Skip navigation links

Spring Security 4.2.7.RELEASE API

Spring Security Core 
Package Description
org.springframework.security.access
Core access-control related code, including security metadata related classes, interception code, access control annotations, EL support and voter-based implementations of the central AccessDecisionManager interface.
org.springframework.security.access.annotation
Support for JSR-250 and Spring Security @Secured annotations.
org.springframework.security.access.event
Authorization event and listener classes.
org.springframework.security.access.expression
Expression handling code to support the use of Spring-EL based expressions in @PreAuthorize, @PreFilter, @PostAuthorize and @PostFilter annotations.
org.springframework.security.access.expression.method
Implementation of expression-based method security.
org.springframework.security.access.hierarchicalroles
Role hierarchy implementation.
org.springframework.security.access.intercept
Abstract level security interception classes which are responsible for enforcing the configured security constraints for a secure object.
org.springframework.security.access.intercept.aopalliance
Enforces security for AOP Alliance MethodInvocations, such as via Spring AOP.
org.springframework.security.access.intercept.aspectj
Enforces security for AspectJ JointPoints, delegating secure object callbacks to the calling aspect.
org.springframework.security.access.method
Provides SecurityMetadataSource implementations for securing Java method invocations via different AOP libraries.
org.springframework.security.access.prepost
Contains the infrastructure classes for handling the @PreAuthorize, @PreFilter, @PostAuthorize and @PostFilter annotations.
org.springframework.security.access.vote
Implements a vote-based approach to authorization decisions.
org.springframework.security.authentication
Core classes and interfaces related to user authentication, which are used throughout Spring Security.
org.springframework.security.authentication.dao
An AuthenticationProvider which relies upon a data access object.
org.springframework.security.authentication.encoding
Password encoding implementations.
org.springframework.security.authentication.event
Authentication success and failure events which can be published to the Spring application context.
org.springframework.security.authentication.jaas
An authentication provider for JAAS.
org.springframework.security.authentication.jaas.event
JAAS authentication events which can be published to the Spring application context by the JAAS authentication provider.
org.springframework.security.authentication.jaas.memory
An in memory JAAS implementation.
org.springframework.security.authentication.rcp
Allows remote clients to authenticate and obtain a populated Authentication object.
org.springframework.security.core
Core classes and interfaces related to user authentication and authorization, as well as the maintenance of a security context.
org.springframework.security.core.annotation  
org.springframework.security.core.authority
The default implementation of the GrantedAuthority interface.
org.springframework.security.core.authority.mapping
Strategies for mapping a list of attributes (such as roles or LDAP groups) to a list of GrantedAuthoritys.
org.springframework.security.core.context
Classes related to the establishment of a security context for the duration of a request (such as an HTTP or RMI invocation).
org.springframework.security.core.parameters  
org.springframework.security.core.session
Session abstraction which is provided by the org.springframework.security.core.session.SessionInformation SessionInformation class.
org.springframework.security.core.token
A service for building secure random tokens.
org.springframework.security.core.userdetails
The standard interfaces for implementing user data DAOs.
org.springframework.security.core.userdetails.cache
Implementations of UserCache.
org.springframework.security.core.userdetails.jdbc
Exposes a JDBC-based authentication repository, implementing org.springframework.security.core.userdetails.UserDetailsService UserDetailsService.
org.springframework.security.core.userdetails.memory
Exposes an in-memory authentication repository.
org.springframework.security.provisioning
Contains simple user and authority group account provisioning interfaces together with a a JDBC-based implementation.
org.springframework.security.remoting.dns
DNS resolution.
org.springframework.security.remoting.httpinvoker
Enables use of Spring's HttpInvoker extension points to present the principal and credentials located in the ContextHolder via BASIC authentication.
org.springframework.security.remoting.rmi
Enables use of Spring's RMI remoting extension points to propagate the SecurityContextHolder (which should contain an Authentication request token) from one JVM to the remote JVM.
org.springframework.security.util
General utility classes used throughout the Spring Security framework.
Spring Security Web 
Package Description
org.springframework.security.web
Spring Security's web security module.
org.springframework.security.web.access
Access-control related classes and packages.
org.springframework.security.web.access.channel
Classes that ensure web requests are received over required transport channels.
org.springframework.security.web.access.expression
Implementation of web security expressions.
org.springframework.security.web.access.intercept
Enforcement of security for HTTP requests, typically by the URL requested.
org.springframework.security.web.authentication
Authentication processing mechanisms, which respond to the submission of authentication credentials using various protocols (eg BASIC, CAS, form login etc).
org.springframework.security.web.authentication.logout
Logout functionality based around a filter which handles a specific logout URL.
org.springframework.security.web.authentication.preauth
Support for "pre-authenticated" scenarios, where Spring Security assumes the incoming request has already been authenticated by some externally configured system.
org.springframework.security.web.authentication.preauth.j2ee
Pre-authentication support for container-authenticated requests.
org.springframework.security.web.authentication.preauth.websphere
Websphere-specific pre-authentication classes.
org.springframework.security.web.authentication.preauth.x509
X.509 client certificate authentication support.
org.springframework.security.web.authentication.rememberme
Support for remembering a user between different web sessions.
org.springframework.security.web.authentication.session
Strategy interface and implementations for handling session-related behaviour for a newly authenticated user.
org.springframework.security.web.authentication.switchuser
Provides HTTP-based "switch user" (su) capabilities.
org.springframework.security.web.authentication.ui
Authentication user-interface rendering code.
org.springframework.security.web.authentication.www
WWW-Authenticate based authentication mechanism implementations: Basic and Digest authentication.
org.springframework.security.web.bind.annotation  
org.springframework.security.web.bind.support  
org.springframework.security.web.context
Classes which are responsible for maintaining the security context between HTTP requests.
org.springframework.security.web.context.request.async  
org.springframework.security.web.context.support  
org.springframework.security.web.csrf  
org.springframework.security.web.debug  
org.springframework.security.web.firewall  
org.springframework.security.web.header  
org.springframework.security.web.header.writers  
org.springframework.security.web.header.writers.frameoptions  
org.springframework.security.web.jaasapi
Makes a JAAS Subject available as the current Subject.
org.springframework.security.web.jackson2
Mix-in classes to provide Jackson serialization support.
org.springframework.security.web.method.annotation  
org.springframework.security.web.savedrequest
Classes related to the caching of an HttpServletRequest which requires authentication.
org.springframework.security.web.servlet.support.csrf  
org.springframework.security.web.servlet.util.matcher  
org.springframework.security.web.servletapi
Populates a Servlet request with a new Spring Security compliant HttpServletRequestWrapper.
org.springframework.security.web.session
Session management filters, HttpSession events and publisher classes.
org.springframework.security.web.util
Web utility classes.
org.springframework.security.web.util.matcher  
Spring Security LDAP 
Package Description
org.springframework.security.ldap
Spring Security's LDAP module.
org.springframework.security.ldap.authentication
The LDAP authentication provider package.
org.springframework.security.ldap.authentication.ad  
org.springframework.security.ldap.ppolicy
Implementation of password policy functionality based on the Password Policy for LDAP Directories.
org.springframework.security.ldap.search
LdapUserSearch implementations.
org.springframework.security.ldap.server
Embedded Apache Directory Server implementation, as used by the configuration namespace.
org.springframework.security.ldap.userdetails
LDAP-focused UserDetails implementations which map from a ubset of the data contained in some of the standard LDAP types (such as InetOrgPerson).
Spring Security Crypto 
Package Description
org.springframework.security.crypto.bcrypt  
org.springframework.security.crypto.codec
Internal codec classes.
org.springframework.security.crypto.encrypt  
org.springframework.security.crypto.factory  
org.springframework.security.crypto.keygen  
org.springframework.security.crypto.password  
org.springframework.security.crypto.scrypt  
org.springframework.security.crypto.util  
Spring Security OpenID 
Package Description
org.springframework.security.openid
Authenticates standard web browser users via OpenID.
Spring Security CAS 
Package Description
org.springframework.security.cas
Spring Security support for Jasig's Central Authentication Service (CAS).
org.springframework.security.cas.authentication
An AuthenticationProvider that can process CAS service tickets and proxy tickets.
org.springframework.security.cas.jackson2  
org.springframework.security.cas.userdetails  
org.springframework.security.cas.web
Authenticates standard web browser users via CAS.
org.springframework.security.cas.web.authentication
Authentication processing mechanisms which respond to the submission of authentication credentials using CAS.
Spring Security ACL 
Package Description
org.springframework.security.acls
The Spring Security ACL package which implements instance-based security for domain objects.
org.springframework.security.acls.afterinvocation
After-invocation providers for collection and array filtering.
org.springframework.security.acls.domain
Basic implementation of access control lists (ACLs) interfaces.
org.springframework.security.acls.jdbc
JDBC-based persistence of ACL information
org.springframework.security.acls.model
Interfaces and shared classes to manage access control lists (ACLs) for domain object instances.
Spring Security Config 
Package Description
org.springframework.security.config
Support classes for the Spring Security namespace.
org.springframework.security.config.annotation  
org.springframework.security.config.annotation.authentication  
org.springframework.security.config.annotation.authentication.builders  
org.springframework.security.config.annotation.authentication.configuration  
org.springframework.security.config.annotation.authentication.configurers  
org.springframework.security.config.annotation.authentication.configurers.ldap  
org.springframework.security.config.annotation.authentication.configurers.provisioning  
org.springframework.security.config.annotation.authentication.configurers.userdetails  
org.springframework.security.config.annotation.configuration  
org.springframework.security.config.annotation.method.configuration  
org.springframework.security.config.annotation.web  
org.springframework.security.config.annotation.web.builders  
org.springframework.security.config.annotation.web.configuration  
org.springframework.security.config.annotation.web.configurers  
org.springframework.security.config.annotation.web.configurers.openid  
org.springframework.security.config.annotation.web.messaging  
org.springframework.security.config.annotation.web.servlet.configuration  
org.springframework.security.config.annotation.web.socket  
org.springframework.security.config.authentication
Parsing of <authentication-manager> and related elements.
org.springframework.security.config.core  
org.springframework.security.config.debug  
org.springframework.security.config.http
Parsing of the <http> namespace element.
org.springframework.security.config.ldap
Security namespace support for LDAP authentication.
org.springframework.security.config.method
Support for parsing of the <global-method-security> and <intercept-methods> elements.
org.springframework.security.config.websocket  
Spring Security Taglibs 
Package Description
org.springframework.security.taglibs
Security related tag libraries that can be used in JSPs and templates.
org.springframework.security.taglibs.authz
JSP Security tag library implementation.
org.springframework.security.taglibs.csrf  
Other Packages 
Package Description
org.springframework.security.concurrent  
org.springframework.security.context  
org.springframework.security.data.repository.query  
org.springframework.security.jackson2
Mix-in classes to add Jackson serialization support.
org.springframework.security.messaging.access.expression  
org.springframework.security.messaging.access.intercept  
org.springframework.security.messaging.context  
org.springframework.security.messaging.util.matcher  
org.springframework.security.messaging.web.csrf  
org.springframework.security.messaging.web.socket.server  
org.springframework.security.scheduling  
org.springframework.security.task  
org.springframework.security.test.context  
org.springframework.security.test.context.annotation  
org.springframework.security.test.context.support  
org.springframework.security.test.web.servlet.request  
org.springframework.security.test.web.servlet.response  
org.springframework.security.test.web.servlet.setup  
org.springframework.security.test.web.support  
Skip navigation links