method in class org.springframework.security.ldap.userdetails.NestedLdapAuthoritiesPopulator
getGroupRoleAttribute() - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
Returns the attribute name of the LDAP attribute that will be mapped to the role name Method available so that classes extending this can override
getGroupSearchBase() - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
 
getGroupSearchFilter() - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
Returns the search filter configured for this populator Method available so that classes extending this can override
getHasPermission() - Method in class org.springframework.security.taglibs.authz.AccessControlListTag
 
getHeaderName() - Method in interface org.springframework.security.web.csrf.CsrfToken
Gets the HTTP header that the CSRF is populated on the response and can be placed on requests instead of the parameter.
getHeaderName() - Method in class org.springframework.security.web.csrf.DefaultCsrfToken
 
getHeaderNames() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getHeaderNames() - Method in interface org.springframework.security.web.savedrequest.SavedRequest
 
getHeaderValues(String) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getHeaderValues(String) - Method in interface org.springframework.security.web.savedrequest.SavedRequest
 
getHomePhone() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getHomePostalAddress() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getHttp() - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
Creates the HttpSecurity or returns the current instance ] * @return the HttpSecurity
getHttpRequest() - Method in class org.springframework.security.web.FilterInvocation
 
getHttpResponse() - Method in class org.springframework.security.web.FilterInvocation
 
getId() - Method in class org.springframework.security.acls.domain.AccessControlEntryImpl
 
getId() - Method in class org.springframework.security.acls.domain.AclImpl
 
getId() - Method in interface org.springframework.security.acls.model.AccessControlEntry
Obtains an identifier that represents this ACE.
getId() - Method in interface org.springframework.security.acls.model.MutableAcl
Obtains an identifier that represents this MutableAcl.
getId() - Method in class org.springframework.security.core.session.SessionDestroyedEvent
 
getID() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyControl
Returns the OID of the Password Policy Control ("1.3.6.1.4.1.42.2.27.8.5.1").
getId() - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
 
getId() - Method in class org.springframework.security.web.session.HttpSessionDestroyedEvent
 
getIdentifier() - Method in class org.springframework.security.acls.domain.ObjectIdentityImpl
 
getIdentifier() - Method in interface org.springframework.security.acls.model.ObjectIdentity
Obtains the actual identifier.
getIdentityUrl() - Method in class org.springframework.security.openid.OpenIDAuthenticationToken
 
getInitializeCount() - Static method in class org.springframework.security.core.context.SecurityContextHolder
Primarily for troubleshooting purposes, this method shows how many times the class has re-initialized its SecurityContextHolderStrategy.
getInitials() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getInputStream() - Method in class org.springframework.security.util.InMemoryResource
 
getInsecureKeyword() - Method in class org.springframework.security.web.access.channel.InsecureChannelProcessor
 
getInstance() - Static method in class org.springframework.security.crypto.password.NoOpPasswordEncoder
Get the singleton NoOpPasswordEncoder.
getInternalMethod() - Method in class org.springframework.security.acls.AclEntryVoter
Optionally specifies a method of the domain object that will be used to obtain a contained domain object.
getKey() - Method in class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider
 
getKey() - Method in class org.springframework.security.access.intercept.RunAsManagerImpl
 
getKey() - Method in class org.springframework.security.authentication.AnonymousAuthenticationProvider
 
getKey() - Method in class org.springframework.security.authentication.RememberMeAuthenticationProvider
 
getKey() - Method in class org.springframework.security.cas.authentication.CasAuthenticationProvider
 
getKey() - Method in class org.springframework.security.core.token.DefaultToken
 
getKey() - Method in interface org.springframework.security.core.token.Token
Obtains the randomised, secure key assigned to this token.
getKey() - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
 
getKey() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
 
getKeyCreationTime() - Method in class org.springframework.security.core.token.DefaultToken
 
getKeyCreationTime() - Method in interface org.springframework.security.core.token.Token
The time the token key was initially created is available from this method.
getKeyHash() - Method in class org.springframework.security.access.intercept.RunAsUserToken
 
getKeyHash() - Method in class org.springframework.security.authentication.AnonymousAuthenticationToken
 
getKeyHash() - Method in class org.springframework.security.authentication.RememberMeAuthenticationToken
 
getKeyHash() - Method in class org.springframework.security.cas.authentication.CasAuthenticationToken
 
getKeyLength() - Method in interface org.springframework.security.crypto.keygen.BytesKeyGenerator
Get the length, in bytes, of keys created by this generator.
getLastRequest() - Method in class org.springframework.security.core.session.SessionInformation
 
getLdapTemplate() - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
Returns the current LDAP template.
getLocales() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getLocales() - Method in interface org.springframework.security.web.savedrequest.SavedRequest
 
getLoginConfig() - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
 
getLoginContext() - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationToken
 
getLoginFormUrl() - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
 
getLoginPage() - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Gets the login page
getLoginPageUrl() - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
 
getLoginProcessingUrl() - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Gets the URL to submit an authentication request to (i.e.
getLoginUrl() - Method in class org.springframework.security.cas.web.CasAuthenticationEntryPoint
The enterprise-wide CAS login URL.
getMail() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getMappableAttributes() - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
 
getMappableAttributes() - Method in interface org.springframework.security.core.authority.mapping.MappableAttributesRetriever
Implementations of this method should return a set of all string attributes which can be mapped to GrantedAuthoritys.
getMappableAttributes() - Method in class org.springframework.security.core.authority.mapping.SimpleMappableAttributesRetriever
 
getMappableAttributes() - Method in class org.springframework.security.web.authentication.preauth.j2ee.WebXmlMappableAttributesRetriever
 
getMappedPort(Integer) - Method in class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
 
getMappedPort(Integer) - Method in class org.springframework.security.web.access.channel.RetryWithHttpEntryPoint
 
getMappedPort(Integer) - Method in class org.springframework.security.web.access.channel.RetryWithHttpsEntryPoint
 
getMask() - Method in class org.springframework.security.acls.domain.AbstractPermission
 
getMask() - Method in interface org.springframework.security.acls.model.Permission
Returns the bits that represents the permission.
getMatchingRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.HttpSessionRequestCache
 
getMatchingRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.NullRequestCache
 
getMatchingRequest(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.savedrequest.RequestCache
Returns a wrapper around the saved request, if it matches the current request.
getMaxAge() - Method in class org.springframework.security.web.savedrequest.SavedCookie
 
getMaximumSessionsForThisUser(Authentication) - Method in class org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy
Method intended for use by subclasses to override the maximum number of sessions that are permitted for a particular authentication.
getMessage() - Method in class org.springframework.security.openid.OpenIDAuthenticationToken
 
getMessageDigest() - Method in class org.springframework.security.authentication.encoding.MessageDigestPasswordEncoder
Get a MessageDigest instance for the given algorithm.
getMessageTypeMatcher() - Method in class org.springframework.security.messaging.util.matcher.SimpDestinationMessageMatcher
 
getMethod() - Method in class org.springframework.security.access.intercept.aspectj.MethodInvocationAdapter
 
getMethod() - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag
 
getMethod() - Method in class org.springframework.security.util.SimpleMethodInvocation
 
getMethod() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getMethod() - Method in interface org.springframework.security.web.savedrequest.SavedRequest
 
getMethodMapSize() - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
 
getMethodSecurityMetadataSources() - Method in class org.springframework.security.access.method.DelegatingMethodSecurityMetadataSource
 
getMobile() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getName() - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
 
getName() - Method in class org.springframework.security.openid.OpenIDAttribute
The attribute name
getName() - Method in class org.springframework.security.web.header.Header
Gets the name of the header.
getName() - Method in class org.springframework.security.web.savedrequest.SavedCookie
 
getNewSessionId() - Method in class org.springframework.security.web.authentication.session.SessionFixationProtectionEvent
Getter for the session ID after it was changed.
getNonceValiditySeconds() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
 
getO() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getObject() - Method in class org.springframework.security.config.annotation.AbstractSecurityBuilder
Gets the object that was built.
getObject() - Method in class org.springframework.security.config.authentication.AuthenticationManagerFactoryBean
 
getObject() - Method in class org.springframework.security.core.token.SecureRandomFactoryBean
 
getObjectIdentity() - Method in class org.springframework.security.acls.domain.AclImpl
 
getObjectIdentity(Object) - Method in class org.springframework.security.acls.domain.ObjectIdentityRetrievalStrategyImpl
 
getObjectIdentity() - Method in interface org.springframework.security.acls.model.Acl
Obtains the domain object this Acl provides entries for.
getObjectIdentity(Object) - Method in interface org.springframework.security.acls.model.ObjectIdentityRetrievalStrategy
 
getObjectType() - Method in class org.springframework.security.config.authentication.AuthenticationManagerFactoryBean
 
getObjectType() - Method in class org.springframework.security.core.token.SecureRandomFactoryBean
 
getOldSessionId() - Method in class org.springframework.security.web.authentication.session.SessionFixationProtectionEvent
Getter for the session ID before it was changed.
getOrBuild() - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Similar to AbstractSecurityBuilder.build() and AbstractSecurityBuilder.getObject() but checks the state to determine if AbstractSecurityBuilder.build() needs to be called first.
getOrder() - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider
 
getOrder() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
 
getOriginalAuthentication() - Method in class org.springframework.security.access.intercept.RunAsUserToken
 
getOu() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getOwner() - Method in class org.springframework.security.acls.domain.AclImpl
 
getOwner() - Method in interface org.springframework.security.acls.model.Acl
Determines the owner of the Acl.
getParameter() - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
 
getParameterMap() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getParameterMap() - Method in interface org.springframework.security.web.savedrequest.SavedRequest
 
getParameterName() - Method in interface org.springframework.security.web.csrf.CsrfToken
Gets the HTTP parameter name that should contain the token.
getParameterName() - Method in class org.springframework.security.web.csrf.DefaultCsrfToken
 
getParameterNames(Method) - Method in class org.springframework.security.core.parameters.AnnotationParameterNameDiscoverer
 
getParameterNames(Constructor<?>) - Method in class org.springframework.security.core.parameters.AnnotationParameterNameDiscoverer
 
getParameterNames() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getParameterValues(String) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getParameterValues(String) - Method in interface org.springframework.security.web.savedrequest.SavedRequest
 
getParent() - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
 
getParentAcl() - Method in class org.springframework.security.acls.domain.AclImpl
 
getParentAcl() - Method in interface org.springframework.security.acls.model.Acl
A domain object may have a parent for the purpose of ACL inheritance.
getPassword() - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
 
getPassword() - Method in class org.springframework.security.core.userdetails.User
 
getPassword() - Method in interface org.springframework.security.core.userdetails.UserDetails
Returns the password used to authenticate the user.
getPassword() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
 
getPasswordEncoder() - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
 
getPasswordEncoder() - Method in class org.springframework.security.config.authentication.PasswordEncoderParser
 
getPasswordParameter() - Method in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
 
getPath() - Method in class org.springframework.security.web.savedrequest.SavedCookie
 
getPathInfo() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getPattern() - Method in class org.springframework.security.acls.domain.AbstractPermission
 
getPattern() - Method in class org.springframework.security.acls.domain.CumulativePermission
 
getPattern() - Method in interface org.springframework.security.acls.model.Permission
Returns a 32-character long bit pattern String representing this permission.
getPattern() - Method in class org.springframework.security.web.util.matcher.AntPathRequestMatcher
 
getPermission() - Method in class org.springframework.security.acls.domain.AccessControlEntryImpl
 
getPermission() - Method in interface org.springframework.security.acls.model.AccessControlEntry
 
getPermissionEvaluator() - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
 
getPointcut() - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityMetadataSourceAdvisor
 
getPortMapper() - Method in class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
 
getPortMapper() - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
 
getPortMapper() - Method in class org.springframework.security.web.PortResolverImpl
 
getPortResolver() - Method in class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
 
getPortResolver() - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
 
getPostalAddress() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getPostalCode() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getPostAuthenticationChecks() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
 
getPreAuthenticatedCredentials(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
Override to extract the credentials (if applicable) from the current request.
getPreAuthenticatedCredentials(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.j2ee.J2eePreAuthenticatedProcessingFilter
For J2EE container-based authentication there is no generic way to retrieve the credentials, as such this method returns a fixed dummy value.
getPreAuthenticatedCredentials(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter
Credentials aren't usually applicable, but if a credentialsRequestHeader is set, this will be read and used as the credentials value.
getPreAuthenticatedCredentials(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.websphere.WebSpherePreAuthenticatedProcessingFilter
For J2EE container-based authentication there is no generic way to retrieve the credentials, as such this method returns a fixed dummy value.
getPreAuthenticatedCredentials(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.x509.X509AuthenticationFilter
 
getPreAuthenticatedPrincipal(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
Override to extract the principal information from the current request
getPreAuthenticatedPrincipal(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.j2ee.J2eePreAuthenticatedProcessingFilter
Return the J2EE user name.
getPreAuthenticatedPrincipal(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter
Read and returns the header named by principalRequestHeader from the request.
getPreAuthenticatedPrincipal(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.websphere.WebSpherePreAuthenticatedProcessingFilter
Return the WebSphere user name.
getPreAuthenticatedPrincipal(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.x509.X509AuthenticationFilter
 
getPreAuthenticationChecks() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
 
getPrincipal() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
getPrincipal() - Method in class org.springframework.security.access.intercept.RunAsUserToken
 
getPrincipal() - Method in class org.springframework.security.acls.domain.PrincipalSid
 
getPrincipal() - Method in class org.springframework.security.authentication.AnonymousAuthenticationToken
 
getPrincipal() - Method in class org.springframework.security.authentication.jaas.JaasGrantedAuthority
 
getPrincipal() - Method in class org.springframework.security.authentication.RememberMeAuthenticationToken
 
getPrincipal() - Method in class org.springframework.security.authentication.TestingAuthenticationToken
 
getPrincipal() - Method in class org.springframework.security.authentication.UsernamePasswordAuthenticationToken
 
getPrincipal() - Method in class org.springframework.security.cas.authentication.CasAssertionAuthenticationToken
 
getPrincipal() - Method in class org.springframework.security.cas.authentication.CasAuthenticationToken
 
getPrincipal() - Method in interface org.springframework.security.core.Authentication
The identity of the principal being authenticated.
getPrincipal() - Method in class org.springframework.security.core.session.SessionInformation
 
getPrincipal() - Method in class org.springframework.security.ldap.authentication.SpringSecurityAuthenticationSource
Get the principals of the logged in user, in this case the distinguished name.
getPrincipal() - Method in class org.springframework.security.openid.OpenIDAuthenticationToken
Returns the principal value.
getPrincipal() - Method in class org.springframework.security.web.authentication.AnonymousAuthenticationFilter
 
getPrincipal() - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken
Get the principal
getPrivilegeEvaluator() - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
Gets the WebInvocationPrivilegeEvaluator to be used.
getProcessConfigAttribute() - Method in class org.springframework.security.acls.AclEntryVoter
 
getProcessDomainObjectClass() - Method in class org.springframework.security.access.vote.AbstractAclVoter
 
getProcessDomainObjectClass() - Method in class org.springframework.security.acls.afterinvocation.AbstractAclProvider
 
getProtectedFieldValue(String, Object) - Static method in class org.springframework.security.util.FieldUtils
 
getProviders() - Method in class org.springframework.security.access.intercept.AfterInvocationProviderManager
 
getProviders() - Method in class org.springframework.security.authentication.ProviderManager
 
getQueryString() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getReachableGrantedAuthorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.access.hierarchicalroles.NullRoleHierarchy
 
getReachableGrantedAuthorities(Collection<? extends GrantedAuthority>) - Method in interface org.springframework.security.access.hierarchicalroles.RoleHierarchy
Returns an array of all reachable authorities.
getReachableGrantedAuthorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl
 
getRealmName() - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint
 
getRealmName() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
 
getRedirectStrategy() - Method in class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
 
getRedirectStrategy() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
 
getRedirectStrategy() - Method in class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
 
getRedirectUrl() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
Indicates the URL that the user agent used for this request.
getRedirectUrl() - Method in interface org.springframework.security.web.savedrequest.SavedRequest
 
getRegistry() - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer
 
getRegistry() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer
 
getRegistry() - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer
The StandardInterceptUrlRegistry is what users will interact with after applying the UrlAuthorizationConfigurer.
getRelativeName(String, Context) - Static method in class org.springframework.security.ldap.LdapUtils
Obtains the part of a DN relative to a supplied base context.
getRememberMeServices() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
 
getRememberMeServices() - Method in class org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter
 
getRemoteAddress() - Method in class org.springframework.security.web.authentication.WebAuthenticationDetails
Indicates the TCP/IP address the authentication request was received from.
getRemoteAuthenticationManager() - Method in class org.springframework.security.authentication.rcp.RemoteAuthenticationProvider
 
getRemoteUser() - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestWrapper
Returns the principal's name, as obtained from the SecurityContextHolder.
getRequest() - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag
This method allows subclasses to provide a way to access the ServletRequest according to the rendering technology.
getRequest() - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
 
getRequest() - Method in class org.springframework.security.web.context.HttpRequestResponseHolder
 
getRequest() - Method in class org.springframework.security.web.FilterInvocation
 
getRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.HttpSessionRequestCache
 
getRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.NullRequestCache
 
getRequest(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.savedrequest.RequestCache
Returns the saved request, leaving it cached.
getRequestMatcher() - Method in class org.springframework.security.web.DefaultSecurityFilterChain
 
getRequestURI() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getRequestUrl() - Method in class org.springframework.security.web.FilterInvocation
Obtains the web application-specific fragment of the URL.
getRequestURL() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getResponse() - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag
This method allows subclasses to provide a way to access the ServletResponse according to the rendering technology.
getResponse() - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
 
getResponse() - Method in class org.springframework.security.web.context.HttpRequestResponseHolder
 
getResponse() - Method in class org.springframework.security.web.FilterInvocation
 
getReturnObject() - Method in interface org.springframework.security.access.expression.method.MethodSecurityExpressionOperations
 
getRoleHierarchy() - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
 
getRolePrefix() - Method in class org.springframework.security.access.intercept.RunAsManagerImpl
 
getRolePrefix() - Method in class org.springframework.security.access.vote.RoleVoter
 
getRolePrefix() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
 
getRolePrefix() - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
Returns the role prefix used by this populator Method available so that classes extending this can override
getRoomNumber() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getRootObject() - Method in class org.springframework.security.data.repository.query.SecurityEvaluationContextExtension
 
getRunAsManager() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
 
getSalt(UserDetails) - Method in class org.springframework.security.authentication.dao.ReflectionSaltSource
Performs reflection on the passed User to obtain the salt.
getSalt(UserDetails) - Method in interface org.springframework.security.authentication.dao.SaltSource
Returns the salt to use for the indicated user.
getSalt(UserDetails) - Method in class org.springframework.security.authentication.dao.SystemWideSaltSource
 
getSaltSource() - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
 
getSaltSource() - Method in class org.springframework.security.config.authentication.PasswordEncoderParser
 
getScheme() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getSecuredUiPrefix() - Static method in class org.springframework.security.taglibs.TagLibConfig
 
getSecuredUiSuffix() - Static method in class org.springframework.security.taglibs.TagLibConfig
 
getSecureKeyword() - Method in class org.springframework.security.web.access.channel.SecureChannelProcessor
 
getSecureObject() - Method in class org.springframework.security.access.intercept.InterceptorStatusToken
 
getSecureObjectClass() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
Indicates the type of secure objects the subclass will be presenting to the abstract parent for processing.
getSecureObjectClass() - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor
 
getSecureObjectClass() - Method in class org.springframework.security.messaging.access.intercept.ChannelSecurityInterceptor
 
getSecureObjectClass() - Method in class org.springframework.security.web.access.intercept.FilterSecurityInterceptor
 
getSecurityContext() - Method in class org.springframework.security.access.intercept.InterceptorStatusToken
 
getSecurityContextRepository(HttpServletRequest) - Static method in class org.springframework.security.test.web.support.WebTestUtils
Gets the SecurityContextRepository for the specified HttpServletRequest.
getSecurityContexts() - Method in class org.springframework.security.core.session.SessionDestroyedEvent
Provides the SecurityContext instances which were associated with the destroyed session.
getSecurityContexts() - Method in class org.springframework.security.web.session.HttpSessionDestroyedEvent
 
getSecurityDispatcherTypes() - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
Get the DispatcherType for the springSecurityFilterChain.
getSecurityMetadataSource() - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor
 
getSecurityMetadataSource() - Method in class org.springframework.security.web.access.channel.ChannelProcessingFilter
 
getSecurityMetadataSource() - Method in class org.springframework.security.web.access.intercept.FilterSecurityInterceptor
 
getSeries() - Method in class org.springframework.security.web.authentication.rememberme.PersistentRememberMeToken
 
getServerName() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getServerPort(ServletRequest) - Method in interface org.springframework.security.web.PortResolver
Indicates the port the ServletRequest was received on.
getServerPort(ServletRequest) - Method in class org.springframework.security.web.PortResolverImpl
 
getServerPort() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getService() - Method in class org.springframework.security.cas.ServiceProperties
Represents the service the user is authenticating to.
getService() - Method in class org.springframework.security.ldap.server.ApacheDSContainer
 
getServiceParameter() - Method in class org.springframework.security.cas.ServiceProperties
Configures the Request parameter to look for when attempting to send a request to CAS.
getServiceProperties() - Method in class org.springframework.security.cas.web.CasAuthenticationEntryPoint
 
getServiceUrl() - Method in interface org.springframework.security.cas.web.authentication.ServiceAuthenticationDetails
Gets the absolute service url (i.e.
getServletContext() - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag
This method allows subclasses to provide a way to access the ServletContext according to the rendering technology.
getServletContext() - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
 
getServletPath() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getSession() - Method in class org.springframework.security.web.session.HttpSessionCreatedEvent
 
getSession() - Method in class org.springframework.security.web.session.HttpSessionDestroyedEvent
 
getSessionId() - Method in class org.springframework.security.core.session.SessionInformation
 
getSessionId() - Method in class org.springframework.security.web.authentication.WebAuthenticationDetails
Indicates the HttpSession id the authentication request was received from.
getSessionInformation(String) - Method in interface org.springframework.security.core.session.SessionRegistry
Obtains the session information for the specified sessionId.
getSessionInformation(String) - Method in class org.springframework.security.core.session.SessionRegistryImpl
 
getSessionTrackingModes() - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
Determines how a session should be tracked.
getSharedObject(Class<C>) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Gets a shared Object.
getSharedObject(Class<C>) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder
Gets a shared Object.
getSharedObjects() - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Gets the shared objects
getSid() - Method in class org.springframework.security.acls.domain.AccessControlEntryImpl
 
getSid() - Method in interface org.springframework.security.acls.model.AccessControlEntry
 
getSids(Authentication) - Method in class org.springframework.security.acls.domain.SidRetrievalStrategyImpl
 
getSids(Authentication) - Method in interface org.springframework.security.acls.model.SidRetrievalStrategy
 
getSn() - Method in class org.springframework.security.ldap.userdetails.Person
 
getSource() - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority
Returns the original user associated with a successful user switch.
getStatelessTicketCache() - Method in class org.springframework.security.cas.authentication.CasAuthenticationProvider
 
getStaticPart() - Method in class org.springframework.security.access.intercept.aspectj.MethodInvocationAdapter
 
getStaticPart() - Method in class org.springframework.security.util.SimpleMethodInvocation
 
getStatus() - Method in exception org.springframework.security.ldap.ppolicy.PasswordPolicyException
 
getStatus() - Method in class org.springframework.security.openid.OpenIDAuthenticationToken
 
getStreet() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getStringSeparator() - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
 
getSuccessHandler() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
 
getSystemWideSalt() - Method in class org.springframework.security.authentication.dao.SystemWideSaltSource
 
getTargetUrlParameter() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
 
getTargetUser() - Method in class org.springframework.security.web.authentication.switchuser.AuthenticationSwitchUserEvent
 
getTelephoneNumber() - Method in class org.springframework.security.ldap.userdetails.Person
 
getThis() - Method in interface org.springframework.security.access.expression.method.MethodSecurityExpressionOperations
 
getThis() - Method in class org.springframework.security.access.intercept.aspectj.MethodInvocationAdapter
 
getThis() - Method in class org.springframework.security.util.SimpleMethodInvocation
 
getTicketValidator() - Method in class org.springframework.security.cas.authentication.CasAuthenticationProvider
 
getTimeBeforeExpiration() - Method in interface org.springframework.security.ldap.ppolicy.PasswordPolicyData
 
getTimeBeforeExpiration() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyResponseControl
Returns the timeBeforeExpiration.
getTimeBeforeExpiration() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
 
getTitle() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getToken() - Method in interface org.springframework.security.web.csrf.CsrfToken
Gets the token value.
getToken() - Method in class org.springframework.security.web.csrf.DefaultCsrfToken
 
getTokenForSeries(String) - Method in class org.springframework.security.web.authentication.rememberme.InMemoryTokenRepositoryImpl
 
getTokenForSeries(String) - Method in class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl
Loads the token data for the supplied series identifier.
getTokenForSeries(String) - Method in interface org.springframework.security.web.authentication.rememberme.PersistentTokenRepository
 
getTokenValiditySeconds() - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
 
getTokenValue() - Method in class org.springframework.security.web.authentication.rememberme.PersistentRememberMeToken
 
getTranslatedPortMappings() - Method in class org.springframework.security.web.PortMapperImpl
Returns the translated (Integer -> Integer) version of the original port mapping specified via setHttpsPortMapping()
getType() - Method in class org.springframework.security.acls.domain.ObjectIdentityImpl
 
getType() - Method in interface org.springframework.security.acls.model.ObjectIdentity
Obtains the "type" metadata for the domain object.
getType() - Method in class org.springframework.security.openid.OpenIDAttribute
The attribute type Identifier (a URI).
getUid() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getUrl() - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag
 
getUrl() - Method in class org.springframework.security.web.util.RedirectUrlBuilder
 
getUserAttributes() - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticator
 
getUserCache() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
 
getUserCache() - Method in class org.springframework.security.config.authentication.CachingUserDetailsService
 
getUserCache() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
 
getUserDetails() - Method in class org.springframework.security.cas.authentication.CasAuthenticationToken
 
getUserDetailsContextMapper() - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
Provides access to the injected UserDetailsContextMapper strategy for use by subclasses.
getUserDetailsService() - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
 
getUserDetailsService() - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
 
getUserDetailsService() - Method in class org.springframework.security.config.annotation.authentication.configurers.userdetails.UserDetailsAwareConfigurer
Gets the UserDetailsService or null if it is not available
getUserDetailsService() - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
 
getUserDetailsService() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
 
getUserDns(String) - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticator
Builds list of possible DNs for the user, worked out from the userDnPatterns property.
getUserFromCache(String) - Method in class org.springframework.security.core.userdetails.cache.EhCacheBasedUserCache
 
getUserFromCache(String) - Method in class org.springframework.security.core.userdetails.cache.NullUserCache
 
getUserFromCache(String) - Method in class org.springframework.security.core.userdetails.cache.SpringCacheBasedUserCache
 
getUserFromCache(String) - Method in interface org.springframework.security.core.userdetails.UserCache
Obtains a UserDetails from the cache.
getUsername() - Method in class org.springframework.security.core.userdetails.User
 
getUsername() - Method in interface org.springframework.security.core.userdetails.UserDetails
Returns the username used to authenticate the user.
getUsername() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
 
getUsername() - Method in class org.springframework.security.web.authentication.rememberme.PersistentRememberMeToken
 
getUsernameParameter() - Method in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
 
getUserPrincipal() - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestWrapper
Returns the Authentication (which is a subclass of Principal), or null if unavailable.
getUserPropertyToUse() - Method in class org.springframework.security.authentication.dao.ReflectionSaltSource
 
getUserRoles(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource
Obtains the list of user roles based on the current user's JEE roles.
getUsersByUsernameQuery() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
 
getUserSearch() - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticator
 
getValue() - Method in class org.springframework.security.web.savedrequest.SavedCookie
 
getValues() - Method in class org.springframework.security.openid.OpenIDAttribute
The values obtained from an attribute exchange.
getValues() - Method in class org.springframework.security.web.header.Header
Gets the values of the header.
getVar() - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
 
getVersion() - Static method in class org.springframework.security.core.SpringSecurityCoreVersion
 
getVersion() - Method in class org.springframework.security.web.savedrequest.SavedCookie
 
GLOBAL_METHOD_SECURITY - Static variable in class org.springframework.security.config.Elements
 
GlobalAuthenticationConfigurerAdapter - Class in org.springframework.security.config.annotation.authentication.configurers
A SecurityConfigurer that can be exposed as a bean to configure the global AuthenticationManagerBuilder.
GlobalAuthenticationConfigurerAdapter() - Constructor for class org.springframework.security.config.annotation.authentication.configurers.GlobalAuthenticationConfigurerAdapter
 
GlobalMethodSecurityBeanDefinitionParser - Class in org.springframework.security.config.method
Processes the top-level "global-method-security" element.
GlobalMethodSecurityBeanDefinitionParser() - Constructor for class org.springframework.security.config.method.GlobalMethodSecurityBeanDefinitionParser
 
GlobalMethodSecurityConfiguration - Class in org.springframework.security.config.annotation.method.configuration
Base Configuration for enabling global method security.
GlobalMethodSecurityConfiguration() - Constructor for class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
 
gmtZone - Static variable in class org.springframework.security.web.savedrequest.FastHttpDateFormat
GMT time zone - all HTTP dates are on GMT
grant(Principal) - Method in interface org.springframework.security.authentication.jaas.AuthorityGranter
The grant method is called for each principal returned from the LoginContext subject.
GrantedAuthoritiesContainer - Interface in org.springframework.security.core.authority
Indicates that a object stores GrantedAuthority objects.
GrantedAuthoritiesMapper - Interface in org.springframework.security.core.authority.mapping
Mapping interface which can be injected into the authentication layer to convert the authorities loaded from storage into those which will be used in the Authentication object.
GrantedAuthority - Interface in org.springframework.security.core
Represents an authority granted to an Authentication object.
GrantedAuthorityFromAssertionAttributesUserDetailsService - Class in org.springframework.security.cas.userdetails
Populates the GrantedAuthoritys for a user by reading a list of attributes that were returned as part of the CAS response.
GrantedAuthorityFromAssertionAttributesUserDe