Skip navigation links
A B C D E F G H I J K L M N O P Q R S T U V W X Z 

A

abort() - Method in class org.springframework.security.authentication.jaas.SecurityContextLoginModule
Abort the authentication process by forgetting the Spring Security Authentication.
AbstractAccessDecisionManager - Class in org.springframework.security.access.vote
Abstract implementation of AccessDecisionManager.
AbstractAccessDecisionManager(List<AccessDecisionVoter<? extends Object>>) - Constructor for class org.springframework.security.access.vote.AbstractAccessDecisionManager
 
AbstractAclProvider - Class in org.springframework.security.acls.afterinvocation
Abstract AfterInvocationProvider which provides commonly-used ACL-related services.
AbstractAclProvider(AclService, String, List<Permission>) - Constructor for class org.springframework.security.acls.afterinvocation.AbstractAclProvider
 
AbstractAclVoter - Class in org.springframework.security.access.vote
Provides helper methods for writing domain object ACL voters.
AbstractAclVoter() - Constructor for class org.springframework.security.access.vote.AbstractAclVoter
 
AbstractAuthenticationEvent - Class in org.springframework.security.authentication.event
Represents an application authentication event.
AbstractAuthenticationEvent(Authentication) - Constructor for class org.springframework.security.authentication.event.AbstractAuthenticationEvent
 
AbstractAuthenticationFailureEvent - Class in org.springframework.security.authentication.event
Abstract application event which indicates authentication failure for some reason.
AbstractAuthenticationFailureEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AbstractAuthenticationFailureEvent
 
AbstractAuthenticationFilterConfigurer<B extends HttpSecurityBuilder<B>,T extends AbstractAuthenticationFilterConfigurer<B,T,F>,F extends AbstractAuthenticationProcessingFilter> - Class in org.springframework.security.config.annotation.web.configurers
Base class for configuring AbstractAuthenticationFilterConfigurer.
AbstractAuthenticationFilterConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Creates a new instance with minimal defaults
AbstractAuthenticationFilterConfigurer(F, String) - Constructor for class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Creates a new instance
AbstractAuthenticationProcessingFilter - Class in org.springframework.security.web.authentication
Abstract processor of browser-based HTTP-based authentication requests.
AbstractAuthenticationProcessingFilter(String) - Constructor for class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
 
AbstractAuthenticationProcessingFilter(RequestMatcher) - Constructor for class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
Creates a new instance
AbstractAuthenticationTargetUrlRequestHandler - Class in org.springframework.security.web.authentication
Base class containing the logic used by strategies which handle redirection to a URL and are passed an Authentication object as part of the contract.
AbstractAuthenticationTargetUrlRequestHandler() - Constructor for class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
 
AbstractAuthenticationToken - Class in org.springframework.security.authentication
Base class for Authentication objects.
AbstractAuthenticationToken(Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.authentication.AbstractAuthenticationToken
Creates a token with the supplied array of authorities.
AbstractAuthorizationEvent - Class in org.springframework.security.access.event
Abstract superclass for all security interception related events.
AbstractAuthorizationEvent(Object) - Constructor for class org.springframework.security.access.event.AbstractAuthorizationEvent
Construct the event, passing in the secure object being intercepted.
AbstractAuthorizeTag - Class in org.springframework.security.taglibs.authz
A base class for an <authorize> tag that is independent of the tag rendering technology (JSP, Facelets).
AbstractAuthorizeTag() - Constructor for class org.springframework.security.taglibs.authz.AbstractAuthorizeTag
 
AbstractCasAssertionUserDetailsService - Class in org.springframework.security.cas.userdetails
Abstract class for using the provided CAS assertion to construct a new User object.
AbstractCasAssertionUserDetailsService() - Constructor for class org.springframework.security.cas.userdetails.AbstractCasAssertionUserDetailsService
 
AbstractConfigAttributeRequestMatcherRegistry<C> - Class in org.springframework.security.config.annotation.web.configurers
A base class for registering RequestMatcher's.
AbstractConfigAttributeRequestMatcherRegistry() - Constructor for class org.springframework.security.config.annotation.web.configurers.AbstractConfigAttributeRequestMatcherRegistry
 
AbstractConfiguredSecurityBuilder<O,B extends SecurityBuilder<O>> - Class in org.springframework.security.config.annotation
A base SecurityBuilder that allows SecurityConfigurer to be applied to it.
AbstractConfiguredSecurityBuilder(ObjectPostProcessor<Object>) - Constructor for class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Creates a new instance with the provided ObjectPostProcessor.
AbstractConfiguredSecurityBuilder(ObjectPostProcessor<Object>, boolean) - Constructor for class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Creates a new instance with the provided ObjectPostProcessor.
AbstractFallbackMethodSecurityMetadataSource - Class in org.springframework.security.access.method
Abstract implementation of MethodSecurityMetadataSource that supports both Spring AOP and AspectJ and performs attribute resolution from: 1.
AbstractFallbackMethodSecurityMetadataSource() - Constructor for class org.springframework.security.access.method.AbstractFallbackMethodSecurityMetadataSource
 
AbstractHttpConfigurer<T extends AbstractHttpConfigurer<T,B>,B extends HttpSecurityBuilder<B>> - Class in org.springframework.security.config.annotation.web.configurers
Adds a convenient base class for SecurityConfigurer instances that operate on HttpSecurity.
AbstractHttpConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer
 
AbstractJaasAuthenticationProvider - Class in org.springframework.security.authentication.jaas
An AuthenticationProvider implementation that retrieves user details from a JAAS login configuration.
AbstractJaasAuthenticationProvider() - Constructor for class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
 
AbstractLdapAuthenticationProvider - Class in org.springframework.security.ldap.authentication
Base class for the standard LdapAuthenticationProvider and the ActiveDirectoryLdapAuthenticationProvider.
AbstractLdapAuthenticationProvider() - Constructor for class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
 
AbstractLdapAuthenticator - Class in org.springframework.security.ldap.authentication
Base class for the authenticator implementations.
AbstractLdapAuthenticator(ContextSource) - Constructor for class org.springframework.security.ldap.authentication.AbstractLdapAuthenticator
Create an initialized instance with the ContextSource provided.
AbstractMethodSecurityMetadataSource - Class in org.springframework.security.access.method
Abstract implementation of MethodSecurityMetadataSource which resolves the secured object type to a MethodInvocation.
AbstractMethodSecurityMetadataSource() - Constructor for class org.springframework.security.access.method.AbstractMethodSecurityMetadataSource
 
AbstractOAuth2AuthorizationGrantRequest - Class in org.springframework.security.oauth2.client.endpoint
Base implementation of an OAuth 2.0 Authorization Grant request that holds an authorization grant credential and is used when initiating a request to the Authorization Server's Token Endpoint.
AbstractOAuth2AuthorizationGrantRequest(AuthorizationGrantType) - Constructor for class org.springframework.security.oauth2.client.endpoint.AbstractOAuth2AuthorizationGrantRequest
Sub-class constructor.
AbstractOAuth2Token - Class in org.springframework.security.oauth2.core
Base class for OAuth 2.0 Token implementations.
AbstractOAuth2Token(String) - Constructor for class org.springframework.security.oauth2.core.AbstractOAuth2Token
Sub-class constructor.
AbstractOAuth2Token(String, Instant, Instant) - Constructor for class org.springframework.security.oauth2.core.AbstractOAuth2Token
Sub-class constructor.
AbstractOAuth2TokenAuthenticationToken<T extends AbstractOAuth2Token> - Class in org.springframework.security.oauth2.server.resource.authentication
Base class for AbstractAuthenticationToken implementations that expose common attributes between different OAuth 2.0 Access Token Formats.
AbstractOAuth2TokenAuthenticationToken(T) - Constructor for class org.springframework.security.oauth2.server.resource.authentication.AbstractOAuth2TokenAuthenticationToken
Sub-class constructor.
AbstractOAuth2TokenAuthenticationToken(T, Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.oauth2.server.resource.authentication.AbstractOAuth2TokenAuthenticationToken
Sub-class constructor.
AbstractPasswordEncoder - Class in org.springframework.security.crypto.password
Abstract base class for password encoders
AbstractPasswordEncoder() - Constructor for class org.springframework.security.crypto.password.AbstractPasswordEncoder
 
AbstractPermission - Class in org.springframework.security.acls.domain
Provides an abstract superclass for Permission implementations.
AbstractPermission(int) - Constructor for class org.springframework.security.acls.domain.AbstractPermission
Sets the permission mask and uses the '*' character to represent active bits when represented as a bit pattern string.
AbstractPermission(int, char) - Constructor for class org.springframework.security.acls.domain.AbstractPermission
Sets the permission mask and uses the specified character for active bits.
AbstractPreAuthenticatedProcessingFilter - Class in org.springframework.security.web.authentication.preauth
Base class for processing filters that handle pre-authenticated authentication requests, where it is assumed that the principal has already been authenticated by an external system.
AbstractPreAuthenticatedProcessingFilter() - Constructor for class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
 
AbstractRememberMeServices - Class in org.springframework.security.web.authentication.rememberme
Base class for RememberMeServices implementations.
AbstractRememberMeServices(String, UserDetailsService) - Constructor for class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
 
AbstractRequestMatcherRegistry<C> - Class in org.springframework.security.config.annotation.web
A base class for registering RequestMatcher's.
AbstractRequestMatcherRegistry() - Constructor for class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
 
AbstractRetryEntryPoint - Class in org.springframework.security.web.access.channel
 
AbstractRetryEntryPoint(String, int) - Constructor for class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
 
AbstractSecurityBuilder<O> - Class in org.springframework.security.config.annotation
A base SecurityBuilder that ensures the object being built is only built one time.
AbstractSecurityBuilder() - Constructor for class org.springframework.security.config.annotation.AbstractSecurityBuilder
 
AbstractSecurityExpressionHandler<T> - Class in org.springframework.security.access.expression
Base implementation of the facade which isolates Spring Security's requirements for evaluating security expressions from the implementation of the underlying expression objects.
AbstractSecurityExpressionHandler() - Constructor for class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
 
AbstractSecurityInterceptor - Class in org.springframework.security.access.intercept
Abstract class that implements security interception for secure objects.
AbstractSecurityInterceptor() - Constructor for class org.springframework.security.access.intercept.AbstractSecurityInterceptor
 
AbstractSecurityWebApplicationInitializer - Class in org.springframework.security.web.context
Registers the DelegatingFilterProxy to use the springSecurityFilterChain before any other registered Filter.
AbstractSecurityWebApplicationInitializer() - Constructor for class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
Creates a new instance that assumes the Spring Security configuration is loaded by some other means than this class.
AbstractSecurityWebApplicationInitializer(Class<?>...) - Constructor for class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
Creates a new instance that will instantiate the ContextLoaderListener with the specified classes.
AbstractSecurityWebSocketMessageBrokerConfigurer - Class in org.springframework.security.config.annotation.web.socket
Allows configuring WebSocket Authorization.
AbstractSecurityWebSocketMessageBrokerConfigurer() - Constructor for class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
 
AbstractUserDetailsAuthenticationProvider - Class in org.springframework.security.authentication.dao
A base AuthenticationProvider that allows subclasses to override and work with UserDetails objects.
AbstractUserDetailsAuthenticationProvider() - Constructor for class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
 
AbstractUserDetailsServiceBeanDefinitionParser - Class in org.springframework.security.config.authentication
 
AbstractUserDetailsServiceBeanDefinitionParser() - Constructor for class org.springframework.security.config.authentication.AbstractUserDetailsServiceBeanDefinitionParser
 
acceptMediaType(MediaType) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.FormLoginRequestBuilder
Specify a media type to set as the Accept header in the request.
access(String) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
Allows specifying that URLs are secured by an arbitrary expression
access(String...) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.AuthorizedUrl
Specifies that the user must have the specified ConfigAttribute's
access(String) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
Allows specifying that Messages are secured by an arbitrary expression
Access() - Constructor for class org.springframework.security.config.web.server.ServerHttpSecurity.AuthorizeExchangeSpec.Access
 
access(ReactiveAuthorizationManager<AuthorizationContext>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.AuthorizeExchangeSpec.Access
Allows plugging in a custom authorization strategy
ACCESS_ABSTAIN - Static variable in interface org.springframework.security.access.AccessDecisionVoter
 
ACCESS_DENIED - Static variable in interface org.springframework.security.access.AccessDecisionVoter
 
ACCESS_DENIED - Static variable in interface org.springframework.security.oauth2.core.OAuth2ErrorCodes
access_denied - The resource owner or authorization server denied the request.
ACCESS_DENIED_403 - Static variable in class org.springframework.security.web.WebAttributes
Used to cache an AccessDeniedException in the request for rendering.
ACCESS_DENIED_HANDLER - Static variable in class org.springframework.security.config.Elements
 
ACCESS_GRANTED - Static variable in interface org.springframework.security.access.AccessDecisionVoter
 
ACCESS_TOKEN - Static variable in interface org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames
access_token - used in Authorization Response and Access Token Response.
AccessControlEntry - Interface in org.springframework.security.acls.model
Represents an individual permission assignment within an Acl.
AccessControlEntryImpl - Class in org.springframework.security.acls.domain
An immutable default implementation of AccessControlEntry.
AccessControlEntryImpl(Serializable, Acl, Sid, Permission, boolean, boolean, boolean) - Constructor for class org.springframework.security.acls.domain.AccessControlEntryImpl
 
AccessControlListTag - Class in org.springframework.security.taglibs.authz
An implementation of Tag that allows its body through if all authorizations are granted to the request's principal.
AccessControlListTag() - Constructor for class org.springframework.security.taglibs.authz.AccessControlListTag
 
AccessDecisionManager - Interface in org.springframework.security.access
Makes a final access control (authorization) decision.
accessDecisionManager() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
Allows subclasses to provide a custom AccessDecisionManager.
AccessDecisionVoter<S> - Interface in org.springframework.security.access
Indicates a class is responsible for voting on authorization decisions.
AccessDeniedException - Exception in org.springframework.security.access
Thrown if an Authentication object does not hold a required authority.
AccessDeniedException(String) - Constructor for exception org.springframework.security.access.AccessDeniedException
Constructs an AccessDeniedException with the specified message.
AccessDeniedException(String, Throwable) - Constructor for exception org.springframework.security.access.AccessDeniedException
Constructs an AccessDeniedException with the specified message and root cause.
accessDeniedHandler(AccessDeniedHandler) - Method in class org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer
Specifies the AccessDeniedHandler to be used
accessDeniedHandler(AccessDeniedHandler) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer
 
accessDeniedHandler(ServerAccessDeniedHandler) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.CsrfSpec
Configures the ServerAccessDeniedHandler used when a CSRF token is invalid.
accessDeniedHandler(ServerAccessDeniedHandler) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.ExceptionHandlingSpec
Configures what to do when an authenticated user does not hold a required authority
AccessDeniedHandler - Interface in org.springframework.security.web.access
Used by ExceptionTranslationFilter to handle an AccessDeniedException.
AccessDeniedHandlerImpl - Class in org.springframework.security.web.access
Base implementation of AccessDeniedHandler.
AccessDeniedHandlerImpl() - Constructor for class org.springframework.security.web.access.AccessDeniedHandlerImpl
 
accessDeniedPage(String) - Method in class org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer
Shortcut to specify the AccessDeniedHandler to be used is a specific error page
accessTokenResponseClient(OAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest>) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2ClientConfigurer.AuthorizationCodeGrantConfigurer
Sets the client used for requesting the access token credential from the Token Endpoint.
accessTokenResponseClient(OAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest>) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer.TokenEndpointConfig
Sets the client used for requesting the access token credential from the Token Endpoint.
accountExpired(boolean) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
Defines if the account is expired or not.
accountExpired(boolean) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
Defines if the account is expired or not.
accountExpired(boolean) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.UserExchangeMutator
 
AccountExpiredException - Exception in org.springframework.security.authentication
Thrown if an authentication request is rejected because the account has expired.
AccountExpiredException(String) - Constructor for exception org.springframework.security.authentication.AccountExpiredException
Constructs a AccountExpiredException with the specified message.
AccountExpiredException(String, Throwable) - Constructor for exception org.springframework.security.authentication.AccountExpiredException
Constructs a AccountExpiredException with the specified message and root cause.
accountLocked(boolean) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
Defines if the account is locked or not.
accountLocked(boolean) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
Defines if the account is locked or not.
accountLocked(boolean) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.UserExchangeMutator
 
AccountStatusException - Exception in org.springframework.security.authentication
Base class for authentication exceptions which are caused by a particular user account status (locked, disabled etc).
AccountStatusException(String) - Constructor for exception org.springframework.security.authentication.AccountStatusException
 
AccountStatusException(String, Throwable) - Constructor for exception org.springframework.security.authentication.AccountStatusException
 
AccountStatusUserDetailsChecker - Class in org.springframework.security.authentication
 
AccountStatusUserDetailsChecker() - Constructor for class org.springframework.security.authentication.AccountStatusUserDetailsChecker
 
Acl - Interface in org.springframework.security.acls.model
Represents an access control list (ACL) for a domain object.
AclAuthorizationStrategy - Interface in org.springframework.security.acls.domain
Strategy used by AclImpl to determine whether a principal is permitted to call adminstrative methods on the AclImpl.
AclAuthorizationStrategyImpl - Class in org.springframework.security.acls.domain
Default implementation of AclAuthorizationStrategy.
AclAuthorizationStrategyImpl(GrantedAuthority...) - Constructor for class org.springframework.security.acls.domain.AclAuthorizationStrategyImpl
Constructor.
AclCache - Interface in org.springframework.security.acls.model
A caching layer for JdbcAclService.
AclDataAccessException - Exception in org.springframework.security.acls.model
Abstract base class for Acl data operations.
AclDataAccessException(String, Throwable) - Constructor for exception org.springframework.security.acls.model.AclDataAccessException
Constructs an AclDataAccessException with the specified message and root cause.
AclDataAccessException(String) - Constructor for exception org.springframework.security.acls.model.AclDataAccessException
Constructs an AclDataAccessException with the specified message and no root cause.
AclEntryAfterInvocationCollectionFilteringProvider - Class in org.springframework.security.acls.afterinvocation
Given a Collection of domain object instances returned from a secure object invocation, remove any Collection elements the principal does not have appropriate permission to access as defined by the AclService.
AclEntryAfterInvocationCollectionFilteringProvider(AclService, List<Permission>) - Constructor for class org.springframework.security.acls.afterinvocation.AclEntryAfterInvocationCollectionFilteringProvider
 
AclEntryAfterInvocationProvider - Class in org.springframework.security.acls.afterinvocation
Given a domain object instance returned from a secure object invocation, ensures the principal has appropriate permission as defined by the AclService.
AclEntryAfterInvocationProvider(AclService, List<Permission>) - Constructor for class org.springframework.security.acls.afterinvocation.AclEntryAfterInvocationProvider
 
AclEntryAfterInvocationProvider(AclService, String, List<Permission>) - Constructor for class org.springframework.security.acls.afterinvocation.AclEntryAfterInvocationProvider
 
AclEntryVoter - Class in org.springframework.security.acls
Given a domain object instance passed as a method argument, ensures the principal has appropriate permission as indicated by the AclService.
AclEntryVoter(AclService, String, Permission[]) - Constructor for class org.springframework.security.acls.AclEntryVoter
 
AclFormattingUtils - Class in org.springframework.security.acls.domain
Utility methods for displaying ACL information.
AclFormattingUtils() - Constructor for class org.springframework.security.acls.domain.AclFormattingUtils
 
AclImpl - Class in org.springframework.security.acls.domain
Base implementation of Acl.
AclImpl(ObjectIdentity, Serializable, AclAuthorizationStrategy, AuditLogger) - Constructor for class org.springframework.security.acls.domain.AclImpl
Minimal constructor, which should be used MutableAclService.createAcl(ObjectIdentity) .
AclImpl(ObjectIdentity, Serializable, AclAuthorizationStrategy, PermissionGrantingStrategy, Acl, List<Sid>, boolean, Sid) - Constructor for class org.springframework.security.acls.domain.AclImpl
Full constructor, which should be used by persistence tools that do not provide field-level access features.
AclPermissionCacheOptimizer - Class in org.springframework.security.acls
Batch loads ACLs for collections of objects to allow optimised filtering.
AclPermissionCacheOptimizer(AclService) - Constructor for class org.springframework.security.acls.AclPermissionCacheOptimizer
 
AclPermissionEvaluator - Class in org.springframework.security.acls
Used by Spring Security's expression-based access control implementation to evaluate permissions for a particular object using the ACL module.
AclPermissionEvaluator(AclService) - Constructor for class org.springframework.security.acls.AclPermissionEvaluator
 
aclService - Variable in class org.springframework.security.acls.afterinvocation.AbstractAclProvider
 
AclService - Interface in org.springframework.security.acls.model
Provides retrieval of Acl instances.
ACR - Static variable in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimNames
acr - the Authentication Context Class Reference
ActiveDirectoryAuthenticationException - Exception in org.springframework.security.ldap.authentication.ad
Thrown as a translation of an AuthenticationException when attempting to authenticate against Active Directory using ActiveDirectoryLdapAuthenticationProvider.
ActiveDirectoryLdapAuthenticationProvider - Class in org.springframework.security.ldap.authentication.ad
Specialized LDAP authentication provider which uses Active Directory configuration conventions.
ActiveDirectoryLdapAuthenticationProvider(String, String, String) - Constructor for class org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider
 
ActiveDirectoryLdapAuthenticationProvider(String, String) - Constructor for class org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider
 
add(ServerWebExchangeMatcherEntry<ReactiveAuthorizationManager<AuthorizationContext>>) - Method in class org.springframework.security.web.server.authorization.DelegatingReactiveAuthorizationManager.Builder
 
addArgumentResolvers(List<HandlerMethodArgumentResolver>) - Method in class org.springframework.security.config.annotation.web.servlet.configuration.WebMvcSecurityConfiguration
Deprecated.
 
addArgumentResolvers(List<HandlerMethodArgumentResolver>) - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
 
addAuthorities(DistinguishedName, Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
 
addAuthority(GrantedAuthority) - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
 
addAuthority(GrantedAuthority) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
Adds the authority to the list, unless it is already there, in which case it is ignored
addCn(String) - Method in class org.springframework.security.ldap.userdetails.Person.Essence
 
addCustomAuthorities(String, List<GrantedAuthority>) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
Allows subclasses to add their own granted authorities to the list to be returned in the UserDetails.
addFilter(Filter) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
 
addFilter(Filter) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder
Adds a Filter that must be an instance of or extend one of the Filters provided within the Security framework.
addFilterAfter(Filter, Class<? extends Filter>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
 
addFilterAfter(Filter, Class<? extends Filter>) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder
Allows adding a Filter after one of the known Filter classes.
addFilterAt(Filter, Class<? extends Filter>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Adds the Filter at the location of the specified Filter class.
addFilterAt(WebFilter, SecurityWebFiltersOrder) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity
Adds a WebFilter at a specific position.
addFilterBefore(Filter, Class<? extends Filter>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
 
addFilterBefore(Filter, Class<? extends Filter>) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder
Allows adding a Filter before one of the known Filter classes.
addGroupAuthority(String, GrantedAuthority) - Method in interface org.springframework.security.provisioning.GroupManager
Assigns a new authority to a group.
addGroupAuthority(String, GrantedAuthority) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
addHeader(String, String) - Method in class org.springframework.security.web.util.OnCommittedResponseWrapper
 
addHeaderWriter(HeaderWriter) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
Adds a HeaderWriter instance
additionalAuthenticationChecks(UserDetails, UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
Allows subclasses to perform any additional checks of a returned (or cached) UserDetails for a given authentication request.
additionalAuthenticationChecks(UserDetails, UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
 
additionalParameters(Map<String, Object>) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse.Builder
Sets the additional parameters returned in the response.
additionalParameters(Map<String, Object>) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest.Builder
Sets the additional parameters used in the request.
addListener(SmartApplicationListener) - Method in class org.springframework.security.context.DelegatingApplicationListener
Adds a new SmartApplicationListener to use.
addLogoutHandler(LogoutHandler) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
addObjectPostProcessor(ObjectPostProcessor<?>) - Method in class org.springframework.security.config.annotation.SecurityConfigurerAdapter
Adds an ObjectPostProcessor to be used for this SecurityConfigurerAdapter.
ADDRESS - Static variable in interface org.springframework.security.oauth2.core.oidc.OidcScopes
The address scope requests access to the address claim.
ADDRESS - Static variable in interface org.springframework.security.oauth2.core.oidc.StandardClaimNames
address - the user's preferred postal address
AddressStandardClaim - Interface in org.springframework.security.oauth2.core.oidc
The Address Claim represents a physical mailing address defined by the OpenID Connect Core 1.0 specification that can be returned either in the UserInfo Response or the ID Token.
addSecureMethod(Class<?>, String, List<ConfigAttribute>) - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
Add configuration attributes for a secure method.
addSecureMethod(Class<?>, Method, List<ConfigAttribute>) - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
Adds configuration attributes for a specific method, for example where the method has been matched using a pointcut expression.
addSecurityFilterChainBuilder(SecurityBuilder<? extends SecurityFilterChain>) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
Adds builders to create SecurityFilterChain instances.
addSha256Pins(String...) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.HpkpConfig
Adds a list of SHA256 hashed pins for the pin- directive of the Public-Key-Pins header.
addSha256Pins(String...) - Method in class org.springframework.security.web.header.writers.HpkpHeaderWriter
Adds a list of SHA256 hashed pins for the pin- directive of the Public-Key-Pins header.
addUserToGroup(String, String) - Method in interface org.springframework.security.provisioning.GroupManager
Makes a user a member of a particular group.
addUserToGroup(String, String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
admin - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
 
ADMINISTRATION - Static variable in class org.springframework.security.acls.domain.BasePermission
 
AffirmativeBased - Class in org.springframework.security.access.vote
Simple concrete implementation of AccessDecisionManager that grants access if any AccessDecisionVoter returns an affirmative response.
AffirmativeBased(List<AccessDecisionVoter<? extends Object>>) - Constructor for class org.springframework.security.access.vote.AffirmativeBased
 
after(Authentication, MethodInvocation, PostInvocationAttribute, Object) - Method in class org.springframework.security.access.expression.method.ExpressionBasedPostInvocationAdvice
 
after(Authentication, MethodInvocation, PostInvocationAttribute, Object) - Method in interface org.springframework.security.access.prepost.PostInvocationAuthorizationAdvice
 
AFTER_INVOCATION_PROVIDER - Static variable in class org.springframework.security.config.Elements
 
afterConfigureAdded(WebTestClient.MockServerSpec<?>) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.CsrfMutator
 
afterConfigureAdded(WebTestClient.MockServerSpec<?>) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.UserExchangeMutator
 
afterConfigurerAdded(WebTestClient.Builder, WebHttpHandlerBuilder, ClientHttpConnector) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.CsrfMutator
 
afterConfigurerAdded(WebTestClient.Builder, WebHttpHandlerBuilder, ClientHttpConnector) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.UserExchangeMutator
 
afterHandshake(ServerHttpRequest, ServerHttpResponse, WebSocketHandler, Exception) - Method in class org.springframework.security.messaging.web.socket.server.CsrfTokenHandshakeInterceptor
 
afterInvocation(InterceptorStatusToken, Object) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
Completes the work of the AbstractSecurityInterceptor after the secure object invocation has been completed.
AfterInvocationManager - Interface in org.springframework.security.access.intercept
Reviews the Object returned from a secure object invocation, being able to modify the Object or throw an AccessDeniedException.
afterInvocationManager() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
AfterInvocationProvider - Interface in org.springframework.security.access
Indicates a class is responsible for participating in an AfterInvocationProviderManager decision.
AfterInvocationProviderManager - Class in org.springframework.security.access.intercept
Provider-based implementation of AfterInvocationManager.
AfterInvocationProviderManager() - Constructor for class org.springframework.security.access.intercept.AfterInvocationProviderManager
 
afterMessageHandled(Message<?>, MessageChannel, MessageHandler, Exception) - Method in class org.springframework.security.messaging.context.SecurityContextChannelInterceptor
 
afterPropertiesSet() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
 
afterPropertiesSet() - Method in class org.springframework.security.access.intercept.AfterInvocationProviderManager
 
afterPropertiesSet() - Method in class org.springframework.security.access.intercept.MethodInvocationPrivilegeEvaluator
 
afterPropertiesSet() - Method in class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider
 
afterPropertiesSet() - Method in class org.springframework.security.access.intercept.RunAsManagerImpl
 
afterPropertiesSet() - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager
 
afterPropertiesSet() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
 
afterPropertiesSet() - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
Validates the required properties are set.
afterPropertiesSet() - Method in class org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider
 
afterPropertiesSet() - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
 
afterPropertiesSet() - Method in class org.springframework.security.authentication.ProviderManager
 
afterPropertiesSet() - Method in class org.springframework.security.authentication.rcp.RemoteAuthenticationManagerImpl
 
afterPropertiesSet() - Method in class org.springframework.security.authentication.rcp.RemoteAuthenticationProvider
 
afterPropertiesSet() - Method in class org.springframework.security.authentication.RememberMeAuthenticationProvider
 
afterPropertiesSet() - Method in class org.springframework.security.cas.authentication.CasAuthenticationProvider
 
afterPropertiesSet() - Method in class org.springframework.security.cas.authentication.EhCacheBasedTicketCache
 
afterPropertiesSet() - Method in class org.springframework.security.cas.ServiceProperties
 
afterPropertiesSet() - Method in class org.springframework.security.cas.web.CasAuthenticationEntryPoint
 
afterPropertiesSet() - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
 
afterPropertiesSet() - Method in class org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper
Check whether all properties have been set to correct values.
afterPropertiesSet() - Method in class org.springframework.security.core.authority.mapping.SimpleAuthorityMapper
 
afterPropertiesSet() - Method in class org.springframework.security.core.token.KeyBasedPersistenceTokenService
 
afterPropertiesSet() - Method in class org.springframework.security.core.userdetails.cache.EhCacheBasedUserCache
 
afterPropertiesSet() - Method in class org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper
Check whether all required properties have been set.
afterPropertiesSet() - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticator
 
afterPropertiesSet() - Method in class org.springframework.security.ldap.server.ApacheDSContainer
 
afterPropertiesSet() - Method in class org.springframework.security.ldap.server.UnboundIdContainer
 
afterPropertiesSet() - Method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction
 
afterPropertiesSet() - Method in class org.springframework.security.openid.OpenIDAuthenticationFilter
 
afterPropertiesSet() - Method in class org.springframework.security.openid.OpenIDAuthenticationProvider
 
afterPropertiesSet() - Method in class org.springframework.security.web.access.channel.ChannelDecisionManagerImpl
 
afterPropertiesSet() - Method in class org.springframework.security.web.access.channel.ChannelProcessingFilter
 
afterPropertiesSet() - Method in class org.springframework.security.web.access.channel.InsecureChannelProcessor
 
afterPropertiesSet() - Method in class org.springframework.security.web.access.channel.SecureChannelProcessor
 
afterPropertiesSet() - Method in class org.springframework.security.web.access.ExceptionTranslationFilter
 
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
 
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.AnonymousAuthenticationFilter
 
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint
 
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
 
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
Check whether all required properties have been set.
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource
Check that all required properties have been set.
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.preauth.j2ee.WebXmlMappableAttributesRetriever
Loads the web.xml file using the configured ResourceLoader and parses the role-name elements from it, using these as the set of mappableAttributes.
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider
Check whether all required properties have been set.
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
 
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter
 
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
 
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint
 
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
 
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
 
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
 
afterPropertiesSet() - Method in class org.springframework.security.web.FilterChainProxy
 
afterPropertiesSet() - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter
 
afterPropertiesSet() - Method in class org.springframework.security.web.session.ConcurrentSessionFilter
 
afterReceiveCompletion(Message<?>, MessageChannel, Exception) - Method in class org.springframework.security.messaging.access.intercept.ChannelSecurityInterceptor
 
afterSendCompletion(Message<?>, MessageChannel, boolean, Exception) - Method in class org.springframework.security.messaging.access.intercept.ChannelSecurityInterceptor
 
afterSendCompletion(Message<?>, MessageChannel, boolean, Exception) - Method in class org.springframework.security.messaging.context.SecurityContextChannelInterceptor
 
afterSingletonsInstantiated() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
 
afterSingletonsInstantiated() - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
 
afterSpringSecurityFilterChain(ServletContext) - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
Invoked after the springSecurityFilterChain is added.
afterTestMethod(TestContext) - Method in class org.springframework.security.test.context.support.WithSecurityContextTestExecutionListener
Clears out the TestSecurityContextHolder and the SecurityContextHolder after each test method.
allocateToken(String) - Method in class org.springframework.security.core.token.KeyBasedPersistenceTokenService
 
allocateToken(String) - Method in interface org.springframework.security.core.token.TokenService
Forces the allocation of a new Token.
allowableSessionsExceeded(List<SessionInformation>, int, SessionRegistry) - Method in class org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy
Allows subclasses to customise behaviour when too many sessions are detected.
allowed(String) - Method in class org.springframework.security.web.header.writers.frameoptions.RegExpAllowFromStrategy
 
allowed(String) - Method in class org.springframework.security.web.header.writers.frameoptions.WhiteListedAllowFromStrategy
 
AllowFromStrategy - Interface in org.springframework.security.web.header.writers.frameoptions
Strategy interfaces used by the FrameOptionsHeaderWriter to determine the actual value to use for the X-Frame-Options header when using the ALLOW-FROM directive.
AlreadyBuiltException - Exception in org.springframework.security.config.annotation
Thrown when AbstractSecurityBuilder.build() is two or more times.
AlreadyBuiltException(String) - Constructor for exception org.springframework.security.config.annotation.AlreadyBuiltException
 
AlreadyExistsException - Exception in org.springframework.security.acls.model
Thrown if an Acl entry already exists for the object.
AlreadyExistsException(String) - Constructor for exception org.springframework.security.acls.model.AlreadyExistsException
Constructs an AlreadyExistsException with the specified message.
AlreadyExistsException(String, Throwable) - Constructor for exception org.springframework.security.acls.model.AlreadyExistsException
Constructs an AlreadyExistsException with the specified message and root cause.
alwaysRemember(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
Whether the cookie should always be created even if the remember-me parameter is not set.
AMR - Static variable in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimNames
amr - the Authentication Methods References
and() - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.ContextSourceBuilder
Gets the LdapAuthenticationProviderConfigurer for further customizations
and() - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.PasswordCompareConfigurer
Allows obtaining a reference to the LdapAuthenticationProviderConfigurer for further customizations
and() - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
Returns the UserDetailsManagerConfigurer for method chaining (i.e.
and() - Method in class org.springframework.security.config.annotation.SecurityConfigurerAdapter
Return the SecurityBuilder when done using the SecurityConfigurer.
and() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity.RequestMatcherConfigurer
Return the HttpSecurity for further customizations
and() - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity.IgnoredRequestConfigurer
Returns the WebSecurity to be returned for chaining.
and() - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.ChannelRequestMatcherRegistry
Return the SecurityBuilder when done using the SecurityConfigurer.
and() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry
 
and() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.CacheControlConfig
Allows completing configuration of Cache Control and continuing configuration of headers.
and() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.ContentSecurityPolicyConfig
Allows completing configuration of Content Security Policy and continuing configuration of headers.
and() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.ContentTypeOptionsConfig
Allows customizing the HeadersConfigurer
and() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.FeaturePolicyConfig
Allows completing configuration of Feature Policy and continuing configuration of headers.
and() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.FrameOptionsConfig
Allows continuing customizing the headers configuration.
and() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.HpkpConfig
Allows completing configuration of Public Key Pinning and continuing configuration of headers.
and() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.HstsConfig
Allows completing configuration of Strict Transport Security and continuing configuration of headers.
and() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.ReferrerPolicyConfig
 
and() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.XXssConfig
Allows completing configuration of X-XSS-Protection and continuing configuration of headers.
and() - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2ClientConfigurer.AuthorizationCodeGrantConfigurer
Returns the OAuth2ClientConfigurer for further configuration.
and() - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer.AuthorizationEndpointConfig
Returns the OAuth2LoginConfigurer for further configuration.
and() - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer.RedirectionEndpointConfig
Returns the OAuth2LoginConfigurer for further configuration.
and() - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer.TokenEndpointConfig
Returns the OAuth2LoginConfigurer for further configuration.
and() - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer.UserInfoEndpointConfig
Returns the OAuth2LoginConfigurer for further configuration.
and() - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer.JwtConfigurer
 
and() - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer.AttributeExchangeConfigurer
Get the OpenIDLoginConfigurer to customize the OpenID configuration further
and() - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer.AttributeExchangeConfigurer.AttributeConfigurer
Gets the OpenIDLoginConfigurer.AttributeExchangeConfigurer for further customization of the attributes
and() - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.ConcurrencyControlConfigurer
Used to chain back to the SessionManagementConfigurer
and() - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.StandardInterceptUrlRegistry
 
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.AuthorizeExchangeSpec
Allows method chaining to continue configuring the ServerHttpSecurity
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.CorsSpec
Allows method chaining to continue configuring the ServerHttpSecurity
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.CsrfSpec
Allows method chaining to continue configuring the ServerHttpSecurity
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.ExceptionHandlingSpec
Allows method chaining to continue configuring the ServerHttpSecurity
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.FormLoginSpec
Allows method chaining to continue configuring the ServerHttpSecurity
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec
Allows method chaining to continue configuring the ServerHttpSecurity
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.ContentSecurityPolicySpec
Allows method chaining to continue configuring the ServerHttpSecurity.
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.FeaturePolicySpec
Allows method chaining to continue configuring the ServerHttpSecurity.
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.HstsSpec
Allows method chaining to continue configuring the ServerHttpSecurity
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.ReferrerPolicySpec
Allows method chaining to continue configuring the ServerHttpSecurity.
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HttpBasicSpec
Allows method chaining to continue configuring the ServerHttpSecurity
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HttpsRedirectSpec
Allows method chaining to continue configuring the ServerHttpSecurity
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.LogoutSpec
Allows method chaining to continue configuring the ServerHttpSecurity
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ClientSpec
Allows method chaining to continue configuring the ServerHttpSecurity
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2LoginSpec
Allows method chaining to continue configuring the ServerHttpSecurity
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec
 
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpec
 
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.RequestCacheSpec
Allows method chaining to continue configuring the ServerHttpSecurity
AndMessageMatcher<T> - Class in org.springframework.security.messaging.util.matcher
MessageMatcher that will return true if all of the passed in MessageMatcher instances match.
AndMessageMatcher(List<MessageMatcher<T>>) - Constructor for class org.springframework.security.messaging.util.matcher.AndMessageMatcher
Creates a new instance
AndMessageMatcher(MessageMatcher<T>...) - Constructor for class org.springframework.security.messaging.util.matcher.AndMessageMatcher
Creates a new instance
AndRequestMatcher - Class in org.springframework.security.web.util.matcher
RequestMatcher that will return true if all of the passed in RequestMatcher instances match.
AndRequestMatcher(List<RequestMatcher>) - Constructor for class org.springframework.security.web.util.matcher.AndRequestMatcher
Creates a new instance
AndRequestMatcher(RequestMatcher...) - Constructor for class org.springframework.security.web.util.matcher.AndRequestMatcher
Creates a new instance
AndServerWebExchangeMatcher - Class in org.springframework.security.web.server.util.matcher
Matches if all the provided ServerWebExchangeMatcher match
AndServerWebExchangeMatcher(List<ServerWebExchangeMatcher>) - Constructor for class org.springframework.security.web.server.util.matcher.AndServerWebExchangeMatcher
 
AndServerWebExchangeMatcher(ServerWebExchangeMatcher...) - Constructor for class org.springframework.security.web.server.util.matcher.AndServerWebExchangeMatcher
 
AnnotationMetadataExtractor<A extends java.lang.annotation.Annotation> - Interface in org.springframework.security.access.annotation
Strategy to process a custom security annotation to extract the relevant ConfigAttributes for securing a method.
AnnotationParameterNameDiscoverer - Class in org.springframework.security.core.parameters
Allows finding parameter names using the value attribute of any number of Annotation instances.
AnnotationParameterNameDiscoverer(String...) - Constructor for class org.springframework.security.core.parameters.AnnotationParameterNameDiscoverer
 
AnnotationParameterNameDiscoverer(Set<String>) - Constructor for class org.springframework.security.core.parameters.AnnotationParameterNameDiscoverer
 
anonymous() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Allows configuring how an anonymous user is represented.
anonymous() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
Specify that URLs are allowed by anonymous users.
anonymous() - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.AuthorizedUrl
Specifies that an anonymous user is allowed access
anonymous() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
Specify that Messages are allowed by anonymous users.
ANONYMOUS - Static variable in class org.springframework.security.config.Elements
 
anonymous() - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors
AnonymousAuthenticationFilter - Class in org.springframework.security.web.authentication
Detects if there is no Authentication object in the SecurityContextHolder, and populates it with one if needed.
AnonymousAuthenticationFilter(String) - Constructor for class org.springframework.security.web.authentication.AnonymousAuthenticationFilter
Creates a filter with a principal named "anonymousUser" and the single authority "ROLE_ANONYMOUS".
AnonymousAuthenticationFilter(String, Object, List<GrantedAuthority>) - Constructor for class org.springframework.security.web.authentication.AnonymousAuthenticationFilter
 
AnonymousAuthenticationProvider - Class in org.springframework.security.authentication
An AuthenticationProvider implementation that validates AnonymousAuthenticationTokens.
AnonymousAuthenticationProvider(String) - Constructor for class org.springframework.security.authentication.AnonymousAuthenticationProvider
 
AnonymousAuthenticationToken - Class in org.springframework.security.authentication
Represents an anonymous Authentication.
AnonymousAuthenticationToken(String, Object, Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.authentication.AnonymousAuthenticationToken
Constructor.
AnonymousConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Configures Anonymous authentication (i.e.
AnonymousConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
Creates a new instance
antMatcher(String) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Allows configuring the HttpSecurity to only be invoked when matching the provided ant pattern.
antMatchers(HttpMethod) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
Maps a List of AntPathRequestMatcher instances.
antMatchers(HttpMethod, String...) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
Maps a List of AntPathRequestMatcher instances.
antMatchers(String...) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
Maps a List of AntPathRequestMatcher instances that do not care which HttpMethod is used.
AntPathRequestMatcher - Class in org.springframework.security.web.util.matcher
Matcher which compares a pre-defined ant-style pattern against the URL ( servletPath + pathInfo) of an HttpServletRequest.
AntPathRequestMatcher(String) - Constructor for class org.springframework.security.web.util.matcher.AntPathRequestMatcher
Creates a matcher with the specific pattern which will match all HTTP methods in a case insensitive manner.
AntPathRequestMatcher(String, String) - Constructor for class org.springframework.security.web.util.matcher.AntPathRequestMatcher
Creates a matcher with the supplied pattern and HTTP method in a case insensitive manner.
AntPathRequestMatcher(String, String, boolean) - Constructor for class org.springframework.security.web.util.matcher.AntPathRequestMatcher
Creates a matcher with the supplied pattern which will match the specified Http method
AntPathRequestMatcher(String, String, boolean, UrlPathHelper) - Constructor for class org.springframework.security.web.util.matcher.AntPathRequestMatcher
Creates a matcher with the supplied pattern which will match the specified Http method
ANY_CHANNEL - Static variable in class org.springframework.security.web.access.channel.ChannelDecisionManagerImpl
 
ANY_MESSAGE - Static variable in interface org.springframework.security.messaging.util.matcher.MessageMatcher
Matches every Message
anyExchange() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.AuthorizeExchangeSpec
Disables authorization.
anyExchange() - Static method in class org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers
Matches any exchange
anyMessage() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry
Maps any Message to a security expression.
anyRequest() - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
Maps any request.
AnyRequestMatcher - Class in org.springframework.security.web.util.matcher
Matches any supplied request.
ApacheDSContainer - Class in org.springframework.security.ldap.server
Provides lifecycle services for the embedded apacheDS server defined by the supplied configuration.
ApacheDSContainer(String, String) - Constructor for class org.springframework.security.ldap.server.ApacheDSContainer
 
appendFilters(ServletContext, Filter...) - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
apply(C) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
apply(C) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Applies a SecurityConfigurer to this SecurityBuilder overriding any SecurityConfigurer of the exact same class.
apply(ServerWebExchange) - Method in class org.springframework.security.web.server.ServerFormLoginAuthenticationConverter
Deprecated.
apply(ServerWebExchange) - Method in class org.springframework.security.web.server.ServerHttpBasicAuthenticationConverter
Deprecated.
asHeader() - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.CsrfRequestPostProcessor
Instead of using the CsrfToken as a request parameter (default) will populate the CsrfToken as a header.
AspectJCallback - Interface in org.springframework.security.access.intercept.aspectj
Called by the AspectJMethodSecurityInterceptor when it wishes for the AspectJ processing to continue.
AspectJMethodSecurityInterceptor - Class in org.springframework.security.access.intercept.aspectj
AspectJ JoinPoint security interceptor which wraps the JoinPoint in a MethodInvocation adapter to make it compatible with security infrastructure classes which only support MethodInvocations.
AspectJMethodSecurityInterceptor() - Constructor for class org.springframework.security.access.intercept.aspectj.AspectJMethodSecurityInterceptor
 
AT_HASH - Static variable in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimNames
at_hash - the Access Token hash value
ATT_GROUP_ROLE_ATTRIBUTE - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
ATT_GROUP_SEARCH_BASE - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
ATT_GROUP_SEARCH_FILTER - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
ATT_HASH - Static variable in class org.springframework.security.config.authentication.PasswordEncoderParser
 
ATT_LDIF_FILE - Static variable in class org.springframework.security.config.ldap.LdapServerBeanDefinitionParser
Optionally defines an ldif resource to be loaded.
ATT_PORT - Static variable in class org.springframework.security.config.ldap.LdapServerBeanDefinitionParser
Defines the port the LDAP_PROVIDER server should run on
ATT_ROOT_SUFFIX - Static variable in class org.springframework.security.config.ldap.LdapServerBeanDefinitionParser
sets the configuration suffix (default is "dc=springframework,dc=org").
ATT_SERVER - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
ATT_USER_SEARCH_BASE - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
ATT_USER_SEARCH_FILTER - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
attemptAuthentication(String, String) - Method in interface org.springframework.security.authentication.rcp.RemoteAuthenticationManager
Attempts to authenticate the remote client using the presented username and password.
attemptAuthentication(String, String) - Method in class org.springframework.security.authentication.rcp.RemoteAuthenticationManagerImpl
 
attemptAuthentication(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.cas.web.CasAuthenticationFilter
 
attemptAuthentication(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter
 
attemptAuthentication(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.openid.OpenIDAuthenticationFilter
Authentication has two phases.
attemptAuthentication(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
Performs actual authentication.
attemptAuthentication(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
 
attemptExitUser(HttpServletRequest) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
Attempt to exit from an already switched user.
attemptSwitchUser(HttpServletRequest) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
Attempt to switch to another user.
attribute(OpenIDAttribute) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer.AttributeExchangeConfigurer
Adds an OpenIDAttribute to be obtained for the configured OpenID pattern.
attribute(String) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer.AttributeExchangeConfigurer
Adds an OpenIDAttribute with the given name
attributeExchange(String) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer
Sets up OpenID attribute exchange for OpenID's matching the specified pattern.
Attributes2GrantedAuthoritiesMapper - Interface in org.springframework.security.core.authority.mapping
Interface to be implemented by classes that can map a list of security attributes (such as roles or group names) to a collection of Spring Security GrantedAuthoritys.
AUD - Static variable in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimNames
aud - the Audience(s) that the ID Token is intended for
AUD - Static variable in interface org.springframework.security.oauth2.jwt.JwtClaimNames
aud - the Audience claim identifies the recipient(s) that the JWT is intended for
AuditableAccessControlEntry - Interface in org.springframework.security.acls.model
Represents an ACE that provides auditing information.
AuditableAcl - Interface in org.springframework.security.acls.model
A mutable ACL that provides audit capabilities.
AuditLogger - Interface in org.springframework.security.acls.domain
Used by AclImpl to log audit events.
AUTH_TIME - Static variable in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimNames
auth_time - the time when the End-User authentication occurred
authenticate(Authentication) - Method in class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider
 
authenticate(Authentication) - Method in class org.springframework.security.authentication.AnonymousAuthenticationProvider
 
authenticate(Authentication) - Method in interface org.springframework.security.authentication.AuthenticationManager
Attempts to authenticate the passed Authentication object, returning a fully populated Authentication object (including granted authorities) if successful.
authenticate(Authentication) - Method in interface org.springframework.security.authentication.AuthenticationProvider
Performs authentication with the same contract as AuthenticationManager.authenticate(Authentication) .
authenticate(Authentication) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
 
authenticate(Authentication) - Method in class org.springframework.security.authentication.DelegatingReactiveAuthenticationManager
 
authenticate(Authentication) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
Attempts to login the user given the Authentication objects principal and credential
authenticate(Authentication) - Method in class org.springframework.security.authentication.ProviderManager
Attempts to authenticate the passed Authentication object.
authenticate(Authentication) - Method in class org.springframework.security.authentication.rcp.RemoteAuthenticationProvider
 
authenticate(Authentication) - Method in interface org.springframework.security.authentication.ReactiveAuthenticationManager
Attempts to authenticate the provided Authentication
authenticate(Authentication) - Method in class org.springframework.security.authentication.ReactiveAuthenticationManagerAdapter
 
authenticate(Authentication) - Method in class org.springframework.security.authentication.RememberMeAuthenticationProvider
 
authenticate(Authentication) - Method in class org.springframework.security.authentication.TestingAuthenticationProvider
 
authenticate(Authentication) - Method in class org.springframework.security.authentication.UserDetailsRepositoryReactiveAuthenticationManager
 
authenticate(Authentication) - Method in class org.springframework.security.cas.authentication.CasAuthenticationProvider
 
authenticate(Authentication) - Method in class org.springframework.security.config.authentication.AuthenticationManagerBeanDefinitionParser.NullAuthenticationProvider
 
authenticate(Authentication) - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
 
authenticate(Authentication) - Method in class org.springframework.security.ldap.authentication.BindAuthenticator
 
authenticate(Authentication) - Method in interface org.springframework.security.ldap.authentication.LdapAuthenticator
Authenticates as a user and obtains additional user information from the directory.
authenticate(Authentication) - Method in class org.springframework.security.ldap.authentication.PasswordComparisonAuthenticator
 
authenticate(Authentication) - Method in class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationProvider
 
authenticate(Authentication) - Method in class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeReactiveAuthenticationManager
 
authenticate(Authentication) - Method in class org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationProvider
 
authenticate(Authentication) - Method in class org.springframework.security.oauth2.client.authentication.OAuth2LoginReactiveAuthenticationManager
 
authenticate(Authentication) - Method in class org.springframework.security.oauth2.client.oidc.authentication.OidcAuthorizationCodeAuthenticationProvider
 
authenticate(Authentication) - Method in class org.springframework.security.oauth2.client.oidc.authentication.OidcAuthorizationCodeReactiveAuthenticationManager
 
authenticate(Authentication) - Method in class org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationProvider
Decode and validate the Bearer Token.
authenticate(Authentication) - Method in class org.springframework.security.oauth2.server.resource.authentication.JwtReactiveAuthenticationManager
 
authenticate(Authentication) - Method in class org.springframework.security.openid.OpenIDAuthenticationProvider
 
authenticate(Authentication) - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider
Authenticate the given PreAuthenticatedAuthenticationToken.
authenticated() - Static method in class org.springframework.security.authorization.AuthenticatedReactiveAuthorizationManager
authenticated() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
Specify that URLs are allowed by any authenticated user.
authenticated() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
Specify that Messages are allowed by any authenticated user.
authenticated() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.AuthorizeExchangeSpec.Access
Require an authenticated user
authenticated() - Static method in class org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers
ResultMatcher that verifies that a specified user is authenticated.
AuthenticatedPrincipal - Interface in org.springframework.security.core
Representation of an authenticated Principal once an Authentication request has been successfully authenticated by the AuthenticationManager.authenticate(Authentication) method.
AuthenticatedPrincipalOAuth2AuthorizedClientRepository - Class in org.springframework.security.oauth2.client.web
An implementation of an OAuth2AuthorizedClientRepository that delegates to the provided OAuth2AuthorizedClientService if the current Principal is authenticated, otherwise, to the default (or provided) OAuth2AuthorizedClientRepository if the current request is unauthenticated (or anonymous).
AuthenticatedPrincipalOAuth2AuthorizedClientRepository(OAuth2AuthorizedClientService) - Constructor for class org.springframework.security.oauth2.client.web.AuthenticatedPrincipalOAuth2AuthorizedClientRepository
Constructs a AuthenticatedPrincipalOAuth2AuthorizedClientRepository using the provided parameters.
AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository - Class in org.springframework.security.oauth2.client.web.server
An implementation of an ServerOAuth2AuthorizedClientRepository that delegates to the provided ServerOAuth2AuthorizedClientRepository if the current Principal is authenticated, otherwise, to the default (or provided) ServerOAuth2AuthorizedClientRepository if the current request is unauthenticated (or anonymous).
AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository(ReactiveOAuth2AuthorizedClientService) - Constructor for class org.springframework.security.oauth2.client.web.server.AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository
Creates an instance
AuthenticatedReactiveAuthorizationManager<T> - Class in org.springframework.security.authorization
A ReactiveAuthorizationManager that determines if the current user is authenticated.
authenticatedUserDetailsService(AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken>) - Method in class org.springframework.security.config.annotation.web.configurers.JeeConfigurer
AuthenticatedVoter - Class in org.springframework.security.access.vote
Votes if a ConfigAttribute.getAttribute() of IS_AUTHENTICATED_FULLY or IS_AUTHENTICATED_REMEMBERED or IS_AUTHENTICATED_ANONYMOUSLY is present.
AuthenticatedVoter() - Constructor for class org.springframework.security.access.vote.AuthenticatedVoter
 
authentication - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
 
Authentication - Interface in org.springframework.security.core
Represents the token for an authentication request or for an authenticated principal once the request has been processed by the AuthenticationManager.authenticate(Authentication) method.
authentication(Authentication) - Static method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction
Modifies the ClientRequest.attributes() to include the Authentication used to look up and save the OAuth2AuthorizedClient.
authentication(Authentication) - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors
Establish a SecurityContext that uses the specified Authentication for the Authentication.getPrincipal() and a custom UserDetails.
AUTHENTICATION_EXCEPTION - Static variable in class org.springframework.security.web.WebAttributes
Used to cache an authentication-failure exception in the session.
AUTHENTICATION_MANAGER - Static variable in class org.springframework.security.config.BeanIds
The "global" AuthenticationManager instance, registered by the <authentication-manager> element
AUTHENTICATION_MANAGER - Static variable in class org.springframework.security.config.Elements
 
AUTHENTICATION_PROVIDER - Static variable in class org.springframework.security.config.Elements
 
AuthenticationCancelledException - Exception in org.springframework.security.openid
Indicates that OpenID authentication was cancelled
AuthenticationCancelledException(String) - Constructor for exception org.springframework.security.openid.AuthenticationCancelledException
 
AuthenticationCancelledException(String, Throwable) - Constructor for exception org.springframework.security.openid.AuthenticationCancelledException
 
AuthenticationConfiguration - Class in org.springframework.security.config.annotation.authentication.configuration
Exports the authentication Configuration
AuthenticationConfiguration() - Constructor for class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
 
authenticationConverter(ServerAuthenticationConverter) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ClientSpec
Sets the converter to use
authenticationConverter(ServerAuthenticationConverter) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2LoginSpec
Sets the converter to use
AuthenticationCredentialsNotFoundEvent - Class in org.springframework.security.access.event
Indicates a secure object invocation failed because the Authentication could not be obtained from the SecurityContextHolder.
AuthenticationCredentialsNotFoundEvent(Object, Collection<ConfigAttribute>, AuthenticationCredentialsNotFoundException) - Constructor for class org.springframework.security.access.event.AuthenticationCredentialsNotFoundEvent
Construct the event.
AuthenticationCredentialsNotFoundException - Exception in org.springframework.security.authentication
Thrown if an authentication request is rejected because there is no Authentication object in the SecurityContext.
AuthenticationCredentialsNotFoundException(String) - Constructor for exception org.springframework.security.authentication.AuthenticationCredentialsNotFoundException
Constructs an AuthenticationCredentialsNotFoundException with the specified message.
AuthenticationCredentialsNotFoundException(String, Throwable) - Constructor for exception org.springframework.security.authentication.AuthenticationCredentialsNotFoundException
Constructs an AuthenticationCredentialsNotFoundException with the specified message and root cause.
AuthenticationDetailsSource<C,T> - Interface in org.springframework.security.authentication
Provides a Authentication.getDetails() object for a given web request.
authenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Specifies a custom AuthenticationDetailsSource.
authenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.config.annotation.web.configurers.HttpBasicConfigurer
Specifies a custom AuthenticationDetailsSource to use for basic authentication.
authenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails>) - Method in class org.springframework.security.config.annotation.web.configurers.X509Configurer
authenticationDetailsSource - Variable in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
 
authenticationEntryPoint(AuthenticationEntryPoint) - Method in class org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer
Sets the AuthenticationEntryPoint to be used.
authenticationEntryPoint(AuthenticationEntryPoint) - Method in class org.springframework.security.config.annotation.web.configurers.HttpBasicConfigurer
The AuthenticationEntryPoint to be populated on BasicAuthenticationFilter in the event that authentication fails.
authenticationEntryPoint(AuthenticationEntryPoint) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer
 
authenticationEntryPoint(ServerAuthenticationEntryPoint) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.ExceptionHandlingSpec
Configures what to do when the application request authentication
authenticationEntryPoint(ServerAuthenticationEntryPoint) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.FormLoginSpec
How to request for authentication.
AuthenticationEntryPoint - Interface in org.springframework.security.web
Used by ExceptionTranslationFilter to commence an authentication scheme.
AuthenticationEventPublisher - Interface in org.springframework.security.authentication
 
authenticationEventPublisher(AuthenticationEventPublisher) - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
AuthenticationException - Exception in org.springframework.security.core
Abstract superclass for all exceptions related to an Authentication object being invalid for whatever reason.
AuthenticationException(String, Throwable) - Constructor for exception org.springframework.security.core.AuthenticationException
Constructs an AuthenticationException with the specified message and root cause.
AuthenticationException(String) - Constructor for exception org.springframework.security.core.AuthenticationException
Constructs an AuthenticationException with the specified message and no root cause.
AuthenticationFailureBadCredentialsEvent - Class in org.springframework.security.authentication.event
Application event which indicates authentication failure due to invalid credentials being presented.
AuthenticationFailureBadCredentialsEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureBadCredentialsEvent
 
AuthenticationFailureCredentialsExpiredEvent - Class in org.springframework.security.authentication.event
Application event which indicates authentication failure due to the user's credentials having expired.
AuthenticationFailureCredentialsExpiredEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureCredentialsExpiredEvent
 
AuthenticationFailureDisabledEvent - Class in org.springframework.security.authentication.event
Application event which indicates authentication failure due to the user's account being disabled.
AuthenticationFailureDisabledEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureDisabledEvent
 
AuthenticationFailureExpiredEvent - Class in org.springframework.security.authentication.event
Application event which indicates authentication failure due to the user's account having expired.
AuthenticationFailureExpiredEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureExpiredEvent
 
authenticationFailureHandler(ServerAuthenticationFailureHandler) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.FormLoginSpec
Configures how a failed authentication is handled.
AuthenticationFailureHandler - Interface in org.springframework.security.web.authentication
Strategy used to handle a failed authentication attempt.
AuthenticationFailureLockedEvent - Class in org.springframework.security.authentication.event
Application event which indicates authentication failure due to the user's account having been locked.
AuthenticationFailureLockedEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureLockedEvent
 
AuthenticationFailureProviderNotFoundEvent - Class in org.springframework.security.authentication.event
Application event which indicates authentication failure due to there being no registered AuthenticationProvider that can process the request.
AuthenticationFailureProviderNotFoundEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureProviderNotFoundEvent
 
AuthenticationFailureProxyUntrustedEvent - Class in org.springframework.security.authentication.event
Application event which indicates authentication failure due to the CAS user's ticket being generated by an untrusted proxy.
AuthenticationFailureProxyUntrustedEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureProxyUntrustedEvent
 
AuthenticationFailureServiceExceptionEvent - Class in org.springframework.security.authentication.event
Application event which indicates authentication failure due to there being a problem internal to the AuthenticationManager.
AuthenticationFailureServiceExceptionEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureServiceExceptionEvent
 
authenticationFilter(AnonymousAuthenticationFilter) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
Sets the AnonymousAuthenticationFilter used to populate an anonymous user.
AuthenticationManager - Interface in org.springframework.security.authentication
Processes an Authentication request.
authenticationManager() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
Allows providing a custom AuthenticationManager.
authenticationManager() - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
Gets the AuthenticationManager to use.
authenticationManager(ReactiveAuthenticationManager) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity
Configure the default authentication manager.
authenticationManager(ReactiveAuthenticationManager) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.FormLoginSpec
The ReactiveAuthenticationManager used to authenticate.
authenticationManager(ReactiveAuthenticationManager) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HttpBasicSpec
The ReactiveAuthenticationManager used to authenticate.
authenticationManager(ReactiveAuthenticationManager) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ClientSpec
Configures the ReactiveAuthenticationManager to use.
authenticationManager(ReactiveAuthenticationManager) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2LoginSpec
Configures the ReactiveAuthenticationManager to use.
authenticationManager(ReactiveAuthenticationManager) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpec
Configures the ReactiveAuthenticationManager to use
authenticationManagerBean() - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
Override this method to expose the AuthenticationManager from WebSecurityConfigurerAdapter.configure(AuthenticationManagerBuilder) to be exposed as a Bean.
AuthenticationManagerBeanDefinitionParser - Class in org.springframework.security.config.authentication
Registers the central ProviderManager used by the namespace configuration, and allows the configuration of an alias, allowing users to reference it in their beans and clearly see where the name is coming from.
AuthenticationManagerBeanDefinitionParser() - Constructor for class org.springframework.security.config.authentication.AuthenticationManagerBeanDefinitionParser
 
AuthenticationManagerBeanDefinitionParser.NullAuthenticationProvider - Class in org.springframework.security.config.authentication
Provider which doesn't provide any service.
AuthenticationManagerBuilder - Class in org.springframework.security.config.annotation.authentication.builders
AuthenticationManagerBuilder(ObjectPostProcessor<Object>) - Constructor for class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
Creates a new instance
authenticationManagerBuilder(ObjectPostProcessor<Object>, ApplicationContext) - Method in class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
 
AuthenticationManagerFactoryBean - Class in org.springframework.security.config.authentication
Factory bean for the namespace AuthenticationManager, which allows a more meaningful error message to be reported in the NoSuchBeanDefinitionException, if the user has forgotten to declare the <authentication-manager> element.
AuthenticationManagerFactoryBean() - Constructor for class org.springframework.security.config.authentication.AuthenticationManagerFactoryBean
 
AuthenticationMethod - Class in org.springframework.security.oauth2.core
The authentication method used when sending bearer access tokens in resource requests to resource servers.
AuthenticationMethod(String) - Constructor for class org.springframework.security.oauth2.core.AuthenticationMethod
Constructs an AuthenticationMethod using the provided value.
AuthenticationPrincipal - Annotation Type in org.springframework.security.core.annotation
Annotation that is used to resolve Authentication.getPrincipal() to a method argument.
AuthenticationPrincipal - Annotation Type in org.springframework.security.web.bind.annotation
Deprecated.
AuthenticationPrincipalArgumentResolver - Class in org.springframework.security.messaging.context
Allows resolving the Authentication.getPrincipal() using the AuthenticationPrincipal annotation.
AuthenticationPrincipalArgumentResolver() - Constructor for class org.springframework.security.messaging.context.AuthenticationPrincipalArgumentResolver
 
AuthenticationPrincipalArgumentResolver - Class in org.springframework.security.web.bind.support
Deprecated.
AuthenticationPrincipalArgumentResolver() - Constructor for class org.springframework.security.web.bind.support.AuthenticationPrincipalArgumentResolver
Deprecated.
 
AuthenticationPrincipalArgumentResolver - Class in org.springframework.security.web.method.annotation
Allows resolving the Authentication.getPrincipal() using the AuthenticationPrincipal annotation.
AuthenticationPrincipalArgumentResolver() - Constructor for class org.springframework.security.web.method.annotation.AuthenticationPrincipalArgumentResolver
 
AuthenticationPrincipalArgumentResolver - Class in org.springframework.security.web.reactive.result.method.annotation
Resolves the Authentication
AuthenticationPrincipalArgumentResolver(ReactiveAdapterRegistry) - Constructor for class org.springframework.security.web.reactive.result.method.annotation.AuthenticationPrincipalArgumentResolver
 
AuthenticationProvider - Interface in org.springframework.security.authentication
Indicates a class can process a specific Authentication implementation.
authenticationProvider(AuthenticationProvider) - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
Add authentication based upon the custom AuthenticationProvider that is passed in.
authenticationProvider(AuthenticationProvider) - Method in interface org.springframework.security.config.annotation.authentication.ProviderManagerBuilder
Add authentication based upon the custom AuthenticationProvider that is passed in.
authenticationProvider(AuthenticationProvider) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
 
authenticationProvider(AuthenticationProvider) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
Sets the AuthenticationProvider used to validate an anonymous user.
authenticationProvider(AuthenticationProvider) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder
Allows adding an additional AuthenticationProvider to be used
AuthenticationProviderBeanDefinitionParser - Class in org.springframework.security.config.authentication
Wraps a UserDetailsService bean with a DaoAuthenticationProvider and registers the latter with the ProviderManager.
AuthenticationProviderBeanDefinitionParser() - Constructor for class org.springframework.security.config.authentication.AuthenticationProviderBeanDefinitionParser
 
AuthenticationServiceException - Exception in org.springframework.security.authentication
Thrown if an authentication request could not be processed due to a system problem.
AuthenticationServiceException(String) - Constructor for exception org.springframework.security.authentication.AuthenticationServiceException
Constructs an AuthenticationServiceException with the specified message.
AuthenticationServiceException(String, Throwable) - Constructor for exception org.springframework.security.authentication.AuthenticationServiceException
Constructs an AuthenticationServiceException with the specified message and root cause.
AuthenticationSimpleHttpInvokerRequestExecutor - Class in org.springframework.security.remoting.httpinvoker
Adds BASIC authentication support to SimpleHttpInvokerRequestExecutor.
AuthenticationSimpleHttpInvokerRequestExecutor() - Constructor for class org.springframework.security.remoting.httpinvoker.AuthenticationSimpleHttpInvokerRequestExecutor
 
AuthenticationSuccessEvent - Class in org.springframework.security.authentication.event
Application event which indicates successful authentication.
AuthenticationSuccessEvent(Authentication) - Constructor for class org.springframework.security.authentication.event.AuthenticationSuccessEvent
 
authenticationSuccessHandler(AuthenticationSuccessHandler) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
Allows control over the destination a remembered user is sent to when they are successfully authenticated.
authenticationSuccessHandler(ServerAuthenticationSuccessHandler) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.FormLoginSpec
The ServerAuthenticationSuccessHandler used after authentication success.
AuthenticationSuccessHandler - Interface in org.springframework.security.web.authentication
Strategy used to handle a successful user authentication.
AuthenticationSwitchUserEvent - Class in org.springframework.security.web.authentication.switchuser
Application event which indicates that a user context switch.
AuthenticationSwitchUserEvent(Authentication, UserDetails) - Constructor for class org.springframework.security.web.authentication.switchuser.AuthenticationSwitchUserEvent
Switch user context event constructor
AuthenticationTag - Class in org.springframework.security.taglibs.authz
An Tag implementation that allows convenient access to the current Authentication object.
AuthenticationTag() - Constructor for class org.springframework.security.taglibs.authz.AuthenticationTag
 
AuthenticationTrustResolver - Interface in org.springframework.security.authentication
Evaluates Authentication tokens
AuthenticationTrustResolverImpl - Class in org.springframework.security.authentication
Basic implementation of AuthenticationTrustResolver.
AuthenticationTrustResolverImpl() - Constructor for class org.springframework.security.authentication.AuthenticationTrustResolverImpl
 
authenticationUserDetailsService(AuthenticationUserDetailsService<OpenIDAuthenticationToken>) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer
authenticationUserDetailsService(AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken>) - Method in class org.springframework.security.config.annotation.web.configurers.X509Configurer
Specifies the AuthenticationUserDetailsService to use.
AuthenticationUserDetailsService<T extends Authentication> - Interface in org.springframework.security.core.userdetails
Interface that allows for retrieving a UserDetails object based on an Authentication object.
AuthenticationWebFilter - Class in org.springframework.security.web.server.authentication
A WebFilter that performs authentication of a particular request.
AuthenticationWebFilter(ReactiveAuthenticationManager) - Constructor for class org.springframework.security.web.server.authentication.AuthenticationWebFilter
Creates an instance
authorities(GrantedAuthority...) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
Populates the authorities.
authorities(List<? extends GrantedAuthority>) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
Populates the authorities.
authorities(String...) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
Populates the authorities.
authorities(List<GrantedAuthority>) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
Sets the Authentication.getAuthorities() for anonymous users
authorities(String...) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
Sets the Authentication.getAuthorities() for anonymous users
authorities(GrantedAuthority...) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
Populates the authorities.
authorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
Populates the authorities.
authorities(String...) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
Populates the authorities.
authorities(GrantedAuthority...) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.UserExchangeMutator
Specifies the GrantedAuthoritys to use.
authorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.UserExchangeMutator
Specifies the GrantedAuthoritys to use.
authorities(String...) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.UserExchangeMutator
Specifies the GrantedAuthoritys to use.
authorities(GrantedAuthority...) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.UserRequestPostProcessor
Populates the user's GrantedAuthority's.
authorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.UserRequestPostProcessor
Populates the user's GrantedAuthority's.
authoritiesByUsernameQuery(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
Sets the query to be used for finding a user's authorities by their username.
authoritiesMapper(GrantedAuthoritiesMapper) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
AuthorityGranter - Interface in org.springframework.security.authentication.jaas
The AuthorityGranter interface is used to map a given principal to role names.
authorityListToSet(Collection<? extends GrantedAuthority>) - Static method in class org.springframework.security.core.authority.AuthorityUtils
Converts an array of GrantedAuthority objects to a Set.
AuthorityReactiveAuthorizationManager<T> - Class in org.springframework.security.authorization
A ReactiveAuthorizationManager that determines if the current user is authorized by evaluating if the Authentication contains a specified authority.
AuthorityUtils - Class in org.springframework.security.core.authority
Utility method for manipulating GrantedAuthority collections etc.
AuthorityUtils() - Constructor for class org.springframework.security.core.authority.AuthorityUtils
 
AUTHORIZATION_CODE - Static variable in class org.springframework.security.oauth2.core.AuthorizationGrantType
 
authorizationCode() - Static method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest
Returns a new OAuth2AuthorizationRequest.Builder, initialized with the authorization code grant type.
authorizationCodeGrant() - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2ClientConfigurer
Returns the OAuth2ClientConfigurer.AuthorizationCodeGrantConfigurer for configuring the OAuth 2.0 Authorization Code Grant.
AuthorizationContext - Class in org.springframework.security.web.server.authorization
 
AuthorizationContext(ServerWebExchange) - Constructor for class org.springframework.security.web.server.authorization.AuthorizationContext
 
AuthorizationContext(ServerWebExchange, Map<String, Object>) - Constructor for class org.springframework.security.web.server.authorization.AuthorizationContext
 
AuthorizationDecision - Class in org.springframework.security.authorization
 
AuthorizationDecision(boolean) - Constructor for class org.springframework.security.authorization.AuthorizationDecision
 
authorizationEndpoint() - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer
Returns the OAuth2LoginConfigurer.AuthorizationEndpointConfig for configuring the Authorization Server's Authorization Endpoint.
AuthorizationFailureEvent - Class in org.springframework.security.access.event
Indicates a secure object invocation failed because the principal could not be authorized for the request.
AuthorizationFailureEvent(Object, Collection<ConfigAttribute>, Authentication, AccessDeniedException) - Constructor for class org.springframework.security.access.event.AuthorizationFailureEvent
Construct the event.
authorizationGrantType(AuthorizationGrantType) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder
Sets the authorization grant type used for the client.
AuthorizationGrantType - Class in org.springframework.security.oauth2.core
An authorization grant is a credential representing the resource owner's authorization (to access it's protected resources) to the client and used by the client to obtain an access token.
AuthorizationGrantType(String) - Constructor for class org.springframework.security.oauth2.core.AuthorizationGrantType
Constructs an AuthorizationGrantType using the provided value.
authorizationRequestBaseUri(String) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.ImplicitGrantConfigurer
Sets the base URI used for authorization requests.
authorizationRequestRepository(AuthorizationRequestRepository<OAuth2AuthorizationRequest>) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2ClientConfigurer.AuthorizationCodeGrantConfigurer
Sets the repository used for storing OAuth2AuthorizationRequest's.
authorizationRequestRepository(AuthorizationRequestRepository<OAuth2AuthorizationRequest>) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer.AuthorizationEndpointConfig
Sets the repository used for storing OAuth2AuthorizationRequest's.
AuthorizationRequestRepository<T extends OAuth2AuthorizationRequest> - Interface in org.springframework.security.oauth2.client.web
Implementations of this interface are responsible for the persistence of OAuth2AuthorizationRequest between requests.
authorizationRequestResolver(OAuth2AuthorizationRequestResolver) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2ClientConfigurer.AuthorizationCodeGrantConfigurer
Sets the resolver used for resolving OAuth2AuthorizationRequest's.
authorizationRequestResolver(OAuth2AuthorizationRequestResolver) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer.AuthorizationEndpointConfig
Sets the resolver used for resolving OAuth2AuthorizationRequest's.
authorizationRequestUri(String) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest.Builder
Sets the URI string representation of the OAuth 2.0 Authorization Request.
AuthorizationServiceException - Exception in org.springframework.security.access
Thrown if an authorization request could not be processed due to a system problem.
AuthorizationServiceException(String) - Constructor for exception org.springframework.security.access.AuthorizationServiceException
Constructs an AuthorizationServiceException with the specified message.
AuthorizationServiceException(String, Throwable) - Constructor for exception org.springframework.security.access.AuthorizationServiceException
Constructs an AuthorizationServiceException with the specified message and root cause.
authorizationUri(String) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder
Sets the uri for the authorization endpoint.
authorizationUri(String) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest.Builder
Sets the uri for the authorization endpoint.
AuthorizationWebFilter - Class in org.springframework.security.web.server.authorization
 
AuthorizationWebFilter(ReactiveAuthorizationManager<? super ServerWebExchange>) - Constructor for class org.springframework.security.web.server.authorization.AuthorizationWebFilter
 
authorize() - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag
Make an authorization decision by considering all <authorize> tag attributes.
authorizedClientRepository(OAuth2AuthorizedClientRepository) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2ClientConfigurer
Sets the repository for authorized client(s).
authorizedClientRepository(OAuth2AuthorizedClientRepository) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer
Sets the repository for authorized client(s).
authorizedClientRepository(ServerOAuth2AuthorizedClientRepository) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ClientSpec
authorizedClientRepository(ServerOAuth2AuthorizedClientRepository) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2LoginSpec
 
authorizedClientService(OAuth2AuthorizedClientService) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2ClientConfigurer
Sets the service for authorized client(s).
authorizedClientService(OAuth2AuthorizedClientService) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer
Sets the service for authorized client(s).
authorizedClientService(ReactiveOAuth2AuthorizedClientService) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2LoginSpec
 
AuthorizedEvent - Class in org.springframework.security.access.event
Event indicating a secure object was invoked successfully.
AuthorizedEvent(Object, Collection<ConfigAttribute>, Authentication) - Constructor for class org.springframework.security.access.event.AuthorizedEvent
Construct the event.
authorizeExchange() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity
Configures authorization.
AuthorizeExchangeSpec() - Constructor for class org.springframework.security.config.web.server.ServerHttpSecurity.AuthorizeExchangeSpec
 
authorizeRequests() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Allows restricting access based upon the HttpServletRequest using
authorizeUsingAccessExpression() - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag
Make an authorization decision based on a Spring EL expression.
authorizeUsingUrlCheck() - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag
Make an authorization decision based on the URL and HTTP method attributes.
autoLogin(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.NullRememberMeServices
 
autoLogin(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
Template implementation which locates the Spring Security cookie, decodes it into a delimited array of tokens and submits it to subclasses for processing via the processAutoLoginCookie method.
autoLogin(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.authentication.RememberMeServices
This method will be called whenever the SecurityContextHolder does not contain an Authentication object and Spring Security wishes to provide an implementation with an opportunity to authenticate the request using remember-me capabilities.
autowiredWebSecurityConfigurersIgnoreParents(ConfigurableListableBeanFactory) - Static method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
 
awaitTermination(long, TimeUnit) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
 
AxFetchListFactory - Interface in org.springframework.security.openid
A strategy which can be used by an OpenID consumer implementation, to dynamically determine the attribute exchange information based on the OpenID identifier.
AZP - Static variable in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimNames
azp - the Authorized party to which the ID Token was issued

B

BadCredentialsException - Exception in org.springframework.security.authentication
Thrown if an authentication request is rejected because the credentials are invalid.
BadCredentialsException(String) - Constructor for exception org.springframework.security.authentication.BadCredentialsException
Constructs a BadCredentialsException with the specified message.
BadCredentialsException(String, Throwable) - Constructor for exception org.springframework.security.authentication.BadCredentialsException
Constructs a BadCredentialsException with the specified message and root cause.
Base64 - Class in org.springframework.security.crypto.codec
Deprecated.
Use java.util.Base64
Base64() - Constructor for class org.springframework.security.crypto.codec.Base64
Deprecated.
 
Base64StringKeyGenerator - Class in org.springframework.security.crypto.keygen
A StringKeyGenerator that generates base64-encoded String keys.
Base64StringKeyGenerator() - Constructor for class org.springframework.security.crypto.keygen.Base64StringKeyGenerator
Creates an instance with keyLength of 32 bytes and standard Base64 encoding.
Base64StringKeyGenerator(int) - Constructor for class org.springframework.security.crypto.keygen.Base64StringKeyGenerator
Creates an instance with the provided key length in bytes and standard Base64 encoding.
Base64StringKeyGenerator(Base64.Encoder) - Constructor for class org.springframework.security.crypto.keygen.Base64StringKeyGenerator
Creates an instance with keyLength of 32 bytes and the provided encoder.
Base64StringKeyGenerator(Base64.Encoder, int) - Constructor for class org.springframework.security.crypto.keygen.Base64StringKeyGenerator
Creates an instance with the provided key length and encoder.
BasePermission - Class in org.springframework.security.acls.domain
A set of standard permissions.
BasePermission(int) - Constructor for class org.springframework.security.acls.domain.BasePermission
 
BasePermission(int, char) - Constructor for class org.springframework.security.acls.domain.BasePermission
 
baseUri(String) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer.AuthorizationEndpointConfig
Sets the base URI used for authorization requests.
baseUri(String) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer.RedirectionEndpointConfig
Sets the URI where the authorization response will be processed.
BASIC - Static variable in class org.springframework.security.oauth2.core.ClientAuthenticationMethod
 
BASIC - Static variable in class org.springframework.security.web.server.ServerHttpBasicAuthenticationConverter
Deprecated.
 
BASIC_AUTH - Static variable in class org.springframework.security.config.Elements
 
BasicAuthenticationEntryPoint - Class in org.springframework.security.web.authentication.www
Used by the ExceptionTranslationFilter to commence authentication via the BasicAuthenticationFilter.
BasicAuthenticationEntryPoint() - Constructor for class org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint
 
BasicAuthenticationFilter - Class in org.springframework.security.web.authentication.www
Processes a HTTP request's BASIC authorization headers, putting the result into the SecurityContextHolder.
BasicAuthenticationFilter(AuthenticationManager) - Constructor for class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
Creates an instance which will authenticate against the supplied AuthenticationManager and which will ignore failed authentication attempts, allowing the request to proceed down the filter chain.
BasicAuthenticationFilter(AuthenticationManager, AuthenticationEntryPoint) - Constructor for class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
Creates an instance which will authenticate against the supplied AuthenticationManager and use the supplied AuthenticationEntryPoint to handle authentication failures.
BasicLookupStrategy - Class in org.springframework.security.acls.jdbc
Performs lookups in a manner that is compatible with ANSI SQL.
BasicLookupStrategy(DataSource, AclCache, AclAuthorizationStrategy, AuditLogger) - Constructor for class org.springframework.security.acls.jdbc.BasicLookupStrategy
Constructor accepting mandatory arguments
BasicLookupStrategy(DataSource, AclCache, AclAuthorizationStrategy, PermissionGrantingStrategy) - Constructor for class org.springframework.security.acls.jdbc.BasicLookupStrategy
Creates a new instance
BCrypt - Class in org.springframework.security.crypto.bcrypt
BCrypt implements OpenBSD-style Blowfish password hashing using the scheme described in "A Future-Adaptable Password Scheme" by Niels Provos and David Mazieres.
BCrypt() - Constructor for class org.springframework.security.crypto.bcrypt.BCrypt
 
BCryptPasswordEncoder - Class in org.springframework.security.crypto.bcrypt
Implementation of PasswordEncoder that uses the BCrypt strong hashing function.
BCryptPasswordEncoder() - Constructor for class org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
 
BCryptPasswordEncoder(int) - Constructor for class org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
 
BCryptPasswordEncoder(int, SecureRandom) - Constructor for class org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
 
BeanIds - Class in org.springframework.security.config
Contains globally used default Bean IDs for beans created by the namespace support in Spring Security 2.
BeanIds() - Constructor for class org.springframework.security.config.BeanIds
 
BEARER - Static variable in class org.springframework.security.oauth2.core.OAuth2AccessToken.TokenType
 
bearerToken(String) - Static method in class org.springframework.security.web.http.SecurityHeaders
Sets the provided value as a Bearer token in a header with the name of HttpHeaders.AUTHORIZATION
BearerTokenAccessDeniedHandler - Class in org.springframework.security.oauth2.server.resource.web.access
Translates any AccessDeniedException into an HTTP response in accordance with RFC 6750 Section 3: The WWW-Authenticate.
BearerTokenAccessDeniedHandler() - Constructor for class org.springframework.security.oauth2.server.resource.web.access.BearerTokenAccessDeniedHandler
 
BearerTokenAuthenticationEntryPoint - Class in org.springframework.security.oauth2.server.resource.web
An AuthenticationEntryPoint implementation used to commence authentication of protected resource requests using BearerTokenAuthenticationFilter.
BearerTokenAuthenticationEntryPoint() - Constructor for class org.springframework.security.oauth2.server.resource.web.BearerTokenAuthenticationEntryPoint
 
BearerTokenAuthenticationFilter - Class in org.springframework.security.oauth2.server.resource.web
Authenticates requests that contain an OAuth 2.0 Bearer Token.
BearerTokenAuthenticationFilter(AuthenticationManager) - Constructor for class org.springframework.security.oauth2.server.resource.web.BearerTokenAuthenticationFilter
Construct a BearerTokenAuthenticationFilter using the provided parameter(s)
BearerTokenAuthenticationToken - Class in org.springframework.security.oauth2.server.resource
An Authentication that contains a Bearer Token.
BearerTokenAuthenticationToken(String) - Constructor for class org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken
Create a BearerTokenAuthenticationToken using the provided parameter(s)
bearerTokenConverter(ServerAuthenticationConverter) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec
Configures the ServerAuthenticationConverter to use for requests authenticating with Bearer Tokens.
BearerTokenError - Class in org.springframework.security.oauth2.server.resource
A representation of a Bearer Token Error.
BearerTokenError(String, HttpStatus, String, String) - Constructor for class org.springframework.security.oauth2.server.resource.BearerTokenError
Create a BearerTokenError using the provided parameters
BearerTokenError(String, HttpStatus, String, String, String) - Constructor for class org.springframework.security.oauth2.server.resource.BearerTokenError
Create a BearerTokenError using the provided parameters
BearerTokenErrorCodes - Interface in org.springframework.security.oauth2.server.resource
Standard error codes defined by the OAuth 2.0 Authorization Framework: Bearer Token Usage.
bearerTokenResolver(BearerTokenResolver) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer
 
BearerTokenResolver - Interface in org.springframework.security.oauth2.server.resource.web
A strategy for resolving Bearer Tokens from the HttpServletRequest.
BearerTokenServerAccessDeniedHandler - Class in org.springframework.security.oauth2.server.resource.web.access.server
Translates any AccessDeniedException into an HTTP response in accordance with RFC 6750 Section 3: The WWW-Authenticate.
BearerTokenServerAccessDeniedHandler() - Constructor for class org.springframework.security.oauth2.server.resource.web.access.server.BearerTokenServerAccessDeniedHandler
 
BearerTokenServerAuthenticationEntryPoint - Class in org.springframework.security.oauth2.server.resource.web.server
An AuthenticationEntryPoint implementation used to commence authentication of protected resource requests using BearerTokenAuthenticationFilter.
BearerTokenServerAuthenticationEntryPoint() - Constructor for class org.springframework.security.oauth2.server.resource.web.server.BearerTokenServerAuthenticationEntryPoint
 
before(Authentication, MethodInvocation, PreInvocationAttribute) - Method in class org.springframework.security.access.expression.method.ExpressionBasedPreInvocationAdvice
 
before(Authentication, MethodInvocation, PreInvocationAttribute) - Method in interface org.springframework.security.access.prepost.PreInvocationAuthorizationAdvice
The "before" advice which should be executed to perform any filtering necessary and to decide whether the method call is authorised.
beforeConcurrentHandling(NativeWebRequest, Callable<T>) - Method in class org.springframework.security.web.context.request.async.SecurityContextCallableProcessingInterceptor
 
beforeConfigure() - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Invoked prior to invoking each SecurityConfigurer.configure(SecurityBuilder) method.
beforeConfigure() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
 
beforeHandle(Message<?>, MessageChannel, MessageHandler) - Method in class org.springframework.security.messaging.context.SecurityContextChannelInterceptor
 
beforeHandshake(ServerHttpRequest, ServerHttpResponse, WebSocketHandler, Map<String, Object>) - Method in class org.springframework.security.messaging.web.socket.server.CsrfTokenHandshakeInterceptor
 
beforeInit() - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Invoked prior to invoking each SecurityConfigurer.init(SecurityBuilder) method.
beforeInvocation(Object) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
 
beforeServerCreated(WebHttpHandlerBuilder) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.CsrfMutator
 
beforeServerCreated(WebHttpHandlerBuilder) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.UserExchangeMutator
 
beforeSpringSecurityFilterChain(ServletContext) - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
Invoked before the springSecurityFilterChain is added.
beforeTestExecution(TestContext) - Method in class org.springframework.security.test.context.support.WithSecurityContextTestExecutionListener
If configured before test execution sets the SecurityContext
beforeTestMethod(TestContext) - Method in class org.springframework.security.test.context.support.WithSecurityContextTestExecutionListener
Sets up the SecurityContext for each test method.
beginConsumption(HttpServletRequest, String, String, String) - Method in class org.springframework.security.openid.OpenID4JavaConsumer
 
beginConsumption(HttpServletRequest, String, String, String) - Method in interface org.springframework.security.openid.OpenIDConsumer
Given the request, the claimedIdentity, the return to url, and a realm, lookup the openId authentication page the user should be redirected to.
BindAuthenticator - Class in org.springframework.security.ldap.authentication
An authenticator which binds as a user.
BindAuthenticator(BaseLdapPathContextSource) - Constructor for class org.springframework.security.ldap.authentication.BindAuthenticator
Create an initialized instance using the BaseLdapPathContextSource provided.
BIRTHDATE - Static variable in interface org.springframework.security.oauth2.core.oidc.StandardClaimNames
birthdate - the user's birth date
block(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.XXssConfig
If false, will not specify the mode as blocked.
BouncyCastleAesCbcBytesEncryptor - Class in org.springframework.security.crypto.encrypt
An Encryptor equivalent to AesBytesEncryptor using AesBytesEncryptor.CipherAlgorithm.CBC that uses Bouncy Castle instead of JCE.
BouncyCastleAesCbcBytesEncryptor(String, CharSequence) - Constructor for class org.springframework.security.crypto.encrypt.BouncyCastleAesCbcBytesEncryptor
 
BouncyCastleAesCbcBytesEncryptor(String, CharSequence, BytesKeyGenerator) - Constructor for class org.springframework.security.crypto.encrypt.BouncyCastleAesCbcBytesEncryptor
 
BouncyCastleAesGcmBytesEncryptor - Class in org.springframework.security.crypto.encrypt
An Encryptor equivalent to AesBytesEncryptor using AesBytesEncryptor.CipherAlgorithm.GCM that uses Bouncy Castle instead of JCE.
BouncyCastleAesGcmBytesEncryptor(String, CharSequence) - Constructor for class org.springframework.security.crypto.encrypt.BouncyCastleAesGcmBytesEncryptor
 
BouncyCastleAesGcmBytesEncryptor(String, CharSequence, BytesKeyGenerator) - Constructor for class org.springframework.security.crypto.encrypt.BouncyCastleAesGcmBytesEncryptor
 
build() - Method in class org.springframework.security.config.annotation.AbstractSecurityBuilder
 
build() - Method in interface org.springframework.security.config.annotation.SecurityBuilder
Builds the object and returns it or null.
build() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity
build() - Method in class org.springframework.security.core.userdetails.User.UserBuilder
 
build() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder
Builds a new ClientRegistration.
build() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse.Builder
build() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest.Builder
build() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse.Builder
build() - Method in class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim.Builder
build() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
 
build() - Method in class org.springframework.security.web.server.authorization.DelegatingReactiveAuthorizationManager.Builder
 
build() - Method in class org.springframework.security.web.server.header.StaticServerHttpHeadersWriter.Builder
 
buildDetails(C) - Method in interface org.springframework.security.authentication.AuthenticationDetailsSource
Called by a class when it wishes a new authentication details instance to be created.
buildDetails(HttpServletRequest) - Method in class org.springframework.security.cas.web.authentication.ServiceAuthenticationDetailsSource
 
buildDetails(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource
Builds the authentication details object.
buildDetails(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.websphere.WebSpherePreAuthenticatedWebAuthenticationDetailsSource
 
buildDetails(HttpServletRequest) - Method in class org.springframework.security.web.authentication.WebAuthenticationDetailsSource
 
buildDn(String) - Method in class org.springframework.security.ldap.DefaultLdapUsernameToDnMapper
Assembles the Distinguished Name that should be used the given username.
buildDn(String) - Method in interface org.springframework.security.ldap.LdapUsernameToDnMapper
 
builder() - Static method in class org.springframework.security.core.userdetails.User
Creates a UserBuilder
Builder() - Constructor for class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim.Builder
Default constructor.
Builder(Map<String, Object>) - Constructor for class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim.Builder
Constructs and initializes the address attributes using the provided addressFields.
Builder() - Constructor for class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
 
builder() - Static method in class org.springframework.security.web.server.authorization.DelegatingReactiveAuthorizationManager
 
builder() - Static method in class org.springframework.security.web.server.header.StaticServerHttpHeadersWriter
 
Builder() - Constructor for class org.springframework.security.web.server.header.StaticServerHttpHeadersWriter.Builder
 
buildFromMask(int) - Method in class org.springframework.security.acls.domain.DefaultPermissionFactory
 
buildFromMask(int) - Method in interface org.springframework.security.acls.domain.PermissionFactory
Dynamically creates a CumulativePermission or BasePermission representing the active bits in the passed mask.
buildFromName(String) - Method in class org.springframework.security.acls.domain.DefaultPermissionFactory
 
buildFromName(String) - Method in interface org.springframework.security.acls.domain.PermissionFactory
 
buildFromNames(List<String>) - Method in class org.springframework.security.acls.domain.DefaultPermissionFactory
 
buildFromNames(List<String>) - Method in interface org.springframework.security.acls.domain.PermissionFactory
 
buildFullRequestUrl(HttpServletRequest) - Static method in class org.springframework.security.web.util.UrlUtils
 
buildFullRequestUrl(String, String, int, String, String) - Static method in class org.springframework.security.web.util.UrlUtils
Obtains the full URL the client used to make the request.
buildGroupDn(String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
Creates a DN from a group name.
buildHttpsRedirectUrlForRequest(HttpServletRequest) - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
Builds a URL to redirect the supplied request to HTTPS.
buildRedirectUrlToLoginPage(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
 
buildRequest(ServletContext) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.FormLoginRequestBuilder
 
buildRequest(ServletContext) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.LogoutRequestBuilder
 
buildRequestUrl(HttpServletRequest) - Static method in class org.springframework.security.web.util.UrlUtils
Obtains the web application-specific fragment of the request URL.
buildReturnToUrl(HttpServletRequest) - Method in class org.springframework.security.openid.OpenIDAuthenticationFilter
Builds the return_to URL that will be sent to the OpenID service provider.
buildRunAs(Authentication, Object, Collection<ConfigAttribute>) - Method in interface org.springframework.security.access.intercept.RunAsManager
Returns a replacement Authentication object for the current secure object invocation, or null if replacement not required.
buildRunAs(Authentication, Object, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.intercept.RunAsManagerImpl
 
BytesEncryptor - Interface in org.springframework.security.crypto.encrypt
Service interface for symmetric data encryption.
BytesKeyGenerator - Interface in org.springframework.security.crypto.keygen
A generator for unique byte array-based keys.

C

C_HASH - Static variable in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimNames
c_hash - the Authorization Code hash value
cache() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec
Configures cache control headers
CACHE_CONTRTOL_VALUE - Static variable in class org.springframework.security.web.server.header.CacheControlServerHttpHeadersWriter
The value for cache control value
cacheControl() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
Allows customizing the CacheControlHeadersWriter.
CacheControlHeadersWriter - Class in org.springframework.security.web.header.writers
Inserts headers to prevent caching if no cache control headers have been specified.
CacheControlHeadersWriter() - Constructor for class org.springframework.security.web.header.writers.CacheControlHeadersWriter
Creates a new instance
CacheControlServerHttpHeadersWriter - Class in org.springframework.security.web.server.header
Writes cache control related headers.
CacheControlServerHttpHeadersWriter() - Constructor for class org.springframework.security.web.server.header.CacheControlServerHttpHeadersWriter
 
cachePermissionsFor(Authentication, Collection<?>) - Method in interface org.springframework.security.access.PermissionCacheOptimizer
Optimises the permission cache for anticipated operation on the supplied collection of objects.
cachePermissionsFor(Authentication, Collection<?>) - Method in class org.springframework.security.acls.AclPermissionCacheOptimizer
 
CACHING_SUFFIX - Static variable in class org.springframework.security.config.authentication.AbstractUserDetailsServiceBeanDefinitionParser
 
CachingUserDetailsService - Class in org.springframework.security.config.authentication
 
calculateLoginLifetime(HttpServletRequest, Authentication) - Method in class org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices
Calculates the validity period in seconds for a newly generated remember-me login.
calculateRedirectUrl(String, String) - Method in class org.springframework.security.web.DefaultRedirectStrategy
 
call() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextCallable
 
cancelCookie(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
Sets a "cancel cookie" (with maxAge = 0) on the response to disable persistent logins.
CAS_STATEFUL_IDENTIFIER - Static variable in class org.springframework.security.cas.web.CasAuthenticationFilter
Used to identify a CAS request for a stateful user agent, such as a web browser.
CAS_STATELESS_IDENTIFIER - Static variable in class org.springframework.security.cas.web.CasAuthenticationFilter
Used to identify a CAS request for a stateless user agent, such as a remoting protocol client (e.g.
CasAssertionAuthenticationToken - Class in org.springframework.security.cas.authentication
Temporary authentication object needed to load the user details service.
CasAssertionAuthenticationToken(Assertion, String) - Constructor for class org.springframework.security.cas.authentication.CasAssertionAuthenticationToken
 
CasAuthenticationEntryPoint - Class in org.springframework.security.cas.web
Used by the ExceptionTranslationFilter to commence authentication via the JA-SIG Central Authentication Service (CAS).
CasAuthenticationEntryPoint() - Constructor for class org.springframework.security.cas.web.CasAuthenticationEntryPoint
 
CasAuthenticationFilter - Class in org.springframework.security.cas.web
Processes a CAS service ticket, obtains proxy granting tickets, and processes proxy tickets.
CasAuthenticationFilter() - Constructor for class org.springframework.security.cas.web.CasAuthenticationFilter
 
CasAuthenticationProvider - Class in org.springframework.security.cas.authentication
An AuthenticationProvider implementation that integrates with JA-SIG Central Authentication Service (CAS).
CasAuthenticationProvider() - Constructor for class org.springframework.security.cas.authentication.CasAuthenticationProvider
 
CasAuthenticationToken - Class in org.springframework.security.cas.authentication
Represents a successful CAS Authentication.
CasAuthenticationToken(String, Object, Object, Collection<? extends GrantedAuthority>, UserDetails, Assertion) - Constructor for class org.springframework.security.cas.authentication.CasAuthenticationToken
Constructor.
CasJackson2Module - Class in org.springframework.security.cas.jackson2
Jackson module for spring-security-cas.
CasJackson2Module() - Constructor for class org.springframework.security.cas.jackson2.CasJackson2Module
 
chainRequestMatchers(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
Subclasses should implement this method for returning the object that is chained to the creation of the RequestMatcher instances.
chainRequestMatchers(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity.RequestMatcherConfigurer
 
chainRequestMatchers(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity.IgnoredRequestConfigurer
 
chainRequestMatchers(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractConfigAttributeRequestMatcherRegistry
chainRequestMatchersInternal(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractConfigAttributeRequestMatcherRegistry
Subclasses should implement this method for returning the object that is chained to the creation of the RequestMatcher instances.
chainRequestMatchersInternal(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.ChannelRequestMatcherRegistry
 
chainRequestMatchersInternal(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry
 
chainRequestMatchersInternal(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.StandardInterceptUrlRegistry
 
CHANGE_AUDITING - Static variable in interface org.springframework.security.acls.domain.AclAuthorizationStrategy
 
CHANGE_GENERAL - Static variable in interface org.springframework.security.acls.domain.AclAuthorizationStrategy
 
CHANGE_OWNERSHIP - Static variable in interface org.springframework.security.acls.domain.AclAuthorizationStrategy
 
changePassword(String, String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
Changes the password for the current user.
changePassword(String, String) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
 
changePassword(String, String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
changePassword(String, String) - Method in interface org.springframework.security.provisioning.UserDetailsManager
Modify the current user's password.
changeSessionId() - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.SessionFixationConfigurer
Specifies that the Servlet container-provided session fixation protection should be used.
ChangeSessionIdAuthenticationStrategy - Class in org.springframework.security.web.authentication.session
Uses HttpServletRequest.changeSessionId() to protect against session fixation attacks.
ChangeSessionIdAuthenticationStrategy() - Constructor for class org.springframework.security.web.authentication.session.ChangeSessionIdAuthenticationStrategy
 
ChannelAttributeFactory - Class in org.springframework.security.config.http
Used as a factory bean to create config attribute values for the requires-channel attribute.
ChannelAttributeFactory() - Constructor for class org.springframework.security.config.http.ChannelAttributeFactory
 
ChannelDecisionManager - Interface in org.springframework.security.web.access.channel
Decides whether a web channel provides sufficient security.
ChannelDecisionManagerImpl - Class in org.springframework.security.web.access.channel
Implementation of ChannelDecisionManager.
ChannelDecisionManagerImpl() - Constructor for class org.springframework.security.web.access.channel.ChannelDecisionManagerImpl
 
ChannelEntryPoint - Interface in org.springframework.security.web.access.channel
May be used by a ChannelProcessor to launch a web channel.
ChannelProcessingFilter - Class in org.springframework.security.web.access.channel
Ensures a web request is delivered over the required channel.
ChannelProcessingFilter() - Constructor for class org.springframework.security.web.access.channel.ChannelProcessingFilter
 
ChannelProcessor - Interface in org.springframework.security.web.access.channel
Decides whether a web channel meets a specific security condition.
channelProcessors(List<ChannelProcessor>) - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.ChannelRequestMatcherRegistry
Sets the ChannelProcessor instances to use in ChannelDecisionManagerImpl
ChannelSecurityConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Adds channel security (i.e.
ChannelSecurityConfigurer(ApplicationContext) - Constructor for class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer
Creates a new instance
ChannelSecurityConfigurer.ChannelRequestMatcherRegistry - Class in org.springframework.security.config.annotation.web.configurers
 
ChannelSecurityConfigurer.MvcMatchersRequiresChannelUrl - Class in org.springframework.security.config.annotation.web.configurers
 
ChannelSecurityConfigurer.RequiresChannelUrl - Class in org.springframework.security.config.annotation.web.configurers
 
ChannelSecurityInterceptor - Class in org.springframework.security.messaging.access.intercept
Performs security handling of Message resources via a ChannelInterceptor implementation.
ChannelSecurityInterceptor(MessageSecurityMetadataSource) - Constructor for class org.springframework.security.messaging.access.intercept.ChannelSecurityInterceptor
Creates a new instance
check(UserDetails) - Method in class org.springframework.security.authentication.AccountStatusUserDetailsChecker
 
check(Mono<Authentication>, T) - Method in class org.springframework.security.authorization.AuthenticatedReactiveAuthorizationManager
 
check(Mono<Authentication>, T) - Method in class org.springframework.security.authorization.AuthorityReactiveAuthorizationManager
 
check(Mono<Authentication>, T) - Method in interface org.springframework.security.authorization.ReactiveAuthorizationManager
Determines if access is granted for a specific authentication and object.
check(UserDetails) - Method in interface org.springframework.security.core.userdetails.UserDetailsChecker
Examines the User
check(Mono<Authentication>, ServerWebExchange) - Method in class org.springframework.security.web.server.authorization.DelegatingReactiveAuthorizationManager
 
checkAllowIfAllAbstainDecisions() - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager
 
checkpw(String, String) - Static method in class org.springframework.security.crypto.bcrypt.BCrypt
Check that a plaintext password matches a previously hashed one
ChildrenExistException - Exception in org.springframework.security.acls.model
Thrown if an Acl cannot be deleted because children Acls exist.
ChildrenExistException(String) - Constructor for exception org.springframework.security.acls.model.ChildrenExistException
Constructs an ChildrenExistException with the specified message.
ChildrenExistException(String, Throwable) - Constructor for exception org.springframework.security.acls.model.ChildrenExistException
Constructs an ChildrenExistException with the specified message and root cause.
ClaimAccessor - Interface in org.springframework.security.oauth2.core
An "accessor" for a set of claims that may be used for assertions.
clear(Permission) - Method in class org.springframework.security.acls.domain.CumulativePermission
 
clear() - Method in class org.springframework.security.acls.domain.CumulativePermission
 
clearAuthentication(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
Specifies if SecurityContextLogoutHandler should clear the Authentication at the time of logout.
clearAuthenticationAttributes(HttpServletRequest) - Method in class org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler
Removes temporary authentication-related data which may have been stored in the session during the authentication process.
clearCache() - Method in class org.springframework.security.acls.domain.EhCacheBasedAclCache
 
clearCache() - Method in class org.springframework.security.acls.domain.SpringCacheBasedAclCache
 
clearCache() - Method in interface org.springframework.security.acls.model.AclCache
 
clearContext() - Static method in class org.springframework.security.core.context.ReactiveSecurityContextHolder
Clears the Mono<SecurityContext> from Reactor Context
clearContext() - Static method in class org.springframework.security.core.context.SecurityContextHolder
Explicitly clears the context value from the current thread.
clearContext() - Method in interface org.springframework.security.core.context.SecurityContextHolderStrategy
Clears the current context.
clearContext() - Static method in class org.springframework.security.test.context.TestSecurityContextHolder
CLIENT_CREDENTIALS - Static variable in class org.springframework.security.oauth2.core.AuthorizationGrantType
 
CLIENT_ID - Static variable in interface org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames
client_id - used in Authorization Request and Access Token Request.
CLIENT_SECRET - Static variable in interface org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames
client_secret - used in Access Token Request.
clientAuthenticationMethod(ClientAuthenticationMethod) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder
Sets the authentication method used when authenticating the client with the authorization server.
ClientAuthenticationMethod - Class in org.springframework.security.oauth2.core
The authentication method used when authenticating the client with the authorization server.
ClientAuthenticationMethod(String) - Constructor for class org.springframework.security.oauth2.core.ClientAuthenticationMethod
Constructs a ClientAuthenticationMethod using the provided value.
ClientAuthorizationRequiredException - Exception in org.springframework.security.oauth2.client
This exception is thrown when an OAuth 2.0 Client is required to obtain authorization from the Resource Owner.
ClientAuthorizationRequiredException(String) - Constructor for exception org.springframework.security.oauth2.client.ClientAuthorizationRequiredException
Constructs a ClientAuthorizationRequiredException using the provided parameters.
clientId(String) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder
Sets the client identifier.
clientId(String) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest.Builder
Sets the client identifier.
clientName(String) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder
Sets the logical name of the client or registration.
ClientRegistration - Class in org.springframework.security.oauth2.client.registration
A representation of a client registration with an OAuth 2.0 or OpenID Connect 1.0 Provider.
ClientRegistration.Builder - Class in org.springframework.security.oauth2.client.registration
A builder for ClientRegistration.
ClientRegistration.ProviderDetails - Class in org.springframework.security.oauth2.client.registration
Details of the Provider.
ClientRegistration.ProviderDetails.UserInfoEndpoint - Class in org.springframework.security.oauth2.client.registration
Details of the UserInfo Endpoint.
clientRegistrationId(String) - Static method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction
Modifies the ClientRequest.attributes() to include the ClientRegistration.getRegistrationId() to be used to look up the OAuth2AuthorizedClient.
clientRegistrationId(String) - Static method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction
Modifies the ClientRequest.attributes() to include the ClientRegistration.getRegistrationId() to be used to look up the OAuth2AuthorizedClient.
clientRegistrationRepository(ClientRegistrationRepository) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.ImplicitGrantConfigurer
Sets the repository of client registrations.
clientRegistrationRepository(ClientRegistrationRepository) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2ClientConfigurer
Sets the repository of client registrations.
clientRegistrationRepository(ClientRegistrationRepository) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer
Sets the repository of client registrations.
clientRegistrationRepository(ReactiveClientRegistrationRepository) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ClientSpec
clientRegistrationRepository(ReactiveClientRegistrationRepository) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2LoginSpec
 
ClientRegistrationRepository - Interface in org.springframework.security.oauth2.client.registration
A repository for OAuth 2.0 / OpenID Connect 1.0 ClientRegistration(s).
ClientRegistrations - Class in org.springframework.security.oauth2.client.registration
clientSecret(String) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder
Sets the client secret.
closeContext(Context) - Static method in class org.springframework.security.ldap.LdapUtils
 
closeEnumeration(NamingEnumeration) - Static method in class org.springframework.security.ldap.LdapUtils
 
code - Variable in class org.springframework.security.acls.domain.AbstractPermission
 
code(String) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse.Builder
Sets the authorization code.
CODE - Static variable in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponseType
 
CODE - Static variable in interface org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames
code - used in Authorization Response and Access Token Request.
commaSeparatedStringToAuthorityList(String) - Static method in class org.springframework.security.core.authority.AuthorityUtils
Creates a array of GrantedAuthority objects from a comma-separated string representation (e.g.
commence(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.cas.web.CasAuthenticationEntryPoint
 
commence(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.oauth2.server.resource.web.BearerTokenAuthenticationEntryPoint
Collect error details from the provided parameters and format according to RFC 6750, specifically error, error_description, error_uri, and .
commence(ServerWebExchange, AuthenticationException) - Method in class org.springframework.security.oauth2.server.resource.web.server.BearerTokenServerAuthenticationEntryPoint
 
commence(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
 
commence(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.access.channel.ChannelEntryPoint
Commences a secure channel.
commence(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint
 
commence(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.Http403ForbiddenEntryPoint
Always returns a 403 error code to the client.
commence(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.HttpStatusEntryPoint
 
commence(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
Performs the redirect (or forward) to the login form URL.
commence(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint
 
commence(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
 
commence(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in interface org.springframework.security.web.AuthenticationEntryPoint
Commences an authentication scheme.
commence(ServerWebExchange, AuthenticationException) - Method in class org.springframework.security.web.server.authentication.HttpBasicServerAuthenticationEntryPoint
 
commence(ServerWebExchange, AuthenticationException) - Method in class org.springframework.security.web.server.authentication.HttpStatusServerEntryPoint
 
commence(ServerWebExchange, AuthenticationException) - Method in class org.springframework.security.web.server.authentication.RedirectServerAuthenticationEntryPoint
 
commence(ServerWebExchange, AuthenticationException) - Method in class org.springframework.security.web.server.DelegatingServerAuthenticationEntryPoint
 
commence(ServerWebExchange, AuthenticationException) - Method in interface org.springframework.security.web.server.ServerAuthenticationEntryPoint
Initiates the authentication flow
commit() - Method in class org.springframework.security.authentication.jaas.SecurityContextLoginModule
Authenticate the Subject (phase two) by adding the Spring Security Authentication to the Subject's principals.
CommonOAuth2Provider - Enum in org.springframework.security.config.oauth2.client
Common OAuth2 Providers that can be used to create builders pre-configured with sensible defaults.
compare(String, String, Object) - Method in class org.springframework.security.ldap.SpringSecurityLdapTemplate
Performs an LDAP compare operation of the value of an attribute for a particular directory entry.
CompositeLogoutHandler - Class in org.springframework.security.web.authentication.logout
Performs a logout through all the LogoutHandler implementations.
CompositeLogoutHandler(LogoutHandler...) - Constructor for class org.springframework.security.web.authentication.logout.CompositeLogoutHandler
 
CompositeLogoutHandler(List<LogoutHandler>) - Constructor for class org.springframework.security.web.authentication.logout.CompositeLogoutHandler
 
CompositeServerHttpHeadersWriter - Class in org.springframework.security.web.server.header
Combines multiple ServerHttpHeadersWriter instances into a single instance.
CompositeServerHttpHeadersWriter(ServerHttpHeadersWriter...) - Constructor for class org.springframework.security.web.server.header.CompositeServerHttpHeadersWriter
 
CompositeServerHttpHeadersWriter(List<ServerHttpHeadersWriter>) - Constructor for class org.springframework.security.web.server.header.CompositeServerHttpHeadersWriter
 
CompositeSessionAuthenticationStrategy - Class in org.springframework.security.web.authentication.session
A SessionAuthenticationStrategy that accepts multiple SessionAuthenticationStrategy implementations to delegate to.
CompositeSessionAuthenticationStrategy(List<SessionAuthenticationStrategy>) - Constructor for class org.springframework.security.web.authentication.session.CompositeSessionAuthenticationStrategy
 
concatenate(byte[]...) - Static method in class org.springframework.security.crypto.util.EncodingUtils
Combine the individual byte arrays into one array.
CONCURRENT_SESSIONS - Static variable in class org.springframework.security.config.Elements
 
ConcurrentSessionControlAuthenticationStrategy - Class in org.springframework.security.web.authentication.session
Strategy which handles concurrent session-control.
ConcurrentSessionControlAuthenticationStrategy(SessionRegistry) - Constructor for class org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy
 
ConcurrentSessionFilter - Class in org.springframework.security.web.session
Filter required by concurrent session handling package.
ConcurrentSessionFilter(SessionRegistry) - Constructor for class org.springframework.security.web.session.ConcurrentSessionFilter
 
ConcurrentSessionFilter(SessionRegistry, String) - Constructor for class org.springframework.security.web.session.ConcurrentSessionFilter
ConcurrentSessionFilter(SessionRegistry, SessionInformationExpiredStrategy) - Constructor for class org.springframework.security.web.session.ConcurrentSessionFilter
 
ConfigAttribute - Interface in org.springframework.security.access
Stores a security system related configuration attribute.
configurationSource(CorsConfigurationSource) - Method in class org.springframework.security.config.annotation.web.configurers.CorsConfigurer
 
configurationSource(CorsConfigurationSource) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.CorsSpec
Configures the CorsConfigurationSource to be used
configure(AuthenticationManagerBuilder) - Method in class org.springframework.security.config.annotation.authentication.configuration.GlobalAuthenticationConfigurerAdapter
 
configure(B) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
 
configure(B) - Method in class org.springframework.security.config.annotation.authentication.configurers.userdetails.UserDetailsServiceConfigurer
 
configure(AuthenticationManagerBuilder) - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
Sub classes can override this method to register different types of authentication.
configure(B) - Method in interface org.springframework.security.config.annotation.SecurityConfigurer
Configure the SecurityBuilder by setting the necessary properties on the SecurityBuilder.
configure(B) - Method in class org.springframework.security.config.annotation.SecurityConfigurerAdapter
 
configure(AuthenticationManagerBuilder) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
Used by the default implementation of WebSecurityConfigurerAdapter.authenticationManager() to attempt to obtain an AuthenticationManager.
configure(WebSecurity) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
Override this method to configure WebSecurity.
configure(HttpSecurity) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
Override this method to configure the HttpSecurity.
configure(B) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.CorsConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.CsrfConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.DefaultLoginPageConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
 
configure(B) - Method in class org.springframework.security.config.annotation.web.configurers.HttpBasicConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.JeeConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
 
configure(B) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.ImplicitGrantConfigurer
 
configure(B) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2ClientConfigurer
 
configure(B) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.RequestCacheConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.SecurityContextConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.ServletApiConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.X509Configurer
 
configure(ServerHttpSecurity) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.AuthorizeExchangeSpec
 
configure(ServerHttpSecurity) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.CorsSpec
 
configure(ServerHttpSecurity) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.CsrfSpec
 
configure(ServerHttpSecurity) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.FormLoginSpec
 
configure(ServerHttpSecurity) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec
 
configure(ServerHttpSecurity) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HttpBasicSpec
 
configure(ServerHttpSecurity) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HttpsRedirectSpec
 
configure(ServerHttpSecurity) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.LogoutSpec
 
configure(ServerHttpSecurity) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ClientSpec
 
configure(ServerHttpSecurity) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2LoginSpec
 
configure(ServerHttpSecurity) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec
 
configure(ServerHttpSecurity) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpec
 
configure(ServerHttpSecurity) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.RequestCacheSpec
 
configureClientInboundChannel(ChannelRegistration) - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
 
configureInbound(MessageSecurityMetadataSourceRegistry) - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
 
configureJaas(Resource) - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
Hook method for configuring Jaas.
ConsensusBased - Class in org.springframework.security.access.vote
Simple concrete implementation of AccessDecisionManager that uses a consensus-based approach.
ConsensusBased(List<AccessDecisionVoter<? extends Object>>) - Constructor for class org.springframework.security.access.vote.ConsensusBased
 
ConsoleAuditLogger - Class in org.springframework.security.acls.domain
A basic implementation of AuditLogger.
ConsoleAuditLogger() - Constructor for class org.springframework.security.acls.domain.ConsoleAuditLogger
 
consumer(OpenIDConsumer) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer
Allows specifying the OpenIDConsumer to be used.
consumerManager(ConsumerManager) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer
Allows specifying the ConsumerManager to be used.
containsClaim(String) - Method in interface org.springframework.security.oauth2.core.ClaimAccessor
Returns true if the claim exists in ClaimAccessor.getClaims(), otherwise false.
containsContext(HttpServletRequest) - Method in class org.springframework.security.web.context.HttpSessionSecurityContextRepository
 
containsContext(HttpServletRequest) - Method in class org.springframework.security.web.context.NullSecurityContextRepository
 
containsContext(HttpServletRequest) - Method in interface org.springframework.security.web.context.SecurityContextRepository
Allows the repository to be queried as to whether it contains a security context for the current request.
containsMapping() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry
Allows determining if a mapping was added.
CONTENT_SECURITY_POLICY - Static variable in class org.springframework.security.web.server.header.ContentSecurityPolicyServerHttpHeadersWriter
 
CONTENT_SECURITY_POLICY_REPORT_ONLY - Static variable in class org.springframework.security.web.server.header.ContentSecurityPolicyServerHttpHeadersWriter
 
contentSecurityPolicy(String) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
Allows configuration for Content Security Policy (CSP) Level 2.
contentSecurityPolicy(String) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec
Configures Content-Security-Policy response header.
ContentSecurityPolicyHeaderWriter - Class in org.springframework.security.web.header.writers
ContentSecurityPolicyHeaderWriter(String) - Constructor for class org.springframework.security.web.header.writers.ContentSecurityPolicyHeaderWriter
Creates a new instance
ContentSecurityPolicyServerHttpHeadersWriter - Class in org.springframework.security.web.server.header
Writes the Contet-Security-Policy response header with configured policy directives.
ContentSecurityPolicyServerHttpHeadersWriter() - Constructor for class org.springframework.security.web.server.header.ContentSecurityPolicyServerHttpHeadersWriter
 
contentTypeOptions() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
contentTypeOptions() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec
Configures content type response headers
ContentTypeOptionsServerHttpHeadersWriter - Class in org.springframework.security.web.server.header
Adds X-Content-Type-Options: nosniff
ContentTypeOptionsServerHttpHeadersWriter() - Constructor for class org.springframework.security.web.server.header.ContentTypeOptionsServerHttpHeadersWriter
 
CONTEXT_SOURCE - Static variable in class org.springframework.security.config.BeanIds
 
CONTEXT_SOURCE_SETTING_POST_PROCESSOR - Static variable in class org.springframework.security.config.BeanIds
 
ContextPropagatingRemoteInvocation - Class in org.springframework.security.remoting.rmi
The actual RemoteInvocation that is passed from the client to the server.
ContextPropagatingRemoteInvocation(MethodInvocation) - Constructor for class org.springframework.security.remoting.rmi.ContextPropagatingRemoteInvocation
Constructs the object, storing the principal and credentials extracted from the client-side security context.
ContextPropagatingRemoteInvocationFactory - Class in org.springframework.security.remoting.rmi
Called by a client-side instance of org.springframework.remoting.rmi.RmiProxyFactoryBean when it wishes to create a remote invocation.
ContextPropagatingRemoteInvocationFactory() - Constructor for class org.springframework.security.remoting.rmi.ContextPropagatingRemoteInvocationFactory
 
contextSource(BaseLdapPathContextSource) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
Specifies the BaseLdapPathContextSource to be used.
contextSource() - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
Allows easily configuring of a BaseLdapPathContextSource with defaults pointing to an embedded LDAP server that is created.
convert(OAuth2AuthorizationCodeGrantRequest) - Method in class org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequestEntityConverter
Returns the RequestEntity used for the Access Token Request.
convert(OAuth2ClientCredentialsGrantRequest) - Method in class org.springframework.security.oauth2.client.endpoint.OAuth2ClientCredentialsGrantRequestEntityConverter
Returns the RequestEntity used for the Access Token Request.
convert(OAuth2UserRequest) - Method in class org.springframework.security.oauth2.client.userinfo.OAuth2UserRequestEntityConverter
Returns the RequestEntity used for the UserInfo Request.
convert(ServerWebExchange) - Method in class org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizationCodeAuthenticationTokenConverter
 
convert(Map<String, Object>) - Method in class org.springframework.security.oauth2.jwt.MappedJwtClaimSetConverter
convert(Jwt) - Method in class org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter
 
convert(Jwt) - Method in class org.springframework.security.oauth2.server.resource.authentication.ReactiveJwtAuthenticationConverterAdapter
 
convert(ServerWebExchange) - Method in class org.springframework.security.oauth2.server.resource.web.server.ServerBearerTokenAuthenticationConverter
 
convert(ServerWebExchange) - Method in interface org.springframework.security.web.server.authentication.ServerAuthenticationConverter
Converts a ServerWebExchange to an Authentication
convert(ServerWebExchange) - Method in class org.springframework.security.web.server.authentication.ServerFormLoginAuthenticationConverter
 
convert(ServerWebExchange) - Method in class org.springframework.security.web.server.authentication.ServerHttpBasicAuthenticationConverter
 
convertPasswordToString(Object) - Static method in class org.springframework.security.ldap.LdapUtils
 
CookieClearingLogoutHandler - Class in org.springframework.security.web.authentication.logout
A logout handler which clears a defined list of cookies, using the context path as the cookie path.
CookieClearingLogoutHandler(String...) - Constructor for class org.springframework.security.web.authentication.logout.CookieClearingLogoutHandler
 
CookieCsrfTokenRepository - Class in org.springframework.security.web.csrf
A CsrfTokenRepository that persists the CSRF token in a cookie named "XSRF-TOKEN" and reads from the header "X-XSRF-TOKEN" following the conventions of AngularJS.
CookieCsrfTokenRepository() - Constructor for class org.springframework.security.web.csrf.CookieCsrfTokenRepository
 
CookieServerCsrfTokenRepository - Class in org.springframework.security.web.server.csrf
A ServerCsrfTokenRepository that persists the CSRF token in a cookie named "XSRF-TOKEN" and reads from the header "X-XSRF-TOKEN" following the conventions of AngularJS.
CookieServerCsrfTokenRepository() - Constructor for class org.springframework.security.web.server.csrf.CookieServerCsrfTokenRepository
 
CookieTheftException - Exception in org.springframework.security.web.authentication.rememberme
 
CookieTheftException(String) - Constructor for exception org.springframework.security.web.authentication.rememberme.CookieTheftException
 
copyToContext(UserDetails, DirContextAdapter) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
 
CoreJackson2Module - Class in org.springframework.security.jackson2
Jackson module for spring-security-core.
CoreJackson2Module() - Constructor for class org.springframework.security.jackson2.CoreJackson2Module
 
cors() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Adds a CorsFilter to be used.
CORS - Static variable in class org.springframework.security.config.Elements
 
cors() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity
Configures CORS headers.
CorsBeanDefinitionParser - Class in org.springframework.security.config.http
Parser for the CorsFilter.
CorsBeanDefinitionParser() - Constructor for class org.springframework.security.config.http.CorsBeanDefinitionParser
 
CorsConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Adds CorsFilter to the Spring Security filter chain.
CorsConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.CorsConfigurer
Creates a new instance
count(int) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer.AttributeExchangeConfigurer.AttributeConfigurer
Specifies the number of attribute values to request.
country(String) - Method in class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim.Builder
Sets the country.
create - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
 
CREATE - Static variable in class org.springframework.security.acls.domain.BasePermission
 
create(Callable<V>, SecurityContext) - Static method in class org.springframework.security.concurrent.DelegatingSecurityContextCallable
Creates a DelegatingSecurityContextCallable and with the given Callable and SecurityContext, but if the securityContext is null will defaults to the current SecurityContext on the SecurityContextHolder
create(Runnable, SecurityContext) - Static method in class org.springframework.security.concurrent.DelegatingSecurityContextRunnable
Factory method for creating a DelegatingSecurityContextRunnable.
create(Object, String, Object...) - Static method in class org.springframework.security.util.MethodInvocationUtils
Generates a MethodInvocation for specified methodName on the passed object, using the args to locate the method.
CREATE_TABLE_SQL - Static variable in class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl
Default SQL for creating the database table to store the tokens
createAcl(ObjectIdentity) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
 
createAcl(ObjectIdentity) - Method in interface org.springframework.security.acls.model.MutableAclService
Creates an empty Acl object in the database.
createAttributeList(String) - Method in interface org.springframework.security.openid.AxFetchListFactory
Builds the list of attributes which should be added to the fetch request for the supplied OpenID identifier.
createAttributeList(String) - Method in class org.springframework.security.openid.NullAxFetchListFactory
 
createAttributeList(String) - Method in class org.springframework.security.openid.RegexBasedAxFetchListFactory
Iterates through the patterns stored in the map and returns the list of attributes defined for the first match.
createAuthentication(HttpServletRequest) - Method in class org.springframework.security.web.authentication.AnonymousAuthenticationFilter
 
createAuthenticationRequest(String, String) - Method in class org.springframework.security.remoting.rmi.ContextPropagatingRemoteInvocation
Creates the server-side authentication request object.
createAuthority(Object) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsMapper
Creates a GrantedAuthority from a role attribute.
createAuthorityList(String...) - Static method in class org.springframework.security.core.authority.AuthorityUtils
 
createChannelAttributes(String) - Static method in class org.springframework.security.config.http.ChannelAttributeFactory
 
createCurrentUser(Authentication) - Method in class org.springframework.security.acls.domain.AclAuthorizationStrategyImpl
Creates a principal-like sid from the authentication information.
createDefault() - Static method in class org.springframework.security.oauth2.jwt.JwtValidators
Create a Jwt Validator that contains all standard validators.
createDefaultWithIssuer(String) - Static method in class org.springframework.security.oauth2.jwt.JwtValidators
Create a Jwt Validator that contains all standard validators when an issuer is known.
createDelegatingPasswordEncoder() - Static method in class org.springframework.security.crypto.factory.PasswordEncoderFactories
Creates a DelegatingPasswordEncoder with default mappings.
createELContext(HttpServletRequest) - Method in class org.springframework.security.web.util.matcher.ELRequestMatcher
Subclasses can override this methode if they want to use a different EL root context
createEmptyContext() - Static method in class org.springframework.security.core.context.SecurityContextHolder
Delegates the creation of a new, empty context to the configured strategy.
createEmptyContext() - Method in interface org.springframework.security.core.context.SecurityContextHolderStrategy
Creates a new, empty context implementation, for use by SecurityContextRepository implementations, when creating a new context for the first time.
createEntries(MutableAcl) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
Creates a new row in acl_entry for every ACE defined in the passed MutableAcl object.
createEvaluationContext(Authentication, T) - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
Invokes the internal template methods to create StandardEvaluationContext and SecurityExpressionRoot objects.
createEvaluationContext(Authentication, T) - Method in interface org.springframework.security.access.expression.SecurityExpressionHandler
Provides an evaluation context in which to evaluate security expressions for the invocation type.
createEvaluationContextInternal(Authentication, T) - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
Override to create a custom instance of StandardEvaluationContext.
createEvaluationContextInternal(Authentication, MethodInvocation) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
Uses a MethodSecurityEvaluationContext as the EvaluationContext implementation.
createExpressionEvaluationContext(SecurityExpressionHandler<FilterInvocation>) - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag
Allows the EvaluationContext to be customized for variable lookup etc.
createExpressionEvaluationContext(SecurityExpressionHandler<FilterInvocation>) - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
 
createExpressionHandler() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
createExpressionMessageMetadataSource(LinkedHashMap<MessageMatcher<?>, String>) - Static method in class org.springframework.security.messaging.access.expression.ExpressionBasedMessageSecurityMetadataSourceFactory
Create a MessageSecurityMetadataSource that uses MessageMatcher mapped to Spring Expressions.
createExpressionMessageMetadataSource(LinkedHashMap<MessageMatcher<?>, String>, SecurityExpressionHandler<Message<Object>>) - Static method in class org.springframework.security.messaging.access.expression.ExpressionBasedMessageSecurityMetadataSourceFactory
Create a MessageSecurityMetadataSource that uses MessageMatcher mapped to Spring Expressions.
createFromClass(Class<?>, String) - Static method in class org.springframework.security.util.MethodInvocationUtils
Generates a MethodInvocation for the specified methodName on the passed class.
createFromClass(Object, Class<?>, String, Class<?>[], Object[]) - Static method in class org.springframework.security.util.MethodInvocationUtils
Generates a MethodInvocation for specified methodName on the passed class, using the args to locate the method.
createGroup(String, List<GrantedAuthority>) - Method in interface org.springframework.security.provisioning.GroupManager
Creates a new group with the specified list of authorities.
createGroup(String, List<GrantedAuthority>) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
createList(String...) - Static method in class org.springframework.security.access.SecurityConfig
 
createListFromCommaDelimitedString(String) - Static method in class org.springframework.security.access.SecurityConfig
 
createLoginContext(CallbackHandler) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
Creates the LoginContext to be used for authentication.
createLoginContext(CallbackHandler) - Method in class org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider
Creates a LoginContext using the Configuration that was specified in DefaultJaasAuthenticationProvider.setConfiguration(Configuration).
createLoginContext(CallbackHandler) - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
 
createLoginProcessingUrlMatcher(String) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Create the RequestMatcher given a loginProcessingUrl
createLoginProcessingUrlMatcher(String) - Method in class org.springframework.security.config.annotation.web.configurers.FormLoginConfigurer
 
createLoginProcessingUrlMatcher(String) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer
 
createLoginProcessingUrlMatcher(String) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer
 
createMatcher(ParserContext, String, String) - Method in enum org.springframework.security.config.http.MatcherType
 
createMatcher(ParserContext, String, String, String) - Method in enum org.springframework.security.config.http.MatcherType
 
createMessageMatcher(String, PathMatcher) - Static method in class org.springframework.security.messaging.util.matcher.SimpDestinationMessageMatcher
Creates a new instance with the specified pattern, SimpMessageType.MESSAGE, and PathMatcher.
createMetadataSource() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry
Allows subclasses to create creating a MessageSecurityMetadataSource.
createMvcMatchers(HttpMethod, String...) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
Creates MvcRequestMatcher instances for the method and patterns passed in
createNewAuthentication(Authentication, String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
createNewToken(PersistentRememberMeToken) - Method in class org.springframework.security.web.authentication.rememberme.InMemoryTokenRepositoryImpl
 
createNewToken(PersistentRememberMeToken) - Method in class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl
 
createNewToken(PersistentRememberMeToken) - Method in interface org.springframework.security.web.authentication.rememberme.PersistentTokenRepository
 
createObjectIdentity(Serializable, String) - Method in class org.springframework.security.acls.domain.ObjectIdentityRetrievalStrategyImpl
 
createObjectIdentity(ObjectIdentity, Sid) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
Creates an entry in the acl_object_identity table for the passed ObjectIdentity.
createObjectIdentity(Serializable, String) - Method in interface org.springframework.security.acls.model.ObjectIdentityGenerator
 
createOrRetrieveClassPrimaryKey(String, boolean, Class) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
Retrieves the primary key from acl_class, creating a new row if needed and the allowCreate property is true.
createOrRetrieveSidPrimaryKey(Sid, boolean) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
Retrieves the primary key from acl_sid, creating a new row if needed and the allowCreate property is true.
createOrRetrieveSidPrimaryKey(String, boolean, boolean) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
Retrieves the primary key from acl_sid, creating a new row if needed and the allowCreate property is true.
createPasswordEncoderBeanDefinition(String, boolean) - Static method in class org.springframework.security.config.authentication.PasswordEncoderParser
 
createPostInvocationAttribute(String, String) - Method in class org.springframework.security.access.expression.method.ExpressionBasedAnnotationAttributeFactory
 
createPostInvocationAttribute(String, String) - Method in interface org.springframework.security.access.prepost.PrePostInvocationAttributeFactory
 
createPreInvocationAttribute(String, String, String) - Method in class org.springframework.security.access.expression.method.ExpressionBasedAnnotationAttributeFactory
 
createPreInvocationAttribute(String, String, String) - Method in interface org.springframework.security.access.prepost.PrePostInvocationAttributeFactory
 
createRedirectUrl(String) - Method in class org.springframework.security.cas.web.CasAuthenticationEntryPoint
Constructs the Url for Redirection to the CAS server.
createRemoteInvocation(MethodInvocation) - Method in class org.springframework.security.remoting.rmi.ContextPropagatingRemoteInvocationFactory
 
createSecurityContext(A) - Method in interface org.springframework.security.test.context.support.WithSecurityContextFactory
Create a SecurityContext given an Annotation.
createSecurityExpressionRoot(Authentication, T) - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
Implement in order to create a root object of the correct type for the supported invocation type.
createSecurityExpressionRoot(Authentication, MethodInvocation) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
Creates the root object for expression evaluation.
createSecurityExpressionRoot(Authentication, Message<T>) - Method in class org.springframework.security.messaging.access.expression.DefaultMessageSecurityExpressionHandler
 
createSecurityExpressionRoot(Authentication, FilterInvocation) - Method in class org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler
 
createServiceUrl(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.cas.web.CasAuthenticationEntryPoint
Constructs a new Service Url.
createSid(boolean, String) - Method in class org.springframework.security.acls.jdbc.BasicLookupStrategy
Creates a particular implementation of Sid depending on the arguments.
createSubscribeMatcher(String, PathMatcher) - Static method in class org.springframework.security.messaging.util.matcher.SimpDestinationMessageMatcher
Creates a new instance with the specified pattern, SimpMessageType.SUBSCRIBE, and PathMatcher.
createSuccessAuthentication(Object, Authentication, UserDetails) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
Creates a successful Authentication object.
createSuccessAuthentication(Object, Authentication, UserDetails) - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
 
createSuccessfulAuthentication(UsernamePasswordAuthenticationToken, UserDetails) - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
Creates the final Authentication object which will be returned from the authenticate method.
createSuccessfulAuthentication(UserDetails, OpenIDAuthenticationToken) - Method in class org.springframework.security.openid.OpenIDAuthenticationProvider
Handles the creation of the final Authentication object which will be returned by the provider.
createSuccessfulAuthentication(HttpServletRequest, UserDetails) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
Creates the final Authentication object returned from the autoLogin method.
createTarget() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
 
createTarget() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
 
createTarget() - Method in class org.springframework.security.ldap.userdetails.Person.Essence
 
createUser(UserDetails) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
 
createUser(UserDetails) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
 
createUser(UserDetails) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
createUser(UserDetails) - Method in interface org.springframework.security.provisioning.UserDetailsManager
Create a new user with the supplied details.
createUserDetails(String, UserDetails, List<GrantedAuthority>) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
Can be overridden to customize the creation of the final UserDetailsObject which is returned by the loadUserByUsername method.
createUserDetails() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
 
createUserDetails() - Method in class org.springframework.security.ldap.userdetails.Person.Essence
 
createUserDetails(Authentication, Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesUserDetailsService
Creates the final UserDetails object.
CredentialsContainer - Interface in org.springframework.security.core
Indicates that the implementing object contains sensitive data, which can be erased using the eraseCredentials method.
credentialsExpired(boolean) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
Defines if the credentials are expired or not.
credentialsExpired(boolean) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
Defines if the credentials are expired or not.
credentialsExpired(boolean) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.UserExchangeMutator
 
CredentialsExpiredException - Exception in org.springframework.security.authentication
Thrown if an authentication request is rejected because the account's credentials have expired.
CredentialsExpiredException(String) - Constructor for exception org.springframework.security.authentication.CredentialsExpiredException
Constructs a CredentialsExpiredException with the specified message.
CredentialsExpiredException(String, Throwable) - Constructor for exception org.springframework.security.authentication.CredentialsExpiredException
Constructs a CredentialsExpiredException with the specified message and root cause.
csrf() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Adds CSRF support.
CSRF - Static variable in class org.springframework.security.config.Elements
 
csrf() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity
Configures CSRF Protection which is enabled by default.
csrf() - Static method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers
 
csrf() - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors
Creates a RequestPostProcessor that will automatically populate a valid CsrfToken in the request.
CsrfAuthenticationStrategy - Class in org.springframework.security.web.csrf
CsrfAuthenticationStrategy is in charge of removing the CsrfToken upon authenticating.
CsrfAuthenticationStrategy(CsrfTokenRepository) - Constructor for class org.springframework.security.web.csrf.CsrfAuthenticationStrategy
Creates a new instance
CsrfBeanDefinitionParser - Class in org.springframework.security.config.http
Parser for the CsrfFilter.
CsrfBeanDefinitionParser() - Constructor for class org.springframework.security.config.http.CsrfBeanDefinitionParser
 
csrfChannelInterceptor() - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
 
CsrfChannelInterceptor - Class in org.springframework.security.messaging.web.csrf
ChannelInterceptorAdapter that validates that a valid CSRF is included in the header of any SimpMessageType.CONNECT message.
CsrfChannelInterceptor() - Constructor for class org.springframework.security.messaging.web.csrf.CsrfChannelInterceptor
 
CsrfConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Adds CSRF protection for the methods as specified by CsrfConfigurer.requireCsrfProtectionMatcher(RequestMatcher).
CsrfConfigurer(ApplicationContext) - Constructor for class org.springframework.security.config.annotation.web.configurers.CsrfConfigurer
Creates a new instance
CsrfException - Exception in org.springframework.security.web.csrf
Thrown when an invalid or missing CsrfToken is found in the HttpServletRequest
CsrfException(String) - Constructor for exception org.springframework.security.web.csrf.CsrfException
 
CsrfException - Exception in org.springframework.security.web.server.csrf
Thrown when an invalid or missing CsrfToken is found in the HttpServletRequest
CsrfException(String) - Constructor for exception org.springframework.security.web.server.csrf.CsrfException
 
CsrfFilter - Class in org.springframework.security.web.csrf
Applies CSRF protection using a synchronizer token pattern.
CsrfFilter(CsrfTokenRepository) - Constructor for class org.springframework.security.web.csrf.CsrfFilter
 
CsrfInputTag - Class in org.springframework.security.taglibs.csrf
A JSP tag that prints out a hidden form field for the CSRF token.
CsrfInputTag() - Constructor for class org.springframework.security.taglibs.csrf.CsrfInputTag
 
CsrfLogoutHandler - Class in org.springframework.security.web.csrf
CsrfLogoutHandler is in charge of removing the CsrfToken upon logout.
CsrfLogoutHandler(CsrfTokenRepository) - Constructor for class org.springframework.security.web.csrf.CsrfLogoutHandler
Creates a new instance
CsrfMetaTagsTag - Class in org.springframework.security.taglibs.csrf
A JSP tag that prints out a meta tags holding the CSRF form field name and token value for use in JavaScrip code.
CsrfMetaTagsTag() - Constructor for class org.springframework.security.taglibs.csrf.CsrfMetaTagsTag
 
CsrfRequestDataValueProcessor - Class in org.springframework.security.web.reactive.result.view
 
CsrfRequestDataValueProcessor() - Constructor for class org.springframework.security.web.reactive.result.view.CsrfRequestDataValueProcessor
 
CsrfRequestDataValueProcessor - Class in org.springframework.security.web.servlet.support.csrf
Integration with Spring Web MVC that automatically adds the CsrfToken into forms with hidden inputs when using Spring tag libraries.
CsrfRequestDataValueProcessor() - Constructor for class org.springframework.security.web.servlet.support.csrf.CsrfRequestDataValueProcessor
 
CsrfServerLogoutHandler - Class in org.springframework.security.web.server.csrf
CsrfServerLogoutHandler is in charge of removing the CsrfToken upon logout.
CsrfServerLogoutHandler(ServerCsrfTokenRepository) - Constructor for class org.springframework.security.web.server.csrf.CsrfServerLogoutHandler
Creates a new instance
CsrfToken - Interface in org.springframework.security.web.csrf
Provides the information about an expected CSRF token.
CsrfToken - Interface in org.springframework.security.web.server.csrf
 
CsrfTokenArgumentResolver - Class in org.springframework.security.web.method.annotation
Allows resolving the current CsrfToken.
CsrfTokenArgumentResolver() - Constructor for class org.springframework.security.web.method.annotation.CsrfTokenArgumentResolver
 
CsrfTokenHandshakeInterceptor - Class in org.springframework.security.messaging.web.socket.server
Copies a CsrfToken from the HttpServletRequest's attributes to the WebSocket attributes.
CsrfTokenHandshakeInterceptor() - Constructor for class org.springframework.security.messaging.web.socket.server.CsrfTokenHandshakeInterceptor
 
csrfTokenRepository(CsrfTokenRepository) - Method in class org.springframework.security.config.annotation.web.configurers.CsrfConfigurer
Specify the CsrfTokenRepository to use.
csrfTokenRepository(ServerCsrfTokenRepository) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.CsrfSpec
Configures the ServerCsrfTokenRepository used to persist the CSRF Token.
CsrfTokenRepository - Interface in org.springframework.security.web.csrf
An API to allow changing the method in which the expected CsrfToken is associated to the HttpServletRequest.
CsrfWebFilter - Class in org.springframework.security.web.server.csrf
Applies CSRF protection using a synchronizer token pattern.
CsrfWebFilter() - Constructor for class org.springframework.security.web.server.csrf.CsrfWebFilter
 
CumulativePermission - Class in org.springframework.security.acls.domain
Represents a Permission that is constructed at runtime from other permissions.
CumulativePermission() - Constructor for class org.springframework.security.acls.domain.CumulativePermission
 
currentDate - Static variable in class org.springframework.security.web.savedrequest.FastHttpDateFormat
Current formatted date.
currentDateGenerated - Static variable in class org.springframework.security.web.savedrequest.FastHttpDateFormat
Instant on which the currentDate object was generated.
CUSTOM_FILTER - Static variable in class org.springframework.security.config.Elements
 
customizeClientInboundChannel(ChannelRegistration) - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
Allows subclasses to customize the configuration of the ChannelRegistration .
customMethodSecurityMetadataSource() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
customUserType(Class<? extends OAuth2User>, String) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer.UserInfoEndpointConfig
Sets a custom OAuth2User type and associates it to the provided client registration identifier.
CustomUserTypesOAuth2UserService - Class in org.springframework.security.oauth2.client.userinfo
An implementation of an OAuth2UserService that supports custom OAuth2User types.
CustomUserTypesOAuth2UserService(Map<String, Class<? extends OAuth2User>>) - Constructor for class org.springframework.security.oauth2.client.userinfo.CustomUserTypesOAuth2UserService
Constructs a CustomUserTypesOAuth2UserService using the provided parameters.
CycleInRoleHierarchyException - Exception in org.springframework.security.access.hierarchicalroles
Exception that is thrown because of a cycle in the role hierarchy definition
CycleInRoleHierarchyException() - Constructor for exception org.springframework.security.access.hierarchicalroles.CycleInRoleHierarchyException
 

D

DaoAuthenticationConfigurer<B extends ProviderManagerBuilder<B>,U extends UserDetailsService> - Class in org.springframework.security.config.annotation.authentication.configurers.userdetails
Allows configuring a DaoAuthenticationProvider
DaoAuthenticationConfigurer(U) - Constructor for class org.springframework.security.config.annotation.authentication.configurers.userdetails.DaoAuthenticationConfigurer
Creates a new instance
DaoAuthenticationProvider - Class in org.springframework.security.authentication.dao
An AuthenticationProvider implementation that retrieves user details from a UserDetailsService.
DaoAuthenticationProvider() - Constructor for class org.springframework.security.authentication.dao.DaoAuthenticationProvider
 
dataSource(DataSource) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
Populates the DataSource to be used.
debug(boolean) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
Controls debugging support for Spring Security.
DEBUG - Static variable in class org.springframework.security.config.Elements
 
DEBUG_FILTER - Static variable in class org.springframework.security.config.BeanIds
 
DebugBeanDefinitionParser - Class in org.springframework.security.config
 
DebugBeanDefinitionParser() - Constructor for class org.springframework.security.config.DebugBeanDefinitionParser
 
DebugFilter - Class in org.springframework.security.web.debug
Spring Security debugging filter.
DebugFilter(FilterChainProxy) - Constructor for class org.springframework.security.web.debug.DebugFilter
 
decide(Authentication, Object, Collection<ConfigAttribute>) - Method in interface org.springframework.security.access.AccessDecisionManager
Resolves an access control decision for the passed parameters.
decide(Authentication, Object, Collection<ConfigAttribute>, Object) - Method in interface org.springframework.security.access.AfterInvocationProvider
 
decide(Authentication, Object, Collection<ConfigAttribute>, Object) - Method in interface org.springframework.security.access.intercept.AfterInvocationManager
Given the details of a secure object invocation including its returned Object, make an access control decision or optionally modify the returned Object.
decide(Authentication, Object, Collection<ConfigAttribute>, Object) - Method in class org.springframework.security.access.intercept.AfterInvocationProviderManager
 
decide(Authentication, Object, Collection<ConfigAttribute>, Object) - Method in class org.springframework.security.access.prepost.PostInvocationAdviceProvider
 
decide(Authentication, Object, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.vote.AffirmativeBased
This concrete implementation simply polls all configured AccessDecisionVoters and grants access if any AccessDecisionVoter voted affirmatively.
decide(Authentication, Object, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.vote.ConsensusBased
This concrete implementation simply polls all configured AccessDecisionVoters and upon completion determines the consensus of granted against denied responses.
decide(Authentication, Object, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.vote.UnanimousBased
This concrete implementation polls all configured AccessDecisionVoters for each ConfigAttribute and grants access if only grant (or abstain) votes were received.
decide(Authentication, Object, Collection<ConfigAttribute>, Object) - Method in class org.springframework.security.acls.afterinvocation.AclEntryAfterInvocationCollectionFilteringProvider
 
decide(Authentication, Object, Collection<ConfigAttribute>, Object) - Method in class org.springframework.security.acls.afterinvocation.AclEntryAfterInvocationProvider
 
decide(FilterInvocation, Collection<ConfigAttribute>) - Method in interface org.springframework.security.web.access.channel.ChannelDecisionManager
Decided whether the presented FilterInvocation provides the appropriate level of channel security based on the requested list of ConfigAttributes.
decide(FilterInvocation, Collection<ConfigAttribute>) - Method in class org.springframework.security.web.access.channel.ChannelDecisionManagerImpl
 
decide(FilterInvocation, Collection<ConfigAttribute>) - Method in interface org.springframework.security.web.access.channel.ChannelProcessor
Decided whether the presented FilterInvocation provides the appropriate level of channel security based on the requested list of ConfigAttributes.
decide(FilterInvocation, Collection<ConfigAttribute>) - Method in class org.springframework.security.web.access.channel.InsecureChannelProcessor
 
decide(FilterInvocation, Collection<ConfigAttribute>) - Method in class org.springframework.security.web.access.channel.SecureChannelProcessor
 
DECODE - Static variable in class org.springframework.security.crypto.codec.Base64
Deprecated.
Specify decoding in first bit.
decode(byte[]) - Static method in class org.springframework.security.crypto.codec.Base64
Deprecated.
 
decode(CharSequence) - Static method in class org.springframework.security.crypto.codec.Hex
 
decode(byte[]) - Static method in class org.springframework.security.crypto.codec.Utf8
Decode the bytes in UTF-8 form into a String.
decode(String) - Method in interface org.springframework.security.oauth2.jwt.JwtDecoder
Decodes the JWT from it's compact claims representation format and returns a Jwt.
decode(String) - Method in class org.springframework.security.oauth2.jwt.NimbusJwtDecoderJwkSupport
 
decode(String) - Method in class org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder
 
decode(String) - Method in interface org.springframework.security.oauth2.jwt.ReactiveJwtDecoder
Decodes the JWT from it's compact claims representation format and returns a Jwt.
decodeCookie(String) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
Decodes the cookie and splits it into a set of token strings using the ":" delimiter.
decoder(JwtDecoder) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer.JwtConfigurer
 
decorate(Node, BeanDefinitionHolder, ParserContext) - Method in class org.springframework.security.config.http.FilterChainMapBeanDefinitionDecorator
 
decorate(Node, BeanDefinitionHolder, ParserContext) - Method in class org.springframework.security.config.method.InterceptMethodsBeanDefinitionDecorator
 
decorate(Node, BeanDefinitionHolder, ParserContext) - Method in class org.springframework.security.config.SecurityNamespaceHandler
 
decrypt(byte[]) - Method in class org.springframework.security.crypto.encrypt.BouncyCastleAesCbcBytesEncryptor
 
decrypt(byte[]) - Method in class org.springframework.security.crypto.encrypt.BouncyCastleAesGcmBytesEncryptor
 
decrypt(byte[]) - Method in interface org.springframework.security.crypto.encrypt.BytesEncryptor
Decrypt the byte array.
decrypt(String) - Method in interface org.springframework.security.crypto.encrypt.TextEncryptor
Decrypt the encrypted text string.
DEF_AUTHORITIES_BY_USERNAME_QUERY - Static variable in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
 
DEF_CHANGE_PASSWORD_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_CREATE_USER_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_DELETE_GROUP_AUTHORITIES_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_DELETE_GROUP_AUTHORITY_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_DELETE_GROUP_MEMBER_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_DELETE_GROUP_MEMBERS_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_DELETE_GROUP_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_DELETE_USER_AUTHORITIES_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_DELETE_USER_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_FIND_GROUP_ID_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_FIND_GROUPS_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_FIND_USERS_IN_GROUP_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_GROUP_AUTHORITIES_BY_USERNAME_QUERY - Static variable in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
 
DEF_GROUP_AUTHORITIES_QUERY_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_GROUP_SEARCH_BASE - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
DEF_GROUP_SEARCH_FILTER - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
DEF_INSERT_AUTHORITY_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_INSERT_GROUP_AUTHORITY_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_INSERT_GROUP_MEMBER_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_INSERT_GROUP_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_INSERT_TOKEN_SQL - Static variable in class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl
The default SQL used by createNewToken
DEF_REMOVE_USER_TOKENS_SQL - Static variable in class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl
The default SQL used by removeUserTokens
DEF_RENAME_GROUP_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_TOKEN_BY_SERIES_SQL - Static variable in class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl
The default SQL used by the getTokenBySeries query
DEF_UPDATE_TOKEN_SQL - Static variable in class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl
The default SQL used by updateToken
DEF_UPDATE_USER_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_USER_EXISTS_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
DEF_USER_SEARCH_BASE - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
DEF_USERS_BY_USERNAME_QUERY - Static variable in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
 
DEFAULT_ACL_CLASS_ID_SELECT_CLAUSE - Static variable in class org.springframework.security.acls.jdbc.BasicLookupStrategy
 
DEFAULT_AUTHORIZATION_REQUEST_BASE_URI - Static variable in class org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter
The default base URI used for authorization requests.
DEFAULT_AUTHORIZATION_REQUEST_PATTERN - Static variable in class org.springframework.security.oauth2.client.web.server.DefaultServerOAuth2AuthorizationRequestResolver
The default pattern used to resolve the ClientRegistration.getRegistrationId()
DEFAULT_CAS_ARTIFACT_PARAMETER - Static variable in class org.springframework.security.cas.ServiceProperties
 
DEFAULT_CAS_SERVICE_PARAMETER - Static variable in class org.springframework.security.cas.ServiceProperties
 
DEFAULT_CLAIMED_IDENTITY_FIELD - Static variable in class org.springframework.security.openid.OpenIDAuthenticationFilter
 
DEFAULT_CSRF_ATTR_NAME - Static variable in class org.springframework.security.web.reactive.result.view.CsrfRequestDataValueProcessor
The default request attribute to look for a CsrfToken.
DEFAULT_CSRF_MATCHER - Static variable in class org.springframework.security.web.csrf.CsrfFilter
The default RequestMatcher that indicates if CSRF protection is required or not.
DEFAULT_CSRF_MATCHER - Static variable in class org.springframework.security.web.server.csrf.CsrfWebFilter
 
DEFAULT_EXTRACTOR - Static variable in class org.springframework.security.web.util.ThrowableAnalyzer
Default extractor for Throwable instances.
DEFAULT_FILTER_NAME - Static variable in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
 
DEFAULT_FILTER_PROCESSES_URI - Static variable in class org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter
The default URI where this Filter processes authentication requests.
DEFAULT_LOGIN_PAGE_URL - Static variable in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
 
DEFAULT_LOGOUT_SUCCESS_URL - Static variable in class org.springframework.security.web.server.authentication.logout.RedirectServerLogoutSuccessHandler
 
DEFAULT_ORDER_BY_CLAUSE - Static variable in class org.springframework.security.acls.jdbc.BasicLookupStrategy
 
DEFAULT_PARAMETER - Static variable in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
 
DEFAULT_REGISTRATION_ID_URI_VARIABLE_NAME - Static variable in class org.springframework.security.oauth2.client.web.server.DefaultServerOAuth2AuthorizationRequestResolver
The name of the path variable that contains the ClientRegistration.getRegistrationId()
DEFAULT_SAML_ARTIFACT_PARAMETER - Static variable in class org.springframework.security.cas.SamlServiceProperties
 
DEFAULT_SAML_SERVICE_PARAMETER - Static variable in class org.springframework.security.cas.SamlServiceProperties
 
DEFAULT_SELECT_CLAUSE - Static variable in class org.springframework.security.acls.jdbc.BasicLookupStrategy
 
DEFAULT_SERIES_LENGTH - Static variable in class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices
 
DEFAULT_SPRING_SECURITY_CONTEXT_ATTR_NAME - Static variable in class org.springframework.security.web.server.context.WebSessionServerSecurityContextRepository
The default session attribute name to save and load the SecurityContext
DEFAULT_TOKEN_LENGTH - Static variable in class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices
 
defaultAccessDeniedHandlerFor(AccessDeniedHandler, RequestMatcher) - Method in class org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer
Sets a default AccessDeniedHandler to be used which prefers being invoked for the provided RequestMatcher.
DefaultAddressStandardClaim - Class in org.springframework.security.oauth2.core.oidc
The default implementation of an Address Claim.
DefaultAddressStandardClaim.Builder - Class in org.springframework.security.oauth2.core.oidc
defaultAuthenticationEntryPointFor(AuthenticationEntryPoint, RequestMatcher) - Method in class org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer
Sets a default AuthenticationEntryPoint to be used which prefers being invoked for the provided RequestMatcher.
DefaultAuthenticationEventPublisher - Class in org.springframework.security.authentication
The default strategy for publishing authentication events.
DefaultAuthenticationEventPublisher() - Constructor for class org.springframework.security.authentication.DefaultAuthenticationEventPublisher
 
DefaultAuthenticationEventPublisher(ApplicationEventPublisher) - Constructor for class org.springframework.security.authentication.DefaultAuthenticationEventPublisher
 
DefaultAuthorizationCodeTokenResponseClient - Class in org.springframework.security.oauth2.client.endpoint
The default implementation of an OAuth2AccessTokenResponseClient for the authorization_code grant.
DefaultAuthorizationCodeTokenResponseClient() - Constructor for class org.springframework.security.oauth2.client.endpoint.DefaultAuthorizationCodeTokenResponseClient
 
DefaultBearerTokenResolver - Class in org.springframework.security.oauth2.server.resource.web
The default BearerTokenResolver implementation based on RFC 6750.
DefaultBearerTokenResolver() - Constructor for class org.springframework.security.oauth2.server.resource.web.DefaultBearerTokenResolver
 
DefaultClientCredentialsTokenResponseClient - Class in org.springframework.security.oauth2.client.endpoint
The default implementation of an OAuth2AccessTokenResponseClient for the client_credentials grant.
DefaultClientCredentialsTokenResponseClient() - Constructor for class org.springframework.security.oauth2.client.endpoint.DefaultClientCredentialsTokenResponseClient
 
DefaultCsrfToken - Class in org.springframework.security.web.csrf
A CSRF token that is used to protect against CSRF attacks.
DefaultCsrfToken(String, String, String) - Constructor for class org.springframework.security.web.csrf.DefaultCsrfToken
Creates a new instance
DefaultCsrfToken - Class in org.springframework.security.web.server.csrf
A CSRF token that is used to protect against CSRF attacks.
DefaultCsrfToken(String, String, String) - Constructor for class org.springframework.security.web.server.csrf.DefaultCsrfToken
Creates a new instance
DefaultFilterChainValidator - Class in org.springframework.security.config.http
 
DefaultFilterChainValidator() - Constructor for class org.springframework.security.config.http.DefaultFilterChainValidator
 
DefaultFilterInvocationSecurityMetadataSource - Class in org.springframework.security.web.access.intercept
Default implementation of FilterInvocationDefinitionSource.
DefaultFilterInvocationSecurityMetadataSource(LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>) - Constructor for class org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource
Sets the internal request map from the supplied map.
DefaultHttpFirewall - Class in org.springframework.security.web.firewall
User's should consider using StrictHttpFirewall because rather than trying to sanitize a malicious URL it rejects the malicious URL providing better security guarantees.
DefaultHttpFirewall() - Constructor for class org.springframework.security.web.firewall.DefaultHttpFirewall
 
DefaultJaasAuthenticationProvider - Class in org.springframework.security.authentication.jaas
Creates a LoginContext using the Configuration provided to it.
DefaultJaasAuthenticationProvider() - Constructor for class org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider
 
DefaultLdapAuthoritiesPopulator - Class in org.springframework.security.ldap.userdetails
The default strategy for obtaining user role information from the directory.
DefaultLdapAuthoritiesPopulator(ContextSource, String) - Constructor for class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
Constructor for group search scenarios.
DefaultLdapUsernameToDnMapper - Class in org.springframework.security.ldap
This implementation appends a name component to the userDnBase context using the usernameAttributeName property.
DefaultLdapUsernameToDnMapper(String, String) - Constructor for class org.springframework.security.ldap.DefaultLdapUsernameToDnMapper
 
DefaultLoginExceptionResolver - Class in org.springframework.security.authentication.jaas
This LoginExceptionResolver simply wraps the LoginException with an AuthenticationServiceException.
DefaultLoginExceptionResolver() - Constructor for class org.springframework.security.authentication.jaas.DefaultLoginExceptionResolver
 
DefaultLoginPageConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Adds a Filter that will generate a login page if one is not specified otherwise when using WebSecurityConfigurerAdapter.
DefaultLoginPageConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.DefaultLoginPageConfigurer
 
DefaultLoginPageGeneratingFilter - Class in org.springframework.security.web.authentication.ui
For internal use with namespace configuration in the case where a user doesn't configure a login page.
DefaultLoginPageGeneratingFilter() - Constructor for class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
 
DefaultLoginPageGeneratingFilter(AbstractAuthenticationProcessingFilter) - Constructor for class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
 
DefaultLoginPageGeneratingFilter(UsernamePasswordAuthenticationFilter, AbstractAuthenticationProcessingFilter) - Constructor for class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
 
DefaultLogoutPageGeneratingFilter - Class in org.springframework.security.web.authentication.ui
Generates a default log out page.
DefaultLogoutPageGeneratingFilter() - Constructor for class org.springframework.security.web.authentication.ui.DefaultLogoutPageGeneratingFilter
 
defaultLogoutSuccessHandlerFor(LogoutSuccessHandler, RequestMatcher) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
Sets a default LogoutSuccessHandler to be used which prefers being invoked for the provided RequestMatcher.
DefaultMessageSecurityExpressionHandler<T> - Class in org.springframework.security.messaging.access.expression
The default implementation of SecurityExpressionHandler which uses a MessageSecurityExpressionRoot.
DefaultMessageSecurityExpressionHandler() - Constructor for class org.springframework.security.messaging.access.expression.DefaultMessageSecurityExpressionHandler
 
DefaultMessageSecurityMetadataSource - Class in org.springframework.security.messaging.access.intercept
A default implementation of MessageSecurityMetadataSource that looks up the ConfigAttribute instances using a MessageMatcher.
DefaultMessageSecurityMetadataSource(LinkedHashMap<MessageMatcher<?>, Collection<ConfigAttribute>>) - Constructor for class org.springframework.security.messaging.access.intercept.DefaultMessageSecurityMetadataSource
 
DefaultMethodSecurityExpressionHandler - Class in org.springframework.security.access.expression.method
The standard implementation of MethodSecurityExpressionHandler.
DefaultMethodSecurityExpressionHandler() - Constructor for class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
 
DefaultOAuth2AuthorizationRequestResolver - Class in org.springframework.security.oauth2.client.web
An implementation of an OAuth2AuthorizationRequestResolver that attempts to resolve an OAuth2AuthorizationRequest from the provided HttpServletRequest using the default request URI pattern /oauth2/authorization/{registrationId}.
DefaultOAuth2AuthorizationRequestResolver(ClientRegistrationRepository, String) - Constructor for class org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizationRequestResolver
Constructs a DefaultOAuth2AuthorizationRequestResolver using the provided parameters.
DefaultOAuth2User - Class in org.springframework.security.oauth2.core.user
The default implementation of an OAuth2User.
DefaultOAuth2User(Collection<? extends GrantedAuthority>, Map<String, Object>, String) - Constructor for class org.springframework.security.oauth2.core.user.DefaultOAuth2User
Constructs a DefaultOAuth2User using the provided parameters.
DefaultOAuth2UserService - Class in org.springframework.security.oauth2.client.userinfo
An implementation of an OAuth2UserService that supports standard OAuth 2.0 Provider's.
DefaultOAuth2UserService() - Constructor for class org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService
 
DefaultOidcUser - Class in org.springframework.security.oauth2.core.oidc.user
The default implementation of an OidcUser.
DefaultOidcUser(Collection<? extends GrantedAuthority>, OidcIdToken) - Constructor for class org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser
Constructs a DefaultOidcUser using the provided parameters.
DefaultOidcUser(Collection<? extends GrantedAuthority>, OidcIdToken, String) - Constructor for class org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser
Constructs a DefaultOidcUser using the provided parameters.
DefaultOidcUser(Collection<? extends GrantedAuthority>, OidcIdToken, OidcUserInfo) - Constructor for class org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser
Constructs a DefaultOidcUser using the provided parameters.
DefaultOidcUser(Collection<? extends GrantedAuthority>, OidcIdToken, OidcUserInfo, String) - Constructor for class org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser
Constructs a DefaultOidcUser using the provided parameters.
DefaultPermissionFactory - Class in org.springframework.security.acls.domain
Default implementation of PermissionFactory.
DefaultPermissionFactory() - Constructor for class org.springframework.security.acls.domain.DefaultPermissionFactory
Registers the Permission fields from the BasePermission class.
DefaultPermissionFactory(Class<? extends Permission>) - Constructor for class org.springframework.security.acls.domain.DefaultPermissionFactory
Registers the Permission fields from the supplied class.
DefaultPermissionFactory(Map<String, ? extends Permission>) - Constructor for class org.springframework.security.acls.domain.DefaultPermissionFactory
Registers a map of named Permission instances.
DefaultPermissionGrantingStrategy - Class in org.springframework.security.acls.domain
 
DefaultPermissionGrantingStrategy(AuditLogger) - Constructor for class org.springframework.security.acls.domain.DefaultPermissionGrantingStrategy
Creates an instance with the logger which will be used to record granting and denial of requested permissions.
DefaultReactiveOAuth2UserService - Class in org.springframework.security.oauth2.client.userinfo
An implementation of an ReactiveOAuth2UserService that supports standard OAuth 2.0 Provider's.
DefaultReactiveOAuth2UserService() - Constructor for class org.springframework.security.oauth2.client.userinfo.DefaultReactiveOAuth2UserService
 
DefaultRedirectStrategy - Class in org.springframework.security.web
Simple implementation of RedirectStrategy which is the default used throughout the framework.
DefaultRedirectStrategy() - Constructor for class org.springframework.security.web.DefaultRedirectStrategy
 
defaultRequest() - Method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction
Provides defaults for the HttpServletRequest and the HttpServletResponse using RequestContextHolder.
DefaultSavedRequest - Class in org.springframework.security.web.savedrequest
Represents central information from a HttpServletRequest.
DefaultSavedRequest(HttpServletRequest, PortResolver) - Constructor for class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
DefaultSavedRequest.Builder - Class in org.springframework.security.web.savedrequest
 
defaultsDisabled() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
Clears all of the default headers from the response.
DefaultSecurityFilterChain - Class in org.springframework.security.web
Standard implementation of SecurityFilterChain.
DefaultSecurityFilterChain(RequestMatcher, Filter...) - Constructor for class org.springframework.security.web.DefaultSecurityFilterChain
 
DefaultSecurityFilterChain(RequestMatcher, List<Filter>) - Constructor for class org.springframework.security.web.DefaultSecurityFilterChain
 
DefaultSecurityParameterNameDiscoverer - Class in org.springframework.security.core.parameters
Spring Security's default ParameterNameDiscoverer which tries a number of ParameterNameDiscoverer depending on what is found on the classpath.
DefaultSecurityParameterNameDiscoverer() - Constructor for class org.springframework.security.core.parameters.DefaultSecurityParameterNameDiscoverer
Creates a new instance with only the default ParameterNameDiscoverer instances.
DefaultSecurityParameterNameDiscoverer(List<? extends ParameterNameDiscoverer>) - Constructor for class org.springframework.security.core.parameters.DefaultSecurityParameterNameDiscoverer
Creates a new instance that first tries the passed in ParameterNameDiscoverer instances.
DefaultServerOAuth2AuthorizationRequestResolver - Class in org.springframework.security.oauth2.client.web.server
The default implementation of ServerOAuth2AuthorizationRequestResolver.
DefaultServerOAuth2AuthorizationRequestResolver(ReactiveClientRegistrationRepository) - Constructor for class org.springframework.security.oauth2.client.web.server.DefaultServerOAuth2AuthorizationRequestResolver
Creates a new instance
DefaultServerOAuth2AuthorizationRequestResolver(ReactiveClientRegistrationRepository, ServerWebExchangeMatcher) - Constructor for class org.springframework.security.oauth2.client.web.server.DefaultServerOAuth2AuthorizationRequestResolver
Creates a new instance
DefaultServerRedirectStrategy - Class in org.springframework.security.web.server
The default ServerRedirectStrategy to use.
DefaultServerRedirectStrategy() - Constructor for class org.springframework.security.web.server.DefaultServerRedirectStrategy
 
DefaultSpringSecurityContextSource - Class in org.springframework.security.ldap
ContextSource implementation which uses Spring LDAP's LdapContextSource as a base class.
DefaultSpringSecurityContextSource(String) - Constructor for class org.springframework.security.ldap.DefaultSpringSecurityContextSource
Create and initialize an instance which will connect to the supplied LDAP URL.
DefaultSpringSecurityContextSource(List<String>, String) - Constructor for class org.springframework.security.ldap.DefaultSpringSecurityContextSource
Create and initialize an instance which will connect of the LDAP Spring Security Context Source.
defaultSuccessUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Specifies where users will go after authenticating successfully if they have not visited a secured page prior to authenticating.
defaultSuccessUrl(String, boolean) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Specifies where users will go after authenticating successfully if they have not visited a secured page prior to authenticating or alwaysUse is true.
DefaultToken - Class in org.springframework.security.core.token
The default implementation of Token.
DefaultToken(String, long, String) - Constructor for class org.springframework.security.core.token.DefaultToken
 
DefaultWebInvocationPrivilegeEvaluator - Class in org.springframework.security.web.access
Allows users to determine whether they have privileges for a given web URI.
DefaultWebInvocationPrivilegeEvaluator(AbstractSecurityInterceptor) - Constructor for class org.springframework.security.web.access.DefaultWebInvocationPrivilegeEvaluator
 
DefaultWebSecurityExpressionHandler - Class in org.springframework.security.web.access.expression
 
DefaultWebSecurityExpressionHandler() - Constructor for class org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler
 
DelegateEntry(ServerWebExchangeMatcher, ServerAccessDeniedHandler) - Constructor for class org.springframework.security.web.server.authorization.ServerWebExchangeDelegatingServerAccessDeniedHandler.DelegateEntry
 
DelegateEntry(ServerWebExchangeMatcher, ServerAuthenticationEntryPoint) - Constructor for class org.springframework.security.web.server.DelegatingServerAuthenticationEntryPoint.DelegateEntry
 
DelegatingAccessDeniedHandler - Class in org.springframework.security.web.access
DelegatingAccessDeniedHandler(LinkedHashMap<Class<? extends AccessDeniedException>, AccessDeniedHandler>, AccessDeniedHandler) - Constructor for class org.springframework.security.web.access.DelegatingAccessDeniedHandler
Creates a new instance
delegatingApplicationListener() - Static method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
 
DelegatingApplicationListener - Class in org.springframework.security.context
Used for delegating to a number of SmartApplicationListener instances.
DelegatingApplicationListener() - Constructor for class org.springframework.security.context.DelegatingApplicationListener
 
DelegatingAuthenticationEntryPoint - Class in org.springframework.security.web.authentication
An AuthenticationEntryPoint which selects a concrete AuthenticationEntryPoint based on a RequestMatcher evaluation.
DelegatingAuthenticationEntryPoint(LinkedHashMap<RequestMatcher, AuthenticationEntryPoint>) - Constructor for class org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint
 
DelegatingAuthenticationFailureHandler - Class in org.springframework.security.web.authentication
DelegatingAuthenticationFailureHandler(LinkedHashMap<Class<? extends AuthenticationException>, AuthenticationFailureHandler>, AuthenticationFailureHandler) - Constructor for class org.springframework.security.web.authentication.DelegatingAuthenticationFailureHandler
Creates a new instance
DelegatingLogoutSuccessHandler - Class in org.springframework.security.web.authentication.logout
Delegates to logout handlers based on matched request matchers
DelegatingLogoutSuccessHandler(LinkedHashMap<RequestMatcher, LogoutSuccessHandler>) - Constructor for class org.springframework.security.web.authentication.logout.DelegatingLogoutSuccessHandler
 
DelegatingMethodSecurityMetadataSource - Class in org.springframework.security.access.method
Automatically tries a series of method definition sources, relying on the first source of metadata that provides a non-null/non-empty response.
DelegatingMethodSecurityMetadataSource(List<MethodSecurityMetadataSource>) - Constructor for class org.springframework.security.access.method.DelegatingMethodSecurityMetadataSource
 
DelegatingOAuth2TokenValidator<T extends AbstractOAuth2Token> - Class in org.springframework.security.oauth2.core
A composite validator
DelegatingOAuth2TokenValidator(Collection<OAuth2TokenValidator<T>>) - Constructor for class org.springframework.security.oauth2.core.DelegatingOAuth2TokenValidator
Constructs a DelegatingOAuth2TokenValidator using the provided validators.
DelegatingOAuth2TokenValidator(OAuth2TokenValidator<T>...) - Constructor for class org.springframework.security.oauth2.core.DelegatingOAuth2TokenValidator
Constructs a DelegatingOAuth2TokenValidator using the provided validators.
DelegatingOAuth2UserService<R extends OAuth2UserRequest,U extends OAuth2User> - Class in org.springframework.security.oauth2.client.userinfo
An implementation of an OAuth2UserService that simply delegates to it's internal List of OAuth2UserService(s).
DelegatingOAuth2UserService(List<OAuth2UserService<R, U>>) - Constructor for class org.springframework.security.oauth2.client.userinfo.DelegatingOAuth2UserService
Constructs a DelegatingOAuth2UserService using the provided parameters.
DelegatingPasswordEncoder - Class in org.springframework.security.crypto.password
A password encoder that delegates to another PasswordEncoder based upon a prefixed identifier.
DelegatingPasswordEncoder(String, Map<String, PasswordEncoder>) - Constructor for class org.springframework.security.crypto.password.DelegatingPasswordEncoder
Creates a new instance
DelegatingReactiveAuthenticationManager - Class in org.springframework.security.authentication
A ReactiveAuthenticationManager that delegates to other ReactiveAuthenticationManager instances using the result from the first non empty result.
DelegatingReactiveAuthenticationManager(ReactiveAuthenticationManager...) - Constructor for class org.springframework.security.authentication.DelegatingReactiveAuthenticationManager
 
DelegatingReactiveAuthenticationManager(List<ReactiveAuthenticationManager>) - Constructor for class org.springframework.security.authentication.DelegatingReactiveAuthenticationManager
 
DelegatingReactiveAuthorizationManager - Class in org.springframework.security.web.server.authorization
 
DelegatingReactiveAuthorizationManager.Builder - Class in org.springframework.security.web.server.authorization
 
DelegatingRequestMatcherHeaderWriter - Class in org.springframework.security.web.header.writers
Delegates to the provided HeaderWriter when RequestMatcher.matches(HttpServletRequest) returns true.
DelegatingRequestMatcherHeaderWriter(RequestMatcher, HeaderWriter) - Constructor for class org.springframework.security.web.header.writers.DelegatingRequestMatcherHeaderWriter
Creates a new instance
DelegatingSecurityContextAsyncTaskExecutor - Class in org.springframework.security.task
An AsyncTaskExecutor which wraps each Runnable in a DelegatingSecurityContextRunnable and each Callable in a DelegatingSecurityContextCallable.
DelegatingSecurityContextAsyncTaskExecutor(AsyncTaskExecutor, SecurityContext) - Constructor for class org.springframework.security.task.DelegatingSecurityContextAsyncTaskExecutor
Creates a new DelegatingSecurityContextAsyncTaskExecutor that uses the specified SecurityContext.
DelegatingSecurityContextAsyncTaskExecutor(AsyncTaskExecutor) - Constructor for class org.springframework.security.task.DelegatingSecurityContextAsyncTaskExecutor
Creates a new DelegatingSecurityContextAsyncTaskExecutor that uses the current SecurityContext.
DelegatingSecurityContextCallable<V> - Class in org.springframework.security.concurrent
Wraps a delegate Callable with logic for setting up a SecurityContext before invoking the delegate Callable and then removing the SecurityContext after the delegate has completed.
DelegatingSecurityContextCallable(Callable<V>, SecurityContext) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextCallable
Creates a new DelegatingSecurityContextCallable with a specific SecurityContext.
DelegatingSecurityContextCallable(Callable<V>) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextCallable
DelegatingSecurityContextExecutor - Class in org.springframework.security.concurrent
An Executor which wraps each Runnable in a DelegatingSecurityContextRunnable.
DelegatingSecurityContextExecutor(Executor, SecurityContext) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextExecutor
Creates a new DelegatingSecurityContextExecutor that uses the specified SecurityContext.
DelegatingSecurityContextExecutor(Executor) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextExecutor
Creates a new DelegatingSecurityContextExecutor that uses the current SecurityContext from the SecurityContextHolder at the time the task is submitted.
DelegatingSecurityContextExecutorService - Class in org.springframework.security.concurrent
An ExecutorService which wraps each Runnable in a DelegatingSecurityContextRunnable and each Callable in a DelegatingSecurityContextCallable.
DelegatingSecurityContextExecutorService(ExecutorService, SecurityContext) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
Creates a new DelegatingSecurityContextExecutorService that uses the specified SecurityContext.
DelegatingSecurityContextExecutorService(ExecutorService) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
DelegatingSecurityContextRunnable - Class in org.springframework.security.concurrent
Wraps a delegate Runnable with logic for setting up a SecurityContext before invoking the delegate Runnable and then removing the SecurityContext after the delegate has completed.
DelegatingSecurityContextRunnable(Runnable, SecurityContext) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextRunnable
Creates a new DelegatingSecurityContextRunnable with a specific SecurityContext.
DelegatingSecurityContextRunnable(Runnable) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextRunnable
DelegatingSecurityContextScheduledExecutorService - Class in org.springframework.security.concurrent
An ScheduledExecutorService which wraps each Runnable in a DelegatingSecurityContextRunnable and each Callable in a DelegatingSecurityContextCallable.
DelegatingSecurityContextScheduledExecutorService(ScheduledExecutorService, SecurityContext) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextScheduledExecutorService
DelegatingSecurityContextScheduledExecutorService(ScheduledExecutorService) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextScheduledExecutorService
DelegatingSecurityContextSchedulingTaskExecutor - Class in org.springframework.security.scheduling
An SchedulingTaskExecutor which wraps each Runnable in a DelegatingSecurityContextRunnable and each Callable in a DelegatingSecurityContextCallable.
DelegatingSecurityContextSchedulingTaskExecutor(SchedulingTaskExecutor, SecurityContext) - Constructor for class org.springframework.security.scheduling.DelegatingSecurityContextSchedulingTaskExecutor
DelegatingSecurityContextSchedulingTaskExecutor(SchedulingTaskExecutor) - Constructor for class org.springframework.security.scheduling.DelegatingSecurityContextSchedulingTaskExecutor
DelegatingSecurityContextTaskExecutor - Class in org.springframework.security.task
An TaskExecutor which wraps each Runnable in a DelegatingSecurityContextRunnable.
DelegatingSecurityContextTaskExecutor(TaskExecutor, SecurityContext) - Constructor for class org.springframework.security.task.DelegatingSecurityContextTaskExecutor
Creates a new DelegatingSecurityContextTaskExecutor that uses the specified SecurityContext.
DelegatingSecurityContextTaskExecutor(TaskExecutor) - Constructor for class org.springframework.security.task.DelegatingSecurityContextTaskExecutor
DelegatingServerAuthenticationEntryPoint - Class in org.springframework.security.web.server
DelegatingServerAuthenticationEntryPoint(DelegatingServerAuthenticationEntryPoint.DelegateEntry...) - Constructor for class org.springframework.security.web.server.DelegatingServerAuthenticationEntryPoint
 
DelegatingServerAuthenticationEntryPoint(List<DelegatingServerAuthenticationEntryPoint.DelegateEntry>) - Constructor for class org.springframework.security.web.server.DelegatingServerAuthenticationEntryPoint
 
DelegatingServerAuthenticationEntryPoint.DelegateEntry - Class in org.springframework.security.web.server
 
DelegatingServerAuthenticationSuccessHandler - Class in org.springframework.security.web.server.authentication
Delegates to a collection of ServerAuthenticationSuccessHandler implementations.
DelegatingServerAuthenticationSuccessHandler(ServerAuthenticationSuccessHandler...) - Constructor for class org.springframework.security.web.server.authentication.DelegatingServerAuthenticationSuccessHandler
 
DelegatingServerLogoutHandler - Class in org.springframework.security.web.server.authentication.logout
Delegates to a collection of ServerLogoutHandler implementations.
DelegatingServerLogoutHandler(ServerLogoutHandler...) - Constructor for class org.springframework.security.web.server.authentication.logout.DelegatingServerLogoutHandler
 
DelegatingServerLogoutHandler(Collection<ServerLogoutHandler>) - Constructor for class org.springframework.security.web.server.authentication.logout.DelegatingServerLogoutHandler
 
delete - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
 
DELETE - Static variable in class org.springframework.security.acls.domain.BasePermission
 
deleteAce(int) - Method in class org.springframework.security.acls.domain.AclImpl
 
deleteAce(int) - Method in interface org.springframework.security.acls.model.MutableAcl
 
deleteAcl(ObjectIdentity, boolean) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
 
deleteAcl(ObjectIdentity, boolean) - Method in interface org.springframework.security.acls.model.MutableAclService
Removes the specified entry from the database.
deleteCookies(String...) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
Allows specifying the names of cookies to be removed on logout success.
deleteEntries(Long) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
Deletes all ACEs defined in the acl_entry table belonging to the presented ObjectIdentity primary key.
deleteGroup(String) - Method in interface org.springframework.security.provisioning.GroupManager
Removes a group, including all members and authorities.
deleteGroup(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
deleteObjectIdentity(Long) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
Deletes a single row from acl_object_identity that is associated with the presented ObjectIdentity primary key.
deleteUser(String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
 
deleteUser(String) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
 
deleteUser(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
deleteUser(String) - Method in interface org.springframework.security.provisioning.UserDetailsManager
Remove the user with the given login name from the system.
delux(CharSequence, CharSequence) - Static method in class org.springframework.security.crypto.encrypt.Encryptors
Creates a text encryptor that uses "stronger" password-based encryption.
demergePatterns(String, String) - Static method in class org.springframework.security.acls.domain.AclFormattingUtils
 
deny() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.FrameOptionsConfig
Specify to DENY framing any content from this application.
DENY_ALL_ATTRIBUTE - Static variable in class org.springframework.security.access.annotation.Jsr250SecurityConfig
 
denyAll() - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
Always denies access
denyAll - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
Allows "denyAll" expression
denyAll() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
 
denyAll() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
Specify that URLs are not allowed by anyone.
denyAll() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
Specify that Messages are not allowed by anyone.
denyAll() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.AuthorizeExchangeSpec.Access
Deny access for everyone
DenyAllPermissionEvaluator - Class in org.springframework.security.access.expression
A null PermissionEvaluator which denies all access.
DenyAllPermissionEvaluator() - Constructor for class org.springframework.security.access.expression.DenyAllPermissionEvaluator
 
destroy() - Method in class org.springframework.security.ldap.server.ApacheDSContainer
 
destroy() - Method in class org.springframework.security.ldap.server.UnboundIdContainer
 
destroy() - Method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction
 
destroy() - Method in class org.springframework.security.web.access.intercept.FilterSecurityInterceptor
Not used (we rely on IoC container lifecycle services instead)
destroy() - Method in class org.springframework.security.web.debug.DebugFilter
 
determineCauseChain(Throwable) - Method in class org.springframework.security.web.util.ThrowableAnalyzer
Determines the cause chain of the provided Throwable.
determineExpiredUrl(HttpServletRequest, SessionInformation) - Method in class org.springframework.security.web.session.ConcurrentSessionFilter
determineTargetUrl(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
Builds the target URL according to the logic defined in the main class Javadoc.
determineUrlToUseForThisRequest(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
Allows subclasses to modify the login form URL that should be applicable for a given request.
digest() - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors
Creates a DigestRequestPostProcessor that enables easily adding digest based authentication to a request.
digest(String) - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors
Creates a DigestRequestPostProcessor that enables easily adding digest based authentication to a request.
DigestAuthenticationEntryPoint - Class in org.springframework.security.web.authentication.www
Used by the SecurityEnforcementFilter to commence authentication via the DigestAuthenticationFilter.
DigestAuthenticationEntryPoint() - Constructor for class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
 
DigestAuthenticationFilter - Class in org.springframework.security.web.authentication.www
Processes a HTTP request's Digest authorization headers, putting the result into the SecurityContextHolder.
DigestAuthenticationFilter() - Constructor for class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
 
DigestRequestPostProcessor() - Constructor for class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.DigestRequestPostProcessor
 
disable() - Method in class org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer
Disables the AbstractHttpConfigurer by removing it.
disable() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.CacheControlConfig
Disables Cache Control
disable() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.ContentTypeOptionsConfig
Removes the X-XSS-Protection header.
disable() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.FrameOptionsConfig
Prevents the header from being added to the response.
disable() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.HpkpConfig
Prevents the header from being added to the response.
disable() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.HstsConfig
Disables Strict Transport Security
disable() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.XXssConfig
Disables X-XSS-Protection header (does not include it)
disable() - Method in class org.springframework.security.config.annotation.web.configurers.RequestCacheConfigurer
 
disable() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.CorsSpec
Disables CORS support within Spring Security.
disable() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.CsrfSpec
Disables CSRF Protection.
disable() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.FormLoginSpec
Disables HTTP Basic authentication.
disable() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.CacheSpec
Disables cache control response headers
disable() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.ContentTypeOptionsSpec
Disables the content type options response header
disable() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec
Disables http response headers
disable() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.FrameOptionsSpec
Disables frame options response header
disable() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.HstsSpec
Disables strict transport security response header
disable() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.XssProtectionSpec
Disables the x-xss-protection response header
disable() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HttpBasicSpec
Disables HTTP Basic authentication.
disable() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.LogoutSpec
Disables log out
disable() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.RequestCacheSpec
disabled(boolean) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
Defines if the account is disabled or not.
disabled(boolean) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
Defines if the account is disabled or not.
disabled(boolean) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.UserExchangeMutator
 
DisabledException - Exception in org.springframework.security.authentication
Thrown if an authentication request is rejected because the account is disabled.
DisabledException(String) - Constructor for exception org.springframework.security.authentication.DisabledException
Constructs a DisabledException with the specified message.
DisabledException(String, Throwable) - Constructor for exception org.springframework.security.authentication.DisabledException
Constructs a DisabledException with the specified message and root cause.
disableOnResponseCommitted() - Method in class org.springframework.security.web.util.OnCommittedResponseWrapper
Invoke this method to disable invoking OnCommittedResponseWrapper.onResponseCommitted() when the HttpServletResponse is committed.
disableSaveOnResponseCommitted() - Method in class org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper
Invoke this method to disable automatic saving of the SecurityContext when the HttpServletResponse is committed.
DN_KEY - Static variable in class org.springframework.security.ldap.SpringSecurityLdapTemplate
Every search results where a record is defined by a Map<String,String[]> contains at least this key - the DN of the record itself.
DnsEntryNotFoundException - Exception in org.springframework.security.remoting.dns
This will be thrown if no entry matches the specified DNS query.
DnsEntryNotFoundException(String) - Constructor for exception org.springframework.security.remoting.dns.DnsEntryNotFoundException
 
DnsEntryNotFoundException(String, Throwable) - Constructor for exception org.springframework.security.remoting.dns.DnsEntryNotFoundException
 
DnsLookupException - Exception in org.springframework.security.remoting.dns
This will be thrown for unknown DNS errors.
DnsLookupException(String, Throwable) - Constructor for exception org.springframework.security.remoting.dns.DnsLookupException
 
DnsLookupException(String) - Constructor for exception org.springframework.security.remoting.dns.DnsLookupException
 
DnsResolver - Interface in org.springframework.security.remoting.dns
Helper class for DNS operations.
DO_BREAK_LINES - Static variable in class org.springframework.security.crypto.codec.Base64
Deprecated.
Do break lines when encoding.
doAfterPropertiesSet() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
 
doAfterPropertiesSet() - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
 
doAuthentication(UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
 
doAuthentication(UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider
 
doAuthentication(UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.ldap.authentication.LdapAuthenticationProvider
 
doBuild() - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Executes the build using the SecurityConfigurer's that have been applied using the following steps: Invokes AbstractConfiguredSecurityBuilder.beforeInit() for any subclass to hook into Invokes SecurityConfigurer.init(SecurityBuilder) for any SecurityConfigurer that was applied to this builder. Invokes AbstractConfiguredSecurityBuilder.beforeConfigure() for any subclass to hook into Invokes AbstractConfiguredSecurityBuilder.performBuild() which actually builds the Object
doBuild() - Method in class org.springframework.security.config.annotation.AbstractSecurityBuilder
Subclasses should implement this to perform the build.
doEndTag() - Method in class org.springframework.security.taglibs.authz.AuthenticationTag
 
doEndTag() - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
Default processing of the end tag returning EVAL_PAGE.
doesRequestMatch(HttpServletRequest, PortResolver) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
Determines if the current request matches the DefaultSavedRequest.
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.access.channel.ChannelProcessingFilter
 
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.access.ExceptionTranslationFilter
 
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.access.intercept.FilterSecurityInterceptor
Method that is actually called by the filter chain.
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
Invokes the requiresAuthentication method to determine whether the request is for authentication and should be handled by this filter.
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.authentication.AnonymousAuthenticationFilter
 
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.authentication.logout.LogoutFilter
 
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
Try to authenticate a pre-authenticated user with Spring Security if the user has not yet been authenticated.
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter
 
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
 
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
 
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
 
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.context.SecurityContextPersistenceFilter
 
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.debug.DebugFilter
 
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.FilterChainProxy
 
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.jaasapi.JaasApiIntegrationFilter
Attempts to obtain and run as a JAAS Subject using JaasApiIntegrationFilter.obtainSubject(ServletRequest).
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.savedrequest.RequestCacheAwareFilter
 
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter
 
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.session.ConcurrentSessionFilter
 
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.session.SessionManagementFilter
 
doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class org.springframework.security.oauth2.client.web.OAuth2AuthorizationCodeGrantFilter
 
doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter
 
doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class org.springframework.security.oauth2.server.resource.web.BearerTokenAuthenticationFilter
Extract any Bearer Token from the request and attempt an authentication.
doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class org.springframework.security.web.authentication.ui.DefaultLogoutPageGeneratingFilter
 
doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
 
doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter
 
doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class org.springframework.security.web.csrf.CsrfFilter
 
doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class org.springframework.security.web.header.HeaderWriterFilter
 
doParse(Element, ParserContext, BeanDefinitionBuilder) - Method in class org.springframework.security.config.authentication.AbstractUserDetailsServiceBeanDefinitionParser
 
doParse(Element, ParserContext, BeanDefinitionBuilder) - Method in class org.springframework.security.config.authentication.JdbcUserServiceBeanDefinitionParser
 
doParse(Element, ParserContext, BeanDefinitionBuilder) - Method in class org.springframework.security.config.authentication.UserServiceBeanDefinitionParser
 
doParse(Element, ParserContext, BeanDefinitionBuilder) - Method in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
doPrepareConnection(HttpURLConnection, int) - Method in class org.springframework.security.remoting.httpinvoker.AuthenticationSimpleHttpInvokerRequestExecutor
Provided so subclasses can perform additional configuration if required (eg set additional request headers for non-security related information etc).
doStartTag() - Method in class org.springframework.security.taglibs.authz.AccessControlListTag
 
doStartTag() - Method in class org.springframework.security.taglibs.authz.AuthenticationTag
 
doStartTag() - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
Invokes the base class AbstractAuthorizeTag.authorize() method to decide if the body of the tag should be skipped or not.

E

EhCacheBasedAclCache - Class in org.springframework.security.acls.domain
Simple implementation of AclCache that delegates to EH-CACHE.
EhCacheBasedAclCache(Ehcache, PermissionGrantingStrategy, AclAuthorizationStrategy) - Constructor for class org.springframework.security.acls.domain.EhCacheBasedAclCache
 
EhCacheBasedTicketCache - Class in org.springframework.security.cas.authentication
Caches tickets using a Spring IoC defined EHCACHE.
EhCacheBasedTicketCache() - Constructor for class org.springframework.security.cas.authentication.EhCacheBasedTicketCache
 
EhCacheBasedUserCache - Class in org.springframework.security.core.userdetails.cache
Caches User objects using a Spring IoC defined EHCACHE.
EhCacheBasedUserCache() - Constructor for class org.springframework.security.core.userdetails.cache.EhCacheBasedUserCache
 
Elements - Class in org.springframework.security.config
Contains all the element names used by Spring Security 3 namespace support.
Elements() - Constructor for class org.springframework.security.config.Elements
 
ELRequestMatcher - Class in org.springframework.security.web.util.matcher
A RequestMatcher implementation which uses a SpEL expression
ELRequestMatcher(String) - Constructor for class org.springframework.security.web.util.matcher.ELRequestMatcher
 
EMAIL - Static variable in interface org.springframework.security.oauth2.core.oidc.OidcScopes
The email scope requests access to the email and email_verified claims.
EMAIL - Static variable in interface org.springframework.security.oauth2.core.oidc.StandardClaimNames
email - the user's preferred e-mail address
EMAIL_VERIFIED - Static variable in interface org.springframework.security.oauth2.core.oidc.StandardClaimNames
email_verified - true if the user's e-mail address has been verified, otherwise false
EMBEDDED_APACHE_DS - Static variable in class org.springframework.security.config.BeanIds
 
enableDefaultTyping(ObjectMapper) - Static method in class org.springframework.security.jackson2.SecurityJackson2Modules
 
EnableGlobalAuthentication - Annotation Type in org.springframework.security.config.annotation.authentication.configuration
The EnableGlobalAuthentication annotation signals that the annotated class can be used to configure a global instance of AuthenticationManagerBuilder.
enableGlobalAuthenticationAutowiredConfigurer(ApplicationContext) - Static method in class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
 
EnableGlobalMethodSecurity - Annotation Type in org.springframework.security.config.annotation.method.configuration
Enables Spring Security global method security similar to the <global-method-security> xml support.
enableHttpSessionEventPublisher() - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
Override this if HttpSessionEventPublisher should be added as a listener.
EnableReactiveMethodSecurity - Annotation Type in org.springframework.security.config.annotation.method.configuration
 
enableSessionUrlRewriting(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
If set to true, allows HTTP sessions to be rewritten in the URLs when using HttpServletResponse.encodeRedirectURL(String) or HttpServletResponse.encodeURL(String), otherwise disallows HTTP sessions to be included in the URL.
EnableWebFluxSecurity - Annotation Type in org.springframework.security.config.annotation.web.reactive
Add this annotation to a Configuration class to have Spring Security WebFlux support added.
EnableWebMvcSecurity - Annotation Type in org.springframework.security.config.annotation.web.servlet.configuration
Deprecated.
Use EnableWebSecurity instead which will automatically add the Spring MVC related Security items.
EnableWebSecurity - Annotation Type in org.springframework.security.config.annotation.web.configuration
Add this annotation to an @Configuration class to have the Spring Security configuration defined in any WebSecurityConfigurer or more likely by extending the WebSecurityConfigurerAdapter base class and overriding individual methods:
 @Configuration
 @EnableWebSecurity
 public class MyWebSecurityConfiguration extends WebSecurityConfigurerAdapter {

        @Override
        public void configure(WebSecurity web) throws Exception {
                web.ignoring()
                // Spring Security should completely ignore URLs starting with /resources/
                                .antMatchers("/resources/**");
        }

        @Override
        protected void configure(HttpSecurity http) throws Exception {
                http.authorizeRequests().antMatchers("/public/**").permitAll().anyRequest()
                                .hasRole("USER").and()
                                // Possibly more configuration ...
encode(CharSequence) - Method in class org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
 
ENCODE - Static variable in class org.springframework.security.crypto.codec.Base64
Deprecated.
Specify encoding in first bit.
encode(byte[]) - Static method in class org.springframework.security.crypto.codec.Base64
Deprecated.
 
encode(byte[]) - Static method in class org.springframework.security.crypto.codec.Hex
 
encode(CharSequence) - Static method in class org.springframework.security.crypto.codec.Utf8
Get the bytes of the String in UTF-8 encoded form.
encode(CharSequence) - Method in class org.springframework.security.crypto.password.AbstractPasswordEncoder
 
encode(CharSequence, byte[]) - Method in class org.springframework.security.crypto.password.AbstractPasswordEncoder
 
encode(CharSequence) - Method in class org.springframework.security.crypto.password.DelegatingPasswordEncoder
 
encode(CharSequence) - Method in class org.springframework.security.crypto.password.LdapShaPasswordEncoder
Deprecated.
Calculates the hash of password (and salt bytes, if supplied) and returns a base64 encoded concatenation of the hash and salt, prefixed with {SHA} (or {SSHA} if salt was used).
encode(CharSequence) - Method in class org.springframework.security.crypto.password.Md4PasswordEncoder
Deprecated.
Encodes the rawPass using a MessageDigest.
encode(CharSequence) - Method in class org.springframework.security.crypto.password.MessageDigestPasswordEncoder
Deprecated.
Encodes the rawPass using a MessageDigest.
encode(CharSequence) - Method in class org.springframework.security.crypto.password.NoOpPasswordEncoder
Deprecated.
 
encode(CharSequence) - Method in interface org.springframework.security.crypto.password.PasswordEncoder
Encode the raw password.
encode(CharSequence) - Method in class org.springframework.security.crypto.password.Pbkdf2PasswordEncoder
 
encode(CharSequence) - Method in class org.springframework.security.crypto.password.StandardPasswordEncoder
Deprecated.
 
encode(CharSequence) - Method in class org.springframework.security.crypto.scrypt.SCryptPasswordEncoder
 
encodeAndConcatenate(CharSequence, byte[]) - Method in class org.springframework.security.crypto.password.AbstractPasswordEncoder
 
encodeCookie(String[]) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
Inverse operation of decodeCookie.
encodeRedirectUrl(String) - Method in class org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper
 
encodeRedirectURL(String) - Method in class org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper
 
encodeUrl(String) - Method in class org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper
 
encodeURL(String) - Method in class org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper
 
EncodingUtils - Class in org.springframework.security.crypto.util
Static helper for encoding data.
encrypt(byte[]) - Method in class org.springframework.security.crypto.encrypt.BouncyCastleAesCbcBytesEncryptor
 
encrypt(byte[]) - Method in class org.springframework.security.crypto.encrypt.BouncyCastleAesGcmBytesEncryptor
 
encrypt(byte[]) - Method in interface org.springframework.security.crypto.encrypt.BytesEncryptor
Encrypt the byte array.
encrypt(String) - Method in interface org.springframework.security.crypto.encrypt.TextEncryptor
Encrypt the raw text string.
Encryptors - Class in org.springframework.security.crypto.encrypt
Factory for commonly used encryptors.
endConsumption(HttpServletRequest) - Method in class org.springframework.security.openid.OpenID4JavaConsumer
 
endConsumption(HttpServletRequest) - Method in interface org.springframework.security.openid.OpenIDConsumer
 
Enumerator<T> - Class in org.springframework.security.web.savedrequest
Adapter that wraps an Enumeration around a Java 2 collection Iterator.
Enumerator(Collection<T>) - Constructor for class org.springframework.security.web.savedrequest.Enumerator
Return an Enumeration over the values of the specified Collection.
Enumerator(Collection<T>, boolean) - Constructor for class org.springframework.security.web.savedrequest.Enumerator
Return an Enumeration over the values of the specified Collection.
Enumerator(Iterator<T>) - Constructor for class org.springframework.security.web.savedrequest.Enumerator
Return an Enumeration over the values returned by the specified Iterator.
Enumerator(Iterator<T>, boolean) - Constructor for class org.springframework.security.web.savedrequest.Enumerator
Return an Enumeration over the values returned by the specified Iterator.
Enumerator(Map<?, T>) - Constructor for class org.springframework.security.web.savedrequest.Enumerator
Return an Enumeration over the values of the specified Map.
Enumerator(Map<?, T>, boolean) - Constructor for class org.springframework.security.web.savedrequest.Enumerator
Return an Enumeration over the values of the specified Map.
equals(Object) - Method in class org.springframework.security.access.SecurityConfig
 
equals(Object) - Method in class org.springframework.security.acls.domain.AbstractPermission
 
equals(Object) - Method in class org.springframework.security.acls.domain.AccessControlEntryImpl
 
equals(Object) - Method in class org.springframework.security.acls.domain.AclImpl
 
equals(Object) - Method in class org.springframework.security.acls.domain.GrantedAuthoritySid
 
equals(Object) - Method in class org.springframework.security.acls.domain.ObjectIdentityImpl
Important so caching operates properly.
equals(Object) - Method in class org.springframework.security.acls.domain.PrincipalSid
 
equals(Object) - Method in interface org.springframework.security.acls.model.ObjectIdentity
 
equals(Object) - Method in interface org.springframework.security.acls.model.Sid
Refer to the java.lang.Object documentation for the interface contract.
equals(Object) - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
 
equals(Object) - Method in class org.springframework.security.authentication.AnonymousAuthenticationToken
 
equals(Object) - Method in class org.springframework.security.authentication.jaas.JaasGrantedAuthority
 
equals(Object) - Method in class org.springframework.security.authentication.RememberMeAuthenticationToken
 
equals(Object) - Method in class org.springframework.security.cas.authentication.CasAuthenticationToken
 
equals(Object) - Method in class org.springframework.security.core.authority.SimpleGrantedAuthority
 
equals(Object) - Method in class org.springframework.security.core.context.SecurityContextImpl
 
equals(Object) - Method in class org.springframework.security.core.token.DefaultToken
 
equals(Object) - Method in class org.springframework.security.core.userdetails.User
Returns true if the supplied object is a User instance with the same username value.
equals(Object) - Method in class org.springframework.security.ldap.userdetails.LdapAuthority
Compares the LdapAuthority based on LdapAuthority.getAuthority() and LdapAuthority.getDn() values
equals(Object) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
 
equals(Object) - Method in class org.springframework.security.messaging.util.matcher.SimpMessageTypeMatcher
 
equals(Object) - Method in class org.springframework.security.oauth2.core.AbstractOAuth2Token
 
equals(Object) - Method in class org.springframework.security.oauth2.core.AuthenticationMethod
 
equals(Object) - Method in class org.springframework.security.oauth2.core.AuthorizationGrantType
 
equals(Object) - Method in class org.springframework.security.oauth2.core.ClientAuthenticationMethod
 
equals(Object) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponseType
 
equals(Object) - Method in class org.springframework.security.oauth2.core.OAuth2AccessToken.TokenType
 
equals(Object) - Method in class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim
 
equals(Object) - Method in class org.springframework.security.oauth2.core.oidc.OidcUserInfo
 
equals(Object) - Method in class org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority
 
equals(Object) - Method in class org.springframework.security.oauth2.core.user.DefaultOAuth2User
 
equals(Object) - Method in class org.springframework.security.oauth2.core.user.OAuth2UserAuthority
 
equals(Object) - Method in class org.springframework.security.util.InMemoryResource
 
equals(Object) - Method in class org.springframework.security.web.access.intercept.RequestKey
 
equals(Object) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority
 
equals(Object) - Method in class org.springframework.security.web.authentication.WebAuthenticationDetails
 
equals(Object) - Method in class org.springframework.security.web.header.Header
 
equals(Object) - Method in class org.springframework.security.web.server.csrf.DefaultCsrfToken
 
equals(Object) - Method in class org.springframework.security.web.util.matcher.AntPathRequestMatcher
 
equals(Object) - Method in class org.springframework.security.web.util.matcher.AnyRequestMatcher
 
eraseCredentials() - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
Checks the credentials, principal and details objects, invoking the eraseCredentials method on any which implement CredentialsContainer.
eraseCredentials() - Method in class org.springframework.security.authentication.UsernamePasswordAuthenticationToken
 
eraseCredentials(boolean) - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
 
eraseCredentials() - Method in interface org.springframework.security.core.CredentialsContainer
 
eraseCredentials() - Method in class org.springframework.security.core.userdetails.User
 
eraseCredentials() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
 
error(String) - Static method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse
Returns a new OAuth2AuthorizationResponse.Builder, initialized with the error code.
ERROR - Static variable in interface org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames
error - used in Authorization Response and Access Token Response.
ERROR_DESCRIPTION - Static variable in interface org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames
error_description - used in Authorization Response and Access Token Response.
ERROR_PARAMETER_NAME - Static variable in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
 
ERROR_URI - Static variable in interface org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames
error_uri - used in Authorization Response and Access Token Response.
errorCode(String) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse.Builder
Sets the error code.
errorConverter - Variable in class org.springframework.security.oauth2.core.http.converter.OAuth2ErrorHttpMessageConverter
 
errorDescription(String) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse.Builder
Sets the error description.
errorParametersConverter - Variable in class org.springframework.security.oauth2.core.http.converter.OAuth2ErrorHttpMessageConverter
 
errorUri(String) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse.Builder
Sets the error uri.
ES256 - Static variable in interface org.springframework.security.oauth2.jose.jws.JwsAlgorithms
ECDSA using P-256 and SHA-256 (Recommended+)
ES384 - Static variable in interface org.springframework.security.oauth2.jose.jws.JwsAlgorithms
ECDSA using P-384 and SHA-384 (Optional)
ES512 - Static variable in interface org.springframework.security.oauth2.jose.jws.JwsAlgorithms
ECDSA using P-521 and SHA-512 (Optional)
escapeEntities(String) - Static method in class org.springframework.security.web.util.TextEscapeUtils
 
Essence() - Constructor for class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
 
Essence(InetOrgPerson) - Constructor for class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
 
Essence(DirContextOperations) - Constructor for class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
 
Essence() - Constructor for class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
 
Essence(DirContextOperations) - Constructor for class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
 
Essence(LdapUserDetails) - Constructor for class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
 
Essence() - Constructor for class org.springframework.security.ldap.userdetails.Person.Essence
 
Essence(DirContextOperations) - Constructor for class org.springframework.security.ldap.userdetails.Person.Essence
 
Essence(Person) - Constructor for class org.springframework.security.ldap.userdetails.Person.Essence
 
evalOrSkip(boolean) - Static method in class org.springframework.security.taglibs.TagLibConfig
Returns EVAL_BODY_INCLUDE if the authorized flag is true or UI security has been disabled.
evaluateAsBoolean(Expression, EvaluationContext) - Static method in class org.springframework.security.access.expression.ExpressionUtils
 
eventPublisher - Variable in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
 
evictFromCache(Serializable) - Method in class org.springframework.security.acls.domain.EhCacheBasedAclCache
 
evictFromCache(ObjectIdentity) - Method in class org.springframework.security.acls.domain.EhCacheBasedAclCache
 
evictFromCache(Serializable) - Method in class org.springframework.security.acls.domain.SpringCacheBasedAclCache
 
evictFromCache(ObjectIdentity) - Method in class org.springframework.security.acls.domain.SpringCacheBasedAclCache
 
evictFromCache(Serializable) - Method in interface org.springframework.security.acls.model.AclCache
 
evictFromCache(ObjectIdentity) - Method in interface org.springframework.security.acls.model.AclCache
 
exceptionHandling() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Allows configuring exception handling.
exceptionHandling() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity
Configures exception handling (i.e.
ExceptionHandlingConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Adds exception handling for Spring Security related exceptions to an application.
ExceptionHandlingConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer
Creates a new instance
ExceptionMappingAuthenticationFailureHandler - Class in org.springframework.security.web.authentication
Uses the internal map of exceptions types to URLs to determine the destination on authentication failure.
ExceptionMappingAuthenticationFailureHandler() - Constructor for class org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler
 
ExceptionTranslationFilter - Class in org.springframework.security.web.access
Handles any AccessDeniedException and AuthenticationException thrown within the filter chain.
ExceptionTranslationFilter(AuthenticationEntryPoint) - Constructor for class org.springframework.security.web.access.ExceptionTranslationFilter
 
ExceptionTranslationFilter(AuthenticationEntryPoint, RequestCache) - Constructor for class org.springframework.security.web.access.ExceptionTranslationFilter
 
ExceptionTranslationWebFilter - Class in org.springframework.security.web.server.authorization
 
ExceptionTranslationWebFilter() - Constructor for class org.springframework.security.web.server.authorization.ExceptionTranslationWebFilter
 
execute(Runnable) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutor
 
execute(Runnable, long) - Method in class org.springframework.security.task.DelegatingSecurityContextAsyncTaskExecutor
 
EXP - Static variable in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimNames
exp - the Expiration time on or after which the ID Token MUST NOT be accepted
EXP - Static variable in interface org.springframework.security.oauth2.jwt.JwtClaimNames
exp - the Expiration time claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing
expiredSessionStrategy(SessionInformationExpiredStrategy) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.ConcurrencyControlConfigurer
 
expiredUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.ConcurrencyControlConfigurer
The URL to redirect to if a user tries to access a resource and their session has been expired due to too many sessions for the current user.
expireNow() - Method in class org.springframework.security.core.session.SessionInformation
 
EXPIRES_IN - Static variable in interface org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames
expires_in - used in Authorization Response and Access Token Response.
EXPIRES_VALUE - Static variable in class org.springframework.security.web.server.header.CacheControlServerHttpHeadersWriter
The value for expires value
expiresIn(long) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse.Builder
Sets the lifetime (in seconds) of the access token.
EXPRESSION_HANDLER - Static variable in class org.springframework.security.config.Elements
 
ExpressionBasedAnnotationAttributeFactory - Class in org.springframework.security.access.expression.method
PrePostInvocationAttributeFactory which interprets the annotation value as an expression to be evaluated at runtime.
ExpressionBasedAnnotationAttributeFactory(MethodSecurityExpressionHandler) - Constructor for class org.springframework.security.access.expression.method.ExpressionBasedAnnotationAttributeFactory
 
ExpressionBasedFilterInvocationSecurityMetadataSource - Class in org.springframework.security.web.access.expression
Expression-based FilterInvocationSecurityMetadataSource.
ExpressionBasedFilterInvocationSecurityMetadataSource(LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>, SecurityExpressionHandler<FilterInvocation>) - Constructor for class org.springframework.security.web.access.expression.ExpressionBasedFilterInvocationSecurityMetadataSource
 
ExpressionBasedMessageSecurityMetadataSourceFactory - Class in org.springframework.security.messaging.access.expression
A class used to create a MessageSecurityMetadataSource that uses MessageMatcher mapped to Spring Expressions.
ExpressionBasedPostInvocationAdvice - Class in org.springframework.security.access.expression.method
 
ExpressionBasedPostInvocationAdvice(MethodSecurityExpressionHandler) - Constructor for class org.springframework.security.access.expression.method.ExpressionBasedPostInvocationAdvice
 
ExpressionBasedPreInvocationAdvice - Class in org.springframework.security.access.expression.method
Method pre-invocation handling based on expressions.
ExpressionBasedPreInvocationAdvice() - Constructor for class org.springframework.security.access.expression.method.ExpressionBasedPreInvocationAdvice
 
expressionHandler(SecurityExpressionHandler<FilterInvocation>) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
Set the SecurityExpressionHandler to be used.
expressionHandler(SecurityExpressionHandler<FilterInvocation>) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry
Allows customization of the SecurityExpressionHandler to be used.
expressionHandler(SecurityExpressionHandler<Message<Object>>) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry
ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Adds URL based authorization based upon SpEL expressions to an application.
ExpressionUrlAuthorizationConfigurer(ApplicationContext) - Constructor for class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer
Creates a new instance
ExpressionUrlAuthorizationConfigurer.AuthorizedUrl - Class in org.springframework.security.config.annotation.web.configurers
 
ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry - Class in org.springframework.security.config.annotation.web.configurers
 
ExpressionUrlAuthorizationConfigurer.MvcMatchersAuthorizedUrl - Class in org.springframework.security.config.annotation.web.configurers
ExpressionUtils - Class in org.springframework.security.access.expression
 
ExpressionUtils() - Constructor for class org.springframework.security.access.expression.ExpressionUtils
 
extractAttributes(A) - Method in interface org.springframework.security.access.annotation.AnnotationMetadataExtractor
 
extractAttributes(HttpSession) - Method in class org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy
Called to extract the existing attributes from the session, prior to invalidating it.
extractAuthorities(Jwt) - Method in class org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter
 
extractCause(Throwable) - Method in interface org.springframework.security.web.util.ThrowableCauseExtractor
Extracts the cause from the provided Throwable.
extractControl(DirContext) - Static method in class org.springframework.security.ldap.ppolicy.PasswordPolicyControlExtractor
 
extractPrincipal(X509Certificate) - Method in class org.springframework.security.web.authentication.preauth.x509.SubjectDnX509PrincipalExtractor
 
extractPrincipal(X509Certificate) - Method in interface org.springframework.security.web.authentication.preauth.x509.X509PrincipalExtractor
Returns the principal (usually a String) for the given certificate.
extractRememberMeCookie(HttpServletRequest) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
Locates the Spring Security remember me cookie in the request and returns its value.
extractUriTemplateVariables(HttpServletRequest) - Method in class org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher
 
extractUriTemplateVariables(HttpServletRequest) - Method in class org.springframework.security.web.util.matcher.AntPathRequestMatcher
 
extractUriTemplateVariables(HttpServletRequest) - Method in interface org.springframework.security.web.util.matcher.RequestVariablesExtractor
Extract URL template variables from the request.

F

failure(OAuth2Error...) - Static method in class org.springframework.security.oauth2.core.OAuth2TokenValidatorResult
Construct a failure OAuth2TokenValidatorResult with the provided detail
failure(Collection<OAuth2Error>) - Static method in class org.springframework.security.oauth2.core.OAuth2TokenValidatorResult
Construct a failure OAuth2TokenValidatorResult with the provided detail
failureForwardUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.FormLoginConfigurer
Forward Authentication Failure Handler
failureHandler(AuthenticationFailureHandler) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Specifies the AuthenticationFailureHandler to use when authentication fails.
failureUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
The URL to send users if authentication fails.
FAMILY_NAME - Static variable in interface org.springframework.security.oauth2.core.oidc.StandardClaimNames
family_name - the user's surname(s) or last name(s)
FastHttpDateFormat - Class in org.springframework.security.web.savedrequest
Utility class to generate HTTP dates.
FastHttpDateFormat() - Constructor for class org.springframework.security.web.savedrequest.FastHttpDateFormat
 
FEATURE_POLICY - Static variable in class org.springframework.security.web.server.header.FeaturePolicyServerHttpHeadersWriter
 
featurePolicy(String) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
Allows configuration for Feature Policy.
featurePolicy(String) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec
Configures Feature-Policy response header.
FeaturePolicyHeaderWriter - Class in org.springframework.security.web.header.writers
Provides support for Feature Policy.
FeaturePolicyHeaderWriter(String) - Constructor for class org.springframework.security.web.header.writers.FeaturePolicyHeaderWriter
Create a new instance of FeaturePolicyHeaderWriter with supplied security policy directive(s).
FeaturePolicyServerHttpHeadersWriter - Class in org.springframework.security.web.server.header
Writes the Feature-Policy response header with configured policy directives.
FeaturePolicyServerHttpHeadersWriter() - Constructor for class org.springframework.security.web.server.header.FeaturePolicyServerHttpHeadersWriter
 
FieldUtils - Class in org.springframework.security.util
Offers static methods for directly manipulating fields.
FieldUtils() - Constructor for class org.springframework.security.util.FieldUtils
 
filter(Object, Expression, EvaluationContext) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
Filters the filterTarget object (which must be either a collection or an array), by evaluating the supplied expression.
filter(Object, Expression, EvaluationContext) - Method in interface org.springframework.security.access.expression.method.MethodSecurityExpressionHandler
Filters a target collection or array.
filter(ClientRequest, ExchangeFunction) - Method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction
 
filter(ClientRequest, ExchangeFunction) - Method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction
 
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationCodeGrantWebFilter
 
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationRequestRedirectWebFilter
 
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.web.server.authentication.AuthenticationWebFilter
 
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.web.server.authentication.logout.LogoutWebFilter
 
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.web.server.authorization.AuthorizationWebFilter
 
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.web.server.authorization.ExceptionTranslationWebFilter
 
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.web.server.context.ReactorContextWebFilter
 
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.web.server.context.SecurityContextServerWebExchangeWebFilter
 
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.web.server.csrf.CsrfWebFilter
 
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.web.server.header.HttpHeaderWriterWebFilter
 
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.web.server.savedrequest.ServerRequestCacheWebFilter
 
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.web.server.transport.HttpsRedirectWebFilter
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.web.server.ui.LoginPageGeneratingWebFilter
 
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.web.server.ui.LogoutPageGeneratingWebFilter
 
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.web.server.WebFilterChainProxy
 
FILTER_CHAIN - Static variable in class org.springframework.security.config.Elements
 
FILTER_CHAIN_MAP - Static variable in class org.springframework.security.config.Elements
 
FILTER_CHAIN_PROXY - Static variable in class org.springframework.security.config.BeanIds
 
FILTER_CHAINS - Static variable in class org.springframework.security.config.BeanIds
 
FILTER_SECURITY_METADATA_SOURCE - Static variable in class org.springframework.security.config.Elements
 
FilterBasedLdapUserSearch - Class in org.springframework.security.ldap.search
LdapUserSearch implementation which uses an Ldap filter to locate the user.
FilterBasedLdapUserSearch(String, String, BaseLdapPathContextSource) - Constructor for class org.springframework.security.ldap.search.FilterBasedLdapUserSearch
 
FilterChainBeanDefinitionParser - Class in org.springframework.security.config.http
 
FilterChainBeanDefinitionParser() - Constructor for class org.springframework.security.config.http.FilterChainBeanDefinitionParser
 
FilterChainMapBeanDefinitionDecorator - Class in org.springframework.security.config.http
Sets the filter chain Map for a FilterChainProxy bean declaration.
FilterChainMapBeanDefinitionDecorator() - Constructor for class org.springframework.security.config.http.FilterChainMapBeanDefinitionDecorator
 
FilterChainProxy - Class in org.springframework.security.web
Delegates Filter requests to a list of Spring-managed filter beans.
FilterChainProxy() - Constructor for class org.springframework.security.web.FilterChainProxy
 
FilterChainProxy(SecurityFilterChain) - Constructor for class org.springframework.security.web.FilterChainProxy
 
FilterChainProxy(List<SecurityFilterChain>) - Constructor for class org.springframework.security.web.FilterChainProxy
 
FilterChainProxy.FilterChainValidator - Interface in org.springframework.security.web
 
FilterInvocation - Class in org.springframework.security.web
Holds objects associated with a HTTP filter.
FilterInvocation(ServletRequest, ServletResponse, FilterChain) - Constructor for class org.springframework.security.web.FilterInvocation
 
FilterInvocation(String, String) - Constructor for class org.springframework.security.web.FilterInvocation
 
FilterInvocation(String, String, String) - Constructor for class org.springframework.security.web.FilterInvocation
 
FilterInvocation(String, String, String, String, String) - Constructor for class org.springframework.security.web.FilterInvocation
 
FilterInvocationSecurityMetadataSource - Interface in org.springframework.security.web.access.intercept
Marker interface for SecurityMetadataSource implementations that are designed to perform lookups keyed on FilterInvocations.
FilterInvocationSecurityMetadataSourceParser - Class in org.springframework.security.config.http
Allows for convenient creation of a FilterInvocationSecurityMetadataSource bean for use with a FilterSecurityInterceptor.
FilterInvocationSecurityMetadataSourceParser() - Constructor for class org.springframework.security.config.http.FilterInvocationSecurityMetadataSourceParser
 
FilterSecurityInterceptor - Class in org.springframework.security.web.access.intercept
Performs security handling of HTTP resources via a filter implementation.
FilterSecurityInterceptor() - Constructor for class org.springframework.security.web.access.intercept.FilterSecurityInterceptor
 
finallyInvocation(InterceptorStatusToken) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
Cleans up the work of the AbstractSecurityInterceptor after the secure object invocation has been completed.
findAllGroups() - Method in interface org.springframework.security.provisioning.GroupManager
Returns the names of all groups that this group manager controls.
findAllGroups() - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
findAttributes(Class<?>) - Method in class org.springframework.security.access.annotation.Jsr250MethodSecurityMetadataSource
 
findAttributes(Method, Class<?>) - Method in class org.springframework.security.access.annotation.Jsr250MethodSecurityMetadataSource
 
findAttributes(Class<?>) - Method in class org.springframework.security.access.annotation.SecuredAnnotationSecurityMetadataSource
 
findAttributes(Method, Class<?>) - Method in class org.springframework.security.access.annotation.SecuredAnnotationSecurityMetadataSource
 
findAttributes(Method, Class<?>) - Method in class org.springframework.security.access.method.AbstractFallbackMethodSecurityMetadataSource
Obtains the security metadata applicable to the specified method invocation.
findAttributes(Class<?>) - Method in class org.springframework.security.access.method.AbstractFallbackMethodSecurityMetadataSource
Obtains the security metadata registered against the specified class.
findAttributes(Class<?>) - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
Implementation does not support class-level attributes.
findAttributes(Method, Class<?>) - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
Will walk the method inheritance tree to find the most specific declaration applicable.
findByRegistrationId(String) - Method in interface org.springframework.security.oauth2.client.registration.ClientRegistrationRepository
Returns the client registration identified by the provided registrationId, or null if not found.
findByRegistrationId(String) - Method in class org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository
 
findByRegistrationId(String) - Method in class org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository
 
findByRegistrationId(String) - Method in interface org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository
Returns the client registration identified by the provided registrationId, or null if not found.
findByUsername(String) - Method in class org.springframework.security.core.userdetails.MapReactiveUserDetailsService
 
findByUsername(String) - Method in interface org.springframework.security.core.userdetails.ReactiveUserDetailsService
Find the UserDetails by username.
findChildren(ObjectIdentity) - Method in class org.springframework.security.acls.jdbc.JdbcAclService
 
findChildren(ObjectIdentity) - Method in interface org.springframework.security.acls.model.AclService
Locates all object identities that use the specified parent.
findGroupAuthorities(String) - Method in interface org.springframework.security.provisioning.GroupManager
Obtains the list of authorities which are assigned to a group.
findGroupAuthorities(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
findRequiredWebApplicationContext(ServletContext) - Static method in class org.springframework.security.web.context.support.SecurityWebApplicationContextUtils
Find a unique WebApplicationContext for this web app: either the root web app context (preferred) or a unique WebApplicationContext among the registered ServletContext attributes (typically coming from a single DispatcherServlet in the current web application).
findUsersInGroup(String) - Method in interface org.springframework.security.provisioning.GroupManager
Locates the users who are members of a group
findUsersInGroup(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
FirewalledRequest - Class in org.springframework.security.web.firewall
Request wrapper which is returned by the HttpFirewall interface.
FirewalledRequest(HttpServletRequest) - Constructor for class org.springframework.security.web.firewall.FirewalledRequest
Constructs a request object wrapping the given request.
flushBuffer() - Method in class org.springframework.security.web.util.OnCommittedResponseWrapper
Makes sure OnCommittedResponseWrapper.onResponseCommitted() is invoked before calling the superclass flushBuffer()
FORM - Static variable in class org.springframework.security.oauth2.core.AuthenticationMethod
 
FORM_LOGIN - Static variable in class org.springframework.security.config.Elements
 
format - Static variable in class org.springframework.security.web.savedrequest.FastHttpDateFormat
HTTP date format.
formatCache - Static variable in class org.springframework.security.web.savedrequest.FastHttpDateFormat
Formatter cache.
formatDate(long, DateFormat) - Static method in class org.springframework.security.web.savedrequest.FastHttpDateFormat
Formats a specified date to HTTP format.
formats - Static variable in class org.springframework.security.web.savedrequest.FastHttpDateFormat
The set of SimpleDateFormat formats to use in getDateHeader().
formatted(String) - Method in class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim.Builder
Sets the full mailing address, formatted for display.
formLogin() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Specifies to support form based authentication.
formLogin() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity
Configures form based authentication.
formLogin() - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders
Creates a request (including any necessary CsrfToken) that will submit a form based login to POST "/login".
formLogin(String) - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders
Creates a request (including any necessary CsrfToken) that will submit a form based login to POST loginProcessingUrl.
FormLoginBeanDefinitionParser - Class in org.springframework.security.config.http
 
FormLoginConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Adds form based authentication.
FormLoginConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.FormLoginConfigurer
Creates a new instance
ForwardAuthenticationFailureHandler - Class in org.springframework.security.web.authentication
Forward Authentication Failure Handler
ForwardAuthenticationFailureHandler(String) - Constructor for class org.springframework.security.web.authentication.ForwardAuthenticationFailureHandler
 
ForwardAuthenticationSuccessHandler - Class in org.springframework.security.web.authentication
Forward Authentication Success Handler
ForwardAuthenticationSuccessHandler(String) - Constructor for class org.springframework.security.web.authentication.ForwardAuthenticationSuccessHandler
 
ForwardLogoutSuccessHandler - Class in org.springframework.security.web.authentication.logout
LogoutSuccessHandler implementation that will perform a request dispatcher "forward" to the specified target URL.
ForwardLogoutSuccessHandler(String) - Constructor for class org.springframework.security.web.authentication.logout.ForwardLogoutSuccessHandler
Construct a new ForwardLogoutSuccessHandler with the given target URL.
frameOptions() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
Allows customizing the XFrameOptionsHeaderWriter.
frameOptions() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec
Configures frame options response headers
from(OAuth2AuthorizationRequest) - Static method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest
Returns a new OAuth2AuthorizationRequest.Builder, initialized with the values from the provided authorizationRequest.
fromOidcIssuerLocation(String) - Static method in class org.springframework.security.oauth2.client.registration.ClientRegistrations
Creates a ClientRegistration.Builder using the provided Issuer by making an OpenID Provider Configuration Request and using the values in the OpenID Provider Configuration Response to initialize the ClientRegistration.Builder.
fromOidcIssuerLocation(String) - Static method in class org.springframework.security.oauth2.jwt.JwtDecoders
Creates a JwtDecoder using the provided Issuer by making an OpenID Provider Configuration Request and using the values in the OpenID Provider Configuration Response to initialize the JwtDecoder.
fromOidcIssuerLocation(String) - Static method in class org.springframework.security.oauth2.jwt.ReactiveJwtDecoders
Creates a ReactiveJwtDecoder using the provided Issuer by making an OpenID Provider Configuration Request and using the values in the OpenID Provider Configuration Response to initialize the ReactiveJwtDecoder.
fromResource(Resource) - Static method in class org.springframework.security.config.core.userdetails.ReactiveUserDetailsServiceResourceFactoryBean
Create a ReactiveUserDetailsServiceResourceFactoryBean with a Resource that is a Properties file in the format defined in UserDetailsResourceFactoryBean.
fromResource(Resource) - Static method in class org.springframework.security.config.core.userdetails.UserDetailsResourceFactoryBean
Create a UserDetailsResourceFactoryBean with a Resource that is a Properties file in the format defined in UserDetailsResourceFactoryBean.
fromResource(Resource) - Static method in class org.springframework.security.config.provisioning.UserDetailsManagerResourceFactoryBean
Create a UserDetailsManagerResourceFactoryBean with a Resource that is a Properties file in the format defined in UserDetailsResourceFactoryBean.
fromResourceLocation(String) - Static method in class org.springframework.security.config.core.userdetails.ReactiveUserDetailsServiceResourceFactoryBean
Create a ReactiveUserDetailsServiceResourceFactoryBean with the location of a Resource that is a Properties file in the format defined in UserDetailsResourceFactoryBean.
fromResourceLocation(String) - Static method in class org.springframework.security.config.core.userdetails.UserDetailsResourceFactoryBean
Create a UserDetailsResourceFactoryBean with the location of a Resource that is a Properties file in the format defined in UserDetailsResourceFactoryBean.
fromResourceLocation(String) - Static method in class org.springframework.security.config.provisioning.UserDetailsManagerResourceFactoryBean
Create a UserDetailsManagerResourceFactoryBean with the location of a Resource that is a Properties file in the format defined in UserDetailsResourceFactoryBean.
fromString(String) - Static method in class org.springframework.security.config.core.userdetails.ReactiveUserDetailsServiceResourceFactoryBean
Create a ReactiveUserDetailsServiceResourceFactoryBean with a String that is in the format defined in UserDetailsResourceFactoryBean.
fromString(String) - Static method in class org.springframework.security.config.core.userdetails.UserDetailsResourceFactoryBean
Creates a UserDetailsResourceFactoryBean with a resource from the provided String
fromString(String) - Static method in class org.springframework.security.config.provisioning.UserDetailsManagerResourceFactoryBean
Create a UserDetailsManagerResourceFactoryBean with a String that is in the format defined in UserDetailsResourceFactoryBean.
fullyAuthenticated() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
Specify that URLs are allowed by users who have authenticated and were not "remembered".
fullyAuthenticated() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
Specify that Messages are allowed by users who have authenticated and were not "remembered".

G

GENDER - Static variable in interface org.springframework.security.oauth2.core.oidc.StandardClaimNames
gender - the user's gender
generateKey() - Method in class org.springframework.security.crypto.keygen.Base64StringKeyGenerator
 
generateKey() - Method in interface org.springframework.security.crypto.keygen.BytesKeyGenerator
Generate a new key.
generateKey() - Method in interface org.springframework.security.crypto.keygen.StringKeyGenerator
 
generateNewContext() - Method in class org.springframework.security.web.context.HttpSessionSecurityContextRepository
By default, calls SecurityContextHolder.createEmptyContext() to obtain a new context (there should be no context present in the holder when this method is called).
generateSeriesData() - Method in class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices
 
generateToken(HttpServletRequest) - Method in class org.springframework.security.web.csrf.CookieCsrfTokenRepository
 
generateToken(HttpServletRequest) - Method in interface org.springframework.security.web.csrf.CsrfTokenRepository
Generates a CsrfToken
generateToken(HttpServletRequest) - Method in class org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository
 
generateToken(HttpServletRequest) - Method in class org.springframework.security.web.csrf.LazyCsrfTokenRepository
Generates a new token
generateToken(ServerWebExchange) - Method in class org.springframework.security.web.server.csrf.CookieServerCsrfTokenRepository
 
generateToken(ServerWebExchange) - Method in interface org.springframework.security.web.server.csrf.ServerCsrfTokenRepository
Generates a CsrfToken
generateToken(ServerWebExchange) - Method in class org.springframework.security.web.server.csrf.WebSessionServerCsrfTokenRepository
 
generateTokenData() - Method in class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices
 
gensalt(int, SecureRandom) - Static method in class org.springframework.security.crypto.bcrypt.BCrypt
Generate a salt for use with the BCrypt.hashpw() method
gensalt(int) - Static method in class org.springframework.security.crypto.bcrypt.BCrypt
Generate a salt for use with the BCrypt.hashpw() method
gensalt() - Static method in class org.springframework.security.crypto.bcrypt.BCrypt
Generate a salt for use with the BCrypt.hashpw() method, selecting a reasonable default for the number of hashing rounds to apply
get(String) - Static method in enum org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter.ReferrerPolicy
 
getAccess() - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag
 
getAccessDecisionManager() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
 
getAccessDeniedException() - Method in class org.springframework.security.access.event.AuthorizationFailureEvent
 
getAccessDeniedHandler() - Method in class org.springframework.security.web.server.authorization.ServerWebExchangeDelegatingServerAccessDeniedHandler.DelegateEntry
 
getAccessor() - Static method in class org.springframework.security.core.SpringSecurityMessageSource
 
getAccessToken() - Method in class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken
Returns the access token.
getAccessToken() - Method in class org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken
Returns the access token.
getAccessToken() - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClient
Returns the access token credential granted.
getAccessToken() - Method in class org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest
Returns the access token.
getAccessToken() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse
Returns the Access Token.
getAccessTokenHash() - Method in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimAccessor
Returns the Access Token hash value (at_hash).
getAcl() - Method in class org.springframework.security.acls.domain.AccessControlEntryImpl
 
getAcl() - Method in interface org.springframework.security.acls.model.AccessControlEntry
 
getAdditionalParameters() - Method in class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken
Returns the additional parameters
getAdditionalParameters() - Method in class org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest
Returns the additional parameters that may be used in the request.
getAdditionalParameters() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse
Returns the additional parameters returned in the response.
getAdditionalParameters() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest
Returns the additional parameters used in the request.
getAdditionalRoles(DirContextOperations, String) - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
This method should be overridden if required to obtain any additional roles for the given user (on top of those obtained from the standard search implemented by this class).
getAddress() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor
Returns the user's preferred postal address (address).
getAdvice() - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityMetadataSourceAdvisor
 
getAfterInvocationManager() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
 
getAllConfigAttributes() - Method in class org.springframework.security.access.annotation.Jsr250MethodSecurityMetadataSource
 
getAllConfigAttributes() - Method in class org.springframework.security.access.annotation.SecuredAnnotationSecurityMetadataSource
 
getAllConfigAttributes() - Method in class org.springframework.security.access.method.DelegatingMethodSecurityMetadataSource
 
getAllConfigAttributes() - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
Obtains the configuration attributes explicitly defined against this bean.
getAllConfigAttributes() - Method in class org.springframework.security.access.prepost.PrePostAnnotationSecurityMetadataSource
 
getAllConfigAttributes() - Method in interface org.springframework.security.access.SecurityMetadataSource
If available, returns all of the ConfigAttributes defined by the implementing class.
getAllConfigAttributes() - Method in class org.springframework.security.messaging.access.intercept.DefaultMessageSecurityMetadataSource
 
getAllConfigAttributes() - Method in class org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource
 
getAllowFromValue(HttpServletRequest) - Method in interface org.springframework.security.web.header.writers.frameoptions.AllowFromStrategy
Gets the value for ALLOW-FROM excluding the ALLOW-FROM.
getAllowFromValue(HttpServletRequest) - Method in class org.springframework.security.web.header.writers.frameoptions.StaticAllowFromStrategy
 
getAllowSessionCreation() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
 
getAllPrincipals() - Method in interface org.springframework.security.core.session.SessionRegistry
Obtains all the known principals in the SessionRegistry.
getAllPrincipals() - Method in class org.springframework.security.core.session.SessionRegistryImpl
 
getAllSessions(Object, boolean) - Method in interface org.springframework.security.core.session.SessionRegistry
Obtains all the known sessions for the specified principal.
getAllSessions(Object, boolean) - Method in class org.springframework.security.core.session.SessionRegistryImpl
 
getAppConfigurationEntry(String) - Method in class org.springframework.security.authentication.jaas.memory.InMemoryConfiguration
 
getApplicationContext() - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
Gets the ApplicationContext
getApplicationContext() - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
Gets the ApplicationContext
getApplicationEventPublisher() - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
 
getArguments() - Method in class org.springframework.security.access.intercept.aspectj.MethodInvocationAdapter
 
getArguments() - Method in class org.springframework.security.util.SimpleMethodInvocation
 
getArtifactParameter() - Method in class org.springframework.security.cas.ServiceProperties
 
getAssertion() - Method in class org.springframework.security.cas.authentication.CasAssertionAuthenticationToken
 
getAssertion() - Method in class org.springframework.security.cas.authentication.CasAuthenticationToken
 
getAttribute() - Method in interface org.springframework.security.access.ConfigAttribute
If the ConfigAttribute can be represented as a String and that String is sufficient in precision to be relied upon as a configuration parameter by a RunAsManager, AccessDecisionManager or AccessDecisionManager delegate, this method should return such a String.
getAttribute() - Method in class org.springframework.security.access.SecurityConfig
 
getAttributes() - Method in class org.springframework.security.access.intercept.InterceptorStatusToken
 
getAttributes(Method, Class<?>) - Method in class org.springframework.security.access.method.AbstractFallbackMethodSecurityMetadataSource
 
getAttributes(Object) - Method in class org.springframework.security.access.method.AbstractMethodSecurityMetadataSource
 
getAttributes(Method, Class<?>) - Method in class org.springframework.security.access.method.DelegatingMethodSecurityMetadataSource
 
getAttributes(Method, Class<?>) - Method in interface org.springframework.security.access.method.MethodSecurityMetadataSource
 
getAttributes(Method, Class<?>) - Method in class org.springframework.security.access.prepost.PrePostAnnotationSecurityMetadataSource
 
getAttributes(Object) - Method in interface org.springframework.security.access.SecurityMetadataSource
Accesses the ConfigAttributes that apply to a given secure object.
getAttributes() - Method in class org.springframework.security.ldap.userdetails.LdapAuthority
Returns the LDAP attributes
getAttributes(Object) - Method in class org.springframework.security.messaging.access.intercept.DefaultMessageSecurityMetadataSource
 
getAttributes() - Method in class org.springframework.security.oauth2.core.user.DefaultOAuth2User
 
getAttributes() - Method in interface org.springframework.security.oauth2.core.user.OAuth2User
Returns the attributes about the user.
getAttributes() - Method in class org.springframework.security.oauth2.core.user.OAuth2UserAuthority
Returns the attributes about the user.
getAttributes() - Method in class org.springframework.security.openid.OpenIDAuthenticationToken
 
getAttributes(Object) - Method in class org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource
 
getAttributes2grantedAuthoritiesMap() - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
 
getAttributeValues(String) - Method in class org.springframework.security.ldap.userdetails.LdapAuthority
Returns the values for a specific attribute
getAudience() - Method in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimAccessor
Returns the Audience(s) (aud) that this ID Token is intended for.
getAudience() - Method in interface org.springframework.security.oauth2.jwt.JwtClaimAccessor
Returns the Audience (aud) claim which identifies the recipient(s) that the JWT is intended for.
getAuthenticatedAt() - Method in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimAccessor
Returns the time when the End-User authentication occurred (auth_time).
getAuthenticatedEnv(String, String) - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyAwareContextSource
 
getAuthentication() - Method in class org.springframework.security.access.event.AuthorizationFailureEvent
 
getAuthentication() - Method in class org.springframework.security.access.event.AuthorizedEvent
 
getAuthentication() - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
Gets the Authentication used for evaluating the expressions
getAuthentication() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
 
getAuthentication() - Method in class org.springframework.security.authentication.event.AbstractAuthenticationEvent
Getters for the Authentication request that caused the event.
getAuthentication() - Method in class org.springframework.security.authentication.jaas.event.JaasAuthenticationEvent
Pre-casted method that returns the 'source' of the event.
getAuthentication() - Method in interface org.springframework.security.core.context.SecurityContext
Obtains the currently authenticated principal, or an authentication request token.
getAuthentication() - Method in class org.springframework.security.core.context.SecurityContextImpl
 
getAuthenticationContextClass() - Method in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimAccessor
Returns the Authentication Context Class Reference (acr).
getAuthenticationDetailsSource() - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
 
getAuthenticationDetailsSource() - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
 
getAuthenticationEntryPoint() - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Gets the Authentication Entry Point
getAuthenticationEntryPoint() - Method in class org.springframework.security.web.access.ExceptionTranslationFilter
 
getAuthenticationEntryPoint() - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
 
getAuthenticationEntryPoint() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
 
getAuthenticationEntryPointMatcher(B) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
 
getAuthenticationFilter() - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Gets the Authentication Filter
getAuthenticationManager() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
 
getAuthenticationManager() - Method in class org.springframework.security.authentication.rcp.RemoteAuthenticationManagerImpl
 
getAuthenticationManager() - Method in class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
 
getAuthenticationManager() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
 
getAuthenticationManager() - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
 
getAuthenticationMethod() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails.UserInfoEndpoint
Returns the authentication method for the user info endpoint.
getAuthenticationMethods() - Method in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimAccessor
Returns the Authentication Methods References (amr).
getAuthenticationTrustResolver() - Method in class org.springframework.security.web.access.ExceptionTranslationFilter
 
getAuthorities() - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
 
getAuthorities() - Method in interface org.springframework.security.core.Authentication
Set by an AuthenticationManager to indicate the authorities that the principal has been granted.
getAuthorities() - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
 
getAuthorities() - Method in class org.springframework.security.core.userdetails.User
 
getAuthorities() - Method in interface org.springframework.security.core.userdetails.UserDetails
Returns the authorities granted to the user.
getAuthorities() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
 
getAuthorities() - Method in class org.springframework.security.oauth2.core.user.DefaultOAuth2User
 
getAuthorities() - Method in interface org.springframework.security.oauth2.core.user.OAuth2User
Returns the authorities granted to the user.
getAuthorities() - Method in class org.springframework.security.web.authentication.AnonymousAuthenticationFilter
 
getAuthoritiesByUsernameQuery() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
 
getAuthoritiesMapper() - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
getAuthoritiesPopulator() - Method in class org.springframework.security.ldap.authentication.LdapAuthenticationProvider
 
getAuthority() - Method in class org.springframework.security.authentication.jaas.JaasGrantedAuthority
 
getAuthority() - Method in class org.springframework.security.core.authority.SimpleGrantedAuthority
 
getAuthority() - Method in interface org.springframework.security.core.GrantedAuthority
If the GrantedAuthority can be represented as a String and that String is sufficient in precision to be relied upon for an access control decision by an AccessDecisionManager (or delegate), this method should return such a String.
getAuthority() - Method in class org.springframework.security.ldap.userdetails.LdapAuthority
If the GrantedAuthority can be represented as a String and that String is sufficient in precision to be relied upon for an access control decision by an AccessDecisionManager (or delegate), this method should return such a String.
getAuthority() - Method in class org.springframework.security.oauth2.core.user.OAuth2UserAuthority
 
getAuthority() - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority
 
getAuthorizationCodeHash() - Method in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimAccessor
Returns the Authorization Code hash value (c_hash).
getAuthorizationExchange() - Method in class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken
getAuthorizationExchange() - Method in class org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken
getAuthorizationExchange() - Method in class org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest
getAuthorizationGrantType() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration
Returns the authorization grant type used for the client.
getAuthorizationRequest() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange
getAuthorizationRequestUri() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest
Returns the URI string representation of the OAuth 2.0 Authorization Request.
getAuthorizationResponse() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange
getAuthorizationUri() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails
Returns the uri for the authorization endpoint.
getAuthorizationUri() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest
Returns the uri for the authorization endpoint.
getAuthorizedClientRegistrationId() - Method in class org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken
Returns the registration identifier of the Authorized Client.
getAuthorizedParty() - Method in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimAccessor
Returns the Authorized party (azp) to which the ID Token was issued.
getBeanClassName(Element) - Method in class org.springframework.security.config.authentication.AbstractUserDetailsServiceBeanDefinitionParser
 
getBeanClassName(Element) - Method in class org.springframework.security.config.authentication.JdbcUserServiceBeanDefinitionParser
 
getBeanClassName(Element) - Method in class org.springframework.security.config.authentication.UserServiceBeanDefinitionParser
 
getBeanClassName(Element) - Method in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
getBirthdate() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor
Returns the user's birth date (birthdate).
getBuilder() - Method in class org.springframework.security.config.annotation.SecurityConfigurerAdapter
Gets the SecurityBuilder.
getBuilder(String, ClientAuthenticationMethod, String) - Method in enum org.springframework.security.config.oauth2.client.CommonOAuth2Provider
 
getBuilder(String) - Method in enum org.springframework.security.config.oauth2.client.CommonOAuth2Provider
Create a new ClientRegistration.Builder pre-configured with provider defaults.
getByTicketId(String) - Method in class org.springframework.security.cas.authentication.EhCacheBasedTicketCache
 
getByTicketId(String) - Method in class org.springframework.security.cas.authentication.NullStatelessTicketCache
 
getByTicketId(String) - Method in class org.springframework.security.cas.authentication.SpringCacheBasedTicketCache
 
getByTicketId(String) - Method in interface org.springframework.security.cas.authentication.StatelessTicketCache
Retrieves the CasAuthenticationToken associated with the specified ticket.
getCache() - Method in class org.springframework.security.cas.authentication.EhCacheBasedTicketCache
 
getCache() - Method in class org.springframework.security.core.userdetails.cache.EhCacheBasedUserCache
 
getCarLicense() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getChain() - Method in class org.springframework.security.web.FilterInvocation
 
getChain() - Method in class org.springframework.security.web.server.WebFilterExchange
The filter chain
getChannelDecisionManager() - Method in class org.springframework.security.web.access.channel.ChannelProcessingFilter
 
getChannelProcessors() - Method in class org.springframework.security.web.access.channel.ChannelDecisionManagerImpl
 
getClaimAsBoolean(String) - Method in interface org.springframework.security.oauth2.core.ClaimAccessor
Returns the claim value as a Boolean or null if it does not exist.
getClaimAsInstant(String) - Method in interface org.springframework.security.oauth2.core.ClaimAccessor
Returns the claim value as an Instant or null if it does not exist.
getClaimAsMap(String) - Method in interface org.springframework.security.oauth2.core.ClaimAccessor
Returns the claim value as a Map<String, Object> or null if it does not exist or cannot be assigned to a Map.
getClaimAsString(String) - Method in interface org.springframework.security.oauth2.core.ClaimAccessor
Returns the claim value as a String or null if it does not exist or is equal to null.
getClaimAsStringList(String) - Method in interface org.springframework.security.oauth2.core.ClaimAccessor
Returns the claim value as a List<String> or null if it does not exist or cannot be assigned to a List.
getClaimAsURL(String) - Method in interface org.springframework.security.oauth2.core.ClaimAccessor
Returns the claim value as an URL or null if it does not exist.
getClaims() - Method in interface org.springframework.security.oauth2.core.ClaimAccessor
Returns a set of claims that may be used for assertions.
getClaims() - Method in class org.springframework.security.oauth2.core.oidc.OidcIdToken
 
getClaims() - Method in class org.springframework.security.oauth2.core.oidc.OidcUserInfo
 
getClaims() - Method in class org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser
 
getClaims() - Method in interface org.springframework.security.oauth2.core.oidc.user.OidcUser
Returns the claims about the user.
getClaims() - Method in class org.springframework.security.oauth2.jwt.Jwt
Returns the JWT Claims Set.
getClientAuthenticationMethod() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration
Returns the authentication method used when authenticating the client with the authorization server.
getClientId() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration
Returns the client identifier.
getClientId() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest
Returns the client identifier.
getClientName() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration
Returns the logical name of the client or registration.
getClientRegistration() - Method in class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken
Returns the client registration.
getClientRegistration() - Method in class org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken
Returns the client registration.
getClientRegistration() - Method in class org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest
Returns the client registration.
getClientRegistration() - Method in class org.springframework.security.oauth2.client.endpoint.OAuth2ClientCredentialsGrantRequest
Returns the client registration.
getClientRegistration() - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClient
Returns the authorized client's registration.
getClientRegistration() - Method in class org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest
Returns the client registration.
getClientRegistrationId() - Method in exception org.springframework.security.oauth2.client.ClientAuthorizationRequiredException
Returns the identifier for the client's registration.
getClientSecret() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration
Returns the client secret.
getCn() - Method in class org.springframework.security.ldap.userdetails.Person
 
getCode() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse
Returns the authorization code.
getComment() - Method in class org.springframework.security.web.savedrequest.SavedCookie
 
getConfigAttributes() - Method in class org.springframework.security.access.event.AuthenticationCredentialsNotFoundEvent
 
getConfigAttributes() - Method in class org.springframework.security.access.event.AuthorizationFailureEvent
 
getConfigAttributes() - Method in class org.springframework.security.access.event.AuthorizedEvent
 
getConfiguration() - Method in class org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider
 
getConfigurationMetadata() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails
Returns a Map of the metadata describing the provider's configuration.
getConfigurer(Class<C>) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Gets the SecurityConfigurer by its class name or null if not found.
getConfigurer(Class<C>) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder
Gets the SecurityConfigurer by its class name or null if not found.
getConfigurers(Class<C>) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Gets all the SecurityConfigurer instances by its class name or an empty List if not found.
getContext() - Static method in class org.springframework.security.core.context.ReactiveSecurityContextHolder
Gets the Mono<SecurityContext> from Reactor Context
getContext() - Static method in class org.springframework.security.core.context.SecurityContextHolder
Obtain the current SecurityContext.
getContext() - Method in interface org.springframework.security.core.context.SecurityContextHolderStrategy
Obtains the current context.
getContext(String, String) - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyAwareContextSource
 
getContext(PageContext) - Method in class org.springframework.security.taglibs.authz.AccessControlListTag
Allows test cases to override where application context obtained from.
getContext() - Static method in class org.springframework.security.test.context.TestSecurityContextHolder
getContextHolderStrategy() - Static method in class org.springframework.security.core.context.SecurityContextHolder
Allows retrieval of the context strategy.
getContextPath() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getContextSource() - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticator
 
getContextSource() - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
 
getControlInstance(Control) - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyControlFactory
Creates an instance of PasswordPolicyResponseControl if the passed control is a response control of this type.
getCookie() - Method in class org.springframework.security.web.savedrequest.SavedCookie
 
getCookieName() - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
 
getCookiePath() - Method in class org.springframework.security.web.csrf.CookieCsrfTokenRepository
Get the path that the CSRF cookie will be set to.
getCookies() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getCookies() - Method in interface org.springframework.security.web.savedrequest.SavedRequest
 
getCookies() - Method in class org.springframework.security.web.savedrequest.SimpleSavedRequest
 
getCount() - Method in class org.springframework.security.openid.OpenIDAttribute
The requested count for the attribute when it is used as part of an authentication request.
getCountry() - Method in interface org.springframework.security.oauth2.core.oidc.AddressStandardClaim
Returns the country.
getCountry() - Method in class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim
 
getCredentials() - Method in class org.springframework.security.access.intercept.RunAsUserToken
 
getCredentials() - Method in class org.springframework.security.authentication.AnonymousAuthenticationToken
Always returns an empty String
getCredentials() - Method in class org.springframework.security.authentication.RememberMeAuthenticationToken
Always returns an empty String
getCredentials() - Method in class org.springframework.security.authentication.TestingAuthenticationToken
 
getCredentials() - Method in class org.springframework.security.authentication.UsernamePasswordAuthenticationToken
 
getCredentials() - Method in class org.springframework.security.cas.authentication.CasAssertionAuthenticationToken
 
getCredentials() - Method in class org.springframework.security.cas.authentication.CasAuthenticationToken
 
getCredentials() - Method in interface org.springframework.security.core.Authentication
The credentials that prove the principal is correct.
getCredentials() - Method in class org.springframework.security.ldap.authentication.SpringSecurityAuthenticationSource
 
getCredentials() - Method in class org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken
 
getCredentials() - Method in class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken
 
getCredentials() - Method in class org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken
 
getCredentials() - Method in class org.springframework.security.oauth2.server.resource.authentication.AbstractOAuth2TokenAuthenticationToken
The credentials that prove the principal is correct.
getCredentials() - Method in class org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken
The credentials that prove the principal is correct.
getCredentials() - Method in class org.springframework.security.openid.OpenIDAuthenticationToken
Returns 'null' always, as no credentials are processed by the OpenID provider.
getCredentials() - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken
Get the credentials
getCredentialsCharset(HttpServletRequest) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
 
getCredentialsNotFoundException() - Method in class org.springframework.security.access.event.AuthenticationCredentialsNotFoundEvent
 
getCsrfTokenRepository(HttpServletRequest) - Static method in class org.springframework.security.test.web.support.WebTestUtils
Gets the CsrfTokenRepository for the specified HttpServletRequest.
getCtx() - Method in interface org.springframework.security.remoting.dns.InitialContextFactory
Must return a DirContext which can be used for DNS queries
getCurrentDate() - Static method in class org.springframework.security.web.savedrequest.FastHttpDateFormat
Gets the current date in HTTP format.
getDatabasePopulator() - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
 
getDataCode() - Method in exception org.springframework.security.ldap.authentication.ad.ActiveDirectoryAuthenticationException
 
getDate() - Method in class org.springframework.security.web.authentication.rememberme.PersistentRememberMeToken
 
getDecisionVoters() - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager
 
getDefaultMessage() - Method in enum org.springframework.security.ldap.ppolicy.PasswordPolicyErrorStatus
 
getDefaultRolePrefix() - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
 
getDefaultTargetUrl() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
Supplies the default target Url that will be used if no saved request is found or the alwaysUseDefaultTargetUrl property is set to true.
getDefaultUserDetailsService() - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
getDelegateExecutor() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutor
 
getDepartmentNumber() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getDescription() - Method in class org.springframework.security.ldap.userdetails.Person
 
getDescription() - Method in class org.springframework.security.oauth2.core.OAuth2Error
Returns the error description.
getDescription() - Method in class org.springframework.security.util.InMemoryResource
 
getDestinationIndicator() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getDetails() - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
 
getDetails() - Method in interface org.springframework.security.core.Authentication
Stores additional details about the authentication request.
getDispatcherWebApplicationContextSuffix() - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
Return the <servlet-name> to use the DispatcherServlet's WebApplicationContext to find the DelegatingFilterProxy or null to use the parent ApplicationContext.
getDisplayName() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getDn() - Method in class org.springframework.security.ldap.userdetails.LdapAuthority
Returns the DN for this LDAP authority
getDn() - Method in interface org.springframework.security.ldap.userdetails.LdapUserDetails
The DN of the entry for this user's account.
getDn() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
 
getDomain() - Method in class org.springframework.security.web.savedrequest.SavedCookie
 
getDomainObject() - Method in class org.springframework.security.taglibs.authz.AccessControlListTag
 
getDomainObjectInstance(MethodInvocation) - Method in class org.springframework.security.access.vote.AbstractAclVoter
 
getEmail() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor
Returns the user's preferred e-mail address (email).
getEmailVerified() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor
Returns true if the user's e-mail address has been verified (email_verified), otherwise false.
getEmployeeNumber() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getEnableAuthorities() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
 
getEnableGroups() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
 
getEncodedValue() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyControl
Retrieves the ASN.1 BER encoded value of the LDAP control.
getEncodedValue() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyResponseControl
Returns the unchanged value of the response control.
getEncodeServiceUrlWithSessionId() - Method in class org.springframework.security.cas.web.CasAuthenticationEntryPoint
Sets whether to encode the service url with the session id or not.
getEntries() - Method in class org.springframework.security.acls.domain.AclImpl
 
getEntries() - Method in interface org.springframework.security.acls.model.Acl
Returns all of the entries represented by the present Acl.
getEntry() - Method in class org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcherEntry
 
getEntryPoint() - Method in class org.springframework.security.web.access.channel.InsecureChannelProcessor
 
getEntryPoint() - Method in class org.springframework.security.web.access.channel.SecureChannelProcessor
 
getEntryPoint() - Method in class org.springframework.security.web.server.DelegatingServerAuthenticationEntryPoint.DelegateEntry
 
getError() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse
Returns the OAuth 2.0 Error if the Authorization Request failed, otherwise null.
getError() - Method in exception org.springframework.security.oauth2.core.OAuth2AuthenticationException
Returns the OAuth 2.0 Error.
getError() - Method in exception org.springframework.security.oauth2.core.OAuth2AuthorizationException
Returns the OAuth 2.0 Error.
getErrorCode() - Method in enum org.springframework.security.ldap.ppolicy.PasswordPolicyErrorStatus
 
getErrorCode() - Method in class org.springframework.security.oauth2.core.OAuth2Error
Returns the error code.
getErrors() - Method in class org.springframework.security.oauth2.core.OAuth2TokenValidatorResult
Return error details regarding the validation attempt
getErrors() - Method in exception org.springframework.security.oauth2.jwt.JwtValidationException
Return the list of OAuth2Errors associated with this exception
getErrorStatus() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyResponseControl
 
getException() - Method in class org.springframework.security.authentication.event.AbstractAuthenticationFailureEvent
 
getException() - Method in class org.springframework.security.authentication.jaas.event.JaasAuthenticationFailedEvent
 
getExchange() - Method in class org.springframework.security.web.server.authorization.AuthorizationContext
 
getExchange() - Method in class org.springframework.security.web.server.WebFilterExchange
Get the exchange
getExpiresAt() - Method in class org.springframework.security.oauth2.core.AbstractOAuth2Token
Returns the expiration time on or after which the token MUST NOT be accepted.
getExpiresAt() - Method in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimAccessor
Returns the Expiration time (exp) on or after which the ID Token MUST NOT be accepted.
getExpiresAt() - Method in interface org.springframework.security.oauth2.jwt.JwtClaimAccessor
Returns the Expiration time (exp) claim which identifies the expiration time on or after which the JWT MUST NOT be accepted for processing.
getExpressionHandler() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
getExpressionHandler() - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
Gets the SecurityExpressionHandler to be used.
getExpressionParser() - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
 
getExpressionParser() - Method in interface org.springframework.security.access.expression.SecurityExpressionHandler
 
getExtendedInformation() - Method in class org.springframework.security.core.token.DefaultToken
 
getExtendedInformation() - Method in interface org.springframework.security.core.token.Token
Obtains the extended information associated within the token, which was presented when the token was first created.
getExtensionId() - Method in class org.springframework.security.data.repository.query.SecurityEvaluationContextExtension
 
getExtraHiddenFields(ServerWebExchange) - Method in class org.springframework.security.web.reactive.result.view.CsrfRequestDataValueProcessor
 
getExtraHiddenFields(HttpServletRequest) - Method in class org.springframework.security.web.servlet.support.csrf.CsrfRequestDataValueProcessor
 
getFailureHandler() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
 
getFailureUrl() - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Gets the URL to send users to if authentication fails
getFamilyName() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor
Returns the user's surname(s) or last name(s) (family_name).
getField(Class<?>, String) - Static method in class org.springframework.security.util.FieldUtils
Attempts to locate the specified field on the class.
getFieldValue(Object, String) - Static method in class org.springframework.security.util.FieldUtils
Returns the value of a (nested) field on a bean.
getFilterChains() - Method in class org.springframework.security.web.FilterChainProxy
 
getFilterObject() - Method in interface org.springframework.security.access.expression.method.MethodSecurityExpressionOperations
 
getFilters() - Method in class org.springframework.security.web.DefaultSecurityFilterChain
 
getFilters(String) - Method in class org.springframework.security.web.FilterChainProxy
Convenience method, mainly for testing.
getFilters() - Method in interface org.springframework.security.web.SecurityFilterChain
 
getFirewalledRequest(HttpServletRequest) - Method in class org.springframework.security.web.firewall.DefaultHttpFirewall
 
getFirewalledRequest(HttpServletRequest) - Method in interface org.springframework.security.web.firewall.HttpFirewall
Provides the request object which will be passed through the filter chain.
getFirewalledRequest(HttpServletRequest) - Method in class org.springframework.security.web.firewall.StrictHttpFirewall
 
getFirewalledResponse(HttpServletResponse) - Method in class org.springframework.security.web.firewall.DefaultHttpFirewall
 
getFirewalledResponse(HttpServletResponse) - Method in interface org.springframework.security.web.firewall.HttpFirewall
Provides the response which will be passed through the filter chain.
getFirewalledResponse(HttpServletResponse) - Method in class org.springframework.security.web.firewall.StrictHttpFirewall
 
getFirstAttributeValue(String) - Method in class org.springframework.security.ldap.userdetails.LdapAuthority
Returns the first attribute value for a specified attribute
getFirstThrowableOfType(Class<? extends Throwable>, Throwable[]) - Method in class org.springframework.security.web.util.ThrowableAnalyzer
Returns the first throwable from the passed in array that is assignable to the provided type.
getFormatted() - Method in interface org.springframework.security.oauth2.core.oidc.AddressStandardClaim
Returns the full mailing address, formatted for display.
getFormatted() - Method in class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim
 
getFromCache(ObjectIdentity) - Method in class org.springframework.security.acls.domain.EhCacheBasedAclCache
 
getFromCache(Serializable) - Method in class org.springframework.security.acls.domain.EhCacheBasedAclCache
 
getFromCache(ObjectIdentity) - Method in class org.springframework.security.acls.domain.SpringCacheBasedAclCache
 
getFromCache(Serializable) - Method in class org.springframework.security.acls.domain.SpringCacheBasedAclCache
 
getFromCache(ObjectIdentity) - Method in interface org.springframework.security.acls.model.AclCache
 
getFromCache(Serializable) - Method in interface org.springframework.security.acls.model.AclCache
 
getFullDn(DistinguishedName, Context) - Static method in class org.springframework.security.ldap.LdapUtils
Gets the full dn of a name by prepending the name of the context it is relative to.
getFullName() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor
Returns the user's full name (name) in displayable form.
getFullRequestUrl() - Method in class org.springframework.security.web.FilterInvocation
Indicates the URL that the user agent used for this request.
getGender() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor
Returns the user's gender (gender).
getGeneratedBy() - Method in class org.springframework.security.authentication.event.InteractiveAuthenticationSuccessEvent
Getter for the Class that generated this event.
getGivenName() - Method in class org.springframework.security.ldap.userdetails.Person
 
getGivenName() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor
Returns the user's given name(s) or first name(s) (given_name).
getGraceLoginsRemaining() - Method in interface org.springframework.security.ldap.ppolicy.PasswordPolicyData
 
getGraceLoginsRemaining() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyResponseControl
Returns the graceLoginsRemaining.
getGraceLoginsRemaining() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
 
getGrantedAuthorities() - Method in interface org.springframework.security.core.authority.GrantedAuthoritiesContainer
 
getGrantedAuthorities(Collection<String>) - Method in interface org.springframework.security.core.authority.mapping.Attributes2GrantedAuthoritiesMapper
Implementations of this method should map the given collection of attributes to a collection of Spring Security GrantedAuthorities.
getGrantedAuthorities(Collection<String>) - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
Map the given array of attributes to Spring Security GrantedAuthorities.
getGrantedAuthorities(Collection<String>) - Method in class org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper
Map the given list of string attributes one-to-one to Spring Security GrantedAuthorities.
getGrantedAuthorities(DirContextOperations, String) - Method in class org.springframework.security.ldap.authentication.NullLdapAuthoritiesPopulator
 
getGrantedAuthorities(DirContextOperations, String) - Method in class org.springframework.security.ldap.authentication.UserDetailsServiceLdapAuthoritiesPopulator
 
getGrantedAuthorities(DirContextOperations, String) - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
Obtains the authorities for the user who's directory entry is represented by the supplied LdapUserDetails object.
getGrantedAuthorities(DirContextOperations, String) - Method in interface org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator
Get the list of authorities for the user.
getGrantedAuthorities() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
 
getGrantedAuthorities() - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails
 
getGrantedAuthority() - Method in class org.springframework.security.acls.domain.GrantedAuthoritySid
 
getGrantType() - Method in class org.springframework.security.oauth2.client.endpoint.AbstractOAuth2AuthorizationGrantRequest
Returns the authorization grant type.
getGrantType() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest
Returns the grant type.
getGroupMembershipRoles(String, String) - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
 
getGroupMembershipRoles(String, String) - Method in class org.springframework.security.ldap.userdetails.NestedLdapAuthoritiesPopulator
getGroupRoleAttribute() - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
Returns the attribute name of the LDAP attribute that will be mapped to the role name Method available so that classes extending this can override
getGroupSearchBase() - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
 
getGroupSearchFilter() - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
Returns the search filter configured for this populator Method available so that classes extending this can override
getHasPermission() - Method in class org.springframework.security.taglibs.authz.AccessControlListTag
 
getHeaderName() - Method in interface org.springframework.security.web.csrf.CsrfToken
Gets the HTTP header that the CSRF is populated on the response and can be placed on requests instead of the parameter.
getHeaderName() - Method in class org.springframework.security.web.csrf.DefaultCsrfToken
 
getHeaderName() - Method in interface org.springframework.security.web.server.csrf.CsrfToken
Gets the HTTP header that the CSRF is populated on the response and can be placed on requests instead of the parameter.
getHeaderName() - Method in class org.springframework.security.web.server.csrf.DefaultCsrfToken
 
getHeaderNames() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getHeaderNames() - Method in interface org.springframework.security.web.savedrequest.SavedRequest
 
getHeaderNames() - Method in class org.springframework.security.web.savedrequest.SimpleSavedRequest
 
getHeaders() - Method in class org.springframework.security.oauth2.jwt.Jwt
Returns the JOSE header(s).
getHeaderValues(String) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getHeaderValues(String) - Method in interface org.springframework.security.web.savedrequest.SavedRequest
 
getHeaderValues(String) - Method in class org.springframework.security.web.savedrequest.SimpleSavedRequest
 
getHomePhone() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getHomePostalAddress() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getHttp() - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
Creates the HttpSecurity or returns the current instance ] * @return the HttpSecurity
getHttpRequest() - Method in class org.springframework.security.web.FilterInvocation
 
getHttpResponse() - Method in class org.springframework.security.web.FilterInvocation
 
getHttpStatus() - Method in class org.springframework.security.oauth2.server.resource.BearerTokenError
Return the HTTP status.
getId() - Method in class org.springframework.security.acls.domain.AccessControlEntryImpl
 
getId() - Method in class org.springframework.security.acls.domain.AclImpl
 
getId() - Method in interface org.springframework.security.acls.model.AccessControlEntry
Obtains an identifier that represents this ACE.
getId() - Method in interface org.springframework.security.acls.model.MutableAcl
Obtains an identifier that represents this MutableAcl.
getId() - Method in class org.springframework.security.core.session.SessionDestroyedEvent
 
getID() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyControl
Returns the OID of the Password Policy Control ("1.3.6.1.4.1.42.2.27.8.5.1").
getId() - Method in interface org.springframework.security.oauth2.jwt.JwtClaimAccessor
Returns the JWT ID (jti) claim which provides a unique identifier for the JWT.
getId() - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
 
getId() - Method in class org.springframework.security.web.session.HttpSessionDestroyedEvent
 
getIdentifier() - Method in class org.springframework.security.acls.domain.ObjectIdentityImpl
 
getIdentifier() - Method in interface org.springframework.security.acls.model.ObjectIdentity
Obtains the actual identifier.
getIdentityUrl() - Method in class org.springframework.security.openid.OpenIDAuthenticationToken
 
getIdToken() - Method in class org.springframework.security.oauth2.client.oidc.userinfo.OidcUserRequest
Returns the ID Token containing claims about the user.
getIdToken() - Method in class org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser
 
getIdToken() - Method in interface org.springframework.security.oauth2.core.oidc.user.OidcUser
Returns the ID Token containing claims about the user.
getIdToken() - Method in class org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority
Returns the ID Token containing claims about the user.
getInitializeCount() - Static method in class org.springframework.security.core.context.SecurityContextHolder
Primarily for troubleshooting purposes, this method shows how many times the class has re-initialized its SecurityContextHolderStrategy.
getInitials() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getInputStream() - Method in class org.springframework.security.util.InMemoryResource
 
getInsecureKeyword() - Method in class org.springframework.security.web.access.channel.InsecureChannelProcessor
 
getInstance() - Static method in class org.springframework.security.crypto.password.NoOpPasswordEncoder
Deprecated.
Get the singleton NoOpPasswordEncoder.
getInstance() - Static method in class org.springframework.security.web.server.context.NoOpServerSecurityContextRepository
 
getInstance() - Static method in class org.springframework.security.web.server.savedrequest.NoOpServerRequestCache
 
getInternalMethod() - Method in class org.springframework.security.acls.AclEntryVoter
Optionally specifies a method of the domain object that will be used to obtain a contained domain object.
getIssuedAt() - Method in class org.springframework.security.oauth2.core.AbstractOAuth2Token
Returns the time at which the token was issued.
getIssuedAt() - Method in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimAccessor
Returns the time at which the ID Token was issued (iat).
getIssuedAt() - Method in interface org.springframework.security.oauth2.jwt.JwtClaimAccessor
Returns the Issued at (iat) claim which identifies the time at which the JWT was issued.
getIssuer() - Method in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimAccessor
Returns the Issuer identifier (iss).
getIssuer() - Method in interface org.springframework.security.oauth2.jwt.JwtClaimAccessor
Returns the Issuer (iss) claim which identifies the principal that issued the JWT.
getJwkSetUri() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails
Returns the uri for the JSON Web Key (JWK) Set endpoint.
getJwtAuthenticationConverter() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpec
 
getJwtDecoder() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpec
 
getKey() - Method in class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider
 
getKey() - Method in class org.springframework.security.access.intercept.RunAsManagerImpl
 
getKey() - Method in class org.springframework.security.authentication.AnonymousAuthenticationProvider
 
getKey() - Method in class org.springframework.security.authentication.RememberMeAuthenticationProvider
 
getKey() - Method in class org.springframework.security.cas.authentication.CasAuthenticationProvider
 
getKey() - Method in class org.springframework.security.core.token.DefaultToken
 
getKey() - Method in interface org.springframework.security.core.token.Token
Obtains the randomised, secure key assigned to this token.
getKey() - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
 
getKey() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
 
getKeyCreationTime() - Method in class org.springframework.security.core.token.DefaultToken
 
getKeyCreationTime() - Method in interface org.springframework.security.core.token.Token
The time the token key was initially created is available from this method.
getKeyHash() - Method in class org.springframework.security.access.intercept.RunAsUserToken
 
getKeyHash() - Method in class org.springframework.security.authentication.AnonymousAuthenticationToken
 
getKeyHash() - Method in class org.springframework.security.authentication.RememberMeAuthenticationToken
 
getKeyHash() - Method in class org.springframework.security.cas.authentication.CasAuthenticationToken
 
getKeyLength() - Method in interface org.springframework.security.crypto.keygen.BytesKeyGenerator
Get the length, in bytes, of keys created by this generator.
getLastRequest() - Method in class org.springframework.security.core.session.SessionInformation
 
getLdapTemplate() - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
Returns the current LDAP template.
getLocale() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor
Returns the user's locale (locale).
getLocales() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getLocales() - Method in interface org.springframework.security.web.savedrequest.SavedRequest
 
getLocales() - Method in class org.springframework.security.web.savedrequest.SimpleSavedRequest
 
getLocality() - Method in interface org.springframework.security.oauth2.core.oidc.AddressStandardClaim
Returns the city or locality.
getLocality() - Method in class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim
 
getLoginConfig() - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
 
getLoginContext() - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationToken
 
getLoginFormUrl() - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
 
getLoginPage() - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Gets the login page
getLoginPageUrl() - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
 
getLoginProcessingUrl() - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Gets the URL to submit an authentication request to (i.e.
getLoginUrl() - Method in class org.springframework.security.cas.web.CasAuthenticationEntryPoint
The enterprise-wide CAS login URL.
getMail() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getMappableAttributes() - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
 
getMappableAttributes() - Method in interface org.springframework.security.core.authority.mapping.MappableAttributesRetriever
Implementations of this method should return a set of all string attributes which can be mapped to GrantedAuthoritys.
getMappableAttributes() - Method in class org.springframework.security.core.authority.mapping.SimpleMappableAttributesRetriever
 
getMappableAttributes() - Method in class org.springframework.security.web.authentication.preauth.j2ee.WebXmlMappableAttributesRetriever
 
getMappedPort(Integer) - Method in class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
 
getMappedPort(Integer) - Method in class org.springframework.security.web.access.channel.RetryWithHttpEntryPoint
 
getMappedPort(Integer) - Method in class org.springframework.security.web.access.channel.RetryWithHttpsEntryPoint
 
getMask() - Method in class org.springframework.security.acls.domain.AbstractPermission
 
getMask() - Method in interface org.springframework.security.acls.model.Permission
Returns the bits that represents the permission.
getMatcher() - Method in class org.springframework.security.web.server.authorization.ServerWebExchangeDelegatingServerAccessDeniedHandler.DelegateEntry
 
getMatcher() - Method in class org.springframework.security.web.server.DelegatingServerAuthenticationEntryPoint.DelegateEntry
 
getMatcher() - Method in class org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcherEntry
 
getMatchers() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
 
getMatchers() - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.AuthorizedUrl
 
getMatchingRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.HttpSessionRequestCache
 
getMatchingRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.NullRequestCache
 
getMatchingRequest(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.savedrequest.RequestCache
Returns a wrapper around the saved request, if it matches the current request.
getMaxAge() - Method in class org.springframework.security.web.savedrequest.SavedCookie
 
getMaximumSessionsForThisUser(Authentication) - Method in class org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy
Method intended for use by subclasses to override the maximum number of sessions that are permitted for a particular authentication.
getMessage() - Method in class org.springframework.security.openid.OpenIDAuthenticationToken
 
getMessages() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
 
getMessageTypeMatcher() - Method in class org.springframework.security.messaging.util.matcher.SimpDestinationMessageMatcher
 
getMethod() - Method in class org.springframework.security.access.intercept.aspectj.MethodInvocationAdapter
 
getMethod() - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag
 
getMethod() - Method in class org.springframework.security.util.SimpleMethodInvocation
 
getMethod() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getMethod() - Method in interface org.springframework.security.web.savedrequest.SavedRequest
 
getMethod() - Method in class org.springframework.security.web.savedrequest.SimpleSavedRequest
 
getMethodMapSize() - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
 
getMethodSecurityMetadataSources() - Method in class org.springframework.security.access.method.DelegatingMethodSecurityMetadataSource
 
getMiddleName() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor
Returns the user's middle name(s) (middle_name).
getMobile() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getModules(ClassLoader) - Static method in class org.springframework.security.jackson2.SecurityJackson2Modules
 
getName() - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
 
getName() - Method in interface org.springframework.security.core.AuthenticatedPrincipal
Returns the name of the authenticated Principal.
getName() - Method in class org.springframework.security.oauth2.core.user.DefaultOAuth2User
 
getName() - Method in class org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken
The Jwt's subject, if any
getName() - Method in class org.springframework.security.openid.OpenIDAttribute
The attribute name
getName() - Method in class org.springframework.security.web.header.Header
Gets the name of the header.
getName() - Method in class org.springframework.security.web.savedrequest.SavedCookie
 
getNewSessionId() - Method in class org.springframework.security.web.authentication.session.SessionFixationProtectionEvent
Getter for the session ID after it was changed.
getNickName() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor
Returns the user's nick name (nickname) that may or may not be the same as the (given_name).
getNonce() - Method in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimAccessor
Returns a String value (nonce) used to associate a Client session with an ID Token, and to mitigate replay attacks.
getNonceValiditySeconds() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
 
getNotBefore() - Method in interface org.springframework.security.oauth2.jwt.JwtClaimAccessor
Returns the Not Before (nbf) claim which identifies the time before which the JWT MUST NOT be accepted for processing.
getO() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getObject() - Method in class org.springframework.security.config.annotation.AbstractSecurityBuilder
Gets the object that was built.
getObject() - Method in class org.springframework.security.config.authentication.AuthenticationManagerFactoryBean
 
getObject() - Method in class org.springframework.security.config.core.userdetails.ReactiveUserDetailsServiceResourceFactoryBean
 
getObject() - Method in class org.springframework.security.config.core.userdetails.UserDetailsMapFactoryBean
 
getObject() - Method in class org.springframework.security.config.core.userdetails.UserDetailsResourceFactoryBean
 
getObject() - Method in class org.springframework.security.config.provisioning.UserDetailsManagerResourceFactoryBean
 
getObject() - Method in class org.springframework.security.core.token.SecureRandomFactoryBean
 
getObjectIdentity() - Method in class org.springframework.security.acls.domain.AclImpl
 
getObjectIdentity(Object) - Method in class org.springframework.security.acls.domain.ObjectIdentityRetrievalStrategyImpl
 
getObjectIdentity() - Method in interface org.springframework.security.acls.model.Acl
Obtains the domain object this Acl provides entries for.
getObjectIdentity(Object) - Method in interface org.springframework.security.acls.model.ObjectIdentityRetrievalStrategy
 
getObjectType() - Method in class org.springframework.security.config.authentication.AuthenticationManagerFactoryBean
 
getObjectType() - Method in class org.springframework.security.config.core.userdetails.ReactiveUserDetailsServiceResourceFactoryBean
 
getObjectType() - Method in class org.springframework.security.config.core.userdetails.UserDetailsMapFactoryBean
 
getObjectType() - Method in class org.springframework.security.config.core.userdetails.UserDetailsResourceFactoryBean
 
getObjectType() - Method in class org.springframework.security.config.provisioning.UserDetailsManagerResourceFactoryBean
 
getObjectType() - Method in class org.springframework.security.core.token.SecureRandomFactoryBean
 
getOldSessionId() - Method in class org.springframework.security.web.authentication.session.SessionFixationProtectionEvent
Getter for the session ID before it was changed.
getOrBuild() - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Similar to AbstractSecurityBuilder.build() and AbstractSecurityBuilder.getObject() but checks the state to determine if AbstractSecurityBuilder.build() needs to be called first.
getOrder() - Method in enum org.springframework.security.config.web.server.SecurityWebFiltersOrder
 
getOrder() - Method in class org.springframework.security.test.context.support.ReactorContextTestExecutionListener
Returns 11000.
getOrder() - Method in class org.springframework.security.test.context.support.WithSecurityContextTestExecutionListener
Returns 10000.
getOrder() - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider
 
getOrder() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
 
getOriginalAuthentication() - Method in class org.springframework.security.access.intercept.RunAsUserToken
 
getOu() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getOutputStream() - Method in class org.springframework.security.web.util.OnCommittedResponseWrapper
Makes sure OnCommittedResponseWrapper.onResponseCommitted() is invoked before calling the calling getOutputStream().close() or getOutputStream().flush()
getOwner() - Method in class org.springframework.security.acls.domain.AclImpl
 
getOwner() - Method in interface org.springframework.security.acls.model.Acl
Determines the owner of the Acl.
getParameter() - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
 
getParameterMap() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getParameterMap() - Method in interface org.springframework.security.web.savedrequest.SavedRequest
 
getParameterMap() - Method in class org.springframework.security.web.savedrequest.SimpleSavedRequest
 
getParameterName() - Method in interface org.springframework.security.web.csrf.CsrfToken
Gets the HTTP parameter name that should contain the token.
getParameterName() - Method in class org.springframework.security.web.csrf.DefaultCsrfToken
 
getParameterName() - Method in interface org.springframework.security.web.server.csrf.CsrfToken
Gets the HTTP parameter name that should contain the token.
getParameterName() - Method in class org.springframework.security.web.server.csrf.DefaultCsrfToken
 
getParameterNameDiscoverer() - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
 
getParameterNames(Method) - Method in class org.springframework.security.core.parameters.AnnotationParameterNameDiscoverer
 
getParameterNames(Constructor<?>) - Method in class org.springframework.security.core.parameters.AnnotationParameterNameDiscoverer
 
getParameterNames() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getParameterValues(String) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getParameterValues(String) - Method in interface org.springframework.security.web.savedrequest.SavedRequest
 
getParameterValues(String) - Method in class org.springframework.security.web.savedrequest.SimpleSavedRequest
 
getParent() - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
 
getParentAcl() - Method in class org.springframework.security.acls.domain.AclImpl
 
getParentAcl() - Method in interface org.springframework.security.acls.model.Acl
A domain object may have a parent for the purpose of ACL inheritance.
getPassword() - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
 
getPassword() - Method in class org.springframework.security.core.userdetails.User
 
getPassword() - Method in interface org.springframework.security.core.userdetails.UserDetails
Returns the password used to authenticate the user.
getPassword() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
 
getPasswordEncoder() - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
 
getPasswordEncoder() - Method in class org.springframework.security.config.authentication.PasswordEncoderParser
 
getPasswordParameter() - Method in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
 
getPath() - Method in class org.springframework.security.web.savedrequest.SavedCookie
 
getPathInfo() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getPattern() - Method in class org.springframework.security.acls.domain.AbstractPermission
 
getPattern() - Method in class org.springframework.security.acls.domain.CumulativePermission
 
getPattern() - Method in interface org.springframework.security.acls.model.Permission
Returns a 32-character long bit pattern String representing this permission.
getPattern() - Method in class org.springframework.security.web.util.matcher.AntPathRequestMatcher
 
getPermission() - Method in class org.springframework.security.acls.domain.AccessControlEntryImpl
 
getPermission() - Method in interface org.springframework.security.acls.model.AccessControlEntry
 
getPermissionEvaluator() - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
 
getPhoneNumber() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor
Returns the user's preferred phone number (phone_number).
getPhoneNumberVerified() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor
Returns true if the user's phone number has been verified (phone_number_verified), otherwise false.
getPicture() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor
Returns the URL of the user's profile picture (picture).
getPointcut() - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityMetadataSourceAdvisor
 
getPolicy() - Method in enum org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter.ReferrerPolicy
 
getPolicy() - Method in enum org.springframework.security.web.server.header.ReferrerPolicyServerHttpHeadersWriter.ReferrerPolicy
 
getPort() - Method in class org.springframework.security.ldap.server.UnboundIdContainer
 
getPortMapper() - Method in class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
 
getPortMapper() - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
 
getPortMapper() - Method in class org.springframework.security.web.PortResolverImpl
 
getPortResolver() - Method in class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
 
getPortResolver() - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
 
getPostalAddress() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getPostalCode() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getPostalCode() - Method in interface org.springframework.security.oauth2.core.oidc.AddressStandardClaim
Returns the zip code or postal code.
getPostalCode() - Method in class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim
 
getPostAuthenticationChecks() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
 
getPreAuthenticatedCredentials(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
Override to extract the credentials (if applicable) from the current request.
getPreAuthenticatedCredentials(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.j2ee.J2eePreAuthenticatedProcessingFilter
For J2EE container-based authentication there is no generic way to retrieve the credentials, as such this method returns a fixed dummy value.
getPreAuthenticatedCredentials(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.RequestAttributeAuthenticationFilter
Credentials aren't usually applicable, but if a credentialsEnvironmentVariable is set, this will be read and used as the credentials value.
getPreAuthenticatedCredentials(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter
Credentials aren't usually applicable, but if a credentialsRequestHeader is set, this will be read and used as the credentials value.
getPreAuthenticatedCredentials(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.websphere.WebSpherePreAuthenticatedProcessingFilter
For J2EE container-based authentication there is no generic way to retrieve the credentials, as such this method returns a fixed dummy value.
getPreAuthenticatedCredentials(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.x509.X509AuthenticationFilter
 
getPreAuthenticatedPrincipal(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
Override to extract the principal information from the current request
getPreAuthenticatedPrincipal(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.j2ee.J2eePreAuthenticatedProcessingFilter
Return the J2EE user name.
getPreAuthenticatedPrincipal(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.RequestAttributeAuthenticationFilter
Read and returns the variable named by principalEnvironmentVariable from the request.
getPreAuthenticatedPrincipal(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter
Read and returns the header named by principalRequestHeader from the request.
getPreAuthenticatedPrincipal(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.websphere.WebSpherePreAuthenticatedProcessingFilter
Return the WebSphere user name.
getPreAuthenticatedPrincipal(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.x509.X509AuthenticationFilter
 
getPreAuthenticationChecks() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
 
getPreferredUsername() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor
Returns the preferred username (preferred_username) that the user wishes to be referred to.
getPrincipal() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
getPrincipal() - Method in class org.springframework.security.access.intercept.RunAsUserToken
 
getPrincipal() - Method in class org.springframework.security.acls.domain.PrincipalSid
 
getPrincipal() - Method in class org.springframework.security.authentication.AnonymousAuthenticationToken
 
getPrincipal() - Method in class org.springframework.security.authentication.jaas.JaasGrantedAuthority
 
getPrincipal() - Method in class org.springframework.security.authentication.RememberMeAuthenticationToken
 
getPrincipal() - Method in class org.springframework.security.authentication.TestingAuthenticationToken
 
getPrincipal() - Method in class org.springframework.security.authentication.UsernamePasswordAuthenticationToken
 
getPrincipal() - Method in class org.springframework.security.cas.authentication.CasAssertionAuthenticationToken
 
getPrincipal() - Method in class org.springframework.security.cas.authentication.CasAuthenticationToken
 
getPrincipal() - Method in interface org.springframework.security.core.Authentication
The identity of the principal being authenticated.
getPrincipal() - Method in class org.springframework.security.core.session.SessionInformation
 
getPrincipal() - Method in class org.springframework.security.ldap.authentication.SpringSecurityAuthenticationSource
Get the principals of the logged in user, in this case the distinguished name.
getPrincipal() - Method in class org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken
 
getPrincipal() - Method in class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken
 
getPrincipal() - Method in class org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken
 
getPrincipal() - Method in class org.springframework.security.oauth2.server.resource.authentication.AbstractOAuth2TokenAuthenticationToken
The identity of the principal being authenticated.
getPrincipal() - Method in class org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken
The identity of the principal being authenticated.
getPrincipal() - Method in class org.springframework.security.openid.OpenIDAuthenticationToken
Returns the principal value.
getPrincipal() - Method in class org.springframework.security.web.authentication.AnonymousAuthenticationFilter
 
getPrincipal() - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken
Get the principal
getPrincipal() - Method in class org.springframework.security.web.server.context.SecurityContextServerWebExchange
 
getPrincipalName() - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClient
Returns the End-User's Principal name.
getPrivilegeEvaluator() - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
Gets the WebInvocationPrivilegeEvaluator to be used.
getProcessConfigAttribute() - Method in class org.springframework.security.acls.AclEntryVoter
 
getProcessDomainObjectClass() - Method in class org.springframework.security.access.vote.AbstractAclVoter
 
getProcessDomainObjectClass() - Method in class org.springframework.security.acls.afterinvocation.AbstractAclProvider
 
getProfile() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor
Returns the URL of the user's profile page (profile).
getProtectedFieldValue(String, Object) - Static method in class org.springframework.security.util.FieldUtils
 
getProviderDetails() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration
Returns the details of the provider.
getProviders() - Method in class org.springframework.security.access.intercept.AfterInvocationProviderManager
 
getProviders() - Method in class org.springframework.security.authentication.ProviderManager
 
getQueryString() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getReachableGrantedAuthorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.access.hierarchicalroles.NullRoleHierarchy
 
getReachableGrantedAuthorities(Collection<? extends GrantedAuthority>) - Method in interface org.springframework.security.access.hierarchicalroles.RoleHierarchy
Returns an array of all reachable authorities.
getReachableGrantedAuthorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl
 
getRealmName() - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint
 
getRealmName() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
 
getRedirectStrategy() - Method in class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
 
getRedirectStrategy() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
 
getRedirectStrategy() - Method in class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
 
getRedirectUri() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest
Returns the uri for the redirection endpoint.
getRedirectUri() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse
Returns the uri where the response was redirected to.
getRedirectUri(ServerWebExchange) - Method in class org.springframework.security.web.server.savedrequest.NoOpServerRequestCache
 
getRedirectUri(ServerWebExchange) - Method in interface org.springframework.security.web.server.savedrequest.ServerRequestCache
Get the URI that can be redirected to trigger the saved request to be used
getRedirectUri(ServerWebExchange) - Method in class org.springframework.security.web.server.savedrequest.WebSessionServerRequestCache
 
getRedirectUriTemplate() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration
Returns the uri (or uri template) for the redirection endpoint.
getRedirectUrl() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
Indicates the URL that the user agent used for this request.
getRedirectUrl() - Method in interface org.springframework.security.web.savedrequest.SavedRequest
 
getRedirectUrl() - Method in class org.springframework.security.web.savedrequest.SimpleSavedRequest
 
getRefreshToken() - Method in class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken
Returns the refresh token.
getRefreshToken() - Method in class org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken
Returns the refresh token.
getRefreshToken() - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClient
Returns the refresh token credential granted.
getRefreshToken() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse
Returns the Refresh Token.
getRegion() - Method in interface org.springframework.security.oauth2.core.oidc.AddressStandardClaim
Returns the state, province, prefecture, or region.
getRegion() - Method in class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim
 
getRegistrationId() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration
Returns the identifier for the registration.
getRegistry() - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer
 
getRegistry() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer
 
getRegistry() - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer
The StandardInterceptUrlRegistry is what users will interact with after applying the UrlAuthorizationConfigurer.
getRelativeName(String, Context) - Static method in class org.springframework.security.ldap.LdapUtils
Obtains the part of a DN relative to a supplied base context.
getRememberMeServices() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
 
getRememberMeServices() - Method in class org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter
 
getRemoteAddress() - Method in class org.springframework.security.web.authentication.WebAuthenticationDetails
Indicates the TCP/IP address the authentication request was received from.
getRemoteAuthenticationManager() - Method in class org.springframework.security.authentication.rcp.RemoteAuthenticationProvider
 
getRemoteUser() - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestWrapper
Returns the principal's name, as obtained from the SecurityContextHolder.
getRequest() - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag
This method allows subclasses to provide a way to access the ServletRequest according to the rendering technology.
getRequest() - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
 
getRequest() - Method in class org.springframework.security.web.context.HttpRequestResponseHolder
 
getRequest() - Method in class org.springframework.security.web.FilterInvocation
 
getRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.HttpSessionRequestCache
 
getRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.NullRequestCache
 
getRequest(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.savedrequest.RequestCache
Returns the saved request, leaving it cached.
getRequest() - Method in class org.springframework.security.web.session.SessionInformationExpiredEvent
 
getRequestMatcher() - Method in class org.springframework.security.web.DefaultSecurityFilterChain
 
getRequestURI() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getRequestUrl() - Method in class org.springframework.security.web.FilterInvocation
Obtains the web application-specific fragment of the URL.
getRequestURL() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getResponse() - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag
This method allows subclasses to provide a way to access the ServletResponse according to the rendering technology.
getResponse() - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
 
getResponse() - Method in class org.springframework.security.web.context.HttpRequestResponseHolder
 
getResponse() - Method in class org.springframework.security.web.FilterInvocation
 
getResponse() - Method in class org.springframework.security.web.session.SessionInformationExpiredEvent
 
getResponseType() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest
Returns the response type.
getReturnObject() - Method in interface org.springframework.security.access.expression.method.MethodSecurityExpressionOperations
 
getRoleHierarchy() - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
 
getRolePrefix() - Method in class org.springframework.security.access.intercept.RunAsManagerImpl
 
getRolePrefix() - Method in class org.springframework.security.access.vote.RoleVoter
 
getRolePrefix() - Method in class org.springframework.security.config.core.GrantedAuthorityDefaults
The default prefix used with role based authorization.
getRolePrefix() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
 
getRolePrefix() - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
Returns the role prefix used by this populator Method available so that classes extending this can override
getRoomNumber() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getRootObject() - Method in class org.springframework.security.data.repository.query.SecurityEvaluationContextExtension
 
getRunAsManager() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
 
getScheme() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getScope() - Method in class org.springframework.security.oauth2.server.resource.BearerTokenError
Return the scope.
getScopes() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration
Returns the scope(s) used for the client.
getScopes() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest
Returns the scope(s).
getScopes() - Method in class org.springframework.security.oauth2.core.OAuth2AccessToken
Returns the scope(s) associated to the token.
getSecuredUiPrefix() - Static method in class org.springframework.security.taglibs.TagLibConfig
 
getSecuredUiSuffix() - Static method in class org.springframework.security.taglibs.TagLibConfig
 
getSecureKeyword() - Method in class org.springframework.security.web.access.channel.SecureChannelProcessor
 
getSecureObject() - Method in class org.springframework.security.access.intercept.InterceptorStatusToken
 
getSecureObjectClass() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
Indicates the type of secure objects the subclass will be presenting to the abstract parent for processing.
getSecureObjectClass() - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor
 
getSecureObjectClass() - Method in class org.springframework.security.messaging.access.intercept.ChannelSecurityInterceptor
 
getSecureObjectClass() - Method in class org.springframework.security.web.access.intercept.FilterSecurityInterceptor
 
getSecurityContext() - Method in class org.springframework.security.access.intercept.InterceptorStatusToken
 
getSecurityContextRepository(HttpServletRequest) - Static method in class org.springframework.security.test.web.support.WebTestUtils
Gets the SecurityContextRepository for the specified HttpServletRequest.
getSecurityContexts() - Method in class org.springframework.security.core.session.SessionDestroyedEvent
Provides the SecurityContext instances which were associated with the destroyed session.
getSecurityContexts() - Method in class org.springframework.security.web.session.HttpSessionDestroyedEvent
 
getSecurityDispatcherTypes() - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
Get the DispatcherType for the springSecurityFilterChain.
getSecurityMetadataSource() - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor
 
getSecurityMetadataSource() - Method in class org.springframework.security.web.access.channel.ChannelProcessingFilter
 
getSecurityMetadataSource() - Method in class org.springframework.security.web.access.intercept.FilterSecurityInterceptor
 
getSeries() - Method in class org.springframework.security.web.authentication.rememberme.PersistentRememberMeToken
 
getServerName() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getServerPort(ServletRequest) - Method in interface org.springframework.security.web.PortResolver
Indicates the port the ServletRequest was received on.
getServerPort(ServletRequest) - Method in class org.springframework.security.web.PortResolverImpl
 
getServerPort() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getService() - Method in class org.springframework.security.cas.ServiceProperties
Represents the service the user is authenticating to.
getService() - Method in class org.springframework.security.ldap.server.ApacheDSContainer
 
getServiceParameter() - Method in class org.springframework.security.cas.ServiceProperties
Configures the Request parameter to look for when attempting to send a request to CAS.
getServiceProperties() - Method in class org.springframework.security.cas.web.CasAuthenticationEntryPoint
 
getServiceUrl() - Method in interface org.springframework.security.cas.web.authentication.ServiceAuthenticationDetails
Gets the absolute service url (i.e.
getServletContext() - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag
This method allows subclasses to provide a way to access the ServletContext according to the rendering technology.
getServletContext() - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
 
getServletPath() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
getServletPath() - Method in class org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher
 
getSession() - Method in class org.springframework.security.web.session.HttpSessionCreatedEvent
 
getSession() - Method in class org.springframework.security.web.session.HttpSessionDestroyedEvent
 
getSessionId() - Method in class org.springframework.security.core.session.SessionInformation
 
getSessionId() - Method in class org.springframework.security.web.authentication.WebAuthenticationDetails
Indicates the HttpSession id the authentication request was received from.
getSessionInformation(String) - Method in interface org.springframework.security.core.session.SessionRegistry
Obtains the session information for the specified sessionId.
getSessionInformation(String) - Method in class org.springframework.security.core.session.SessionRegistryImpl
 
getSessionInformation() - Method in class org.springframework.security.web.session.SessionInformationExpiredEvent
 
getSessionTrackingModes() - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
Determines how a session should be tracked.
getSharedObject(Class<C>) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Gets a shared Object.
getSharedObject(Class<C>) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder
Gets a shared Object.
getSharedObjects() - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Gets the shared objects
getSid() - Method in class org.springframework.security.acls.domain.AccessControlEntryImpl
 
getSid() - Method in interface org.springframework.security.acls.model.AccessControlEntry
 
getSids(Authentication) - Method in class org.springframework.security.acls.domain.SidRetrievalStrategyImpl
 
getSids(Authentication) - Method in interface org.springframework.security.acls.model.SidRetrievalStrategy
 
getSn() - Method in class org.springframework.security.ldap.userdetails.Person
 
getSource(Element, ParserContext) - Method in class org.springframework.security.config.http.CorsBeanDefinitionParser
 
getSource() - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority
Returns the original user associated with a successful user switch.
getState() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest
Returns the state.
getState() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse
Returns the state.
getStatelessTicketCache() - Method in class org.springframework.security.cas.authentication.CasAuthenticationProvider
 
getStaticPart() - Method in class org.springframework.security.access.intercept.aspectj.MethodInvocationAdapter
 
getStaticPart() - Method in class org.springframework.security.util.SimpleMethodInvocation
 
getStatus() - Method in exception org.springframework.security.ldap.ppolicy.PasswordPolicyException
 
getStatus() - Method in class org.springframework.security.openid.OpenIDAuthenticationToken
 
getStreet() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getStreetAddress() - Method in interface org.springframework.security.oauth2.core.oidc.AddressStandardClaim
Returns the full street address, which may include house number, street name, P.O.
getStreetAddress() - Method in class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim
 
getStringSeparator() - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
 
getSubject() - Method in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimAccessor
Returns the Subject identifier (sub).
getSubject() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor
Returns the Subject identifier (sub).
getSubject() - Method in interface org.springframework.security.oauth2.jwt.JwtClaimAccessor
Returns the Subject (sub) claim which identifies the principal that is the subject of the JWT.
getSuccessHandler() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
 
getTargetUrlParameter() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
 
getTargetUser() - Method in class org.springframework.security.web.authentication.switchuser.AuthenticationSwitchUserEvent
 
getTelephoneNumber() - Method in class org.springframework.security.ldap.userdetails.Person
 
getThis() - Method in interface org.springframework.security.access.expression.method.MethodSecurityExpressionOperations
 
getThis() - Method in class org.springframework.security.access.intercept.aspectj.MethodInvocationAdapter
 
getThis() - Method in class org.springframework.security.util.SimpleMethodInvocation
 
getTicketValidator() - Method in class org.springframework.security.cas.authentication.CasAuthenticationProvider
 
getTimeBeforeExpiration() - Method in interface org.springframework.security.ldap.ppolicy.PasswordPolicyData
 
getTimeBeforeExpiration() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyResponseControl
Returns the timeBeforeExpiration.
getTimeBeforeExpiration() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
 
getTitle() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getToken() - Method in class org.springframework.security.oauth2.server.resource.authentication.AbstractOAuth2TokenAuthenticationToken
Get the token bound to this Authentication.
getToken() - Method in class org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken
Get the Bearer Token
getToken() - Method in interface org.springframework.security.web.csrf.CsrfToken
Gets the token value.
getToken() - Method in class org.springframework.security.web.csrf.DefaultCsrfToken
 
getToken() - Method in interface org.springframework.security.web.server.csrf.CsrfToken
Gets the token value.
getToken() - Method in class org.springframework.security.web.server.csrf.DefaultCsrfToken
 
getTokenAttributes() - Method in class org.springframework.security.oauth2.server.resource.authentication.AbstractOAuth2TokenAuthenticationToken
Returns the attributes of the access token.
getTokenAttributes() - Method in class org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken
Returns the attributes of the access token.
getTokenForSeries(String) - Method in class org.springframework.security.web.authentication.rememberme.InMemoryTokenRepositoryImpl
 
getTokenForSeries(String) - Method in class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl
Loads the token data for the supplied series identifier.
getTokenForSeries(String) - Method in interface org.springframework.security.web.authentication.rememberme.PersistentTokenRepository
 
getTokenResponse(OAuth2AuthorizationCodeGrantRequest) - Method in class org.springframework.security.oauth2.client.endpoint.DefaultAuthorizationCodeTokenResponseClient
 
getTokenResponse(OAuth2ClientCredentialsGrantRequest) - Method in class org.springframework.security.oauth2.client.endpoint.DefaultClientCredentialsTokenResponseClient
 
getTokenResponse(OAuth2AuthorizationCodeGrantRequest) - Method in class org.springframework.security.oauth2.client.endpoint.NimbusAuthorizationCodeTokenResponseClient
Deprecated.
 
getTokenResponse(T) - Method in interface org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient
Exchanges the authorization grant credential, provided in the authorization grant request, for an access token credential at the Authorization Server's Token Endpoint.
getTokenResponse(T) - Method in interface org.springframework.security.oauth2.client.endpoint.ReactiveOAuth2AccessTokenResponseClient
Exchanges the authorization grant credential, provided in the authorization grant request, for an access token credential at the Authorization Server's Token Endpoint.
getTokenResponse(OAuth2AuthorizationCodeGrantRequest) - Method in class org.springframework.security.oauth2.client.endpoint.WebClientReactiveAuthorizationCodeTokenResponseClient
 
getTokenResponse(OAuth2ClientCredentialsGrantRequest) - Method in class org.springframework.security.oauth2.client.endpoint.WebClientReactiveClientCredentialsTokenResponseClient
 
getTokenType() - Method in class org.springframework.security.oauth2.core.OAuth2AccessToken
Returns the token type.
getTokenUri() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails
Returns the uri for the token endpoint.
getTokenValiditySeconds() - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
 
getTokenValue() - Method in class org.springframework.security.oauth2.core.AbstractOAuth2Token
Returns the token value.
getTokenValue() - Method in class org.springframework.security.web.authentication.rememberme.PersistentRememberMeToken
 
getTranslatedPortMappings() - Method in class org.springframework.security.web.PortMapperImpl
Returns the translated (Integer -> Integer) version of the original port mapping specified via setHttpsPortMapping()
getTrustResolver() - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
 
getType() - Method in class org.springframework.security.acls.domain.ObjectIdentityImpl
 
getType() - Method in interface org.springframework.security.acls.model.ObjectIdentity
Obtains the "type" metadata for the domain object.
getType() - Method in class org.springframework.security.openid.OpenIDAttribute
The attribute type Identifier (a URI).
getUid() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
getUpdatedAt() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor
Returns the time the user's information was last updated (updated_at).
getUri() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails.UserInfoEndpoint
Returns the uri for the user info endpoint.
getUri() - Method in class org.springframework.security.oauth2.core.OAuth2Error
Returns the error uri.
getUrl() - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag
 
getUrl() - Method in class org.springframework.security.web.util.RedirectUrlBuilder
 
getUserAttributes() - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticator
 
getUserCache() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
 
getUserCache() - Method in class org.springframework.security.config.authentication.CachingUserDetailsService
 
getUserCache() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
 
getUserDetails() - Method in class org.springframework.security.cas.authentication.CasAuthenticationToken
 
getUserDetailsContextMapper() - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
Provides access to the injected UserDetailsContextMapper strategy for use by subclasses.
getUserDetailsService() - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
 
getUserDetailsService() - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
 
getUserDetailsService() - Method in class org.springframework.security.config.annotation.authentication.configurers.userdetails.UserDetailsAwareConfigurer
Gets the UserDetailsService or null if it is not available
getUserDetailsService() - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
 
getUserDetailsService() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
 
getUserDns(String) - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticator
Builds list of possible DNs for the user, worked out from the userDnPatterns property.
getUserFromCache(String) - Method in class org.springframework.security.core.userdetails.cache.EhCacheBasedUserCache
 
getUserFromCache(String) - Method in class org.springframework.security.core.userdetails.cache.NullUserCache
 
getUserFromCache(String) - Method in class org.springframework.security.core.userdetails.cache.SpringCacheBasedUserCache
 
getUserFromCache(String) - Method in interface org.springframework.security.core.userdetails.UserCache
Obtains a UserDetails from the cache.
getUserInfo() - Method in class org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser
 
getUserInfo() - Method in interface org.springframework.security.oauth2.core.oidc.user.OidcUser
Returns the UserInfo containing claims about the user.
getUserInfo() - Method in class org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority
Returns the UserInfo containing claims about the user, may be null.
getUserInfoEndpoint() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails
Returns the details of the UserInfo Endpoint.
getUsername() - Method in class org.springframework.security.core.userdetails.User
 
getUsername() - Method in interface org.springframework.security.core.userdetails.UserDetails
Returns the username used to authenticate the user.
getUsername() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
 
getUsername() - Method in class org.springframework.security.web.authentication.rememberme.PersistentRememberMeToken
 
getUserNameAttributeName() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails.UserInfoEndpoint
Returns the attribute name used to access the user's name from the user info response.
getUsernameParameter() - Method in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
 
getUserPrincipal() - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestWrapper
Returns the Authentication (which is a subclass of Principal), or null if unavailable.
getUserRoles(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource
Obtains the list of user roles based on the current user's JEE roles.
getUsersByUsernameQuery() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
 
getUserSearch() - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticator
 
getValue() - Method in class org.springframework.security.oauth2.core.AuthenticationMethod
Returns the value of the authentication method type.
getValue() - Method in class org.springframework.security.oauth2.core.AuthorizationGrantType
Returns the value of the authorization grant type.
getValue() - Method in class org.springframework.security.oauth2.core.ClientAuthenticationMethod
Returns the value of the client authentication method.
getValue() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponseType
Returns the value of the authorization response type.
getValue() - Method in class org.springframework.security.oauth2.core.OAuth2AccessToken.TokenType
Returns the value of the token type.
getValue() - Method in class org.springframework.security.web.savedrequest.SavedCookie
 
getValues() - Method in class org.springframework.security.openid.OpenIDAttribute
The values obtained from an attribute exchange.
getValues() - Method in class org.springframework.security.web.header.Header
Gets the values of the header.
getVar() - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
 
getVariables() - Method in class org.springframework.security.web.server.authorization.AuthorizationContext
 
getVariables() - Method in class org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher.MatchResult
Gets potential variables and their values
getVersion() - Static method in class org.springframework.security.core.SpringSecurityCoreVersion
 
getVersion() - Method in class org.springframework.security.web.savedrequest.SavedCookie
 
getWebFilters() - Method in class org.springframework.security.web.server.MatcherSecurityWebFilterChain
 
getWebFilters() - Method in interface org.springframework.security.web.server.SecurityWebFilterChain
The WebFilter to use
getWebsite() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor
Returns the URL of the user's web page or blog (website).
getWriter() - Method in class org.springframework.security.web.util.OnCommittedResponseWrapper
Makes sure OnCommittedResponseWrapper.onResponseCommitted() is invoked before calling the getWriter().close() or getWriter().flush()
getZoneInfo() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor
Returns the user's time zone (zoneinfo).
GIVEN_NAME - Static variable in interface org.springframework.security.oauth2.core.oidc.StandardClaimNames
given_name - the user's given name(s) or first name(s)
GLOBAL_METHOD_SECURITY - Static variable in class org.springframework.security.config.Elements
 
GlobalAuthenticationConfigurerAdapter - Class in org.springframework.security.config.annotation.authentication.configuration
A SecurityConfigurer that can be exposed as a bean to configure the global AuthenticationManagerBuilder.
GlobalAuthenticationConfigurerAdapter() - Constructor for class org.springframework.security.config.annotation.authentication.configuration.GlobalAuthenticationConfigurerAdapter
 
GlobalMethodSecurityBeanDefinitionParser - Class in org.springframework.security.config.method
Processes the top-level "global-method-security" element.
GlobalMethodSecurityBeanDefinitionParser() - Constructor for class org.springframework.security.config.method.GlobalMethodSecurityBeanDefinitionParser
 
GlobalMethodSecurityConfiguration - Class in org.springframework.security.config.annotation.method.configuration
Base Configuration for enabling global method security.
GlobalMethodSecurityConfiguration() - Constructor for class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
 
gmtZone - Static variable in class org.springframework.security.web.savedrequest.FastHttpDateFormat
GMT time zone - all HTTP dates are on GMT
grant(Principal) - Method in interface org.springframework.security.authentication.jaas.AuthorityGranter
The grant method is called for each principal returned from the LoginContext subject.
GRANT_TYPE - Static variable in interface org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames
grant_type - used in Access Token Request.
GrantedAuthoritiesContainer - Interface in org.springframework.security.core.authority
Indicates that a object stores GrantedAuthority objects.
GrantedAuthoritiesMapper - Interface in org.springframework.security.core.authority.mapping
Mapping interface which can be injected into the authentication layer to convert the authorities loaded from storage into those which will be used in the Authentication object.
GrantedAuthority - Interface in org.springframework.security.core
Represents an authority granted to an Authentication object.
GrantedAuthorityDefaults - Class in org.springframework.security.config.core
Allows providing defaults for GrantedAuthority
GrantedAuthorityDefaults(String) - Constructor for class org.springframework.security.config.core.GrantedAuthorityDefaults
 
GrantedAuthorityFromAssertionAttributesUserDetailsService - Class in org.springframework.security.cas.userdetails
Populates the GrantedAuthoritys for a user by reading a list of attributes that were returned as part of the CAS response.
GrantedAuthorityFromAssertionAttributesUserDetailsService(String[]) - Constructor for class org.springframework.security.cas.userdetails.GrantedAuthorityFromAssertionAttributesUserDetailsService
 
GrantedAuthoritySid - Class in org.springframework.security.acls.domain
Represents a GrantedAuthority as a Sid.
GrantedAuthoritySid(String) - Constructor for class org.springframework.security.acls.domain.GrantedAuthoritySid
 
GrantedAuthoritySid(GrantedAuthority) - Constructor for class org.springframework.security.acls.domain.GrantedAuthoritySid
 
groupAuthoritiesByUsername(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
An SQL statement to query user's group authorities given a username.
GroupManager - Interface in org.springframework.security.provisioning
Allows management of groups of authorities and their members.
groupRoleAttribute(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
Specifies the attribute name which contains the role name.
groupSearchBase(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
The search base for group membership searches.
groupSearchFilter(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
The LDAP filter to search for groups.

H

handle(Callback, Authentication) - Method in interface org.springframework.security.authentication.jaas.JaasAuthenticationCallbackHandler
Handle the Callback.
handle(Callback, Authentication) - Method in class org.springframework.security.authentication.jaas.JaasNameCallbackHandler
If the callback passed to the 'handle' method is an instance of NameCallback, the JaasNameCallbackHandler will call, callback.setName(authentication.getPrincipal().toString()).
handle(Callback, Authentication) - Method in class org.springframework.security.authentication.jaas.JaasPasswordCallbackHandler
If the callback passed to the 'handle' method is an instance of PasswordCallback, the JaasPasswordCallbackHandler will call, callback.setPassword(authentication.getCredentials().toString()).
handle(HttpServletRequest, HttpServletResponse, AccessDeniedException) - Method in class org.springframework.security.oauth2.server.resource.web.access.BearerTokenAccessDeniedHandler
Collect error details from the provided parameters and format according to RFC 6750, specifically error, error_description, error_uri, and .
handle(ServerWebExchange, AccessDeniedException) - Method in class org.springframework.security.oauth2.server.resource.web.access.server.BearerTokenServerAccessDeniedHandler
 
handle(HttpServletRequest, HttpServletResponse, AccessDeniedException) - Method in interface org.springframework.security.web.access.AccessDeniedHandler
Handles an access denied failure.
handle(HttpServletRequest, HttpServletResponse, AccessDeniedException) - Method in class org.springframework.security.web.access.AccessDeniedHandlerImpl
 
handle(HttpServletRequest, HttpServletResponse, AccessDeniedException) - Method in class org.springframework.security.web.access.DelegatingAccessDeniedHandler
 
handle(HttpServletRequest, HttpServletResponse, AccessDeniedException) - Method in class org.springframework.security.web.access.RequestMatcherDelegatingAccessDeniedHandler
 
handle(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
Invokes the configured RedirectStrategy with the URL returned by the determineTargetUrl method.
handle(ServerWebExchange, AccessDeniedException) - Method in class org.springframework.security.web.server.authorization.HttpStatusServerAccessDeniedHandler
 
handle(ServerWebExchange, AccessDeniedException) - Method in interface org.springframework.security.web.server.authorization.ServerAccessDeniedHandler
 
handle(ServerWebExchange, AccessDeniedException) - Method in class org.springframework.security.web.server.authorization.ServerWebExchangeDelegatingServerAccessDeniedHandler
 
handle(HttpServletRequest, HttpServletResponse, AccessDeniedException) - Method in class org.springframework.security.web.session.InvalidSessionAccessDeniedHandler
 
handleBindException(String, String, Throwable) - Method in class org.springframework.security.ldap.authentication.BindAuthenticator
Allows subclasses to inspect the exception thrown by an attempt to bind with a particular DN.
handleError(ClientHttpResponse) - Method in class org.springframework.security.oauth2.client.http.OAuth2ErrorResponseErrorHandler
 
handleLogout(SessionDestroyedEvent) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
Handles the logout by getting the security contexts for the destroyed session and invoking LoginContext.logout() for any which contain a JaasAuthenticationToken.
handleToken(CsrfToken) - Method in class org.springframework.security.taglibs.csrf.CsrfInputTag
 
handleToken(CsrfToken) - Method in class org.springframework.security.taglibs.csrf.CsrfMetaTagsTag
 
hasAnyAuthority(String...) - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
Determines if the SecurityExpressionOperations.getAuthentication() has any of the specified authorities within Authentication.getAuthorities().
hasAnyAuthority(String...) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
 
hasAnyAuthority(String...) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
Specify that URLs requires any of a number authorities.
hasAnyAuthority(String...) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.AuthorizedUrl
Specifies that a user requires one of many authorities
hasAnyAuthority(String...) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
Specify that Message instances requires any of a number authorities.
hasAnyRole(String...) - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
Determines if the SecurityExpressionOperations.getAuthentication() has any of the specified authorities within Authentication.getAuthorities().
hasAnyRole(String...) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
 
hasAnyRole(String...) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
Shortcut for specifying URLs require any of a number of roles.
hasAnyRole(String...) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.AuthorizedUrl
Specifies that a user requires one of many roles.
hasAnyRole(String...) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
Shortcut for specifying Message instances require any of a number of roles.
hasAuthority(String) - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
Determines if the SecurityExpressionOperations.getAuthentication() has a particular authority within Authentication.getAuthorities().
hasAuthority(String) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
 
hasAuthority(String) - Static method in class org.springframework.security.authorization.AuthorityReactiveAuthorizationManager
Creates an instance of AuthorityReactiveAuthorizationManager with the provided authority.
hasAuthority(String) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
Specify that URLs require a particular authority.
hasAuthority(String) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.AuthorizedUrl
Specifies a user requires an authority.
hasAuthority(String) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
Specify that Message instances require a particular authority.
hasAuthority(String) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.AuthorizeExchangeSpec.Access
Require a specific authority.
hasError() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyResponseControl
Checks whether an error is present.
hasError(ClientHttpResponse) - Method in class org.springframework.security.oauth2.client.http.OAuth2ErrorResponseErrorHandler
 
hasErrors() - Method in class org.springframework.security.oauth2.core.OAuth2TokenValidatorResult
Say whether this result indicates success
hashCode() - Method in class org.springframework.security.access.SecurityConfig
 
hashCode() - Method in class org.springframework.security.acls.domain.AbstractPermission
 
hashCode() - Method in class org.springframework.security.acls.domain.AccessControlEntryImpl
 
hashCode() - Method in class org.springframework.security.acls.domain.AclImpl
 
hashCode() - Method in class org.springframework.security.acls.domain.GrantedAuthoritySid
 
hashCode() - Method in class org.springframework.security.acls.domain.ObjectIdentityImpl
Important so caching operates properly.
hashCode() - Method in class org.springframework.security.acls.domain.PrincipalSid
 
hashCode() - Method in interface org.springframework.security.acls.model.ObjectIdentity
 
hashCode() - Method in interface org.springframework.security.acls.model.Sid
Refer to the java.lang.Object documentation for the interface contract.
hashCode() - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
 
hashCode() - Method in class org.springframework.security.authentication.AnonymousAuthenticationToken
 
hashCode() - Method in class org.springframework.security.authentication.jaas.JaasGrantedAuthority
 
hashCode() - Method in class org.springframework.security.authentication.RememberMeAuthenticationToken
 
hashCode() - Method in class org.springframework.security.cas.authentication.CasAuthenticationToken
 
hashCode() - Method in class org.springframework.security.core.authority.SimpleGrantedAuthority
 
hashCode() - Method in class org.springframework.security.core.context.SecurityContextImpl
 
hashCode() - Method in class org.springframework.security.core.token.DefaultToken
 
hashCode() - Method in class org.springframework.security.core.userdetails.User
Returns the hashcode of the username.
hashCode() - Method in class org.springframework.security.ldap.userdetails.LdapAuthority
 
hashCode() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
 
hashCode() - Method in class org.springframework.security.messaging.util.matcher.SimpMessageTypeMatcher
 
hashCode() - Method in class org.springframework.security.oauth2.core.AbstractOAuth2Token
 
hashCode() - Method in class org.springframework.security.oauth2.core.AuthenticationMethod
 
hashCode() - Method in class org.springframework.security.oauth2.core.AuthorizationGrantType
 
hashCode() - Method in class org.springframework.security.oauth2.core.ClientAuthenticationMethod
 
hashCode() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponseType
 
hashCode() - Method in class org.springframework.security.oauth2.core.OAuth2AccessToken.TokenType
 
hashCode() - Method in class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim
 
hashCode() - Method in class org.springframework.security.oauth2.core.oidc.OidcUserInfo
 
hashCode() - Method in class org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority
 
hashCode() - Method in class org.springframework.security.oauth2.core.user.DefaultOAuth2User
 
hashCode() - Method in class org.springframework.security.oauth2.core.user.OAuth2UserAuthority
 
hashCode() - Method in class org.springframework.security.util.InMemoryResource
 
hashCode() - Method in class org.springframework.security.web.access.intercept.RequestKey
 
hashCode() - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority
 
hashCode() - Method in class org.springframework.security.web.authentication.WebAuthenticationDetails
 
hashCode() - Method in class org.springframework.security.web.header.Header
 
hashCode() - Method in class org.springframework.security.web.server.csrf.DefaultCsrfToken
 
hashCode() - Method in class org.springframework.security.web.util.matcher.AntPathRequestMatcher
 
hashCode() - Method in class org.springframework.security.web.util.matcher.AnyRequestMatcher
 
hashpw(String, String) - Static method in class org.springframework.security.crypto.bcrypt.BCrypt
Hash a password using the OpenBSD bcrypt scheme
hasIpAddress(String) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
Specify that URLs requires a specific IP Address or subnet.
hasIpAddress(String) - Method in class org.springframework.security.web.access.expression.WebSecurityExpressionRoot
Takes a specific IP address or a range using the IP/Netmask (e.g.
hasMoreElements() - Method in class org.springframework.security.web.savedrequest.Enumerator
Tests if this enumeration contains more elements.
hasPermission(Authentication, Object, Object) - Method in class org.springframework.security.access.expression.DenyAllPermissionEvaluator
 
hasPermission(Authentication, Serializable, String, Object) - Method in class org.springframework.security.access.expression.DenyAllPermissionEvaluator
 
hasPermission(Object, Object) - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
Determines if the SecurityExpressionOperations.getAuthentication() has permission to access the target given the permission
hasPermission(Object, String, Object) - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
Determines if the SecurityExpressionOperations.getAuthentication() has permission to access the domain object with a given id, type, and permission.
hasPermission(Object, Object) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
 
hasPermission(Object, String, Object) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
 
hasPermission(Authentication, Object, Object) - Method in interface org.springframework.security.access.PermissionEvaluator
 
hasPermission(Authentication, Serializable, String, Object) - Method in interface org.springframework.security.access.PermissionEvaluator
Alternative method for evaluating a permission where only the identifier of the target object is available, rather than the target instance itself.
hasPermission(Authentication, Object, Object) - Method in class org.springframework.security.acls.AclPermissionEvaluator
Determines whether the user has the given permission(s) on the domain object using the ACL configuration.
hasPermission(Authentication, Serializable, String, Object) - Method in class org.springframework.security.acls.AclPermissionEvaluator
 
hasPermission(Authentication, Object) - Method in class org.springframework.security.acls.afterinvocation.AbstractAclProvider
 
hasRole(String) - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
Determines if the SecurityExpressionOperations.getAuthentication() has a particular authority within Authentication.getAuthorities().
hasRole(String) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
 
hasRole(String) - Static method in class org.springframework.security.authorization.AuthorityReactiveAuthorizationManager
Creates an instance of AuthorityReactiveAuthorizationManager with the provided authority.
hasRole(String) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
Shortcut for specifying URLs require a particular role.
hasRole(String) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.AuthorizedUrl
Specifies a user requires a role.
hasRole(String) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
Shortcut for specifying Message instances require a particular role.
hasRole(String) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.AuthorizeExchangeSpec.Access
Require a specific role.
hasWarning() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyResponseControl
Checks whether a warning is present.
HEADER - Static variable in class org.springframework.security.oauth2.core.AuthenticationMethod
 
Header - Class in org.springframework.security.web.header
Represents a Header to be added to the HttpServletResponse
Header(String, String...) - Constructor for class org.springframework.security.web.header.Header
Creates a new instance
header(String, String...) - Method in class org.springframework.security.web.server.header.StaticServerHttpHeadersWriter.Builder
 
headers() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Adds the Security headers to the response.
HEADERS - Static variable in class org.springframework.security.config.Elements
 
headers() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity
Configures HTTP Response Headers.
HeadersBeanDefinitionParser - Class in org.springframework.security.config.http
Parser for the HeadersFilter.
HeadersBeanDefinitionParser() - Constructor for class org.springframework.security.config.http.HeadersBeanDefinitionParser
 
HeadersConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Adds the Security HTTP headers to the response.
HeadersConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
Creates a new instance
HeadersConfigurer.CacheControlConfig - Class in org.springframework.security.config.annotation.web.configurers
 
HeadersConfigurer.ContentSecurityPolicyConfig - Class in org.springframework.security.config.annotation.web.configurers
 
HeadersConfigurer.ContentTypeOptionsConfig - Class in org.springframework.security.config.annotation.web.configurers
 
HeadersConfigurer.FeaturePolicyConfig - Class in org.springframework.security.config.annotation.web.configurers
 
HeadersConfigurer.FrameOptionsConfig - Class in org.springframework.security.config.annotation.web.configurers
 
HeadersConfigurer.HpkpConfig - Class in org.springframework.security.config.annotation.web.configurers
 
HeadersConfigurer.HstsConfig - Class in org.springframework.security.config.annotation.web.configurers
 
HeadersConfigurer.ReferrerPolicyConfig - Class in org.springframework.security.config.annotation.web.configurers
 
HeadersConfigurer.XXssConfig - Class in org.springframework.security.config.annotation.web.configurers
 
HeaderWriter - Interface in org.springframework.security.web.header
Contract for writing headers to a HttpServletResponse
HeaderWriterFilter - Class in org.springframework.security.web.header
Filter implementation to add headers to the current response.
HeaderWriterFilter(List<HeaderWriter>) - Constructor for class org.springframework.security.web.header.HeaderWriterFilter
Creates a new instance.
Hex - Class in org.springframework.security.crypto.codec
Hex data encoder.
Hex() - Constructor for class org.springframework.security.crypto.codec.Hex
 
hideUserNotFoundExceptions - Variable in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
 
HpkpHeaderWriter - Class in org.springframework.security.web.header.writers
Provides support for HTTP Public Key Pinning (HPKP).
HpkpHeaderWriter(long, boolean, boolean) - Constructor for class org.springframework.security.web.header.writers.HpkpHeaderWriter
Creates a new instance
HpkpHeaderWriter(long, boolean) - Constructor for class org.springframework.security.web.header.writers.HpkpHeaderWriter
Creates a new instance
HpkpHeaderWriter(long) - Constructor for class org.springframework.security.web.header.writers.HpkpHeaderWriter
Creates a new instance
HpkpHeaderWriter() - Constructor for class org.springframework.security.web.header.writers.HpkpHeaderWriter
Creates a new instance
HS256 - Static variable in interface org.springframework.security.oauth2.jose.jws.JwsAlgorithms
HMAC using SHA-256 (Required)
HS384 - Static variable in interface org.springframework.security.oauth2.jose.jws.JwsAlgorithms
HMAC using SHA-384 (Optional)
HS512 - Static variable in interface org.springframework.security.oauth2.jose.jws.JwsAlgorithms
HMAC using SHA-512 (Optional)
hsts() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec
Configures the Strict Transport Security response headers
HstsHeaderWriter - Class in org.springframework.security.web.header.writers
HstsHeaderWriter(RequestMatcher, long, boolean) - Constructor for class org.springframework.security.web.header.writers.HstsHeaderWriter
Creates a new instance
HstsHeaderWriter(long, boolean) - Constructor for class org.springframework.security.web.header.writers.HstsHeaderWriter
Creates a new instance
HstsHeaderWriter(long) - Constructor for class org.springframework.security.web.header.writers.HstsHeaderWriter
Creates a new instance
HstsHeaderWriter(boolean) - Constructor for class org.springframework.security.web.header.writers.HstsHeaderWriter
Creates a new instance
HstsHeaderWriter() - Constructor for class org.springframework.security.web.header.writers.HstsHeaderWriter
Creates a new instance
http(int) - Method in class org.springframework.security.config.annotation.web.configurers.PortMapperConfigurer
Adds a port mapping
HTTP - Static variable in class org.springframework.security.config.Elements
 
http() - Static method in class org.springframework.security.config.web.server.ServerHttpSecurity
Creates a new instance.
Http403ForbiddenEntryPoint - Class in org.springframework.security.web.authentication
In the pre-authenticated authentication case (unlike CAS, for example) the user will already have been identified through some external mechanism and a secure context established by the time the security-enforcement filter is invoked.
Http403ForbiddenEntryPoint() - Constructor for class org.springframework.security.web.authentication.Http403ForbiddenEntryPoint
 
HTTP_FIREWALL - Static variable in class org.springframework.security.config.Elements
 
httpBasic() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Configures HTTP Basic authentication.
httpBasic() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity
Configures HTTP Basic authentication.
httpBasic(String, String) - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors
Convenience mechanism for setting the Authorization header to use HTTP Basic with the given username and password.
HttpBasicConfigurer<B extends HttpSecurityBuilder<B>> - Class in org.springframework.security.config.annotation.web.configurers
Adds HTTP basic based authentication.
HttpBasicConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.HttpBasicConfigurer
Creates a new instance
HttpBasicServerAuthenticationEntryPoint - Class in org.springframework.security.web.server.authentication
Prompts a user for HTTP Basic authentication.
HttpBasicServerAuthenticationEntryPoint() - Constructor for class org.springframework.security.web.server.authentication.HttpBasicServerAuthenticationEntryPoint
 
httpFirewall(HttpFirewall) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
Allows customizing the HttpFirewall.
HttpFirewall - Interface in org.springframework.security.web.firewall
Interface which can be used to reject potentially dangerous requests and/or wrap them to control their behaviour.
HttpFirewallBeanDefinitionParser - Class in org.springframework.security.config.http
Injects the supplied HttpFirewall bean reference into the FilterChainProxy.
HttpFirewallBeanDefinitionParser() - Constructor for class org.springframework.security.config.http.HttpFirewallBeanDefinitionParser
 
HttpHeaderWriterWebFilter - Class in org.springframework.security.web.server.header
Invokes a ServerHttpHeadersWriter on ReactiveHttpOutputMessage.beforeCommit(java.util.function.Supplier).
HttpHeaderWriterWebFilter(ServerHttpHeadersWriter) - Constructor for class org.springframework.security.web.server.header.HttpHeaderWriterWebFilter
 
httpPublicKeyPinning() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
Allows customizing the HpkpHeaderWriter which provides support for HTTP Public Key Pinning (HPKP).
HttpRequestResponseHolder - Class in org.springframework.security.web.context
Used to pass the incoming request to SecurityContextRepository.loadContext(HttpRequestResponseHolder), allowing the method to swap the request for a wrapped version, as well as returning the SecurityContext value.
HttpRequestResponseHolder(HttpServletRequest, HttpServletResponse) - Constructor for class org.springframework.security.web.context.HttpRequestResponseHolder
 
HttpSecurity - Class in org.springframework.security.config.annotation.web.builders
A HttpSecurity is similar to Spring Security's XML <http> element in the namespace configuration.
HttpSecurity(ObjectPostProcessor<Object>, AuthenticationManagerBuilder, Map<Class<? extends Object>, Object>) - Constructor for class org.springframework.security.config.annotation.web.builders.HttpSecurity
Creates a new instance
HttpSecurity.MvcMatchersRequestMatcherConfigurer - Class in org.springframework.security.config.annotation.web.builders
An extension to HttpSecurity.RequestMatcherConfigurer that allows optionally configuring the servlet path.
HttpSecurity.RequestMatcherConfigurer - Class in org.springframework.security.config.annotation.web.builders
Allows mapping HTTP requests that this HttpSecurity will be used for
HttpSecurityBeanDefinitionParser - Class in org.springframework.security.config.http
Sets up HTTP security: filter stack and protected URLs.
HttpSecurityBeanDefinitionParser() - Constructor for class org.springframework.security.config.http.HttpSecurityBeanDefinitionParser
 
HttpSecurityBuilder<H extends HttpSecurityBuilder<H>> - Interface in org.springframework.security.config.annotation.web
 
httpServletRequest(HttpServletRequest) - Static method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction
Modifies the ClientRequest.attributes() to include the HttpServletRequest used to look up and save the OAuth2AuthorizedClient.
httpServletResponse(HttpServletResponse) - Static method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction
Modifies the ClientRequest.attributes() to include the HttpServletResponse used to save the OAuth2AuthorizedClient.
HttpSessionCreatedEvent - Class in org.springframework.security.web.session
Published by the HttpSessionEventPublisher when an HttpSession is created by the container
HttpSessionCreatedEvent(HttpSession) - Constructor for class org.springframework.security.web.session.HttpSessionCreatedEvent
 
HttpSessionCsrfTokenRepository - Class in org.springframework.security.web.csrf
A CsrfTokenRepository that stores the CsrfToken in the HttpSession.
HttpSessionCsrfTokenRepository() - Constructor for class org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository
 
HttpSessionDestroyedEvent - Class in org.springframework.security.web.session
Published by the HttpSessionEventPublisher when a HttpSession is removed from the container
HttpSessionDestroyedEvent(HttpSession) - Constructor for class org.springframework.security.web.session.HttpSessionDestroyedEvent
 
HttpSessionEventPublisher - Class in org.springframework.security.web.session
Declared in web.xml as
HttpSessionEventPublisher() - Constructor for class org.springframework.security.web.session.HttpSessionEventPublisher
 
HttpSessionOAuth2AuthorizationRequestRepository - Class in org.springframework.security.oauth2.client.web
An implementation of an AuthorizationRequestRepository that stores OAuth2AuthorizationRequest in the HttpSession.
HttpSessionOAuth2AuthorizationRequestRepository() - Constructor for class org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizationRequestRepository
 
HttpSessionOAuth2AuthorizedClientRepository - Class in org.springframework.security.oauth2.client.web
An implementation of an OAuth2AuthorizedClientRepository that stores OAuth2AuthorizedClient's in the HttpSession.
HttpSessionOAuth2AuthorizedClientRepository() - Constructor for class org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizedClientRepository
 
HttpSessionRequestCache - Class in org.springframework.security.web.savedrequest
RequestCache which stores the SavedRequest in the HttpSession.
HttpSessionRequestCache() - Constructor for class org.springframework.security.web.savedrequest.HttpSessionRequestCache
 
HttpSessionSecurityContextRepository - Class in org.springframework.security.web.context
A SecurityContextRepository implementation which stores the security context in the HttpSession between requests.
HttpSessionSecurityContextRepository() - Constructor for class org.springframework.security.web.context.HttpSessionSecurityContextRepository
 
HttpsRedirectSpec() - Constructor for class org.springframework.security.config.web.server.ServerHttpSecurity.HttpsRedirectSpec
 
HttpsRedirectWebFilter - Class in org.springframework.security.web.server.transport
Redirects any non-HTTPS request to its HTTPS equivalent.
HttpsRedirectWebFilter() - Constructor for class org.springframework.security.web.server.transport.HttpsRedirectWebFilter
 
httpsRedirectWhen(ServerWebExchangeMatcher...) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HttpsRedirectSpec
Configures when this filter should redirect to https By default, the filter will redirect whenever an exchange's scheme is not https
httpsRedirectWhen(Function<ServerWebExchange, Boolean>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HttpsRedirectSpec
Configures when this filter should redirect to https By default, the filter will redirect whenever an exchange's scheme is not https
HttpStatusEntryPoint - Class in org.springframework.security.web.authentication
An AuthenticationEntryPoint that sends a generic HttpStatus as a response.
HttpStatusEntryPoint(HttpStatus) - Constructor for class org.springframework.security.web.authentication.HttpStatusEntryPoint
Creates a new instance.
HttpStatusReturningLogoutSuccessHandler - Class in org.springframework.security.web.authentication.logout
Implementation of the LogoutSuccessHandler.
HttpStatusReturningLogoutSuccessHandler(HttpStatus) - Constructor for class org.springframework.security.web.authentication.logout.HttpStatusReturningLogoutSuccessHandler
Initialize the HttpStatusLogoutSuccessHandler with a user-defined HttpStatus.
HttpStatusReturningLogoutSuccessHandler() - Constructor for class org.springframework.security.web.authentication.logout.HttpStatusReturningLogoutSuccessHandler
Initialize the HttpStatusLogoutSuccessHandler with the default HttpStatus.OK.
HttpStatusReturningServerLogoutSuccessHandler - Class in org.springframework.security.web.server.authentication.logout
Implementation of the ServerLogoutSuccessHandler.
HttpStatusReturningServerLogoutSuccessHandler(HttpStatus) - Constructor for class org.springframework.security.web.server.authentication.logout.HttpStatusReturningServerLogoutSuccessHandler
Initialize the HttpStatusReturningServerLogoutSuccessHandler with a user-defined HttpStatus.
HttpStatusReturningServerLogoutSuccessHandler() - Constructor for class org.springframework.security.web.server.authentication.logout.HttpStatusReturningServerLogoutSuccessHandler
Initialize the HttpStatusReturningServerLogoutSuccessHandler with the default HttpStatus.OK.
HttpStatusServerAccessDeniedHandler - Class in org.springframework.security.web.server.authorization
Sets the provided HTTP Status when access is denied.
HttpStatusServerAccessDeniedHandler(HttpStatus) - Constructor for class org.springframework.security.web.server.authorization.HttpStatusServerAccessDeniedHandler
Creates an instance with the provided status
HttpStatusServerEntryPoint - Class in org.springframework.security.web.server.authentication
A ServerAuthenticationEntryPoint that sends a generic HttpStatus as a response.
HttpStatusServerEntryPoint(HttpStatus) - Constructor for class org.springframework.security.web.server.authentication.HttpStatusServerEntryPoint
 
httpStrictTransportSecurity() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
Allows customizing the HstsHeaderWriter which provides support for HTTP Strict Transport Security (HSTS).

I

IAT - Static variable in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimNames
iat - the time at which the ID Token was issued
IAT - Static variable in interface org.springframework.security.oauth2.jwt.JwtClaimNames
iat - The Issued at claim identifies the time at which the JWT was issued
id - Variable in class org.springframework.security.taglibs.authz.JspAuthorizeTag
 
ID_TOKEN - Static variable in interface org.springframework.security.oauth2.core.oidc.endpoint.OidcParameterNames
id_token - used in the Access Token Response.
IdentityUnavailableException - Exception in org.springframework.security.acls.domain
Thrown if an ACL identity could not be extracted from an object.
IdentityUnavailableException(String) - Constructor for exception org.springframework.security.acls.domain.IdentityUnavailableException
Constructs an IdentityUnavailableException with the specified message.
IdentityUnavailableException(String, Throwable) - Constructor for exception org.springframework.security.acls.domain.IdentityUnavailableException
Constructs an IdentityUnavailableException with the specified message and root cause.
IdTokenClaimAccessor - Interface in org.springframework.security.oauth2.core.oidc
A ClaimAccessor for the "claims" that can be returned in the ID Token, which provides information about the authentication of an End-User by an Authorization Server.
IdTokenClaimNames - Interface in org.springframework.security.oauth2.core.oidc
The names of the "claims" defined by the OpenID Connect Core 1.0 specification that can be returned in the ID Token.
ignoring() - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
Allows adding RequestMatcher instances that Spring Security should ignore.
ignoringAntMatchers(String...) - Method in class org.springframework.security.config.annotation.web.configurers.CsrfConfigurer
Allows specifying HttpServletRequest that should not use CSRF Protection even if they match the CsrfConfigurer.requireCsrfProtectionMatcher(RequestMatcher).
ignoringRequestMatchers(RequestMatcher...) - Method in class org.springframework.security.config.annotation.web.configurers.CsrfConfigurer
Allows specifying HttpServletRequests that should not use CSRF Protection even if they match the CsrfConfigurer.requireCsrfProtectionMatcher(RequestMatcher).
IMPLICIT - Static variable in class org.springframework.security.oauth2.core.AuthorizationGrantType
 
implicit() - Static method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest
Returns a new OAuth2AuthorizationRequest.Builder, initialized with the implicit grant type.
ImplicitGrantConfigurer<B extends HttpSecurityBuilder<B>> - Class in org.springframework.security.config.annotation.web.configurers.oauth2.client
An AbstractHttpConfigurer for the OAuth 2.0 Implicit Grant type.
ImplicitGrantConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.oauth2.client.ImplicitGrantConfigurer
 
inboundChannelSecurity() - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
 
inboundMessageSecurityMetadataSource() - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
 
includeSubDomains(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.HpkpConfig
If true, the pinning policy applies to this pinned host as well as any subdomains of the host's domain name.
includeSubDomains(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.HstsConfig
If true, subdomains should be considered HSTS Hosts too.
includeSubdomains(boolean) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.HstsSpec
Configures if subdomains should be included.
INET_ORG_PERSON_MAPPER_CLASS - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
InetOrgPerson - Class in org.springframework.security.ldap.userdetails
UserDetails implementation whose properties are based on a subset of the LDAP schema for inetOrgPerson.
InetOrgPerson() - Constructor for class org.springframework.security.ldap.userdetails.InetOrgPerson
 
InetOrgPerson.Essence - Class in org.springframework.security.ldap.userdetails
 
InetOrgPersonContextMapper - Class in org.springframework.security.ldap.userdetails
 
InetOrgPersonContextMapper() - Constructor for class org.springframework.security.ldap.userdetails.InetOrgPersonContextMapper
 
init(AuthenticationManagerBuilder) - Method in class org.springframework.security.config.annotation.authentication.configuration.GlobalAuthenticationConfigurerAdapter
 
init(B) - Method in interface org.springframework.security.config.annotation.SecurityConfigurer
Initialize the SecurityBuilder.
init(B) - Method in class org.springframework.security.config.annotation.SecurityConfigurerAdapter
 
init(WebSecurity) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
 
init(B) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
 
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
 
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.DefaultLoginPageConfigurer
 
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.FormLoginConfigurer
 
init(B) - Method in class org.springframework.security.config.annotation.web.configurers.HttpBasicConfigurer
 
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.JeeConfigurer
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
 
init(B) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2ClientConfigurer
 
init(B) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer
 
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer
 
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer
 
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.PortMapperConfigurer
 
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
 
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.RequestCacheConfigurer
 
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
 
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.X509Configurer
 
init() - Method in class org.springframework.security.config.SecurityNamespaceHandler
 
init(FilterConfig) - Method in class org.springframework.security.web.access.intercept.FilterSecurityInterceptor
Not used (we rely on IoC container lifecycle services instead)
init(FilterConfig) - Method in class org.springframework.security.web.debug.DebugFilter
 
initDao() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
 
initDao() - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
initDao() - Method in class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl
 
initExtractorMap() - Method in class org.springframework.security.web.util.ThrowableAnalyzer
Initializes associations between Throwables and ThrowableCauseExtractors.
InitialContextFactory - Interface in org.springframework.security.remoting.dns
This is used in JndiDnsResolver to get an InitialDirContext for DNS queries.
initialize(Subject, CallbackHandler, Map, Map) - Method in class org.springframework.security.authentication.jaas.SecurityContextLoginModule
Initialize this LoginModule.
initializeAuthenticationProviderBeanManagerConfigurer(ApplicationContext) - Static method in class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
 
initializeUserDetailsBeanManagerConfigurer(ApplicationContext) - Static method in class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
 
initUserDetailsService() - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
 
initUserDetailsService() - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer
Populates the users that have been added.
initUserDetailsService() - Method in class org.springframework.security.config.annotation.authentication.configurers.userdetails.UserDetailsServiceConfigurer
Allows subclasses to initialize the UserDetailsService.
inMemoryAuthentication() - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
Add in memory authentication to the AuthenticationManagerBuilder and return a InMemoryUserDetailsManagerConfigurer to allow customization of the in memory authentication.
InMemoryClientRegistrationRepository - Class in org.springframework.security.oauth2.client.registration
InMemoryClientRegistrationRepository(ClientRegistration...) - Constructor for class org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository
Constructs an InMemoryClientRegistrationRepository using the provided parameters.
InMemoryClientRegistrationRepository(List<ClientRegistration>) - Constructor for class org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository
Constructs an InMemoryClientRegistrationRepository using the provided parameters.
InMemoryConfiguration - Class in org.springframework.security.authentication.jaas.memory
An in memory representation of a JAAS configuration.
InMemoryConfiguration(AppConfigurationEntry[]) - Constructor for class org.springframework.security.authentication.jaas.memory.InMemoryConfiguration
Creates a new instance with only a defaultConfiguration.
InMemoryConfiguration(Map<String, AppConfigurationEntry[]>) - Constructor for class org.springframework.security.authentication.jaas.memory.InMemoryConfiguration
Creates a new instance with a mapping of login context name to an array of AppConfigurationEntrys.
InMemoryConfiguration(Map<String, AppConfigurationEntry[]>, AppConfigurationEntry[]) - Constructor for class org.springframework.security.authentication.jaas.memory.InMemoryConfiguration
Creates a new instance with a mapping of login context name to an array of AppConfigurationEntrys along with a default configuration that will be used if no mapping is found for the given login context name.
InMemoryOAuth2AuthorizedClientService - Class in org.springframework.security.oauth2.client
InMemoryOAuth2AuthorizedClientService(ClientRegistrationRepository) - Constructor for class org.springframework.security.oauth2.client.InMemoryOAuth2AuthorizedClientService
Constructs an InMemoryOAuth2AuthorizedClientService using the provided parameters.
InMemoryReactiveClientRegistrationRepository - Class in org.springframework.security.oauth2.client.registration
A Reactive ClientRegistrationRepository that stores ClientRegistration(s) in-memory.
InMemoryReactiveClientRegistrationRepository(ClientRegistration...) - Constructor for class org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository
Constructs an InMemoryReactiveClientRegistrationRepository using the provided parameters.
InMemoryReactiveClientRegistrationRepository(List<ClientRegistration>) - Constructor for class org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository
Constructs an InMemoryReactiveClientRegistrationRepository using the provided parameters.
InMemoryReactiveOAuth2AuthorizedClientService - Class in org.springframework.security.oauth2.client
InMemoryReactiveOAuth2AuthorizedClientService(ReactiveClientRegistrationRepository) - Constructor for class org.springframework.security.oauth2.client.InMemoryReactiveOAuth2AuthorizedClientService
Constructs an InMemoryOAuth2AuthorizedClientService using the provided parameters.
InMemoryResource - Class in org.springframework.security.util
An in memory implementation of Spring's Resource interface.
InMemoryResource(String) - Constructor for class org.springframework.security.util.InMemoryResource
 
InMemoryResource(byte[]) - Constructor for class org.springframework.security.util.InMemoryResource
 
InMemoryResource(byte[], String) - Constructor for class org.springframework.security.util.InMemoryResource
 
InMemoryTokenRepositoryImpl - Class in org.springframework.security.web.authentication.rememberme
Simple PersistentTokenRepository implementation backed by a Map.
InMemoryTokenRepositoryImpl() - Constructor for class org.springframework.security.web.authentication.rememberme.InMemoryTokenRepositoryImpl
 
InMemoryUserDetailsManager - Class in org.springframework.security.provisioning
Non-persistent implementation of UserDetailsManager which is backed by an in-memory map.
InMemoryUserDetailsManager() - Constructor for class org.springframework.security.provisioning.InMemoryUserDetailsManager
 
InMemoryUserDetailsManager(Collection<UserDetails>) - Constructor for class org.springframework.security.provisioning.InMemoryUserDetailsManager
 
InMemoryUserDetailsManager(UserDetails...) - Constructor for class org.springframework.security.provisioning.InMemoryUserDetailsManager
 
InMemoryUserDetailsManager(Properties) - Constructor for class org.springframework.security.provisioning.InMemoryUserDetailsManager
 
InMemoryUserDetailsManagerConfigurer<B extends ProviderManagerBuilder<B>> - Class in org.springframework.security.config.annotation.authentication.configurers.provisioning
Configures an AuthenticationManagerBuilder to have in memory authentication.
InMemoryUserDetailsManagerConfigurer() - Constructor for class org.springframework.security.config.annotation.authentication.configurers.provisioning.InMemoryUserDetailsManagerConfigurer
Creates a new instance
InsecureChannelProcessor - Class in org.springframework.security.web.access.channel
Ensures channel security is inactive by review of HttpServletRequest.isSecure() responses.
InsecureChannelProcessor() - Constructor for class org.springframework.security.web.access.channel.InsecureChannelProcessor
 
insertAce(int, Permission, Sid, boolean) - Method in class org.springframework.security.acls.domain.AclImpl
 
insertAce(int, Permission, Sid, boolean) - Method in interface org.springframework.security.acls.model.MutableAcl
 
insertFilters(ServletContext, Filter...) - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
instance - Variable in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
 
INSTANCE - Static variable in class org.springframework.security.web.util.matcher.AnyRequestMatcher
 
INSUFFICIENT_SCOPE - Static variable in interface org.springframework.security.oauth2.server.resource.BearerTokenErrorCodes
insufficient_scope - The request requires higher privileges than provided by the access token.
InsufficientAuthenticationException - Exception in org.springframework.security.authentication
Thrown if an authentication request is rejected because the credentials are not sufficiently trusted.
InsufficientAuthenticationException(String) - Constructor for exception org.springframework.security.authentication.InsufficientAuthenticationException
Constructs an InsufficientAuthenticationException with the specified message.
InsufficientAuthenticationException(String, Throwable) - Constructor for exception org.springframework.security.authentication.InsufficientAuthenticationException
Constructs an InsufficientAuthenticationException with the specified message and root cause.
InteractiveAuthenticationSuccessEvent - Class in org.springframework.security.authentication.event
Indicates an interactive authentication was successful.
InteractiveAuthenticationSuccessEvent(Authentication, Class<?>) - Constructor for class org.springframework.security.authentication.event.InteractiveAuthenticationSuccessEvent
 
INTERCEPT_MESSAGE - Static variable in class org.springframework.security.config.Elements
 
INTERCEPT_METHODS - Static variable in class org.springframework.security.config.Elements
 
INTERCEPT_URL - Static variable in class org.springframework.security.config.Elements
 
InterceptMethodsBeanDefinitionDecorator - Class in org.springframework.security.config.method
 
InterceptMethodsBeanDefinitionDecorator() - Constructor for class org.springframework.security.config.method.InterceptMethodsBeanDefinitionDecorator
 
InterceptorStatusToken - Class in org.springframework.security.access.intercept
A return object received by AbstractSecurityInterceptor subclasses.
InterceptorStatusToken(SecurityContext, boolean, Collection<ConfigAttribute>, Object) - Constructor for class org.springframework.security.access.intercept.InterceptorStatusToken
 
InternalAuthenticationServiceException - Exception in org.springframework.security.authentication
Thrown if an authentication request could not be processed due to a system problem that occurred internally.
InternalAuthenticationServiceException(String, Throwable) - Constructor for exception org.springframework.security.authentication.InternalAuthenticationServiceException
 
InternalAuthenticationServiceException(String) - Constructor for exception org.springframework.security.authentication.InternalAuthenticationServiceException
 
INVALID_CLIENT - Static variable in interface org.springframework.security.oauth2.core.OAuth2ErrorCodes
invalid_client - Client authentication failed (e.g., unknown client, no client authentication included, or unsupported authentication method).
INVALID_GRANT - Static variable in interface org.springframework.security.oauth2.core.OAuth2ErrorCodes
invalid_grant - The provided authorization grant (e.g., authorization code, resource owner credentials) or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.
INVALID_REQUEST - Static variable in interface org.springframework.security.oauth2.core.OAuth2ErrorCodes
invalid_request - The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed.
INVALID_REQUEST - Static variable in interface org.springframework.security.oauth2.server.resource.BearerTokenErrorCodes
invalid_request - The request is missing a required parameter, includes an unsupported parameter or parameter value, repeats the same parameter, uses more than one method for including an access token, or is otherwise malformed.
INVALID_SCOPE - Static variable in interface org.springframework.security.oauth2.core.OAuth2ErrorCodes
invalid_scope - The requested scope is invalid, unknown, malformed or exceeds the scope granted by the resource owner.
INVALID_TOKEN - Static variable in interface org.springframework.security.oauth2.server.resource.BearerTokenErrorCodes
invalid_token - The access token provided is expired, revoked, malformed, or invalid for other reasons.
invalidateHttpSession(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
Configures SecurityContextLogoutHandler to invalidate the HttpSession at the time of logout.
InvalidCookieException - Exception in org.springframework.security.web.authentication.rememberme
Exception thrown by a RememberMeServices implementation to indicate that a submitted cookie is of an invalid format or has expired.
InvalidCookieException(String) - Constructor for exception org.springframework.security.web.authentication.rememberme.InvalidCookieException
 
InvalidCsrfTokenException - Exception in org.springframework.security.web.csrf
Thrown when an expected CsrfToken exists, but it does not match the value present on the HttpServletRequest
InvalidCsrfTokenException(CsrfToken, String) - Constructor for exception org.springframework.security.web.csrf.InvalidCsrfTokenException
 
InvalidSessionAccessDeniedHandler - Class in org.springframework.security.web.session
InvalidSessionAccessDeniedHandler(InvalidSessionStrategy) - Constructor for class org.springframework.security.web.session.InvalidSessionAccessDeniedHandler
Creates a new instance
invalidSessionStrategy(InvalidSessionStrategy) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
Setting this attribute will inject the provided invalidSessionStrategy into the SessionManagementFilter.
InvalidSessionStrategy - Interface in org.springframework.security.web.session
Determines the behaviour of the SessionManagementFilter when an invalid session Id is submitted and detected in the SessionManagementFilter.
invalidSessionUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
Setting this attribute will inject the SessionManagementFilter with a SimpleRedirectInvalidSessionStrategy configured with the attribute value.
INVOCATION_ATTRIBUTE_FACTORY - Static variable in class org.springframework.security.config.Elements
 
INVOCATION_HANDLING - Static variable in class org.springframework.security.config.Elements
 
INVOCATIONTARGET_EXTRACTOR - Static variable in class org.springframework.security.web.util.ThrowableAnalyzer
Default extractor for InvocationTargetException instances.
invoke(MethodInvocation) - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor
This method should be used to enforce security on a MethodInvocation.
invoke(JoinPoint) - Method in class org.springframework.security.access.intercept.aspectj.AspectJMethodSecurityInterceptor
Method that is suitable for user with @Aspect notation.
invoke(JoinPoint, AspectJCallback) - Method in class org.springframework.security.access.intercept.aspectj.AspectJMethodSecurityInterceptor
Method that is suitable for user with traditional AspectJ-code aspects.
invoke(MethodInvocation) - Method in class org.springframework.security.access.prepost.PrePostAdviceReactiveMethodInterceptor
 
invoke(Object) - Method in class org.springframework.security.remoting.rmi.ContextPropagatingRemoteInvocation
Invoked on the server-side.
invoke(FilterInvocation) - Method in class org.springframework.security.web.access.intercept.FilterSecurityInterceptor
 
invokeAll(Collection) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
 
invokeAll(Collection, long, TimeUnit) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
 
invokeAny(Collection) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
 
invokeAny(Collection, long, TimeUnit) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
 
IpAddressMatcher - Class in org.springframework.security.web.util.matcher
Matches a request based on IP Address or subnet mask matching against the remote address.
IpAddressMatcher(String) - Constructor for class org.springframework.security.web.util.matcher.IpAddressMatcher
Takes a specific IP address or a range specified using the IP/Netmask (e.g.
IS_AUTHENTICATED_ANONYMOUSLY - Static variable in class org.springframework.security.access.vote.AuthenticatedVoter
 
IS_AUTHENTICATED_FULLY - Static variable in class org.springframework.security.access.vote.AuthenticatedVoter
 
IS_AUTHENTICATED_REMEMBERED - Static variable in class org.springframework.security.access.vote.AuthenticatedVoter
 
isAbsoluteUrl(String) - Static method in class org.springframework.security.web.util.UrlUtils
Decides if a URL is absolute based on whether it contains a valid scheme name, as defined in RFC 1738.
isAccountNonExpired() - Method in class org.springframework.security.core.userdetails.User
 
isAccountNonExpired() - Method in interface org.springframework.security.core.userdetails.UserDetails
Indicates whether the user's account has expired.
isAccountNonExpired() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
 
isAccountNonLocked() - Method in class org.springframework.security.core.userdetails.User
 
isAccountNonLocked() - Method in interface org.springframework.security.core.userdetails.UserDetails
Indicates whether the user is locked or unlocked.
isAccountNonLocked() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
 
isAclClassIdSupported() - Method in class org.springframework.security.acls.jdbc.JdbcAclService
 
isAllowed(MethodInvocation, Authentication) - Method in class org.springframework.security.access.intercept.MethodInvocationPrivilegeEvaluator
 
isAllowed(String, Authentication) - Method in class org.springframework.security.web.access.DefaultWebInvocationPrivilegeEvaluator
Determines whether the user represented by the supplied Authentication object is allowed to invoke the supplied URI.
isAllowed(String, String, String, Authentication) - Method in class org.springframework.security.web.access.DefaultWebInvocationPrivilegeEvaluator
Determines whether the user represented by the supplied Authentication object is allowed to invoke the supplied URI, with the given .
isAllowed(String, Authentication) - Method in interface org.springframework.security.web.access.WebInvocationPrivilegeEvaluator
Determines whether the user represented by the supplied Authentication object is allowed to invoke the supplied URI.
isAllowed(String, String, String, Authentication) - Method in interface org.springframework.security.web.access.WebInvocationPrivilegeEvaluator
Determines whether the user represented by the supplied Authentication object is allowed to invoke the supplied URI, with the given .
isAllowIfAllAbstainDecisions() - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager
 
isAllowIfEqualGrantedDeniedDecisions() - Method in class org.springframework.security.access.vote.ConsensusBased
 
isAllowSessionCreation() - Method in class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
 
isAlwaysReauthenticate() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
 
isAlwaysUseDefaultTargetUrl() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
 
isAnonymous() - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
isAnonymous() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
 
isAnonymous(Authentication) - Method in interface org.springframework.security.authentication.AuthenticationTrustResolver
Indicates whether the passed Authentication token represents an anonymous user.
isAnonymous(Authentication) - Method in class org.springframework.security.authentication.AuthenticationTrustResolverImpl
 
isAsyncSecuritySupported() - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
Determine if the springSecurityFilterChain should be marked as supporting asynch.
isAuditFailure() - Method in class org.springframework.security.acls.domain.AccessControlEntryImpl
 
isAuditFailure() - Method in interface org.springframework.security.acls.model.AuditableAccessControlEntry
 
isAuditSuccess() - Method in class org.springframework.security.acls.domain.AccessControlEntryImpl
 
isAuditSuccess() - Method in interface org.springframework.security.acls.model.AuditableAccessControlEntry
 
isAuthenticateAllArtifacts() - Method in class org.springframework.security.cas.ServiceProperties
 
isAuthenticated() - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
Determines ifthe SecurityExpressionOperations.getAuthentication() is authenticated
isAuthenticated() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
 
isAuthenticated() - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
 
isAuthenticated() - Method in interface org.springframework.security.core.Authentication
Used to indicate to AbstractSecurityInterceptor whether it should present the authentication token to the AuthenticationManager.
isBase64(byte[]) - Static method in class org.springframework.security.crypto.codec.Base64
Deprecated.
 
isChangeAfterReset() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyResponseControl
 
isConfigured() - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
Determines if the AuthenticationManagerBuilder is configured to build a non null AuthenticationManager.
isContextHolderRefreshRequired() - Method in class org.springframework.security.access.intercept.InterceptorStatusToken
 
isContextRelative() - Method in class org.springframework.security.web.DefaultRedirectStrategy
Returns true, if the redirection URL should be calculated minus the protocol and context path (defaults to false).
isContextSaved() - Method in class org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper
Tells if the response wrapper has called saveContext() because of this wrapper.
isConvertToUpperCase() - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
Returns true if role names are converted to uppercase Method available so that classes extending this can override
isCredentialsNonExpired() - Method in class org.springframework.security.core.userdetails.User
 
isCredentialsNonExpired() - Method in interface org.springframework.security.core.userdetails.UserDetails
Indicates whether the user's credentials (password) has expired.
isCredentialsNonExpired() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
 
isCritical() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyControl
Returns whether the control is critical for the client.
isCustomLoginPage() - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
 
isDisableOnResponseCommitted() - Method in class org.springframework.security.web.util.OnCommittedResponseWrapper
Returns true if OnCommittedResponseWrapper.onResponseCommitted() will be invoked when the response is committed, else false.
isEnabled() - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
 
isEnabled() - Method in class org.springframework.security.core.userdetails.User
 
isEnabled() - Method in interface org.springframework.security.core.userdetails.UserDetails
Indicates whether the user is enabled or disabled.
isEnabled() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
 
isEnabled() - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
 
isEntriesInheriting() - Method in class org.springframework.security.acls.domain.AclImpl
 
isEntriesInheriting() - Method in interface org.springframework.security.acls.model.Acl
Indicates whether the ACL entries from the Acl.getParentAcl() should flow down into the current Acl.
isEraseCredentialsAfterAuthentication() - Method in class org.springframework.security.authentication.ProviderManager
 
isExpired() - Method in class org.springframework.security.core.session.SessionInformation
 
isExpired() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyResponseControl
 
isForceHttps() - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
 
isForcePrincipalAsString() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
 
isFullyAuthenticated() - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
Determines if the SecurityExpressionOperations.getAuthentication() authenticated without the use of remember me
isFullyAuthenticated() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
 
isGranted(List<Permission>, List<Sid>, boolean) - Method in class org.springframework.security.acls.domain.AclImpl
Delegates to the PermissionGrantingStrategy.
isGranted(Acl, List<Permission>, List<Sid>, boolean) - Method in class org.springframework.security.acls.domain.DefaultPermissionGrantingStrategy
Determines authorization.
isGranted(List<Permission>, List<Sid>, boolean) - Method in interface org.springframework.security.acls.model.Acl
This is the actual authorization logic method, and must be used whenever ACL authorization decisions are required.
isGranted(Acl, List<Permission>, List<Sid>, boolean) - Method in interface org.springframework.security.acls.model.PermissionGrantingStrategy
Returns true if the supplied strategy decides that the supplied Acl grants access based on the supplied list of permissions and sids.
isGranted() - Method in class org.springframework.security.authorization.AuthorizationDecision
 
isGranting() - Method in class org.springframework.security.acls.domain.AccessControlEntryImpl
 
isGranting() - Method in interface org.springframework.security.acls.model.AccessControlEntry
Indicates the permission is being granted to the relevant Sid.
isHideUserNotFoundExceptions() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
 
isHtmlEscape() - Method in class org.springframework.security.taglibs.authz.AuthenticationTag
Return the HTML escaping setting for this tag, or the default setting if not overridden.
isIgnoreFailure() - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
 
isInvalidateHttpSession() - Method in class org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler
 
isLocked() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyResponseControl
Determines whether an account locked error has been returned.
isLogInteractiveAuthenticationSuccessEvents() - Method in class org.springframework.security.authentication.event.LoggerListener
 
isMatch() - Method in class org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher.MatchResult
 
isObserveOncePerRequest() - Method in class org.springframework.security.web.access.intercept.FilterSecurityInterceptor
Indicates whether once-per-request handling will be observed.
isRejectPublicInvocations() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
 
isRememberMe() - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
Determines if the SecurityExpressionOperations.getAuthentication() was authenticated using remember me
isRememberMe() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
 
isRememberMe(Authentication) - Method in interface org.springframework.security.authentication.AuthenticationTrustResolver
Indicates whether the passed Authentication token represents user that has been remembered (i.e.
isRememberMe(Authentication) - Method in class org.springframework.security.authentication.AuthenticationTrustResolverImpl
 
isRequired() - Method in class org.springframework.security.openid.OpenIDAttribute
The "required" flag for the attribute when used with an authentication request.
isRunning() - Method in class org.springframework.security.ldap.server.ApacheDSContainer
 
isRunning() - Method in class org.springframework.security.ldap.server.UnboundIdContainer
 
ISS - Static variable in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimNames
iss - the Issuer identifier
ISS - Static variable in interface org.springframework.security.oauth2.jwt.JwtClaimNames
iss - the Issuer claim identifies the principal that issued the JWT
isSecure() - Method in class org.springframework.security.web.savedrequest.SavedCookie
 
isSendRenew() - Method in class org.springframework.security.cas.ServiceProperties
Indicates whether the renew parameter should be sent to the CAS login URL and CAS validation URL.
isShutdown() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
 
isSidLoaded(List<Sid>) - Method in class org.springframework.security.acls.domain.AclImpl
 
isSidLoaded(List<Sid>) - Method in interface org.springframework.security.acls.model.Acl
For efficiency reasons an Acl may be loaded and not contain entries for every Sid in the system.
isSimpDestPathMatcherConfigured() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry
isSingleton() - Method in class org.springframework.security.config.authentication.AuthenticationManagerFactoryBean
 
isSingleton() - Method in class org.springframework.security.core.token.SecureRandomFactoryBean
 
isTerminated() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
 
isTokenExpired(long) - Method in class org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices
 
isUiSecurityDisabled() - Static method in class org.springframework.security.taglibs.TagLibConfig
 
isUseForward() - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
 
isUseForward() - Method in class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
 
isUserInRole(String) - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestWrapper
Simple searches for an exactly matching GrantedAuthority.getAuthority().
isUsernameBasedPrimaryKey() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
 
isUsingGraceLogins() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyResponseControl
 
isValid() - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
 
isValidateConfigAttributes() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
 
isValidRedirectUrl(String) - Static method in class org.springframework.security.web.util.UrlUtils
Returns true if the supplied URL starts with a "/" or is absolute.
iterator() - Method in class org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository
Returns an Iterator of ClientRegistration.
iterator() - Method in class org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository
Returns an Iterator of ClientRegistration.

J

J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource - Class in org.springframework.security.web.authentication.preauth.j2ee
Implementation of AuthenticationDetailsSource which converts the user's J2EE roles (as obtained by calling HttpServletRequest.isUserInRole(String)) into GrantedAuthoritys and stores these in the authentication details object.
J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource() - Constructor for class org.springframework.security.web.authentication.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource
 
j2eeMappableRoles - Variable in class org.springframework.security.web.authentication.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource
The role attributes returned by the configured MappableAttributesRetriever
j2eePreAuthenticatedProcessingFilter(J2eePreAuthenticatedProcessingFilter) - Method in class org.springframework.security.config.annotation.web.configurers.JeeConfigurer
Allows specifying the J2eePreAuthenticatedProcessingFilter to use.
J2eePreAuthenticatedProcessingFilter - Class in org.springframework.security.web.authentication.preauth.j2ee
This AbstractPreAuthenticatedProcessingFilter implementation is based on the J2EE container-based authentication mechanism.
J2eePreAuthenticatedProcessingFilter() - Constructor for class org.springframework.security.web.authentication.preauth.j2ee.J2eePreAuthenticatedProcessingFilter
 
j2eeUserRoles2GrantedAuthoritiesMapper - Variable in class org.springframework.security.web.authentication.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource
 
JaasApiIntegrationFilter - Class in org.springframework.security.web.jaasapi
A Filter which attempts to obtain a JAAS Subject and continue the FilterChain running as that Subject.
JaasApiIntegrationFilter() - Constructor for class org.springframework.security.web.jaasapi.JaasApiIntegrationFilter
 
JaasAuthenticationCallbackHandler - Interface in org.springframework.security.authentication.jaas
The JaasAuthenticationCallbackHandler is similar to the javax.security.auth.callback.CallbackHandler interface in that it defines a handle method.
JaasAuthenticationEvent - Class in org.springframework.security.authentication.jaas.event
Parent class for events fired by the JaasAuthenticationProvider.
JaasAuthenticationEvent(Authentication) - Constructor for class org.springframework.security.authentication.jaas.event.JaasAuthenticationEvent
The Authentication object is stored as the ApplicationEvent 'source'.
JaasAuthenticationFailedEvent - Class in org.springframework.security.authentication.jaas.event
Fired when LoginContext.login throws a LoginException, or if any other exception is thrown during that time.
JaasAuthenticationFailedEvent(Authentication, Exception) - Constructor for class org.springframework.security.authentication.jaas.event.JaasAuthenticationFailedEvent
 
JaasAuthenticationProvider - Class in org.springframework.security.authentication.jaas
An AuthenticationProvider implementation that retrieves user details from a JAAS login configuration.
JaasAuthenticationProvider() - Constructor for class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
 
JaasAuthenticationSuccessEvent - Class in org.springframework.security.authentication.jaas.event
Fired by the JaasAuthenticationProvider after successfully logging the user into the LoginContext, handling all callbacks, and calling all AuthorityGranters.
JaasAuthenticationSuccessEvent(Authentication) - Constructor for class org.springframework.security.authentication.jaas.event.JaasAuthenticationSuccessEvent
 
JaasAuthenticationToken - Class in org.springframework.security.authentication.jaas
UsernamePasswordAuthenticationToken extension to carry the Jaas LoginContext that the user was logged into
JaasAuthenticationToken(Object, Object, LoginContext) - Constructor for class org.springframework.security.authentication.jaas.JaasAuthenticationToken
 
JaasAuthenticationToken(Object, Object, List<GrantedAuthority>, LoginContext) - Constructor for class org.springframework.security.authentication.jaas.JaasAuthenticationToken
 
JaasGrantedAuthority - Class in org.springframework.security.authentication.jaas
GrantedAuthority which, in addition to the assigned role, holds the principal that an AuthorityGranter used as a reason to grant this authority.
JaasGrantedAuthority(String, Principal) - Constructor for class org.springframework.security.authentication.jaas.JaasGrantedAuthority
 
JaasNameCallbackHandler - Class in org.springframework.security.authentication.jaas
The most basic Callbacks to be handled when using a LoginContext from JAAS, are the NameCallback and PasswordCallback.
JaasNameCallbackHandler() - Constructor for class org.springframework.security.authentication.jaas.JaasNameCallbackHandler
 
JaasPasswordCallbackHandler - Class in org.springframework.security.authentication.jaas
The most basic Callbacks to be handled when using a LoginContext from JAAS, are the NameCallback and PasswordCallback.
JaasPasswordCallbackHandler() - Constructor for class org.springframework.security.authentication.jaas.JaasPasswordCallbackHandler
 
JDBC_USER_SERVICE - Static variable in class org.springframework.security.config.Elements
 
JdbcAclService - Class in org.springframework.security.acls.jdbc
Simple JDBC-based implementation of AclService.
JdbcAclService(DataSource, LookupStrategy) - Constructor for class org.springframework.security.acls.jdbc.JdbcAclService
 
jdbcAuthentication() - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
Add JDBC authentication to the AuthenticationManagerBuilder and return a JdbcUserDetailsManagerConfigurer to allow customization of the JDBC authentication.
JdbcDaoImpl - Class in org.springframework.security.core.userdetails.jdbc
UserDetailsServiceRetrieves implementation which retrieves the user details (username, password, enabled flag, and authorities) from a database using JDBC queries.
JdbcDaoImpl() - Constructor for class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
 
JdbcMutableAclService - Class in org.springframework.security.acls.jdbc
Provides a base JDBC implementation of MutableAclService.
JdbcMutableAclService(DataSource, LookupStrategy, AclCache) - Constructor for class org.springframework.security.acls.jdbc.JdbcMutableAclService
 
jdbcTemplate - Variable in class org.springframework.security.acls.jdbc.JdbcAclService
 
JdbcTokenRepositoryImpl - Class in org.springframework.security.web.authentication.rememberme
JDBC based persistent login token repository implementation.
JdbcTokenRepositoryImpl() - Constructor for class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl
 
JdbcUserDetailsManager - Class in org.springframework.security.provisioning
Jdbc user management service, based on the same table structure as its parent class, JdbcDaoImpl.
JdbcUserDetailsManager() - Constructor for class org.springframework.security.provisioning.JdbcUserDetailsManager
 
JdbcUserDetailsManager(DataSource) - Constructor for class org.springframework.security.provisioning.JdbcUserDetailsManager
 
JdbcUserDetailsManagerConfigurer<B extends ProviderManagerBuilder<B>> - Class in org.springframework.security.config.annotation.authentication.configurers.provisioning
Configures an AuthenticationManagerBuilder to have JDBC authentication.
JdbcUserDetailsManagerConfigurer(JdbcUserDetailsManager) - Constructor for class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
 
JdbcUserDetailsManagerConfigurer() - Constructor for class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
 
JdbcUserServiceBeanDefinitionParser - Class in org.springframework.security.config.authentication
 
JdbcUserServiceBeanDefinitionParser() - Constructor for class org.springframework.security.config.authentication.JdbcUserServiceBeanDefinitionParser
 
jee() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Configures container based pre authentication.
JEE - Static variable in class org.springframework.security.config.Elements
 
JeeConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Adds support for J2EE pre authentication.
JeeConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.JeeConfigurer
Creates a new instance
JndiDnsResolver - Class in org.springframework.security.remoting.dns
Implementation of DnsResolver which uses JNDI for the DNS queries.
JndiDnsResolver() - Constructor for class org.springframework.security.remoting.dns.JndiDnsResolver
 
JspAuthorizeTag - Class in org.springframework.security.taglibs.authz
A JSP Tag implementation of AbstractAuthorizeTag.
JspAuthorizeTag() - Constructor for class org.springframework.security.taglibs.authz.JspAuthorizeTag
 
Jsr250MethodSecurityMetadataSource - Class in org.springframework.security.access.annotation
Sources method security metadata from major JSR 250 security annotations.
Jsr250MethodSecurityMetadataSource() - Constructor for class org.springframework.security.access.annotation.Jsr250MethodSecurityMetadataSource
 
Jsr250SecurityConfig - Class in org.springframework.security.access.annotation
Security config applicable as a JSR 250 annotation attribute.
Jsr250SecurityConfig(String) - Constructor for class org.springframework.security.access.annotation.Jsr250SecurityConfig
 
Jsr250Voter - Class in org.springframework.security.access.annotation
Voter on JSR-250 configuration attributes.
Jsr250Voter() - Constructor for class org.springframework.security.access.annotation.Jsr250Voter
 
JTI - Static variable in interface org.springframework.security.oauth2.jwt.JwtClaimNames
jti - The JWT ID claim provides a unique identifier for the JWT
jwkSetUri(String) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer.JwtConfigurer
 
jwkSetUri(String) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpec
Configures a ReactiveJwtDecoder using JSON Web Key (JWK) URL
jwkSetUri(String) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder
Sets the uri for the JSON Web Key (JWK) Set endpoint.
JwsAlgorithms - Interface in org.springframework.security.oauth2.jose.jws
The cryptographic algorithms defined by the JSON Web Algorithms (JWA) specification and used by JSON Web Signature (JWS) to digitally sign or create a MAC of the contents of the JWS Protected Header and JWS Payload.
jwt() - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer
 
jwt() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec
 
Jwt - Class in org.springframework.security.oauth2.jwt
An implementation of an AbstractOAuth2Token representing a JSON Web Token (JWT).
Jwt(String, Instant, Instant, Map<String, Object>, Map<String, Object>) - Constructor for class org.springframework.security.oauth2.jwt.Jwt
Constructs a Jwt using the provided parameters.
jwtAuthenticationConverter(Converter<Jwt, ? extends AbstractAuthenticationToken>) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer.JwtConfigurer
 
jwtAuthenticationConverter(Converter<Jwt, ? extends Mono<? extends AbstractAuthenticationToken>>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpec
Configures the Converter to use for converting a Jwt into an AbstractAuthenticationToken.
JwtAuthenticationConverter - Class in org.springframework.security.oauth2.server.resource.authentication
 
JwtAuthenticationConverter() - Constructor for class org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter
 
JwtAuthenticationProvider - Class in org.springframework.security.oauth2.server.resource.authentication
An AuthenticationProvider implementation of the Jwt-encoded Bearer Tokens for protecting OAuth 2.0 Resource Servers.
JwtAuthenticationProvider(JwtDecoder) - Constructor for class org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationProvider
 
JwtAuthenticationToken - Class in org.springframework.security.oauth2.server.resource.authentication
An implementation of an AbstractOAuth2TokenAuthenticationToken representing a Jwt Authentication.
JwtAuthenticationToken(Jwt) - Constructor for class org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken
Constructs a JwtAuthenticationToken using the provided parameters.
JwtAuthenticationToken(Jwt, Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken
Constructs a JwtAuthenticationToken using the provided parameters.
JwtClaimAccessor - Interface in org.springframework.security.oauth2.jwt
A ClaimAccessor for the "claims" that may be contained in the JSON object JWT Claims Set of a JSON Web Token (JWT).
JwtClaimNames - Interface in org.springframework.security.oauth2.jwt
The Registered Claim Names defined by the JSON Web Token (JWT) specification that may be contained in the JSON object JWT Claims Set.
jwtDecoder(ReactiveJwtDecoder) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpec
Configures the ReactiveJwtDecoder to use
JwtDecoder - Interface in org.springframework.security.oauth2.jwt
Implementations of this interface are responsible for "decoding" a JSON Web Token (JWT) from it's compact claims representation format to a Jwt.
JwtDecoders - Class in org.springframework.security.oauth2.jwt
Allows creating a JwtDecoder from an OpenID Provider Configuration.
JwtException - Exception in org.springframework.security.oauth2.jwt
Base exception for all JSON Web Token (JWT) related errors.
JwtException(String) - Constructor for exception org.springframework.security.oauth2.jwt.JwtException
Constructs a JwtException using the provided parameters.
JwtException(String, Throwable) - Constructor for exception org.springframework.security.oauth2.jwt.JwtException
Constructs a JwtException using the provided parameters.
JwtIssuerValidator - Class in org.springframework.security.oauth2.jwt
Validates the "iss" claim in a Jwt, that is matches a configured value
JwtIssuerValidator(String) - Constructor for class org.springframework.security.oauth2.jwt.JwtIssuerValidator
Constructs a JwtIssuerValidator using the provided parameters
JwtReactiveAuthenticationManager - Class in org.springframework.security.oauth2.server.resource.authentication
JwtReactiveAuthenticationManager(ReactiveJwtDecoder) - Constructor for class org.springframework.security.oauth2.server.resource.authentication.JwtReactiveAuthenticationManager
 
JwtSpec() - Constructor for class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpec
 
JwtTimestampValidator - Class in org.springframework.security.oauth2.jwt
An implementation of OAuth2TokenValidator for verifying claims in a Jwt-based access token
JwtTimestampValidator() - Constructor for class org.springframework.security.oauth2.jwt.JwtTimestampValidator
A basic instance with no custom verification and the default max clock skew
JwtTimestampValidator(Duration) - Constructor for class org.springframework.security.oauth2.jwt.JwtTimestampValidator
 
JwtValidationException - Exception in org.springframework.security.oauth2.jwt
An exception that results from an unsuccessful OAuth2TokenValidatorResult
JwtValidationException(String, Collection<OAuth2Error>) - Constructor for exception org.springframework.security.oauth2.jwt.JwtValidationException
Constructs a JwtValidationException using the provided parameters While each OAuth2Error does contain an error description, this constructor can take an overarching description that encapsulates the composition of failures That said, it is appropriate to pass one of the messages from the error list in as the exception description, for example:
JwtValidators - Class in org.springframework.security.oauth2.jwt
Provides factory methods for creating OAuth2TokenValidator<Jwt>

K

key(String) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
Sets the key to identify tokens created for anonymous authentication.
key(String) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
Sets the key to identify tokens created for remember me authentication.
KeyBasedPersistenceTokenService - Class in org.springframework.security.core.token
Basic implementation of TokenService that is compatible with clusters and across machine restarts, without requiring database persistence.
KeyBasedPersistenceTokenService() - Constructor for class org.springframework.security.core.token.KeyBasedPersistenceTokenService
 
KeyGenerators - Class in org.springframework.security.crypto.keygen
Factory for commonly used key generators.

L

LazyCsrfTokenRepository - Class in org.springframework.security.web.csrf
A CsrfTokenRepository that delays saving new CsrfToken until the attributes of the CsrfToken that were generated are accessed.
LazyCsrfTokenRepository(CsrfTokenRepository) - Constructor for class org.springframework.security.web.csrf.LazyCsrfTokenRepository
Creates a new instance
LDAP_AUTHORITIES_POPULATOR_CLASS - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
LDAP_PASSWORD_COMPARE - Static variable in class org.springframework.security.config.Elements
 
LDAP_PROVIDER - Static variable in class org.springframework.security.config.Elements
 
LDAP_SEARCH_CLASS - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
LDAP_SERVER - Static variable in class org.springframework.security.config.Elements
 
LDAP_USER_MAPPER_CLASS - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
LDAP_USER_SERVICE - Static variable in class org.springframework.security.config.Elements
 
ldapAuthentication() - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
Add LDAP authentication to the AuthenticationManagerBuilder and return a LdapAuthenticationProviderConfigurer to allow customization of the LDAP authentication.
LdapAuthenticationProvider - Class in org.springframework.security.ldap.authentication
An AuthenticationProvider implementation that authenticates against an LDAP server.
LdapAuthenticationProvider(LdapAuthenticator, LdapAuthoritiesPopulator) - Constructor for class org.springframework.security.ldap.authentication.LdapAuthenticationProvider
Create an instance with the supplied authenticator and authorities populator implementations.
LdapAuthenticationProvider(LdapAuthenticator) - Constructor for class org.springframework.security.ldap.authentication.LdapAuthenticationProvider
Creates an instance with the supplied authenticator and a null authorities populator.
LdapAuthenticationProviderConfigurer<B extends ProviderManagerBuilder<B>> - Class in org.springframework.security.config.annotation.authentication.configurers.ldap
LdapAuthenticationProviderConfigurer() - Constructor for class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
 
LdapAuthenticationProviderConfigurer.ContextSourceBuilder - Class in org.springframework.security.config.annotation.authentication.configurers.ldap
Allows building a BaseLdapPathContextSource and optionally creating an embedded LDAP instance.
LdapAuthenticationProviderConfigurer.PasswordCompareConfigurer - Class in org.springframework.security.config.annotation.authentication.configurers.ldap
Sets up Password based comparison
LdapAuthenticator - Interface in org.springframework.security.ldap.authentication
The strategy interface for locating and authenticating an Ldap user.
ldapAuthoritiesPopulator(LdapAuthoritiesPopulator) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
LdapAuthoritiesPopulator - Interface in org.springframework.security.ldap.userdetails
Obtains a list of granted authorities for an Ldap user.
LdapAuthority - Class in org.springframework.security.ldap.userdetails
An authority that contains at least a DN and a role name for an LDAP entry but can also contain other desired attributes to be fetched during an LDAP authority search.
LdapAuthority(String, String) - Constructor for class org.springframework.security.ldap.userdetails.LdapAuthority
Constructs an LdapAuthority that has a role and a DN but no other attributes
LdapAuthority(String, String, Map<String, List<String>>) - Constructor for class org.springframework.security.ldap.userdetails.LdapAuthority
Constructs an LdapAuthority with the given role, DN and other LDAP attributes
LdapProviderBeanDefinitionParser - Class in org.springframework.security.config.ldap
Ldap authentication provider namespace configuration.
LdapProviderBeanDefinitionParser() - Constructor for class org.springframework.security.config.ldap.LdapProviderBeanDefinitionParser
 
LdapServerBeanDefinitionParser - Class in org.springframework.security.config.ldap
 
LdapServerBeanDefinitionParser() - Constructor for class org.springframework.security.config.ldap.LdapServerBeanDefinitionParser
 
LdapShaPasswordEncoder - Class in org.springframework.security.crypto.password
Deprecated.
Digest based password encoding is not considered secure. Instead use an adaptive one way function like BCryptPasswordEncoder, Pbkdf2PasswordEncoder, or SCryptPasswordEncoder. Even better use DelegatingPasswordEncoder which supports password upgrades. There are no plans to remove this support. It is deprecated to indicate that this is a legacy implementation and using it is considered insecure.
LdapShaPasswordEncoder() - Constructor for class org.springframework.security.crypto.password.LdapShaPasswordEncoder
Deprecated.
 
LdapShaPasswordEncoder(BytesKeyGenerator) - Constructor for class org.springframework.security.crypto.password.LdapShaPasswordEncoder
Deprecated.
 
LdapUserDetails - Interface in org.springframework.security.ldap.userdetails
Captures the information for a user's LDAP entry.
LdapUserDetailsImpl - Class in org.springframework.security.ldap.userdetails
A UserDetails implementation which is used internally by the Ldap services.
LdapUserDetailsImpl() - Constructor for class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
 
LdapUserDetailsImpl.Essence - Class in org.springframework.security.ldap.userdetails
Variation of essence pattern.
LdapUserDetailsManager - Class in org.springframework.security.ldap.userdetails
An Ldap implementation of UserDetailsManager.
LdapUserDetailsManager(ContextSource) - Constructor for class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
 
LdapUserDetailsMapper - Class in org.springframework.security.ldap.userdetails
The context mapper used by the LDAP authentication provider to create an LDAP user object.
LdapUserDetailsMapper() - Constructor for class org.springframework.security.ldap.userdetails.LdapUserDetailsMapper
 
LdapUserDetailsService - Class in org.springframework.security.ldap.userdetails
LDAP implementation of UserDetailsService based around an LdapUserSearch and an LdapAuthoritiesPopulator.
LdapUserDetailsService(LdapUserSearch) - Constructor for class org.springframework.security.ldap.userdetails.LdapUserDetailsService
 
LdapUserDetailsService(LdapUserSearch, LdapAuthoritiesPopulator) - Constructor for class org.springframework.security.ldap.userdetails.LdapUserDetailsService
 
LdapUsernameToDnMapper - Interface in org.springframework.security.ldap
Constructs an Ldap Distinguished Name from a username.
LdapUserSearch - Interface in org.springframework.security.ldap.search
Obtains a user's information from the LDAP directory given a login name.
LdapUserServiceBeanDefinitionParser - Class in org.springframework.security.config.ldap
 
LdapUserServiceBeanDefinitionParser() - Constructor for class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
LdapUtils - Class in org.springframework.security.ldap
LDAP Utility methods.
ldif(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.ContextSourceBuilder
Specifies an ldif to load at startup for an embedded LDAP server.
load(ServerWebExchange) - Method in class org.springframework.security.web.server.context.NoOpServerSecurityContextRepository
 
load(ServerWebExchange) - Method in interface org.springframework.security.web.server.context.ServerSecurityContextRepository
Loads the SecurityContext associated with the ServerWebExchange
load(ServerWebExchange) - Method in class org.springframework.security.web.server.context.WebSessionServerSecurityContextRepository
 
loadAuthorizationRequest(HttpServletRequest) - Method in interface org.springframework.security.oauth2.client.web.AuthorizationRequestRepository
Returns the OAuth2AuthorizationRequest associated to the provided HttpServletRequest or null if not available.
loadAuthorizationRequest(HttpServletRequest) - Method in class org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizationRequestRepository
 
loadAuthorizationRequest(ServerWebExchange) - Method in interface org.springframework.security.oauth2.client.web.server.ServerAuthorizationRequestRepository
Returns the OAuth2AuthorizationRequest associated to the provided HttpServletRequest or null if not available.
loadAuthorizationRequest(ServerWebExchange) - Method in class org.springframework.security.oauth2.client.web.server.WebSessionOAuth2ServerAuthorizationRequestRepository
 
loadAuthorizedClient(String, String) - Method in class org.springframework.security.oauth2.client.InMemoryOAuth2AuthorizedClientService
 
loadAuthorizedClient(String, String) - Method in class org.springframework.security.oauth2.client.InMemoryReactiveOAuth2AuthorizedClientService
 
loadAuthorizedClient(String, String) - Method in interface org.springframework.security.oauth2.client.OAuth2AuthorizedClientService
Returns the OAuth2AuthorizedClient associated to the provided client registration identifier and End-User's Principal name or null if not available.
loadAuthorizedClient(String, String) - Method in interface org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientService
Returns the OAuth2AuthorizedClient associated to the provided client registration identifier and End-User's Principal name or null if not available.
loadAuthorizedClient(String, Authentication, HttpServletRequest) - Method in class org.springframework.security.oauth2.client.web.AuthenticatedPrincipalOAuth2AuthorizedClientRepository
 
loadAuthorizedClient(String, Authentication, HttpServletRequest) - Method in class org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizedClientRepository
 
loadAuthorizedClient(String, Authentication, HttpServletRequest) - Method in interface org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository
Returns the OAuth2AuthorizedClient associated to the provided client registration identifier and End-User Authentication (Resource Owner) or null if not available.
loadAuthorizedClient(String, Authentication, ServerWebExchange) - Method in class org.springframework.security.oauth2.client.web.server.AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository
 
loadAuthorizedClient(String, Authentication, ServerWebExchange) - Method in interface org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository
Returns the OAuth2AuthorizedClient associated to the provided client registration identifier and End-User Authentication (Resource Owner) or null if not available.
loadAuthorizedClient(String, Authentication, ServerWebExchange) - Method in class org.springframework.security.oauth2.client.web.server.UnAuthenticatedServerOAuth2AuthorizedClientRepository
 
loadAuthorizedClient(String, Authentication, ServerWebExchange) - Method in class org.springframework.security.oauth2.client.web.server.WebSessionServerOAuth2AuthorizedClientRepository
 
loadContext(HttpRequestResponseHolder) - Method in class org.springframework.security.web.context.HttpSessionSecurityContextRepository
Gets the security context for the current request (if available) and returns it.
loadContext(HttpRequestResponseHolder) - Method in class org.springframework.security.web.context.NullSecurityContextRepository
 
loadContext(HttpRequestResponseHolder) - Method in interface org.springframework.security.web.context.SecurityContextRepository
Obtains the security context for the supplied request.
loadGroupAuthorities(String) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
Loads authorities by executing the SQL from groupAuthoritiesByUsernameQuery.
loadToken(HttpServletRequest) - Method in class org.springframework.security.web.csrf.CookieCsrfTokenRepository
 
loadToken(HttpServletRequest) - Method in interface org.springframework.security.web.csrf.CsrfTokenRepository
Loads the expected CsrfToken from the HttpServletRequest
loadToken(HttpServletRequest) - Method in class org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository
 
loadToken(HttpServletRequest) - Method in class org.springframework.security.web.csrf.LazyCsrfTokenRepository
Delegates to the injected CsrfTokenRepository
loadToken(ServerWebExchange) - Method in class org.springframework.security.web.server.csrf.CookieServerCsrfTokenRepository
 
loadToken(ServerWebExchange) - Method in interface org.springframework.security.web.server.csrf.ServerCsrfTokenRepository
Loads the expected CsrfToken from the ServerWebExchange
loadToken(ServerWebExchange) - Method in class org.springframework.security.web.server.csrf.WebSessionServerCsrfTokenRepository
 
loadUser(OidcUserRequest) - Method in class org.springframework.security.oauth2.client.oidc.userinfo.OidcReactiveOAuth2UserService
 
loadUser(OidcUserRequest) - Method in class org.springframework.security.oauth2.client.oidc.userinfo.OidcUserService
 
loadUser(OAuth2UserRequest) - Method in class org.springframework.security.oauth2.client.userinfo.CustomUserTypesOAuth2UserService
 
loadUser(OAuth2UserRequest) - Method in class org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService
 
loadUser(OAuth2UserRequest) - Method in class org.springframework.security.oauth2.client.userinfo.DefaultReactiveOAuth2UserService
 
loadUser(R) - Method in class org.springframework.security.oauth2.client.userinfo.DelegatingOAuth2UserService
 
loadUser(R) - Method in interface org.springframework.security.oauth2.client.userinfo.OAuth2UserService
Returns an OAuth2User after obtaining the user attributes of the End-User from the UserInfo Endpoint.
loadUser(R) - Method in interface org.springframework.security.oauth2.client.userinfo.ReactiveOAuth2UserService
Returns an OAuth2User after obtaining the user attributes of the End-User from the UserInfo Endpoint.
loadUserAuthorities(String) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
Loads authorities by executing the SQL from authoritiesByUsernameQuery.
loadUserAuthorities(DirContextOperations, String, String) - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
 
loadUserAuthorities(DirContextOperations, String, String) - Method in class org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider
Creates the user authority list from the values of the memberOf attribute obtained from the user's Active Directory entry.
loadUserAuthorities(DirContextOperations, String, String) - Method in class org.springframework.security.ldap.authentication.LdapAuthenticationProvider
 
loadUserByAssertion(Assertion) - Method in class org.springframework.security.cas.authentication.CasAuthenticationProvider
Template method for retrieving the UserDetails based on the assertion.
loadUserByUsername(String) - Method in class org.springframework.security.config.authentication.CachingUserDetailsService
 
loadUserByUsername(String) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
 
loadUserByUsername(String) - Method in interface org.springframework.security.core.userdetails.UserDetailsService
Locates the user based on the username.
loadUserByUsername(String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
 
loadUserByUsername(String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsService
 
loadUserByUsername(String) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
 
loadUserDetails(CasAssertionAuthenticationToken) - Method in class org.springframework.security.cas.userdetails.AbstractCasAssertionUserDetailsService
 
loadUserDetails(Assertion) - Method in class org.springframework.security.cas.userdetails.AbstractCasAssertionUserDetailsService
Protected template method for construct a UserDetails via the supplied CAS assertion.
loadUserDetails(Assertion) - Method in class org.springframework.security.cas.userdetails.GrantedAuthorityFromAssertionAttributesUserDetailsService
 
loadUserDetails(T) - Method in interface org.springframework.security.core.userdetails.AuthenticationUserDetailsService
 
loadUserDetails(T) - Method in class org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper
Get the UserDetails object from the wrapped UserDetailsService implementation
loadUserDetails(PreAuthenticatedAuthenticationToken) - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesUserDetailsService
Get a UserDetails object based on the user name contained in the given token, and the GrantedAuthorities as returned by the GrantedAuthoritiesContainer implementation as returned by the token.getDetails() method.
loadUsersByUsername(String) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
Executes the SQL usersByUsernameQuery and returns a list of UserDetails objects.
LOCALE - Static variable in interface org.springframework.security.oauth2.core.oidc.StandardClaimNames
locale - the user's locale
locality(String) - Method in class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim.Builder
Sets the city or locality.
LockedException - Exception in org.springframework.security.authentication
Thrown if an authentication request is rejected because the account is locked.
LockedException(String) - Constructor for exception org.springframework.security.authentication.LockedException
Constructs a LockedException with the specified message.
LockedException(String, Throwable) - Constructor for exception org.springframework.security.authentication.LockedException
Constructs a LockedException with the specified message and root cause.
log - Static variable in class org.springframework.security.acls.jdbc.JdbcAclService
 
log - Variable in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
 
log - Static variable in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
 
logger - Variable in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
 
logger - Variable in class org.springframework.security.access.expression.method.ExpressionBasedPostInvocationAdvice
 
logger - Variable in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
 
logger - Static variable in class org.springframework.security.access.intercept.AfterInvocationProviderManager
 
logger - Static variable in class org.springframework.security.access.intercept.MethodInvocationPrivilegeEvaluator
 
logger - Variable in class org.springframework.security.access.method.AbstractMethodSecurityMetadataSource
 
logger - Variable in class org.springframework.security.access.prepost.PostInvocationAdviceProvider
 
logger - Variable in class org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter
 
logger - Variable in class org.springframework.security.access.vote.AbstractAccessDecisionManager
 
logger - Static variable in class org.springframework.security.acls.afterinvocation.AclEntryAfterInvocationCollectionFilteringProvider
 
logger - Static variable in class org.springframework.security.acls.afterinvocation.AclEntryAfterInvocationProvider
 
logger - Variable in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
 
logger - Variable in class org.springframework.security.config.http.FormLoginBeanDefinitionParser
 
logger - Variable in class org.springframework.security.core.session.SessionRegistryImpl
 
logger - Variable in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
 
logger - Variable in class org.springframework.security.ldap.DefaultSpringSecurityContextSource
 
logger - Variable in class org.springframework.security.openid.OpenID4JavaConsumer
 
logger - Variable in class org.springframework.security.provisioning.InMemoryUserDetailsManager
 
logger - Variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
logger - Static variable in class org.springframework.security.taglibs.authz.AccessControlListTag
 
logger - Static variable in class org.springframework.security.web.access.AccessDeniedHandlerImpl
 
logger - Variable in class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
 
logger - Static variable in class org.springframework.security.web.access.DefaultWebInvocationPrivilegeEvaluator
 
logger - Variable in class org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource
 
logger - Variable in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
 
logger - Variable in class org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler
 
logger - Variable in class org.springframework.security.web.authentication.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource
 
logger - Variable in class org.springframework.security.web.authentication.preauth.j2ee.WebXmlMappableAttributesRetriever
 
logger - Variable in class org.springframework.security.web.authentication.preauth.x509.SubjectDnX509PrincipalExtractor
 
logger - Variable in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
 
logger - Variable in class org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler
 
logger - Variable in class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
 
logger - Variable in class org.springframework.security.web.context.HttpSessionSecurityContextRepository
 
logger - Variable in class org.springframework.security.web.DefaultRedirectStrategy
 
logger - Static variable in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
logger - Variable in class org.springframework.security.web.savedrequest.HttpSessionRequestCache
 
logger - Variable in class org.springframework.security.web.server.savedrequest.WebSessionServerRequestCache
 
LoggerListener - Class in org.springframework.security.access.event
Outputs interceptor-related application events to Commons Logging.
LoggerListener() - Constructor for class org.springframework.security.access.event.LoggerListener
 
LoggerListener - Class in org.springframework.security.authentication.event
Outputs authentication-related application events to Commons Logging.
LoggerListener() - Constructor for class org.springframework.security.authentication.event.LoggerListener
 
logIfNeeded(boolean, AccessControlEntry) - Method in interface org.springframework.security.acls.domain.AuditLogger
 
logIfNeeded(boolean, AccessControlEntry) - Method in class org.springframework.security.acls.domain.ConsoleAuditLogger
 
login() - Method in class org.springframework.security.authentication.jaas.SecurityContextLoginModule
Authenticate the Subject (phase one) by extracting the Spring Security Authentication from the current SecurityContext.
LoginExceptionResolver - Interface in org.springframework.security.authentication.jaas
The JaasAuthenticationProvider takes an instance of LoginExceptionResolver to resolve LoginModule specific exceptions to Spring Security AuthenticationExceptions.
loginFail(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.NullRememberMeServices
 
loginFail(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
 
loginFail(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.authentication.RememberMeServices
Called whenever an interactive authentication attempt was made, but the credentials supplied by the user were missing or otherwise invalid.
loginPage(String) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Specifies the URL to send users to if login is required.
loginPage(String) - Method in class org.springframework.security.config.annotation.web.configurers.FormLoginConfigurer
Specifies the URL to send users to if login is required.
loginPage(String) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer
 
loginPage(String) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer
Specifies the URL to send users to if login is required.
loginPage(String) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.FormLoginSpec
Configures the log in page to redirect to, the authentication failure page, and when authentication is performed.
LoginPageGeneratingWebFilter - Class in org.springframework.security.web.server.ui
Generates a default log in page used for authenticating users.
LoginPageGeneratingWebFilter() - Constructor for class org.springframework.security.web.server.ui.LoginPageGeneratingWebFilter
 
loginProcessingUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Specifies the URL to validate the credentials.
loginProcessingUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer
 
loginProcessingUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer
Specifies the URL used to authenticate OpenID requests.
loginProcessingUrl(String) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.FormLoginRequestBuilder
Specifies the URL to POST to.
loginSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.NullRememberMeServices
 
loginSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
Called whenever an interactive authentication attempt is successful.
loginSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in interface org.springframework.security.web.authentication.RememberMeServices
Called whenever an interactive authentication attempt is successful.
LoginUrlAuthenticationEntryPoint - Class in org.springframework.security.web.authentication
Used by the ExceptionTranslationFilter to commence a form login authentication via the UsernamePasswordAuthenticationFilter.
LoginUrlAuthenticationEntryPoint(String) - Constructor for class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
 
logout() - Method in class org.springframework.security.authentication.jaas.SecurityContextLoginModule
Log out the Subject.
logout() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Provides logout support.
LOGOUT - Static variable in class org.springframework.security.config.Elements
 
logout() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity
Configures log out.
logout() - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders
Creates a logout request.
logout(String) - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders
Creates a logout request (including any necessary CsrfToken) to the specified logoutUrl
logout(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.logout.CompositeLogoutHandler
 
logout(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.logout.CookieClearingLogoutHandler
 
logout(HttpServletRequest, HttpServletResponse, Authentication) - Method in interface org.springframework.security.web.authentication.logout.LogoutHandler
Causes a logout to be completed.
logout(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler
Requires the request to be passed in.
logout(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
Implementation of LogoutHandler.
logout(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices
 
logout(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.csrf.CsrfLogoutHandler
Clears the CsrfToken
logout(WebFilterExchange, Authentication) - Method in class org.springframework.security.web.server.authentication.logout.DelegatingServerLogoutHandler
 
logout(WebFilterExchange, Authentication) - Method in class org.springframework.security.web.server.authentication.logout.SecurityContextServerLogoutHandler
 
logout(WebFilterExchange, Authentication) - Method in interface org.springframework.security.web.server.authentication.logout.ServerLogoutHandler
Invoked when log out is requested
logout(WebFilterExchange, Authentication) - Method in class org.springframework.security.web.server.csrf.CsrfServerLogoutHandler
Clears the CsrfToken
LogoutConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Adds logout support.
LogoutConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
Creates a new instance
LogoutFilter - Class in org.springframework.security.web.authentication.logout
Logs a principal out.
LogoutFilter(LogoutSuccessHandler, LogoutHandler...) - Constructor for class org.springframework.security.web.authentication.logout.LogoutFilter
Constructor which takes a LogoutSuccessHandler instance to determine the target destination after logging out.
LogoutFilter(String, LogoutHandler...) - Constructor for class org.springframework.security.web.authentication.logout.LogoutFilter
 
logoutHandler(ServerLogoutHandler) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.LogoutSpec
Configures the logout handler.
LogoutHandler - Interface in org.springframework.security.web.authentication.logout
Indicates a class that is able to participate in logout handling.
LogoutPageGeneratingWebFilter - Class in org.springframework.security.web.server.ui
Generates a default log out page.
LogoutPageGeneratingWebFilter() - Constructor for class org.springframework.security.web.server.ui.LogoutPageGeneratingWebFilter
 
logoutRequestMatcher(RequestMatcher) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
The RequestMatcher that triggers log out to occur.
logoutSuccessHandler(LogoutSuccessHandler) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
Sets the LogoutSuccessHandler to use.
logoutSuccessHandler(ServerLogoutSuccessHandler) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.LogoutSpec
 
LogoutSuccessHandler - Interface in org.springframework.security.web.authentication.logout
Strategy that is called after a successful logout by the LogoutFilter, to handle redirection or forwarding to the appropriate destination.
logoutSuccessUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
The URL to redirect to after logout has occurred.
logoutUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
The URL that triggers log out to occur (default is "/logout").
logoutUrl(String) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.LogoutSpec
Configures what URL a POST to will trigger a log out.
logoutUrl(String) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.LogoutRequestBuilder
Specifies the logout URL to POST to.
LogoutWebFilter - Class in org.springframework.security.web.server.authentication.logout
If the request matches, logs an authenticated user out by delegating to a ServerLogoutHandler.
LogoutWebFilter() - Constructor for class org.springframework.security.web.server.authentication.logout.LogoutWebFilter
 
lookupHttpPort(Integer) - Method in interface org.springframework.security.web.PortMapper
Locates the HTTP port associated with the specified HTTPS port.
lookupHttpPort(Integer) - Method in class org.springframework.security.web.PortMapperImpl
 
lookupHttpsPort(Integer) - Method in interface org.springframework.security.web.PortMapper
Locates the HTTPS port associated with the specified HTTP port.
lookupHttpsPort(Integer) - Method in class org.springframework.security.web.PortMapperImpl
 
lookupRealm(String) - Method in class org.springframework.security.openid.OpenIDAuthenticationFilter
 
LookupStrategy - Interface in org.springframework.security.acls.jdbc
Performs lookups for AclService.

M

makeTokenSignature(long, String, String) - Method in class org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices
Calculates the digital signature to be put in the cookie.
managerDn(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.ContextSourceBuilder
Username (DN) of the "manager" user identity (i.e.
managerPassword(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.ContextSourceBuilder
The password for the manager DN.
mapAuthorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.access.hierarchicalroles.RoleHierarchyAuthoritiesMapper
 
mapAuthorities(Collection<? extends GrantedAuthority>) - Method in interface org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper
 
mapAuthorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.core.authority.mapping.NullAuthoritiesMapper
 
mapAuthorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.core.authority.mapping.SimpleAuthorityMapper
Creates a mapping of the supplied authorities based on the case-conversion and prefix settings.
MapBasedAttributes2GrantedAuthoritiesMapper - Class in org.springframework.security.core.authority.mapping
This class implements the Attributes2GrantedAuthoritiesMapper and MappableAttributesRetriever interfaces based on the supplied Map.
MapBasedAttributes2GrantedAuthoritiesMapper() - Constructor for class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
 
MapBasedMethodSecurityMetadataSource - Class in org.springframework.security.access.method
Stores a list of ConfigAttributes for a method or class signature.
MapBasedMethodSecurityMetadataSource() - Constructor for class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
 
MapBasedMethodSecurityMetadataSource(Map<String, List<ConfigAttribute>>) - Constructor for class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
Creates the MapBasedMethodSecurityMetadataSource from a
MappableAttributesRetriever - Interface in org.springframework.security.core.authority.mapping
Interface to be implemented by classes that can retrieve a list of mappable security attribute strings (for example the list of all available J2EE roles in a web or EJB application).
mappableAuthorities(String...) - Method in class org.springframework.security.config.annotation.web.configurers.JeeConfigurer
Specifies roles to use map from the HttpServletRequest to the UserDetails.
mappableAuthorities(Set<String>) - Method in class org.springframework.security.config.annotation.web.configurers.JeeConfigurer
Specifies roles to use map from the HttpServletRequest to the UserDetails.
mappableRoles(String...) - Method in class org.springframework.security.config.annotation.web.configurers.JeeConfigurer
Specifies roles to use map from the HttpServletRequest to the UserDetails and automatically prefixes it with "ROLE_".
mapPassword(Object) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsMapper
Extension point to allow customized creation of the user's password from the attribute stored in the directory.
MappedJwtClaimSetConverter - Class in org.springframework.security.oauth2.jwt
Converts a JWT claim set, claim by claim.
MappedJwtClaimSetConverter(Map<String, Converter<Object, ?>>) - Constructor for class org.springframework.security.oauth2.jwt.MappedJwtClaimSetConverter
Constructs a MappedJwtClaimSetConverter with the provided arguments This will completely replace any set of default converters.
MapReactiveUserDetailsService - Class in org.springframework.security.core.userdetails
A Map based implementation of ReactiveUserDetailsService
MapReactiveUserDetailsService(Map<String, UserDetails>) - Constructor for class org.springframework.security.core.userdetails.MapReactiveUserDetailsService
Creates a new instance using a Map that must be non blocking.
MapReactiveUserDetailsService(UserDetails...) - Constructor for class org.springframework.security.core.userdetails.MapReactiveUserDetailsService
Creates a new instance
MapReactiveUserDetailsService(Collection<UserDetails>) - Constructor for class org.springframework.security.core.userdetails.MapReactiveUserDetailsService
Creates a new instance
mapsTo(int) - Method in class org.springframework.security.config.annotation.web.configurers.PortMapperConfigurer.HttpPortMapping
Maps the given HTTP port to the provided HTTPS port and vice versa.
mapUserFromContext(DirContextOperations, String, Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.ldap.userdetails.InetOrgPersonContextMapper
 
mapUserFromContext(DirContextOperations, String, Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsMapper
 
mapUserFromContext(DirContextOperations, String, Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.ldap.userdetails.PersonContextMapper
 
mapUserFromContext(DirContextOperations, String, Collection<? extends GrantedAuthority>) - Method in interface org.springframework.security.ldap.userdetails.UserDetailsContextMapper
Creates a fully populated UserDetails object for use by the security framework.
mapUserToContext(UserDetails, DirContextAdapter) - Method in class org.springframework.security.ldap.userdetails.InetOrgPersonContextMapper
 
mapUserToContext(UserDetails, DirContextAdapter) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsMapper
 
mapUserToContext(UserDetails, DirContextAdapter) - Method in class org.springframework.security.ldap.userdetails.PersonContextMapper
 
mapUserToContext(UserDetails, DirContextAdapter) - Method in interface org.springframework.security.ldap.userdetails.UserDetailsContextMapper
Reverse of the above operation.
mask - Variable in class org.springframework.security.acls.domain.AbstractPermission
 
match(MvcResult) - Method in class org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.AuthenticatedMatcher
 
match() - Static method in class org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher.MatchResult
Creates an instance of ServerWebExchangeMatcher.MatchResult that is a match with no variables
match(Map<String, Object>) - Static method in class org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher.MatchResult
Creates an instance of ServerWebExchangeMatcher.MatchResult that is a match with the specified variables
matchers - Variable in class org.springframework.security.config.annotation.web.builders.HttpSecurity.RequestMatcherConfigurer
 
matchers(MessageMatcher<?>...) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry
Maps a List of MessageMatcher instances to a security expression.
matchers(ServerWebExchangeMatcher...) - Static method in class org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers
Creates a matcher that will match on any of the provided matchers
MatcherSecurityWebFilterChain - Class in org.springframework.security.web.server
A SecurityWebFilterChain that leverages a ServerWebExchangeMatcher to determine which WebFilter to execute.
MatcherSecurityWebFilterChain(ServerWebExchangeMatcher, List<WebFilter>) - Constructor for class org.springframework.security.web.server.MatcherSecurityWebFilterChain
 
MatcherType - Enum in org.springframework.security.config.http
Defines the RequestMatcher types supported by the namespace.
matches(CharSequence, String) - Method in class org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
 
matches(CharSequence, String) - Method in class org.springframework.security.crypto.password.AbstractPasswordEncoder
 
matches(byte[], byte[]) - Static method in class org.springframework.security.crypto.password.AbstractPasswordEncoder
Constant time comparison to prevent against timing attacks.
matches(CharSequence, String) - Method in class org.springframework.security.crypto.password.DelegatingPasswordEncoder
 
matches(CharSequence, String) - Method in class org.springframework.security.crypto.password.LdapShaPasswordEncoder
Deprecated.
Checks the validity of an unencoded password against an encoded one in the form "{SSHA}sQuQF8vj8Eg2Y1hPdh3bkQhCKQBgjhQI".
matches(CharSequence, String) - Method in class org.springframework.security.crypto.password.Md4PasswordEncoder
Deprecated.
Takes a previously encoded password and compares it with a rawpassword after mixing in the salt and encoding that value
matches(CharSequence, String) - Method in class org.springframework.security.crypto.password.MessageDigestPasswordEncoder
Deprecated.
Takes a previously encoded password and compares it with a rawpassword after mixing in the salt and encoding that value
matches(CharSequence, String) - Method in class org.springframework.security.crypto.password.NoOpPasswordEncoder
Deprecated.
 
matches(CharSequence, String) - Method in interface org.springframework.security.crypto.password.PasswordEncoder
Verify the encoded password obtained from storage matches the submitted raw password after it too is encoded.
matches(CharSequence, String) - Method in class org.springframework.security.crypto.password.Pbkdf2PasswordEncoder
 
matches(CharSequence, String) - Method in class org.springframework.security.crypto.password.StandardPasswordEncoder
Deprecated.
 
matches(CharSequence, String) - Method in class org.springframework.security.crypto.scrypt.SCryptPasswordEncoder
 
matches(Message<? extends T>) - Method in class org.springframework.security.messaging.util.matcher.AndMessageMatcher
 
matches(Message<? extends T>) - Method in interface org.springframework.security.messaging.util.matcher.MessageMatcher
Returns true if the Message matches, else false
matches(Message<? extends T>) - Method in class org.springframework.security.messaging.util.matcher.OrMessageMatcher
 
matches(Message<? extends Object>) - Method in class org.springframework.security.messaging.util.matcher.SimpDestinationMessageMatcher
 
matches(Message<? extends Object>) - Method in class org.springframework.security.messaging.util.matcher.SimpMessageTypeMatcher
 
matches(HttpServletRequest) - Method in class org.springframework.security.web.DefaultSecurityFilterChain
 
matches(HttpServletRequest) - Method in interface org.springframework.security.web.SecurityFilterChain
 
matches(ServerWebExchange) - Method in class org.springframework.security.web.server.MatcherSecurityWebFilterChain
 
matches(ServerWebExchange) - Method in interface org.springframework.security.web.server.SecurityWebFilterChain
Determines if this SecurityWebFilterChain matches the provided ServerWebExchange
matches(ServerWebExchange) - Method in class org.springframework.security.web.server.util.matcher.AndServerWebExchangeMatcher
 
matches(ServerWebExchange) - Method in class org.springframework.security.web.server.util.matcher.MediaTypeServerWebExchangeMatcher
 
matches(ServerWebExchange) - Method in class org.springframework.security.web.server.util.matcher.NegatedServerWebExchangeMatcher
 
matches(ServerWebExchange) - Method in class org.springframework.security.web.server.util.matcher.OrServerWebExchangeMatcher
 
matches(ServerWebExchange) - Method in class org.springframework.security.web.server.util.matcher.PathPatternParserServerWebExchangeMatcher
 
matches(ServerWebExchange) - Method in interface org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher
Determines if a request matches or not
matches(HttpServletRequest) - Method in class org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher
 
matches(HttpServletRequest) - Method in class org.springframework.security.web.util.matcher.AndRequestMatcher
 
matches(HttpServletRequest) - Method in class org.springframework.security.web.util.matcher.AntPathRequestMatcher
Returns true if the configured pattern (and HTTP-Method) match those of the supplied request.
matches(HttpServletRequest) - Method in class org.springframework.security.web.util.matcher.AnyRequestMatcher
 
matches(HttpServletRequest) - Method in class org.springframework.security.web.util.matcher.ELRequestMatcher
 
matches(HttpServletRequest) - Method in class org.springframework.security.web.util.matcher.IpAddressMatcher
 
matches(String) - Method in class org.springframework.security.web.util.matcher.IpAddressMatcher
 
matches(HttpServletRequest) - Method in class org.springframework.security.web.util.matcher.MediaTypeRequestMatcher
 
matches(HttpServletRequest) - Method in class org.springframework.security.web.util.matcher.NegatedRequestMatcher
 
matches(HttpServletRequest) - Method in class org.springframework.security.web.util.matcher.OrRequestMatcher
 
matches(HttpServletRequest) - Method in class org.springframework.security.web.util.matcher.RegexRequestMatcher
Performs the match of the request URL (servletPath + pathInfo + queryString ) against the compiled pattern.
matches(HttpServletRequest) - Method in class org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher
 
matches(HttpServletRequest) - Method in interface org.springframework.security.web.util.matcher.RequestMatcher
Decides whether the rule implemented by the strategy matches the supplied request.
maxAge(Duration) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.HstsSpec
Configures the max age.
maxAgeInSeconds(long) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.HpkpConfig
Sets the value (in seconds) for the max-age directive of the Public-Key-Pins header.
maxAgeInSeconds(long) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.HstsConfig
Sets the value (in seconds) for the max-age directive of the Strict-Transport-Security header.
maximumSessions(int) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
Controls the maximum number of sessions for a user.
maxSessionsPreventsLogin(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.ConcurrencyControlConfigurer
If true, prevents a user from authenticating when the SessionManagementConfigurer.maximumSessions(int) has been reached.
Md4PasswordEncoder - Class in org.springframework.security.crypto.password
Deprecated.
Digest based password encoding is not considered secure. Instead use an adaptive one way function like BCryptPasswordEncoder, Pbkdf2PasswordEncoder, or SCryptPasswordEncoder. Even better use DelegatingPasswordEncoder which supports password upgrades. There are no plans to remove this support. It is deprecated to indicate that this is a legacy implementation and using it is considered insecure.
Md4PasswordEncoder() - Constructor for class org.springframework.security.crypto.password.Md4PasswordEncoder
Deprecated.
 
MediaTypeRequestMatcher - Class in org.springframework.security.web.util.matcher
Allows matching HttpServletRequest based upon the MediaType's resolved from a ContentNegotiationStrategy.
MediaTypeRequestMatcher(ContentNegotiationStrategy, MediaType...) - Constructor for class org.springframework.security.web.util.matcher.MediaTypeRequestMatcher
Creates an instance
MediaTypeRequestMatcher(ContentNegotiationStrategy, Collection<MediaType>) - Constructor for class org.springframework.security.web.util.matcher.MediaTypeRequestMatcher
Creates an instance
MediaTypeServerWebExchangeMatcher - Class in org.springframework.security.web.server.util.matcher
Matches based upon the accept headers.
MediaTypeServerWebExchangeMatcher(MediaType...) - Constructor for class org.springframework.security.web.server.util.matcher.MediaTypeServerWebExchangeMatcher
Creates a new instance
MediaTypeServerWebExchangeMatcher(Collection<MediaType>) - Constructor for class org.springframework.security.web.server.util.matcher.MediaTypeServerWebExchangeMatcher
Creates a new instance
mergePatterns(String, String) - Static method in class org.springframework.security.acls.domain.AclFormattingUtils
 
message - Variable in class org.springframework.security.messaging.access.expression.MessageSecurityExpressionRoot
 
MessageDigestPasswordEncoder - Class in org.springframework.security.crypto.password
Deprecated.
Digest based password encoding is not considered secure. Instead use an adaptive one way function like BCryptPasswordEncoder, Pbkdf2PasswordEncoder, or SCryptPasswordEncoder. Even better use DelegatingPasswordEncoder which supports password upgrades. There are no plans to remove this support. It is deprecated to indicate that this is a legacy implementation and using it is considered insecure.
MessageDigestPasswordEncoder(String) - Constructor for class org.springframework.security.crypto.password.MessageDigestPasswordEncoder
Deprecated.
The digest algorithm to use Supports the named Message Digest Algorithms in the Java environment.
MessageExpressionVoter<T> - Class in org.springframework.security.messaging.access.expression
Voter which handles Message authorisation decisions.
MessageExpressionVoter() - Constructor for class org.springframework.security.messaging.access.expression.MessageExpressionVoter
 
MessageMatcher<T> - Interface in org.springframework.security.messaging.util.matcher
API for determining if a Message should be matched on.
messages - Variable in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
 
messages - Variable in class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider
 
messages - Variable in class org.springframework.security.access.vote.AbstractAccessDecisionManager
 
messages - Variable in class org.springframework.security.acls.afterinvocation.AclEntryAfterInvocationProvider
 
messages - Variable in class org.springframework.security.authentication.AccountStatusUserDetailsChecker
 
messages - Variable in class org.springframework.security.authentication.AnonymousAuthenticationProvider
 
messages - Variable in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
 
messages - Variable in class org.springframework.security.authentication.ProviderManager
 
messages - Variable in class org.springframework.security.authentication.RememberMeAuthenticationProvider
 
messages - Variable in class org.springframework.security.cas.authentication.CasAuthenticationProvider
 
messages - Variable in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
 
messages - Variable in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
 
messages - Variable in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticator
 
messages - Variable in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
 
messages - Variable in class org.springframework.security.web.authentication.preauth.x509.SubjectDnX509PrincipalExtractor
 
messages - Variable in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
 
messages - Variable in class org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy
 
messages - Variable in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
 
messages - Variable in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
 
MessageSecurityExpressionRoot - Class in org.springframework.security.messaging.access.expression
The SecurityExpressionRoot used for Message expressions.
MessageSecurityExpressionRoot(Authentication, Message<?>) - Constructor for class org.springframework.security.messaging.access.expression.MessageSecurityExpressionRoot
 
MessageSecurityMetadataSource - Interface in org.springframework.security.messaging.access.intercept
A SecurityMetadataSource that is used for securing Message
MessageSecurityMetadataSourceRegistry - Class in org.springframework.security.config.annotation.web.messaging
Allows mapping security constraints using MessageMatcher to the security expressions.
MessageSecurityMetadataSourceRegistry() - Constructor for class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry
 
MessageSecurityMetadataSourceRegistry.Constraint - Class in org.springframework.security.config.annotation.web.messaging
Represents the security constraint to be applied to the MessageMatcher instances.
METHOD_ACCESS_MANAGER - Static variable in class org.springframework.security.config.BeanIds
 
METHOD_SECURITY_METADATA_SOURCE - Static variable in class org.springframework.security.config.Elements
 
METHOD_SECURITY_METADATA_SOURCE_ADVISOR - Static variable in class org.springframework.security.config.BeanIds
 
MethodInvocationAdapter - Class in org.springframework.security.access.intercept.aspectj
Decorates a JoinPoint to allow it to be used with method-security infrastructure classes which support MethodInvocation instances.
MethodInvocationPrivilegeEvaluator - Class in org.springframework.security.access.intercept
Allows users to determine whether they have "before invocation" privileges for a given method invocation.
MethodInvocationPrivilegeEvaluator() - Constructor for class org.springframework.security.access.intercept.MethodInvocationPrivilegeEvaluator
 
MethodInvocationUtils - Class in org.springframework.security.util
Static utility methods for creating MethodInvocations usable within Spring Security.
MethodInvocationUtils() - Constructor for class org.springframework.security.util.MethodInvocationUtils
 
methodMap - Variable in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
Map from RegisteredMethod to ConfigAttribute list
MethodSecurityExpressionHandler - Interface in org.springframework.security.access.expression.method
Extended expression-handler facade which adds methods which are specific to securing method invocations.
MethodSecurityExpressionOperations - Interface in org.springframework.security.access.expression.method
Interface which must be implemented if you want to use filtering in method security expressions.
MethodSecurityInterceptor - Class in org.springframework.security.access.intercept.aopalliance
Provides security interception of AOP Alliance based method invocations.
MethodSecurityInterceptor() - Constructor for class org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor
 
methodSecurityInterceptor() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
Creates the default MethodInterceptor which is a MethodSecurityInterceptor using the following methods to construct it.
MethodSecurityMetadataSource - Interface in org.springframework.security.access.method
Interface for SecurityMetadataSource implementations that are designed to perform lookups keyed on Methods.
methodSecurityMetadataSource() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
Provides the default MethodSecurityMetadataSource that will be used.
MethodSecurityMetadataSourceAdvisor - Class in org.springframework.security.access.intercept.aopalliance
Advisor driven by a MethodSecurityMetadataSource, used to exclude a MethodInterceptor from public (non-secure) methods.
MethodSecurityMetadataSourceAdvisor(String, MethodSecurityMetadataSource, String) - Constructor for class org.springframework.security.access.intercept.aopalliance.MethodSecurityMetadataSourceAdvisor
Alternative constructor for situations where we want the advisor decoupled from the advice.
MethodSecurityMetadataSourceBeanDefinitionParser - Class in org.springframework.security.config.method
 
MethodSecurityMetadataSourceBeanDefinitionParser() - Constructor for class org.springframework.security.config.method.MethodSecurityMetadataSourceBeanDefinitionParser
 
MIDDLE_NAME - Static variable in interface org.springframework.security.oauth2.core.oidc.StandardClaimNames
middle_name - the user's middle name(s)
migrateSession() - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.SessionFixationConfigurer
Specifies that a new session should be created and the session attributes from the original HttpSession should be retained.
MISSING_BEAN_ERROR_MESSAGE - Static variable in class org.springframework.security.config.authentication.AuthenticationManagerFactoryBean
 
MissingCsrfTokenException - Exception in org.springframework.security.web.csrf
Thrown when no expected CsrfToken is found but is required.
MissingCsrfTokenException(String) - Constructor for exception org.springframework.security.web.csrf.MissingCsrfTokenException
 
mockAuthentication(Authentication) - Static method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers
Updates the ServerWebExchange to use the provided Authentication as the Principal
mockUser(UserDetails) - Static method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers
Updates the ServerWebExchange to use the provided UserDetails to create a UsernamePasswordAuthenticationToken as the Principal
mockUser() - Static method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers
Updates the ServerWebExchange to use a UserDetails to create a UsernamePasswordAuthenticationToken as the Principal.
mockUser(String) - Static method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers
Updates the ServerWebExchange to use a UserDetails to create a UsernamePasswordAuthenticationToken as the Principal.
mode(XFrameOptionsServerHttpHeadersWriter.Mode) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.FrameOptionsSpec
The mode to configure.
MODE_GLOBAL - Static variable in class org.springframework.security.core.context.SecurityContextHolder
 
MODE_INHERITABLETHREADLOCAL - Static variable in class org.springframework.security.core.context.SecurityContextHolder
 
MODE_THREADLOCAL - Static variable in class org.springframework.security.core.context.SecurityContextHolder
 
modifyGrantedAuthorities(UserDetails, Authentication, Collection<? extends GrantedAuthority>) - Method in interface org.springframework.security.web.authentication.switchuser.SwitchUserAuthorityChanger
Allow subclasses to add or remove authorities that will be granted when in switch user mode.
MutableAcl - Interface in org.springframework.security.acls.model
A mutable Acl.
MutableAclService - Interface in org.springframework.security.acls.model
Provides support for creating and storing Acl instances.
mvcMatcher(String) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Allows configuring the HttpSecurity to only be invoked when matching the provided Spring MVC pattern.
mvcMatchers(String...) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
Maps an MvcRequestMatcher that does not care which HttpMethod is used.
mvcMatchers(HttpMethod, String...) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
Maps an MvcRequestMatcher that also specifies a specific HttpMethod to match on.
mvcMatchers(HttpMethod, String...) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity.RequestMatcherConfigurer
 
mvcMatchers(String...) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity.RequestMatcherConfigurer
 
mvcMatchers(HttpMethod, String...) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity.IgnoredRequestConfigurer
 
mvcMatchers(String...) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity.IgnoredRequestConfigurer
 
mvcMatchers(HttpMethod, String...) - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.ChannelRequestMatcherRegistry
 
mvcMatchers(String...) - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.ChannelRequestMatcherRegistry
 
mvcMatchers(HttpMethod, String...) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry
 
mvcMatchers(String...) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry
 
mvcMatchers(HttpMethod, String...) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.StandardInterceptUrlRegistry
 
mvcMatchers(String...) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.StandardInterceptUrlRegistry
 
MvcRequestMatcher - Class in org.springframework.security.web.servlet.util.matcher
A RequestMatcher that uses Spring MVC's HandlerMappingIntrospector to match the path and extract variables.
MvcRequestMatcher(HandlerMappingIntrospector, String) - Constructor for class org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher
 

N

NAME - Static variable in interface org.springframework.security.oauth2.core.oidc.StandardClaimNames
name - the user's full name
NBF - Static variable in interface org.springframework.security.oauth2.jwt.JwtClaimNames
nbf - the Not Before claim identifies the time before which the JWT MUST NOT be accepted for processing
NegatedRequestMatcher - Class in org.springframework.security.web.util.matcher
A RequestMatcher that will negate the RequestMatcher passed in.
NegatedRequestMatcher(RequestMatcher) - Constructor for class org.springframework.security.web.util.matcher.NegatedRequestMatcher
Creates a new instance
NegatedServerWebExchangeMatcher - Class in org.springframework.security.web.server.util.matcher
Negates the provided matcher.
NegatedServerWebExchangeMatcher(ServerWebExchangeMatcher) - Constructor for class org.springframework.security.web.server.util.matcher.NegatedServerWebExchangeMatcher
 
NestedLdapAuthoritiesPopulator - Class in org.springframework.security.ldap.userdetails
A LDAP authority populator that can recursively search static nested groups.
NestedLdapAuthoritiesPopulator(ContextSource, String) - Constructor for class org.springframework.security.ldap.userdetails.NestedLdapAuthoritiesPopulator
Constructor for group search scenarios.
newSession() - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.SessionFixationConfigurer
Specifies that a new session should be created, but the session attributes from the original HttpSession should not be retained.
nextElement() - Method in class org.springframework.security.web.savedrequest.Enumerator
Returns the next element of this enumeration if this enumeration has at least one more element to provide.
NICKNAME - Static variable in interface org.springframework.security.oauth2.core.oidc.StandardClaimNames
nickname - the user's nick name that may or may not be the same as the given_name
NimbusAuthorizationCodeTokenResponseClient - Class in org.springframework.security.oauth2.client.endpoint
NimbusAuthorizationCodeTokenResponseClient() - Constructor for class org.springframework.security.oauth2.client.endpoint.NimbusAuthorizationCodeTokenResponseClient
Deprecated.
 
NimbusJwtDecoderJwkSupport - Class in org.springframework.security.oauth2.jwt
An implementation of a JwtDecoder that "decodes" a JSON Web Token (JWT) and additionally verifies it's digital signature if the JWT is a JSON Web Signature (JWS).
NimbusJwtDecoderJwkSupport(String) - Constructor for class org.springframework.security.oauth2.jwt.NimbusJwtDecoderJwkSupport
Constructs a NimbusJwtDecoderJwkSupport using the provided parameters.
NimbusJwtDecoderJwkSupport(String, String) - Constructor for class org.springframework.security.oauth2.jwt.NimbusJwtDecoderJwkSupport
Constructs a NimbusJwtDecoderJwkSupport using the provided parameters.
NimbusReactiveJwtDecoder - Class in org.springframework.security.oauth2.jwt
An implementation of a ReactiveJwtDecoder that "decodes" a JSON Web Token (JWT) and additionally verifies it's digital signature if the JWT is a JSON Web Signature (JWS).
NimbusReactiveJwtDecoder(RSAPublicKey) - Constructor for class org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder
 
NimbusReactiveJwtDecoder(String) - Constructor for class org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder
Constructs a NimbusJwtDecoderJwkSupport using the provided parameters.
NO_ATTRS - Static variable in class org.springframework.security.ldap.SpringSecurityLdapTemplate
 
NO_AUTHORITIES - Static variable in class org.springframework.security.core.authority.AuthorityUtils
 
NO_OPTIONS - Static variable in class org.springframework.security.crypto.codec.Base64
Deprecated.
No options specified.
NONCE - Static variable in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimNames
nonce - a String value used to associate a Client session with an ID Token, and to mitigate replay attacks.
NonceExpiredException - Exception in org.springframework.security.web.authentication.www
Thrown if an authentication request is rejected because the digest nonce has expired.
NonceExpiredException(String) - Constructor for exception org.springframework.security.web.authentication.www.NonceExpiredException
Constructs a NonceExpiredException with the specified message.
NonceExpiredException(String, Throwable) - Constructor for exception org.springframework.security.web.authentication.www.NonceExpiredException
Constructs a NonceExpiredException with the specified message and root cause.
none() - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.SessionFixationConfigurer
Specifies that no session fixation protection should be enabled.
NoOpPasswordEncoder - Class in org.springframework.security.crypto.password
Deprecated.
This PasswordEncoder is not secure. Instead use an adaptive one way function like BCryptPasswordEncoder, Pbkdf2PasswordEncoder, or SCryptPasswordEncoder. Even better use DelegatingPasswordEncoder which supports password upgrades.
NoOpServerRequestCache - Class in org.springframework.security.web.server.savedrequest
An implementation of ServerRequestCache that does nothing.
NoOpServerSecurityContextRepository - Class in org.springframework.security.web.server.context
A do nothing implementation of ServerSecurityContextRepository.
noOpText() - Static method in class org.springframework.security.crypto.encrypt.Encryptors
Creates a text encryptor that performs no encryption.
NOSNIFF - Static variable in class org.springframework.security.web.server.header.ContentTypeOptionsServerHttpHeadersWriter
 
NOSNIFF - Static variable in class org.springframework.security.web.server.header.XContentTypeOptionsServerHttpHeadersWriter
 
not() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
Negates the following expression.
NotFoundException - Exception in org.springframework.security.acls.model
Thrown if an ACL-related object cannot be found.
NotFoundException(String) - Constructor for exception org.springframework.security.acls.model.NotFoundException
Constructs an NotFoundException with the specified message.
NotFoundException(String, Throwable) - Constructor for exception org.springframework.security.acls.model.NotFoundException
Constructs an NotFoundException with the specified message and root cause.
notMatch() - Static method in class org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher.MatchResult
Creates an instance of ServerWebExchangeMatcher.MatchResult that is not a match.
NULL_DESTINATION_MATCHER - Static variable in class org.springframework.security.messaging.util.matcher.SimpDestinationMessageMatcher
 
NullAuthenticatedSessionStrategy - Class in org.springframework.security.web.authentication.session
 
NullAuthenticatedSessionStrategy() - Constructor for class org.springframework.security.web.authentication.session.NullAuthenticatedSessionStrategy
 
NullAuthenticationProvider() - Constructor for class org.springframework.security.config.authentication.AuthenticationManagerBeanDefinitionParser.NullAuthenticationProvider
 
NullAuthoritiesMapper - Class in org.springframework.security.core.authority.mapping
 
NullAuthoritiesMapper() - Constructor for class org.springframework.security.core.authority.mapping.NullAuthoritiesMapper
 
NullAxFetchListFactory - Class in org.springframework.security.openid
 
NullAxFetchListFactory() - Constructor for class org.springframework.security.openid.NullAxFetchListFactory
 
nullDestMatcher() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry
Maps any Message that has a null SimpMessageHeaderAccessor destination header (i.e.
NullLdapAuthoritiesPopulator - Class in org.springframework.security.ldap.authentication
 
NullLdapAuthoritiesPopulator() - Constructor for class org.springframework.security.ldap.authentication.NullLdapAuthoritiesPopulator
 
NullRememberMeServices - Class in org.springframework.security.web.authentication
Implementation of NullRememberMeServices that does nothing.
NullRememberMeServices() - Constructor for class org.springframework.security.web.authentication.NullRememberMeServices
 
NullRequestCache - Class in org.springframework.security.web.savedrequest
Null implementation of RequestCache.
NullRequestCache() - Constructor for class org.springframework.security.web.savedrequest.NullRequestCache
 
NullRoleHierarchy - Class in org.springframework.security.access.hierarchicalroles
 
NullRoleHierarchy() - Constructor for class org.springframework.security.access.hierarchicalroles.NullRoleHierarchy
 
NullSecurityContextRepository - Class in org.springframework.security.web.context
 
NullSecurityContextRepository() - Constructor for class org.springframework.security.web.context.NullSecurityContextRepository
 
NullStatelessTicketCache - Class in org.springframework.security.cas.authentication
Implementation of @link StatelessTicketCache that has no backing cache.
NullStatelessTicketCache() - Constructor for class org.springframework.security.cas.authentication.NullStatelessTicketCache
 
NullUserCache - Class in org.springframework.security.core.userdetails.cache
Does not perform any caching.
NullUserCache() - Constructor for class org.springframework.security.core.userdetails.cache.NullUserCache
 

O

OAuth2AccessToken - Class in org.springframework.security.oauth2.core
An implementation of an AbstractOAuth2Token representing an OAuth 2.0 Access Token.
OAuth2AccessToken(OAuth2AccessToken.TokenType, String, Instant, Instant) - Constructor for class org.springframework.security.oauth2.core.OAuth2AccessToken
Constructs an OAuth2AccessToken using the provided parameters.
OAuth2AccessToken(OAuth2AccessToken.TokenType, String, Instant, Instant, Set<String>) - Constructor for class org.springframework.security.oauth2.core.OAuth2AccessToken
Constructs an OAuth2AccessToken using the provided parameters.
OAuth2AccessToken.TokenType - Class in org.springframework.security.oauth2.core
Access Token Types.
OAuth2AccessTokenResponse - Class in org.springframework.security.oauth2.core.endpoint
A representation of an OAuth 2.0 Access Token Response.
oauth2AccessTokenResponse() - Static method in class org.springframework.security.oauth2.core.web.reactive.function.OAuth2BodyExtractors
Extractor to decode an OAuth2AccessTokenResponse
OAuth2AccessTokenResponse.Builder - Class in org.springframework.security.oauth2.core.endpoint
OAuth2AccessTokenResponseClient<T extends AbstractOAuth2AuthorizationGrantRequest> - Interface in org.springframework.security.oauth2.client.endpoint
A strategy for "exchanging" an authorization grant credential (e.g.
OAuth2AccessTokenResponseHttpMessageConverter - Class in org.springframework.security.oauth2.core.http.converter
A HttpMessageConverter for an OAuth 2.0 Access Token Response.
OAuth2AccessTokenResponseHttpMessageConverter() - Constructor for class org.springframework.security.oauth2.core.http.converter.OAuth2AccessTokenResponseHttpMessageConverter
 
OAuth2AuthenticationException - Exception in org.springframework.security.oauth2.core
This exception is thrown for all OAuth 2.0 related Authentication errors.
OAuth2AuthenticationException(OAuth2Error) - Constructor for exception org.springframework.security.oauth2.core.OAuth2AuthenticationException
Constructs an OAuth2AuthenticationException using the provided parameters.
OAuth2AuthenticationException(OAuth2Error, Throwable) - Constructor for exception org.springframework.security.oauth2.core.OAuth2AuthenticationException
Constructs an OAuth2AuthenticationException using the provided parameters.
OAuth2AuthenticationException(OAuth2Error, String) - Constructor for exception org.springframework.security.oauth2.core.OAuth2AuthenticationException
Constructs an OAuth2AuthenticationException using the provided parameters.
OAuth2AuthenticationException(OAuth2Error, String, Throwable) - Constructor for exception org.springframework.security.oauth2.core.OAuth2AuthenticationException
Constructs an OAuth2AuthenticationException using the provided parameters.
OAuth2AuthenticationToken - Class in org.springframework.security.oauth2.client.authentication
An implementation of an AbstractAuthenticationToken that represents an OAuth 2.0 Authentication.
OAuth2AuthenticationToken(OAuth2User, Collection<? extends GrantedAuthority>, String) - Constructor for class org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken
Constructs an OAuth2AuthenticationToken using the provided parameters.
OAuth2AuthorizationCodeAuthenticationProvider - Class in org.springframework.security.oauth2.client.authentication
An implementation of an AuthenticationProvider for the OAuth 2.0 Authorization Code Grant.
OAuth2AuthorizationCodeAuthenticationProvider(OAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest>) - Constructor for class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationProvider
Constructs an OAuth2AuthorizationCodeAuthenticationProvider using the provided parameters.
OAuth2AuthorizationCodeAuthenticationToken - Class in org.springframework.security.oauth2.client.authentication
An AbstractAuthenticationToken for the OAuth 2.0 Authorization Code Grant.
OAuth2AuthorizationCodeAuthenticationToken(ClientRegistration, OAuth2AuthorizationExchange) - Constructor for class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken
This constructor should be used when the Authorization Request/Response is complete.
OAuth2AuthorizationCodeAuthenticationToken(ClientRegistration, OAuth2AuthorizationExchange, OAuth2AccessToken) - Constructor for class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken
This constructor should be used when the Access Token Request/Response is complete, which indicates that the Authorization Code Grant flow has fully completed.
OAuth2AuthorizationCodeAuthenticationToken(ClientRegistration, OAuth2AuthorizationExchange, OAuth2AccessToken, OAuth2RefreshToken) - Constructor for class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken
This constructor should be used when the Access Token Request/Response is complete, which indicates that the Authorization Code Grant flow has fully completed.
OAuth2AuthorizationCodeAuthenticationToken(ClientRegistration, OAuth2AuthorizationExchange, OAuth2AccessToken, OAuth2RefreshToken, Map<String, Object>) - Constructor for class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken
 
OAuth2AuthorizationCodeGrantFilter - Class in org.springframework.security.oauth2.client.web
A Filter for the OAuth 2.0 Authorization Code Grant, which handles the processing of the OAuth 2.0 Authorization Response.
OAuth2AuthorizationCodeGrantFilter(ClientRegistrationRepository, OAuth2AuthorizedClientRepository, AuthenticationManager) - Constructor for class org.springframework.security.oauth2.client.web.OAuth2AuthorizationCodeGrantFilter
Constructs an OAuth2AuthorizationCodeGrantFilter using the provided parameters.
OAuth2AuthorizationCodeGrantRequest - Class in org.springframework.security.oauth2.client.endpoint
An OAuth 2.0 Authorization Code Grant request that holds an Authorization Code credential, which was granted by the Resource Owner to the Client.
OAuth2AuthorizationCodeGrantRequest(ClientRegistration, OAuth2AuthorizationExchange) - Constructor for class org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest
Constructs an OAuth2AuthorizationCodeGrantRequest using the provided parameters.
OAuth2AuthorizationCodeGrantRequestEntityConverter - Class in org.springframework.security.oauth2.client.endpoint
A Converter that converts the provided OAuth2AuthorizationCodeGrantRequest to a RequestEntity representation of an OAuth 2.0 Access Token Request for the Authorization Code Grant.
OAuth2AuthorizationCodeGrantRequestEntityConverter() - Constructor for class org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequestEntityConverter
 
OAuth2AuthorizationCodeGrantWebFilter - Class in org.springframework.security.oauth2.client.web.server
A Filter for the OAuth 2.0 Authorization Code Grant, which handles the processing of the OAuth 2.0 Authorization Response.
OAuth2AuthorizationCodeGrantWebFilter(ReactiveAuthenticationManager, ReactiveClientRegistrationRepository, ServerOAuth2AuthorizedClientRepository) - Constructor for class org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationCodeGrantWebFilter
 
OAuth2AuthorizationCodeGrantWebFilter(ReactiveAuthenticationManager, ServerAuthenticationConverter, ServerOAuth2AuthorizedClientRepository) - Constructor for class org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationCodeGrantWebFilter
 
OAuth2AuthorizationCodeReactiveAuthenticationManager - Class in org.springframework.security.oauth2.client.authentication
An implementation of an AuthenticationProvider for OAuth 2.0 Login, which leverages the OAuth 2.0 Authorization Code Grant Flow.
OAuth2AuthorizationCodeReactiveAuthenticationManager(ReactiveOAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest>) - Constructor for class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeReactiveAuthenticationManager
 
OAuth2AuthorizationException - Exception in org.springframework.security.oauth2.core
Base exception for OAuth 2.0 Authorization errors.
OAuth2AuthorizationException(OAuth2Error) - Constructor for exception org.springframework.security.oauth2.core.OAuth2AuthorizationException
Constructs an OAuth2AuthorizationException using the provided parameters.
OAuth2AuthorizationException(OAuth2Error, Throwable) - Constructor for exception org.springframework.security.oauth2.core.OAuth2AuthorizationException
Constructs an OAuth2AuthorizationException using the provided parameters.
OAuth2AuthorizationExchange - Class in org.springframework.security.oauth2.core.endpoint
An "exchange" of an OAuth 2.0 Authorization Request and Response for the authorization code grant type.
OAuth2AuthorizationExchange(OAuth2AuthorizationRequest, OAuth2AuthorizationResponse) - Constructor for class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange
Constructs a new OAuth2AuthorizationExchange with the provided Authorization Request and Authorization Response.
OAuth2AuthorizationRequest - Class in org.springframework.security.oauth2.core.endpoint
A representation of an OAuth 2.0 Authorization Request for the authorization code grant type or implicit grant type.
OAuth2AuthorizationRequest.Builder - Class in org.springframework.security.oauth2.core.endpoint
OAuth2AuthorizationRequestRedirectFilter - Class in org.springframework.security.oauth2.client.web
This Filter initiates the authorization code grant or implicit grant flow by redirecting the End-User's user-agent to the Authorization Server's Authorization Endpoint.
OAuth2AuthorizationRequestRedirectFilter(ClientRegistrationRepository) - Constructor for class org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter
Constructs an OAuth2AuthorizationRequestRedirectFilter using the provided parameters.
OAuth2AuthorizationRequestRedirectFilter(ClientRegistrationRepository, String) - Constructor for class org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter
Constructs an OAuth2AuthorizationRequestRedirectFilter using the provided parameters.
OAuth2AuthorizationRequestRedirectFilter(OAuth2AuthorizationRequestResolver) - Constructor for class org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter
Constructs an OAuth2AuthorizationRequestRedirectFilter using the provided parameters.
OAuth2AuthorizationRequestRedirectWebFilter - Class in org.springframework.security.oauth2.client.web.server
This WebFilter initiates the authorization code grant or implicit grant flow by redirecting the End-User's user-agent to the Authorization Server's Authorization Endpoint.
OAuth2AuthorizationRequestRedirectWebFilter(ReactiveClientRegistrationRepository) - Constructor for class org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationRequestRedirectWebFilter
Constructs an OAuth2AuthorizationRequestRedirectFilter using the provided parameters.
OAuth2AuthorizationRequestRedirectWebFilter(ServerOAuth2AuthorizationRequestResolver) - Constructor for class org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationRequestRedirectWebFilter
Constructs an OAuth2AuthorizationRequestRedirectFilter using the provided parameters.
OAuth2AuthorizationRequestResolver - Interface in org.springframework.security.oauth2.client.web
Implementations of this interface are capable of resolving an OAuth2AuthorizationRequest from the provided HttpServletRequest.
OAuth2AuthorizationResponse - Class in org.springframework.security.oauth2.core.endpoint
A representation of an OAuth 2.0 Authorization Response for the authorization code grant type.
OAuth2AuthorizationResponse.Builder - Class in org.springframework.security.oauth2.core.endpoint
OAuth2AuthorizationResponseType - Class in org.springframework.security.oauth2.core.endpoint
The response_type parameter is consumed by the authorization endpoint which is used by the authorization code grant type and implicit grant type.
OAuth2AuthorizedClient - Class in org.springframework.security.oauth2.client
A representation of an OAuth 2.0 "Authorized Client".
OAuth2AuthorizedClient(ClientRegistration, String, OAuth2AccessToken) - Constructor for class org.springframework.security.oauth2.client.OAuth2AuthorizedClient
Constructs an OAuth2AuthorizedClient using the provided parameters.
OAuth2AuthorizedClient(ClientRegistration, String, OAuth2AccessToken, OAuth2RefreshToken) - Constructor for class org.springframework.security.oauth2.client.OAuth2AuthorizedClient
Constructs an OAuth2AuthorizedClient using the provided parameters.
oauth2AuthorizedClient(OAuth2AuthorizedClient) - Static method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction
Modifies the ClientRequest.attributes() to include the OAuth2AuthorizedClient to be used for providing the Bearer Token.
oauth2AuthorizedClient(OAuth2AuthorizedClient) - Static method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction
Modifies the ClientRequest.attributes() to include the OAuth2AuthorizedClient to be used for providing the Bearer Token.
OAuth2AuthorizedClientArgumentResolver - Class in org.springframework.security.oauth2.client.web.method.annotation
An implementation of a HandlerMethodArgumentResolver that is capable of resolving a method parameter to an argument value of type OAuth2AuthorizedClient.
OAuth2AuthorizedClientArgumentResolver(ClientRegistrationRepository, OAuth2AuthorizedClientRepository) - Constructor for class org.springframework.security.oauth2.client.web.method.annotation.OAuth2AuthorizedClientArgumentResolver
Constructs an OAuth2AuthorizedClientArgumentResolver using the provided parameters.
OAuth2AuthorizedClientArgumentResolver - Class in org.springframework.security.oauth2.client.web.reactive.result.method.annotation
An implementation of a HandlerMethodArgumentResolver that is capable of resolving a method parameter to an argument value of type OAuth2AuthorizedClient.
OAuth2AuthorizedClientArgumentResolver(ReactiveClientRegistrationRepository, ServerOAuth2AuthorizedClientRepository) - Constructor for class org.springframework.security.oauth2.client.web.reactive.result.method.annotation.OAuth2AuthorizedClientArgumentResolver
Constructs an OAuth2AuthorizedClientArgumentResolver using the provided parameters.
OAuth2AuthorizedClientRepository - Interface in org.springframework.security.oauth2.client.web
Implementations of this interface are responsible for the persistence of Authorized Client(s) between requests.
OAuth2AuthorizedClientService - Interface in org.springframework.security.oauth2.client
Implementations of this interface are responsible for the management of Authorized Client(s), which provide the purpose of associating an Access Token credential to a Client and Resource Owner, who is the Principal that originally granted the authorization.
OAuth2BodyExtractors - Class in org.springframework.security.oauth2.core.web.reactive.function
Static factory methods for OAuth2 BodyExtractor implementations.
oauth2Client() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Configures OAuth 2.0 Client support.
oauth2Client() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity
Configures the OAuth2 client.
OAuth2ClientConfigurer<B extends HttpSecurityBuilder<B>> - Class in org.springframework.security.config.annotation.web.configurers.oauth2.client
An AbstractHttpConfigurer for OAuth 2.0 Client support.
OAuth2ClientConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2ClientConfigurer
 
OAuth2ClientConfigurer.AuthorizationCodeGrantConfigurer - Class in org.springframework.security.config.annotation.web.configurers.oauth2.client
Configuration options for the OAuth 2.0 Authorization Code Grant.
OAuth2ClientCredentialsGrantRequest - Class in org.springframework.security.oauth2.client.endpoint
An OAuth 2.0 Client Credentials Grant request that holds the client's credentials in OAuth2ClientCredentialsGrantRequest.getClientRegistration().
OAuth2ClientCredentialsGrantRequest(ClientRegistration) - Constructor for class org.springframework.security.oauth2.client.endpoint.OAuth2ClientCredentialsGrantRequest
Constructs an OAuth2ClientCredentialsGrantRequest using the provided parameters.
OAuth2ClientCredentialsGrantRequestEntityConverter - Class in org.springframework.security.oauth2.client.endpoint
A Converter that converts the provided OAuth2ClientCredentialsGrantRequest to a RequestEntity representation of an OAuth 2.0 Access Token Request for the Client Credentials Grant.
OAuth2ClientCredentialsGrantRequestEntityConverter() - Constructor for class org.springframework.security.oauth2.client.endpoint.OAuth2ClientCredentialsGrantRequestEntityConverter
 
oauth2Configuration() - Method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction
Configures the builder with ServletOAuth2AuthorizedClientExchangeFilterFunction.defaultRequest() and adds this as a ExchangeFilterFunction
OAuth2Error - Class in org.springframework.security.oauth2.core
A representation of an OAuth 2.0 Error.
OAuth2Error(String) - Constructor for class org.springframework.security.oauth2.core.OAuth2Error
Constructs an OAuth2Error using the provided parameters.
OAuth2Error(String, String, String) - Constructor for class org.springframework.security.oauth2.core.OAuth2Error
Constructs an OAuth2Error using the provided parameters.
OAuth2ErrorCodes - Interface in org.springframework.security.oauth2.core
Standard error codes defined by the OAuth 2.0 Authorization Framework.
OAuth2ErrorHttpMessageConverter - Class in org.springframework.security.oauth2.core.http.converter
A HttpMessageConverter for an OAuth 2.0 Error.
OAuth2ErrorHttpMessageConverter() - Constructor for class org.springframework.security.oauth2.core.http.converter.OAuth2ErrorHttpMessageConverter
 
OAuth2ErrorResponseErrorHandler - Class in org.springframework.security.oauth2.client.http
A ResponseErrorHandler that handles an OAuth 2.0 Error.
OAuth2ErrorResponseErrorHandler() - Constructor for class org.springframework.security.oauth2.client.http.OAuth2ErrorResponseErrorHandler
 
oauth2Login() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Configures authentication support using an OAuth 2.0 and/or OpenID Connect 1.0 Provider.
oauth2Login() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity
 
OAuth2LoginAuthenticationFilter - Class in org.springframework.security.oauth2.client.web
An implementation of an AbstractAuthenticationProcessingFilter for OAuth 2.0 Login.
OAuth2LoginAuthenticationFilter(ClientRegistrationRepository, OAuth2AuthorizedClientService) - Constructor for class org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter
Constructs an OAuth2LoginAuthenticationFilter using the provided parameters.
OAuth2LoginAuthenticationFilter(ClientRegistrationRepository, OAuth2AuthorizedClientService, String) - Constructor for class org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter
Constructs an OAuth2LoginAuthenticationFilter using the provided parameters.
OAuth2LoginAuthenticationFilter(ClientRegistrationRepository, OAuth2AuthorizedClientRepository, String) - Constructor for class org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter
Constructs an OAuth2LoginAuthenticationFilter using the provided parameters.
OAuth2LoginAuthenticationProvider - Class in org.springframework.security.oauth2.client.authentication
An implementation of an AuthenticationProvider for OAuth 2.0 Login, which leverages the OAuth 2.0 Authorization Code Grant Flow.
OAuth2LoginAuthenticationProvider(OAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest>, OAuth2UserService<OAuth2UserRequest, OAuth2User>) - Constructor for class org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationProvider
Constructs an OAuth2LoginAuthenticationProvider using the provided parameters.
OAuth2LoginAuthenticationToken - Class in org.springframework.security.oauth2.client.authentication
An AbstractAuthenticationToken for OAuth 2.0 Login, which leverages the OAuth 2.0 Authorization Code Grant Flow.
OAuth2LoginAuthenticationToken(ClientRegistration, OAuth2AuthorizationExchange) - Constructor for class org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken
This constructor should be used when the Authorization Request/Response is complete.
OAuth2LoginAuthenticationToken(ClientRegistration, OAuth2AuthorizationExchange, OAuth2User, Collection<? extends GrantedAuthority>, OAuth2AccessToken) - Constructor for class org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken
This constructor should be used when the Access Token Request/Response is complete, which indicates that the Authorization Code Grant flow has fully completed and OAuth 2.0 Login has been achieved.
OAuth2LoginAuthenticationToken(ClientRegistration, OAuth2AuthorizationExchange, OAuth2User, Collection<? extends GrantedAuthority>, OAuth2AccessToken, OAuth2RefreshToken) - Constructor for class org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken
This constructor should be used when the Access Token Request/Response is complete, which indicates that the Authorization Code Grant flow has fully completed and OAuth 2.0 Login has been achieved.
OAuth2LoginAuthenticationWebFilter - Class in org.springframework.security.oauth2.client.web.server.authentication
OAuth2LoginAuthenticationWebFilter(ReactiveAuthenticationManager, ServerOAuth2AuthorizedClientRepository) - Constructor for class org.springframework.security.oauth2.client.web.server.authentication.OAuth2LoginAuthenticationWebFilter
Creates an instance
OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> - Class in org.springframework.security.config.annotation.web.configurers.oauth2.client
An AbstractHttpConfigurer for OAuth 2.0 Login, which leverages the OAuth 2.0 Authorization Code Grant Flow.
OAuth2LoginConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer
 
OAuth2LoginConfigurer.AuthorizationEndpointConfig - Class in org.springframework.security.config.annotation.web.configurers.oauth2.client
Configuration options for the Authorization Server's Authorization Endpoint.
OAuth2LoginConfigurer.RedirectionEndpointConfig - Class in org.springframework.security.config.annotation.web.configurers.oauth2.client
Configuration options for the Client's Redirection Endpoint.
OAuth2LoginConfigurer.TokenEndpointConfig - Class in org.springframework.security.config.annotation.web.configurers.oauth2.client
Configuration options for the Authorization Server's Token Endpoint.
OAuth2LoginConfigurer.UserInfoEndpointConfig - Class in org.springframework.security.config.annotation.web.configurers.oauth2.client
Configuration options for the Authorization Server's UserInfo Endpoint.
OAuth2LoginReactiveAuthenticationManager - Class in org.springframework.security.oauth2.client.authentication
An implementation of an AuthenticationProvider for OAuth 2.0 Login, which leverages the OAuth 2.0 Authorization Code Grant Flow.
OAuth2LoginReactiveAuthenticationManager(ReactiveOAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest>, ReactiveOAuth2UserService<OAuth2UserRequest, OAuth2User>) - Constructor for class org.springframework.security.oauth2.client.authentication.OAuth2LoginReactiveAuthenticationManager
 
OAuth2ParameterNames - Interface in org.springframework.security.oauth2.core.endpoint
Standard and custom (non-standard) parameter names defined in the OAuth Parameters Registry and used by the authorization endpoint and token endpoint.
OAuth2RefreshToken - Class in org.springframework.security.oauth2.core
An implementation of an AbstractOAuth2Token representing an OAuth 2.0 Refresh Token.
OAuth2RefreshToken(String, Instant) - Constructor for class org.springframework.security.oauth2.core.OAuth2RefreshToken
Constructs an OAuth2RefreshToken using the provided parameters.
oauth2ResourceServer() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Configures OAuth 2.0 Resource Server support.
oauth2ResourceServer() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity
 
OAuth2ResourceServerConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers.oauth2.server.resource
An AbstractHttpConfigurer for OAuth 2.0 Resource Server Support.
OAuth2ResourceServerConfigurer(ApplicationContext) - Constructor for class org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer
 
OAuth2ResourceServerConfigurer.JwtConfigurer - Class in org.springframework.security.config.annotation.web.configurers.oauth2.server.resource
 
OAuth2ResourceServerSpec() - Constructor for class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec
 
OAuth2TokenValidator<T extends AbstractOAuth2Token> - Interface in org.springframework.security.oauth2.core
Implementations of this interface are responsible for "verifying" the validity and/or constraints of the attributes contained in an OAuth 2.0 Token.
OAuth2TokenValidatorResult - Class in org.springframework.security.oauth2.core
A result emitted from an OAuth2TokenValidator validation attempt
OAuth2User - Interface in org.springframework.security.oauth2.core.user
A representation of a user Principal that is registered with an OAuth 2.0 Provider.
OAuth2UserAuthority - Class in org.springframework.security.oauth2.core.user
A GrantedAuthority that may be associated to an OAuth2User.
OAuth2UserAuthority(Map<String, Object>) - Constructor for class org.springframework.security.oauth2.core.user.OAuth2UserAuthority
Constructs a OAuth2UserAuthority using the provided parameters and defaults OAuth2UserAuthority.getAuthority() to ROLE_USER.
OAuth2UserAuthority(String, Map<String, Object>) - Constructor for class org.springframework.security.oauth2.core.user.OAuth2UserAuthority
Constructs a OAuth2UserAuthority using the provided parameters.
OAuth2UserRequest - Class in org.springframework.security.oauth2.client.userinfo
Represents a request the OAuth2UserService uses when initiating a request to the UserInfo Endpoint.
OAuth2UserRequest(ClientRegistration, OAuth2AccessToken) - Constructor for class org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest
Constructs an OAuth2UserRequest using the provided parameters.
OAuth2UserRequest(ClientRegistration, OAuth2AccessToken, Map<String, Object>) - Constructor for class org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest
Constructs an OAuth2UserRequest using the provided parameters.
OAuth2UserRequestEntityConverter - Class in org.springframework.security.oauth2.client.userinfo
A Converter that converts the provided OAuth2UserRequest to a RequestEntity representation of a request for the UserInfo Endpoint.
OAuth2UserRequestEntityConverter() - Constructor for class org.springframework.security.oauth2.client.userinfo.OAuth2UserRequestEntityConverter
 
OAuth2UserService<R extends OAuth2UserRequest,U extends OAuth2User> - Interface in org.springframework.security.oauth2.client.userinfo
Implementations of this interface are responsible for obtaining the user attributes of the End-User (Resource Owner) from the UserInfo Endpoint using the Access Token granted to the Client and returning an AuthenticatedPrincipal in the form of an OAuth2User.
ObjectIdentity - Interface in org.springframework.security.acls.model
Represents the identity of an individual domain object instance.
ObjectIdentityGenerator - Interface in org.springframework.security.acls.model
Strategy which creates an ObjectIdentity from an object identifier (such as a primary key) and type information.
ObjectIdentityImpl - Class in org.springframework.security.acls.domain
Simple implementation of ObjectIdentity.
ObjectIdentityImpl(String, Serializable) - Constructor for class org.springframework.security.acls.domain.ObjectIdentityImpl
 
ObjectIdentityImpl(Class<?>, Serializable) - Constructor for class org.springframework.security.acls.domain.ObjectIdentityImpl
Constructor which uses the name of the supplied class as the type property.
ObjectIdentityImpl(Object) - Constructor for class org.springframework.security.acls.domain.ObjectIdentityImpl
Creates the ObjectIdentityImpl based on the passed object instance.
objectIdentityRetrievalStrategy - Variable in class org.springframework.security.acls.afterinvocation.AbstractAclProvider
 
ObjectIdentityRetrievalStrategy - Interface in org.springframework.security.acls.model
Strategy interface that provides the ability to determine which ObjectIdentity will be returned for a particular domain object
ObjectIdentityRetrievalStrategyImpl - Class in org.springframework.security.acls.domain
Basic implementation of ObjectIdentityRetrievalStrategy and ObjectIdentityGenerator that uses the constructors of ObjectIdentityImpl to create the ObjectIdentity.
ObjectIdentityRetrievalStrategyImpl() - Constructor for class org.springframework.security.acls.domain.ObjectIdentityRetrievalStrategyImpl
 
objectPostProcessor(ObjectPostProcessor<Object>) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Specifies the ObjectPostProcessor to use.
objectPostProcessor(AutowireCapableBeanFactory) - Method in class org.springframework.security.config.annotation.configuration.ObjectPostProcessorConfiguration
 
ObjectPostProcessor<T> - Interface in org.springframework.security.config.annotation
Allows initialization of Objects.
ObjectPostProcessorConfiguration - Class in org.springframework.security.config.annotation.configuration
Spring Configuration that exports the default ObjectPostProcessor.
ObjectPostProcessorConfiguration() - Constructor for class org.springframework.security.config.annotation.configuration.ObjectPostProcessorConfiguration
 
obtainArtifact(HttpServletRequest) - Method in class org.springframework.security.cas.web.CasAuthenticationFilter
If present, gets the artifact (CAS ticket) from the HttpServletRequest.
obtainPassword(HttpServletRequest) - Method in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
Enables subclasses to override the composition of the password, such as by including additional values and a separator.
obtainSecurityMetadataSource() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
 
obtainSecurityMetadataSource() - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor
 
obtainSecurityMetadataSource() - Method in class org.springframework.security.messaging.access.intercept.ChannelSecurityInterceptor
 
obtainSecurityMetadataSource() - Method in class org.springframework.security.web.access.intercept.FilterSecurityInterceptor
 
obtainSubject(ServletRequest) - Method in class org.springframework.security.web.jaasapi.JaasApiIntegrationFilter
Obtains the Subject to run as or null if no Subject is available.
obtainUsername(HttpServletRequest) - Method in class org.springframework.security.openid.OpenIDAuthenticationFilter
Reads the claimedIdentityFieldName from the submitted request.
obtainUsername(HttpServletRequest) - Method in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
Enables subclasses to override the composition of the username, such as by including additional values and a separator.
OID - Static variable in class org.springframework.security.ldap.ppolicy.PasswordPolicyControl
OID of the Password Policy Control
OidcAuthorizationCodeAuthenticationProvider - Class in org.springframework.security.oauth2.client.oidc.authentication
An implementation of an AuthenticationProvider for the OpenID Connect Core 1.0 Authorization Code Grant Flow.
OidcAuthorizationCodeAuthenticationProvider(OAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest>, OAuth2UserService<OidcUserRequest, OidcUser>) - Constructor for class org.springframework.security.oauth2.client.oidc.authentication.OidcAuthorizationCodeAuthenticationProvider
Constructs an OidcAuthorizationCodeAuthenticationProvider using the provided parameters.
OidcAuthorizationCodeReactiveAuthenticationManager - Class in org.springframework.security.oauth2.client.oidc.authentication
An implementation of an AuthenticationProvider for OAuth 2.0 Login, which leverages the OAuth 2.0 Authorization Code Grant Flow.
OidcAuthorizationCodeReactiveAuthenticationManager(ReactiveOAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest>, ReactiveOAuth2UserService<OidcUserRequest, OidcUser>) - Constructor for class org.springframework.security.oauth2.client.oidc.authentication.OidcAuthorizationCodeReactiveAuthenticationManager
 
OidcIdToken - Class in org.springframework.security.oauth2.core.oidc
An implementation of an AbstractOAuth2Token representing an OpenID Connect Core 1.0 ID Token.
OidcIdToken(String, Instant, Instant, Map<String, Object>) - Constructor for class org.springframework.security.oauth2.core.oidc.OidcIdToken
Constructs a OidcIdToken using the provided parameters.
OidcParameterNames - Interface in org.springframework.security.oauth2.core.oidc.endpoint
Standard parameter names defined in the OAuth Parameters Registry and used by the authorization endpoint and token endpoint.
OidcReactiveOAuth2UserService - Class in org.springframework.security.oauth2.client.oidc.userinfo
An implementation of an ReactiveOAuth2UserService that supports OpenID Connect 1.0 Provider's.
OidcReactiveOAuth2UserService() - Constructor for class org.springframework.security.oauth2.client.oidc.userinfo.OidcReactiveOAuth2UserService
 
OidcScopes - Interface in org.springframework.security.oauth2.core.oidc
The scope values defined by the OpenID Connect Core 1.0 specification that can be used to request claims.
OidcUser - Interface in org.springframework.security.oauth2.core.oidc.user
A representation of a user Principal that is registered with an OpenID Connect 1.0 Provider.
OidcUserAuthority - Class in org.springframework.security.oauth2.core.oidc.user
A GrantedAuthority that may be associated to an OidcUser.
OidcUserAuthority(OidcIdToken) - Constructor for class org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority
Constructs a OidcUserAuthority using the provided parameters.
OidcUserAuthority(OidcIdToken, OidcUserInfo) - Constructor for class org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority
Constructs a OidcUserAuthority using the provided parameters and defaults OAuth2UserAuthority.getAuthority() to ROLE_USER.
OidcUserAuthority(String, OidcIdToken, OidcUserInfo) - Constructor for class org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority
Constructs a OidcUserAuthority using the provided parameters.
OidcUserInfo - Class in org.springframework.security.oauth2.core.oidc
A representation of a UserInfo Response that is returned from the OAuth 2.0 Protected Resource UserInfo Endpoint.
OidcUserInfo(Map<String, Object>) - Constructor for class org.springframework.security.oauth2.core.oidc.OidcUserInfo
Constructs a OidcUserInfo using the provided parameters.
OidcUserRequest - Class in org.springframework.security.oauth2.client.oidc.userinfo
Represents a request the OidcUserService uses when initiating a request to the UserInfo Endpoint.
OidcUserRequest(ClientRegistration, OAuth2AccessToken, OidcIdToken) - Constructor for class org.springframework.security.oauth2.client.oidc.userinfo.OidcUserRequest
Constructs an OidcUserRequest using the provided parameters.
OidcUserRequest(ClientRegistration, OAuth2AccessToken, OidcIdToken, Map<String, Object>) - Constructor for class org.springframework.security.oauth2.client.oidc.userinfo.OidcUserRequest
Constructs an OidcUserRequest using the provided parameters.
oidcUserService(OAuth2UserService<OidcUserRequest, OidcUser>) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer.UserInfoEndpointConfig
Sets the OpenID Connect 1.0 service used for obtaining the user attributes of the End-User from the UserInfo Endpoint.
OidcUserService - Class in org.springframework.security.oauth2.client.oidc.userinfo
An implementation of an OAuth2UserService that supports OpenID Connect 1.0 Provider's.
OidcUserService() - Constructor for class org.springframework.security.oauth2.client.oidc.userinfo.OidcUserService
 
onApplicationEvent(AbstractAuthorizationEvent) - Method in class org.springframework.security.access.event.LoggerListener
 
onApplicationEvent(AbstractAuthenticationEvent) - Method in class org.springframework.security.authentication.event.LoggerListener
 
onApplicationEvent(SessionDestroyedEvent) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
 
onApplicationEvent(ApplicationEvent) - Method in class org.springframework.security.context.DelegatingApplicationListener
 
onApplicationEvent(SessionDestroyedEvent) - Method in class org.springframework.security.core.session.SessionRegistryImpl
 
onAuthentication(Authentication, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.session.CompositeSessionAuthenticationStrategy
 
onAuthentication(Authentication, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy
In addition to the steps from the superclass, the sessionRegistry will be updated with the new session information.
onAuthentication(Authentication, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.session.NullAuthenticatedSessionStrategy
 
onAuthentication(Authentication, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy
In addition to the steps from the superclass, the sessionRegistry will be updated with the new session information.
onAuthentication(Authentication, HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.authentication.session.SessionAuthenticationStrategy
Performs Http session-related functionality when a new authentication occurs.
onAuthentication(Authentication, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.csrf.CsrfAuthenticationStrategy
 
onAuthenticationFailure(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in interface org.springframework.security.web.authentication.AuthenticationFailureHandler
Called when an authentication attempt fails.
onAuthenticationFailure(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.DelegatingAuthenticationFailureHandler
Called when an authentication attempt fails.
onAuthenticationFailure(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler
 
onAuthenticationFailure(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.ForwardAuthenticationFailureHandler
 
onAuthenticationFailure(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
Performs the redirect or forward to the defaultFailureUrl if set, otherwise returns a 401 error code.
onAuthenticationFailure(WebFilterExchange, AuthenticationException) - Method in class org.springframework.security.web.server.authentication.RedirectServerAuthenticationFailureHandler
 
onAuthenticationFailure(WebFilterExchange, AuthenticationException) - Method in class org.springframework.security.web.server.authentication.ServerAuthenticationEntryPointFailureHandler
 
onAuthenticationFailure(WebFilterExchange, AuthenticationException) - Method in interface org.springframework.security.web.server.authentication.ServerAuthenticationFailureHandler
Invoked when authentication attempt fails
onAuthenticationSuccess(Authentication, WebFilterExchange) - Method in class org.springframework.security.oauth2.client.web.server.authentication.OAuth2LoginAuthenticationWebFilter
 
onAuthenticationSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in interface org.springframework.security.web.authentication.AuthenticationSuccessHandler
Called when a user has been successfully authenticated.
onAuthenticationSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.ForwardAuthenticationSuccessHandler
 
onAuthenticationSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler
 
onAuthenticationSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler
Calls the parent class handle() method to forward or redirect to the target URL, and then calls clearAuthenticationAttributes() to remove any leftover session data.
onAuthenticationSuccess(Authentication, WebFilterExchange) - Method in class org.springframework.security.web.server.authentication.AuthenticationWebFilter
 
onAuthenticationSuccess(WebFilterExchange, Authentication) - Method in class org.springframework.security.web.server.authentication.DelegatingServerAuthenticationSuccessHandler
 
onAuthenticationSuccess(WebFilterExchange, Authentication) - Method in class org.springframework.security.web.server.authentication.RedirectServerAuthenticationSuccessHandler
 
onAuthenticationSuccess(WebFilterExchange, Authentication) - Method in interface org.springframework.security.web.server.authentication.ServerAuthenticationSuccessHandler
Invoked when the application authenticates successfully
onAuthenticationSuccess(WebFilterExchange, Authentication) - Method in class org.springframework.security.web.server.authentication.WebFilterChainServerAuthenticationSuccessHandler
 
OnCommittedResponseWrapper - Class in org.springframework.security.web.util
Base class for response wrappers which encapsulate the logic for handling an event when the HttpServletResponse is committed.
OnCommittedResponseWrapper(HttpServletResponse) - Constructor for class org.springframework.security.web.util.OnCommittedResponseWrapper
 
onExpiredSessionDetected(SessionInformationExpiredEvent) - Method in interface org.springframework.security.web.session.SessionInformationExpiredStrategy
 
onExpiredSessionDetected(SessionInformationExpiredEvent) - Method in class org.springframework.security.web.session.SimpleRedirectSessionInformationExpiredStrategy
 
onInvalidSessionDetected(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.session.InvalidSessionStrategy
 
onInvalidSessionDetected(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.session.SimpleRedirectInvalidSessionStrategy
 
onLoginFail(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
 
onLoginSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
Called from loginSuccess when a remember-me login has been requested.
onLoginSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices
Creates a new persistent login token with a new series number, stores the data in the persistent token repository and adds the corresponding cookie to the response.
onLoginSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices
 
onLogoutSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.logout.DelegatingLogoutSuccessHandler
 
onLogoutSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.logout.ForwardLogoutSuccessHandler
 
onLogoutSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.logout.HttpStatusReturningLogoutSuccessHandler
onLogoutSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in interface org.springframework.security.web.authentication.logout.LogoutSuccessHandler
 
onLogoutSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler
 
onLogoutSuccess(WebFilterExchange, Authentication) - Method in class org.springframework.security.web.server.authentication.logout.HttpStatusReturningServerLogoutSuccessHandler
onLogoutSuccess(WebFilterExchange, Authentication) - Method in class org.springframework.security.web.server.authentication.logout.RedirectServerLogoutSuccessHandler
 
onLogoutSuccess(WebFilterExchange, Authentication) - Method in interface org.springframework.security.web.server.authentication.logout.ServerLogoutSuccessHandler
Invoked after log out was successful
onResponseCommitted() - Method in class org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper
Calls saveContext() with the current contents of the SecurityContextHolder as long as () was not invoked.
onResponseCommitted() - Method in class org.springframework.security.web.util.OnCommittedResponseWrapper
Implement the logic for handling the HttpServletResponse being committed
onStartup(ServletContext) - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
 
onSuccessfulAuthentication(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter
Called if a remember-me token is presented and successfully authenticated by the RememberMeServices autoLogin method and the AuthenticationManager.
onSuccessfulAuthentication(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
 
onUnsuccessfulAuthentication(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter
Called if the AuthenticationManager rejects the authentication object returned from the RememberMeServices autoLogin method.
onUnsuccessfulAuthentication(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
 
OPENID - Static variable in interface org.springframework.security.oauth2.core.oidc.OidcScopes
The openid scope is required for OpenID Connect Authentication Requests.
OpenID4JavaConsumer - Class in org.springframework.security.openid
 
OpenID4JavaConsumer() - Constructor for class org.springframework.security.openid.OpenID4JavaConsumer
 
OpenID4JavaConsumer(AxFetchListFactory) - Constructor for class org.springframework.security.openid.OpenID4JavaConsumer
 
OpenID4JavaConsumer(ConsumerManager, AxFetchListFactory) - Constructor for class org.springframework.security.openid.OpenID4JavaConsumer
 
OPENID_ATTRIBUTE - Static variable in class org.springframework.security.config.Elements
 
OPENID_ATTRIBUTE_EXCHANGE - Static variable in class org.springframework.security.config.Elements
 
OPENID_LOGIN - Static variable in class org.springframework.security.config.Elements
 
OpenIDAttribute - Class in org.springframework.security.openid
Represents an OpenID subject identity attribute.
OpenIDAttribute(String, String) - Constructor for class org.springframework.security.openid.OpenIDAttribute
 
OpenIDAttribute(String, String, List<String>) - Constructor for class org.springframework.security.openid.OpenIDAttribute
 
OpenIDAuthenticationFilter - Class in org.springframework.security.openid
Filter which processes OpenID authentication requests.
OpenIDAuthenticationFilter() - Constructor for class org.springframework.security.openid.OpenIDAuthenticationFilter
 
OpenIDAuthenticationProvider - Class in org.springframework.security.openid
Finalises the OpenID authentication by obtaining local authorities for the authenticated user.
OpenIDAuthenticationProvider() - Constructor for class org.springframework.security.openid.OpenIDAuthenticationProvider
 
OpenIDAuthenticationStatus - Enum in org.springframework.security.openid
Authentication status codes, based on JanRain status codes
OpenIDAuthenticationToken - Class in org.springframework.security.openid
OpenID Authentication Token
OpenIDAuthenticationToken(OpenIDAuthenticationStatus, String, String, List<OpenIDAttribute>) - Constructor for class org.springframework.security.openid.OpenIDAuthenticationToken
 
OpenIDAuthenticationToken(Object, Collection<? extends GrantedAuthority>, String, List<OpenIDAttribute>) - Constructor for class org.springframework.security.openid.OpenIDAuthenticationToken
Created by the OpenIDAuthenticationProvider on successful authentication.
OpenIDConsumer - Interface in org.springframework.security.openid
An interface for OpenID library implementations
OpenIDConsumerException - Exception in org.springframework.security.openid
Thrown by an OpenIDConsumer if it cannot process a request
OpenIDConsumerException(String) - Constructor for exception org.springframework.security.openid.OpenIDConsumerException
 
OpenIDConsumerException(String, Throwable) - Constructor for exception org.springframework.security.openid.OpenIDConsumerException
 
openidLogin() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Allows configuring OpenID based authentication.
OpenIDLoginConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers.openid
Adds support for OpenID based authentication.
OpenIDLoginConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer
Creates a new instance
OpenIDLoginConfigurer.AttributeExchangeConfigurer - Class in org.springframework.security.config.annotation.web.configurers.openid
A class used to add OpenID attributes to look up
OpenIDLoginConfigurer.AttributeExchangeConfigurer.AttributeConfigurer - Class in org.springframework.security.config.annotation.web.configurers.openid
Configures an OpenIDAttribute
OPT_DEFAULT_PORT - Static variable in class org.springframework.security.config.ldap.LdapServerBeanDefinitionParser
 
ORDERED - Static variable in class org.springframework.security.crypto.codec.Base64
Deprecated.
Encode using the special "ordered" dialect of Base64.
org.springframework.security.access - package org.springframework.security.access
Core access-control related code, including security metadata related classes, interception code, access control annotations, EL support and voter-based implementations of the central AccessDecisionManager interface.
org.springframework.security.access.annotation - package org.springframework.security.access.annotation
Support for JSR-250 and Spring Security @Secured annotations.
org.springframework.security.access.event - package org.springframework.security.access.event
Authorization event and listener classes.
org.springframework.security.access.expression - package org.springframework.security.access.expression
Expression handling code to support the use of Spring-EL based expressions in @PreAuthorize, @PreFilter, @PostAuthorize and @PostFilter annotations.
org.springframework.security.access.expression.method - package org.springframework.security.access.expression.method
Implementation of expression-based method security.
org.springframework.security.access.hierarchicalroles - package org.springframework.security.access.hierarchicalroles
Role hierarchy implementation.
org.springframework.security.access.intercept - package org.springframework.security.access.intercept
Abstract level security interception classes which are responsible for enforcing the configured security constraints for a secure object.
org.springframework.security.access.intercept.aopalliance - package org.springframework.security.access.intercept.aopalliance
Enforces security for AOP Alliance MethodInvocations, such as via Spring AOP.
org.springframework.security.access.intercept.aspectj - package org.springframework.security.access.intercept.aspectj
Enforces security for AspectJ JointPoints, delegating secure object callbacks to the calling aspect.
org.springframework.security.access.method - package org.springframework.security.access.method
Provides SecurityMetadataSource implementations for securing Java method invocations via different AOP libraries.
org.springframework.security.access.prepost - package org.springframework.security.access.prepost
Contains the infrastructure classes for handling the @PreAuthorize, @PreFilter, @PostAuthorize and @PostFilter annotations.
org.springframework.security.access.vote - package org.springframework.security.access.vote
Implements a vote-based approach to authorization decisions.
org.springframework.security.acls - package org.springframework.security.acls
The Spring Security ACL package which implements instance-based security for domain objects.
org.springframework.security.acls.afterinvocation - package org.springframework.security.acls.afterinvocation
After-invocation providers for collection and array filtering.
org.springframework.security.acls.domain - package org.springframework.security.acls.domain
Basic implementation of access control lists (ACLs) interfaces.
org.springframework.security.acls.jdbc - package org.springframework.security.acls.jdbc
JDBC-based persistence of ACL information
org.springframework.security.acls.model - package org.springframework.security.acls.model
Interfaces and shared classes to manage access control lists (ACLs) for domain object instances.
org.springframework.security.authentication - package org.springframework.security.authentication
Core classes and interfaces related to user authentication, which are used throughout Spring Security.
org.springframework.security.authentication.dao - package org.springframework.security.authentication.dao
An AuthenticationProvider which relies upon a data access object.
org.springframework.security.authentication.event - package org.springframework.security.authentication.event
Authentication success and failure events which can be published to the Spring application context.
org.springframework.security.authentication.jaas - package org.springframework.security.authentication.jaas
An authentication provider for JAAS.
org.springframework.security.authentication.jaas.event - package org.springframework.security.authentication.jaas.event
JAAS authentication events which can be published to the Spring application context by the JAAS authentication provider.
org.springframework.security.authentication.jaas.memory - package org.springframework.security.authentication.jaas.memory
An in memory JAAS implementation.
org.springframework.security.authentication.rcp - package org.springframework.security.authentication.rcp
Allows remote clients to authenticate and obtain a populated Authentication object.
org.springframework.security.authorization - package org.springframework.security.authorization
 
org.springframework.security.cas - package org.springframework.security.cas
Spring Security support for Jasig's Central Authentication Service (CAS).
org.springframework.security.cas.authentication - package org.springframework.security.cas.authentication
An AuthenticationProvider that can process CAS service tickets and proxy tickets.
org.springframework.security.cas.jackson2 - package org.springframework.security.cas.jackson2
 
org.springframework.security.cas.userdetails - package org.springframework.security.cas.userdetails
 
org.springframework.security.cas.web - package org.springframework.security.cas.web
Authenticates standard web browser users via CAS.
org.springframework.security.cas.web.authentication - package org.springframework.security.cas.web.authentication
Authentication processing mechanisms which respond to the submission of authentication credentials using CAS.
org.springframework.security.concurrent - package org.springframework.security.concurrent
 
org.springframework.security.config - package org.springframework.security.config
Support classes for the Spring Security namespace.
org.springframework.security.config.annotation - package org.springframework.security.config.annotation
 
org.springframework.security.config.annotation.authentication - package org.springframework.security.config.annotation.authentication
 
org.springframework.security.config.annotation.authentication.builders - package org.springframework.security.config.annotation.authentication.builders
 
org.springframework.security.config.annotation.authentication.configuration - package org.springframework.security.config.annotation.authentication.configuration
 
org.springframework.security.config.annotation.authentication.configurers.ldap - package org.springframework.security.config.annotation.authentication.configurers.ldap
 
org.springframework.security.config.annotation.authentication.configurers.provisioning - package org.springframework.security.config.annotation.authentication.configurers.provisioning
 
org.springframework.security.config.annotation.authentication.configurers.userdetails - package org.springframework.security.config.annotation.authentication.configurers.userdetails
 
org.springframework.security.config.annotation.configuration - package org.springframework.security.config.annotation.configuration
 
org.springframework.security.config.annotation.method.configuration - package org.springframework.security.config.annotation.method.configuration
 
org.springframework.security.config.annotation.web - package org.springframework.security.config.annotation.web
 
org.springframework.security.config.annotation.web.builders - package org.springframework.security.config.annotation.web.builders
 
org.springframework.security.config.annotation.web.configuration - package org.springframework.security.config.annotation.web.configuration
 
org.springframework.security.config.annotation.web.configurers - package org.springframework.security.config.annotation.web.configurers
 
org.springframework.security.config.annotation.web.configurers.oauth2.client - package org.springframework.security.config.annotation.web.configurers.oauth2.client
 
org.springframework.security.config.annotation.web.configurers.oauth2.server.resource - package org.springframework.security.config.annotation.web.configurers.oauth2.server.resource
 
org.springframework.security.config.annotation.web.configurers.openid - package org.springframework.security.config.annotation.web.configurers.openid
 
org.springframework.security.config.annotation.web.messaging - package org.springframework.security.config.annotation.web.messaging
 
org.springframework.security.config.annotation.web.reactive - package org.springframework.security.config.annotation.web.reactive
 
org.springframework.security.config.annotation.web.servlet.configuration - package org.springframework.security.config.annotation.web.servlet.configuration
 
org.springframework.security.config.annotation.web.socket - package org.springframework.security.config.annotation.web.socket
 
org.springframework.security.config.authentication - package org.springframework.security.config.authentication
Parsing of <authentication-manager> and related elements.
org.springframework.security.config.core - package org.springframework.security.config.core
 
org.springframework.security.config.core.userdetails - package org.springframework.security.config.core.userdetails
 
org.springframework.security.config.debug - package org.springframework.security.config.debug
 
org.springframework.security.config.http - package org.springframework.security.config.http
Parsing of the <http> namespace element.
org.springframework.security.config.ldap - package org.springframework.security.config.ldap
Security namespace support for LDAP authentication.
org.springframework.security.config.method - package org.springframework.security.config.method
Support for parsing of the <global-method-security> and <intercept-methods> elements.
org.springframework.security.config.oauth2.client - package org.springframework.security.config.oauth2.client
 
org.springframework.security.config.provisioning - package org.springframework.security.config.provisioning
 
org.springframework.security.config.web.server - package org.springframework.security.config.web.server
 
org.springframework.security.config.websocket - package org.springframework.security.config.websocket
 
org.springframework.security.context - package org.springframework.security.context
 
org.springframework.security.core - package org.springframework.security.core
Core classes and interfaces related to user authentication and authorization, as well as the maintenance of a security context.
org.springframework.security.core.annotation - package org.springframework.security.core.annotation
 
org.springframework.security.core.authority - package org.springframework.security.core.authority
The default implementation of the GrantedAuthority interface.
org.springframework.security.core.authority.mapping - package org.springframework.security.core.authority.mapping
Strategies for mapping a list of attributes (such as roles or LDAP groups) to a list of GrantedAuthoritys.
org.springframework.security.core.context - package org.springframework.security.core.context
Classes related to the establishment of a security context for the duration of a request (such as an HTTP or RMI invocation).
org.springframework.security.core.parameters - package org.springframework.security.core.parameters
 
org.springframework.security.core.session - package org.springframework.security.core.session
Session abstraction which is provided by the org.springframework.security.core.session.SessionInformation SessionInformation class.
org.springframework.security.core.token - package org.springframework.security.core.token
A service for building secure random tokens.
org.springframework.security.core.userdetails - package org.springframework.security.core.userdetails
The standard interfaces for implementing user data DAOs.
org.springframework.security.core.userdetails.cache - package org.springframework.security.core.userdetails.cache
Implementations of UserCache.
org.springframework.security.core.userdetails.jdbc - package org.springframework.security.core.userdetails.jdbc
Exposes a JDBC-based authentication repository, implementing org.springframework.security.core.userdetails.UserDetailsService UserDetailsService.
org.springframework.security.core.userdetails.memory - package org.springframework.security.core.userdetails.memory
Exposes an in-memory authentication repository.
org.springframework.security.crypto.bcrypt - package org.springframework.security.crypto.bcrypt
 
org.springframework.security.crypto.codec - package org.springframework.security.crypto.codec
Internal codec classes.
org.springframework.security.crypto.encrypt - package org.springframework.security.crypto.encrypt
 
org.springframework.security.crypto.factory - package org.springframework.security.crypto.factory
 
org.springframework.security.crypto.keygen - package org.springframework.security.crypto.keygen
 
org.springframework.security.crypto.password - package org.springframework.security.crypto.password
 
org.springframework.security.crypto.scrypt - package org.springframework.security.crypto.scrypt
 
org.springframework.security.crypto.util - package org.springframework.security.crypto.util
 
org.springframework.security.data.repository.query - package org.springframework.security.data.repository.query
 
org.springframework.security.jackson2 - package org.springframework.security.jackson2
Mix-in classes to add Jackson serialization support.
org.springframework.security.ldap - package org.springframework.security.ldap
Spring Security's LDAP module.
org.springframework.security.ldap.authentication - package org.springframework.security.ldap.authentication
The LDAP authentication provider package.
org.springframework.security.ldap.authentication.ad - package org.springframework.security.ldap.authentication.ad
 
org.springframework.security.ldap.ppolicy - package org.springframework.security.ldap.ppolicy
Implementation of password policy functionality based on the Password Policy for LDAP Directories.
org.springframework.security.ldap.search - package org.springframework.security.ldap.search
LdapUserSearch implementations.
org.springframework.security.ldap.server - package org.springframework.security.ldap.server
Embedded Apache Directory Server implementation, as used by the configuration namespace.
org.springframework.security.ldap.userdetails - package org.springframework.security.ldap.userdetails
LDAP-focused UserDetails implementations which map from a ubset of the data contained in some of the standard LDAP types (such as InetOrgPerson).
org.springframework.security.messaging.access.expression - package org.springframework.security.messaging.access.expression
 
org.springframework.security.messaging.access.intercept - package org.springframework.security.messaging.access.intercept
 
org.springframework.security.messaging.context - package org.springframework.security.messaging.context
 
org.springframework.security.messaging.util.matcher - package org.springframework.security.messaging.util.matcher
 
org.springframework.security.messaging.web.csrf - package org.springframework.security.messaging.web.csrf
 
org.springframework.security.messaging.web.socket.server - package org.springframework.security.messaging.web.socket.server
 
org.springframework.security.oauth2.client - package org.springframework.security.oauth2.client
Core classes and interfaces providing support for OAuth 2.0 Client.
org.springframework.security.oauth2.client.annotation - package org.springframework.security.oauth2.client.annotation
 
org.springframework.security.oauth2.client.authentication - package org.springframework.security.oauth2.client.authentication
Support classes and interfaces for authenticating and authorizing a client with an OAuth 2.0 Authorization Server using a specific authorization grant flow.
org.springframework.security.oauth2.client.endpoint - package org.springframework.security.oauth2.client.endpoint
Classes and interfaces providing support to the client for initiating requests to the Authorization Server's Protocol Endpoints.
org.springframework.security.oauth2.client.http - package org.springframework.security.oauth2.client.http
 
org.springframework.security.oauth2.client.oidc.authentication - package org.springframework.security.oauth2.client.oidc.authentication
Support classes and interfaces for authenticating and authorizing a client with an OpenID Connect 1.0 Provider using a specific authorization grant flow.
org.springframework.security.oauth2.client.oidc.userinfo - package org.springframework.security.oauth2.client.oidc.userinfo
Classes and interfaces providing support to the client for initiating requests to the OpenID Connect 1.0 Provider's UserInfo Endpoint.
org.springframework.security.oauth2.client.registration - package org.springframework.security.oauth2.client.registration
Classes and interfaces that provide support for ClientRegistration.
org.springframework.security.oauth2.client.userinfo - package org.springframework.security.oauth2.client.userinfo
Classes and interfaces providing support to the client for initiating requests to the OAuth 2.0 Authorization Server's UserInfo Endpoint.
org.springframework.security.oauth2.client.web - package org.springframework.security.oauth2.client.web
OAuth 2.0 Client Filter's and supporting classes and interfaces.
org.springframework.security.oauth2.client.web.method.annotation - package org.springframework.security.oauth2.client.web.method.annotation
 
org.springframework.security.oauth2.client.web.reactive.function.client - package org.springframework.security.oauth2.client.web.reactive.function.client
 
org.springframework.security.oauth2.client.web.reactive.result.method.annotation - package org.springframework.security.oauth2.client.web.reactive.result.method.annotation
 
org.springframework.security.oauth2.client.web.server - package org.springframework.security.oauth2.client.web.server
 
org.springframework.security.oauth2.client.web.server.authentication - package org.springframework.security.oauth2.client.web.server.authentication
 
org.springframework.security.oauth2.core - package org.springframework.security.oauth2.core
Core classes and interfaces providing support for the OAuth 2.0 Authorization Framework.
org.springframework.security.oauth2.core.endpoint - package org.springframework.security.oauth2.core.endpoint
Support classes that model the OAuth 2.0 Request and Response messages from the Authorization Endpoint and Token Endpoint.
org.springframework.security.oauth2.core.http.converter - package org.springframework.security.oauth2.core.http.converter
 
org.springframework.security.oauth2.core.oidc - package org.springframework.security.oauth2.core.oidc
Core classes and interfaces providing support for OpenID Connect Core 1.0.
org.springframework.security.oauth2.core.oidc.endpoint - package org.springframework.security.oauth2.core.oidc.endpoint
Support classes that model the OpenID Connect Core 1.0 Request and Response messages from the Authorization Endpoint and Token Endpoint.
org.springframework.security.oauth2.core.oidc.user - package org.springframework.security.oauth2.core.oidc.user
Provides a model for an OpenID Connect Core 1.0 representation of a user Principal.
org.springframework.security.oauth2.core.user - package org.springframework.security.oauth2.core.user
Provides a model for an OAuth 2.0 representation of a user Principal.
org.springframework.security.oauth2.core.web.reactive.function - package org.springframework.security.oauth2.core.web.reactive.function
 
org.springframework.security.oauth2.jose.jws - package org.springframework.security.oauth2.jose.jws
Core classes and interfaces providing support for JSON Web Signature (JWS).
org.springframework.security.oauth2.jwt - package org.springframework.security.oauth2.jwt
Core classes and interfaces providing support for JSON Web Token (JWT).
org.springframework.security.oauth2.server.resource - package org.springframework.security.oauth2.server.resource
OAuth 2.0 Resource Server core classes and interfaces providing support.
org.springframework.security.oauth2.server.resource.authentication - package org.springframework.security.oauth2.server.resource.authentication
OAuth 2.0 Resource Server Authentications and supporting classes and interfaces.
org.springframework.security.oauth2.server.resource.web - package org.springframework.security.oauth2.server.resource.web
OAuth 2.0 Resource Server Filter's and supporting classes and interfaces.
org.springframework.security.oauth2.server.resource.web.access - package org.springframework.security.oauth2.server.resource.web.access
OAuth 2.0 Resource Server access denial classes and interfaces.
org.springframework.security.oauth2.server.resource.web.access.server - package org.springframework.security.oauth2.server.resource.web.access.server
 
org.springframework.security.oauth2.server.resource.web.server - package org.springframework.security.oauth2.server.resource.web.server
 
org.springframework.security.openid - package org.springframework.security.openid
Authenticates standard web browser users via OpenID.
org.springframework.security.provisioning - package org.springframework.security.provisioning
Contains simple user and authority group account provisioning interfaces together with a a JDBC-based implementation.
org.springframework.security.remoting.dns - package org.springframework.security.remoting.dns
DNS resolution.
org.springframework.security.remoting.httpinvoker - package org.springframework.security.remoting.httpinvoker
Enables use of Spring's HttpInvoker extension points to present the principal and credentials located in the ContextHolder via BASIC authentication.
org.springframework.security.remoting.rmi - package org.springframework.security.remoting.rmi
Enables use of Spring's RMI remoting extension points to propagate the SecurityContextHolder (which should contain an Authentication request token) from one JVM to the remote JVM.
org.springframework.security.scheduling - package org.springframework.security.scheduling
 
org.springframework.security.taglibs - package org.springframework.security.taglibs
Security related tag libraries that can be used in JSPs and templates.
org.springframework.security.taglibs.authz - package org.springframework.security.taglibs.authz
JSP Security tag library implementation.
org.springframework.security.taglibs.csrf - package org.springframework.security.taglibs.csrf
 
org.springframework.security.task - package org.springframework.security.task
 
org.springframework.security.test.context - package org.springframework.security.test.context
 
org.springframework.security.test.context.annotation - package org.springframework.security.test.context.annotation
 
org.springframework.security.test.context.support - package org.springframework.security.test.context.support
 
org.springframework.security.test.web.reactive.server - package org.springframework.security.test.web.reactive.server
 
org.springframework.security.test.web.servlet.request - package org.springframework.security.test.web.servlet.request
 
org.springframework.security.test.web.servlet.response - package org.springframework.security.test.web.servlet.response
 
org.springframework.security.test.web.servlet.setup - package org.springframework.security.test.web.servlet.setup
 
org.springframework.security.test.web.support - package org.springframework.security.test.web.support
 
org.springframework.security.util - package org.springframework.security.util
General utility classes used throughout the Spring Security framework.
org.springframework.security.web - package org.springframework.security.web
Spring Security's web security module.
org.springframework.security.web.access - package org.springframework.security.web.access
Access-control related classes and packages.
org.springframework.security.web.access.channel - package org.springframework.security.web.access.channel
Classes that ensure web requests are received over required transport channels.
org.springframework.security.web.access.expression - package org.springframework.security.web.access.expression
Implementation of web security expressions.
org.springframework.security.web.access.intercept - package org.springframework.security.web.access.intercept
Enforcement of security for HTTP requests, typically by the URL requested.
org.springframework.security.web.authentication - package org.springframework.security.web.authentication
Authentication processing mechanisms, which respond to the submission of authentication credentials using various protocols (eg BASIC, CAS, form login etc).
org.springframework.security.web.authentication.logout - package org.springframework.security.web.authentication.logout
Logout functionality based around a filter which handles a specific logout URL.
org.springframework.security.web.authentication.preauth - package org.springframework.security.web.authentication.preauth
Support for "pre-authenticated" scenarios, where Spring Security assumes the incoming request has already been authenticated by some externally configured system.
org.springframework.security.web.authentication.preauth.j2ee - package org.springframework.security.web.authentication.preauth.j2ee
Pre-authentication support for container-authenticated requests.
org.springframework.security.web.authentication.preauth.websphere - package org.springframework.security.web.authentication.preauth.websphere
Websphere-specific pre-authentication classes.
org.springframework.security.web.authentication.preauth.x509 - package org.springframework.security.web.authentication.preauth.x509
X.509 client certificate authentication support.
org.springframework.security.web.authentication.rememberme - package org.springframework.security.web.authentication.rememberme
Support for remembering a user between different web sessions.
org.springframework.security.web.authentication.session - package org.springframework.security.web.authentication.session
Strategy interface and implementations for handling session-related behaviour for a newly authenticated user.
org.springframework.security.web.authentication.switchuser - package org.springframework.security.web.authentication.switchuser
Provides HTTP-based "switch user" (su) capabilities.
org.springframework.security.web.authentication.ui - package org.springframework.security.web.authentication.ui
Authentication user-interface rendering code.
org.springframework.security.web.authentication.www - package org.springframework.security.web.authentication.www
WWW-Authenticate based authentication mechanism implementations: Basic and Digest authentication.
org.springframework.security.web.bind.annotation - package org.springframework.security.web.bind.annotation
 
org.springframework.security.web.bind.support - package org.springframework.security.web.bind.support
 
org.springframework.security.web.context - package org.springframework.security.web.context
Classes which are responsible for maintaining the security context between HTTP requests.
org.springframework.security.web.context.request.async - package org.springframework.security.web.context.request.async
 
org.springframework.security.web.context.support - package org.springframework.security.web.context.support
 
org.springframework.security.web.csrf - package org.springframework.security.web.csrf
 
org.springframework.security.web.debug - package org.springframework.security.web.debug
 
org.springframework.security.web.firewall - package org.springframework.security.web.firewall
 
org.springframework.security.web.header - package org.springframework.security.web.header
 
org.springframework.security.web.header.writers - package org.springframework.security.web.header.writers
 
org.springframework.security.web.header.writers.frameoptions - package org.springframework.security.web.header.writers.frameoptions
 
org.springframework.security.web.http - package org.springframework.security.web.http
 
org.springframework.security.web.jaasapi - package org.springframework.security.web.jaasapi
Makes a JAAS Subject available as the current Subject.
org.springframework.security.web.jackson2 - package org.springframework.security.web.jackson2
Mix-in classes to provide Jackson serialization support.
org.springframework.security.web.method.annotation - package org.springframework.security.web.method.annotation
 
org.springframework.security.web.reactive.result.method.annotation - package org.springframework.security.web.reactive.result.method.annotation
 
org.springframework.security.web.reactive.result.view - package org.springframework.security.web.reactive.result.view
 
org.springframework.security.web.savedrequest - package org.springframework.security.web.savedrequest
Classes related to the caching of an HttpServletRequest which requires authentication.
org.springframework.security.web.server - package org.springframework.security.web.server
 
org.springframework.security.web.server.authentication - package org.springframework.security.web.server.authentication
 
org.springframework.security.web.server.authentication.logout - package org.springframework.security.web.server.authentication.logout
 
org.springframework.security.web.server.authorization - package org.springframework.security.web.server.authorization
 
org.springframework.security.web.server.context - package org.springframework.security.web.server.context
 
org.springframework.security.web.server.csrf - package org.springframework.security.web.server.csrf
 
org.springframework.security.web.server.header - package org.springframework.security.web.server.header
 
org.springframework.security.web.server.savedrequest - package org.springframework.security.web.server.savedrequest
 
org.springframework.security.web.server.transport - package org.springframework.security.web.server.transport
 
org.springframework.security.web.server.ui - package org.springframework.security.web.server.ui
 
org.springframework.security.web.server.util.matcher - package org.springframework.security.web.server.util.matcher
 
org.springframework.security.web.servlet.support.csrf - package org.springframework.security.web.servlet.support.csrf
 
org.springframework.security.web.servlet.util.matcher - package org.springframework.security.web.servlet.util.matcher
 
org.springframework.security.web.servletapi - package org.springframework.security.web.servletapi
Populates a Servlet request with a new Spring Security compliant HttpServletRequestWrapper.
org.springframework.security.web.session - package org.springframework.security.web.session
Session management filters, HttpSession events and publisher classes.
org.springframework.security.web.util - package org.springframework.security.web.util
Web utility classes.
org.springframework.security.web.util.matcher - package org.springframework.security.web.util.matcher
 
OrMessageMatcher<T> - Class in org.springframework.security.messaging.util.matcher
MessageMatcher that will return true if any of the passed in MessageMatcher instances match.
OrMessageMatcher(List<MessageMatcher<T>>) - Constructor for class org.springframework.security.messaging.util.matcher.OrMessageMatcher
Creates a new instance
OrMessageMatcher(MessageMatcher<T>...) - Constructor for class org.springframework.security.messaging.util.matcher.OrMessageMatcher
Creates a new instance
OrRequestMatcher - Class in org.springframework.security.web.util.matcher
RequestMatcher that will return true if any of the passed in RequestMatcher instances match.
OrRequestMatcher(List<RequestMatcher>) - Constructor for class org.springframework.security.web.util.matcher.OrRequestMatcher
Creates a new instance
OrRequestMatcher(RequestMatcher...) - Constructor for class org.springframework.security.web.util.matcher.OrRequestMatcher
Creates a new instance
OrServerWebExchangeMatcher - Class in org.springframework.security.web.server.util.matcher
Matches if any of the provided ServerWebExchangeMatcher match
OrServerWebExchangeMatcher(List<ServerWebExchangeMatcher>) - Constructor for class org.springframework.security.web.server.util.matcher.OrServerWebExchangeMatcher
 
OrServerWebExchangeMatcher(ServerWebExchangeMatcher...) - Constructor for class org.springframework.security.web.server.util.matcher.OrServerWebExchangeMatcher
 
OwnershipAcl - Interface in org.springframework.security.acls.model
A mutable ACL that provides ownership capabilities.

P

P - Annotation Type in org.springframework.security.access.method
Deprecated.
use @{code org.springframework.security.core.parameters.P}
P - Annotation Type in org.springframework.security.core.parameters
An annotation that can be used along with AnnotationParameterNameDiscoverer to specify parameter names.
pageContext - Variable in class org.springframework.security.taglibs.authz.JspAuthorizeTag
 
parentAuthenticationManager(AuthenticationManager) - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
Allows providing a parent AuthenticationManager that will be tried if this AuthenticationManager was unable to attempt to authenticate the provided Authentication.
parse(Element, ParserContext) - Method in class org.springframework.security.config.authentication.AbstractUserDetailsServiceBeanDefinitionParser
 
parse(Element, ParserContext) - Method in class org.springframework.security.config.authentication.AuthenticationManagerBeanDefinitionParser
 
parse(Element, ParserContext) - Method in class org.springframework.security.config.authentication.AuthenticationProviderBeanDefinitionParser
 
parse(Element, ParserContext) - Method in class org.springframework.security.config.DebugBeanDefinitionParser
 
parse(Element, ParserContext) - Method in class org.springframework.security.config.http.CorsBeanDefinitionParser
 
parse(Element, ParserContext) - Method in class org.springframework.security.config.http.CsrfBeanDefinitionParser
 
parse(Element, ParserContext) - Method in class org.springframework.security.config.http.FilterChainBeanDefinitionParser
 
parse(Element, ParserContext) - Method in class org.springframework.security.config.http.FilterInvocationSecurityMetadataSourceParser
 
parse(Element, ParserContext) - Method in class org.springframework.security.config.http.FormLoginBeanDefinitionParser
 
parse(Element, ParserContext) - Method in class org.springframework.security.config.http.HeadersBeanDefinitionParser
 
parse(Element, ParserContext) - Method in class org.springframework.security.config.http.HttpFirewallBeanDefinitionParser
 
parse(Element, ParserContext) - Method in class org.springframework.security.config.http.HttpSecurityBeanDefinitionParser
The aim of this method is to build the list of filters which have been defined by the namespace elements and attributes within the <http> configuration, along with any custom-filter's linked to user-defined filter beans.
parse(Element, ParserContext) - Method in class org.springframework.security.config.ldap.LdapProviderBeanDefinitionParser
 
parse(Element, ParserContext) - Method in class org.springframework.security.config.ldap.LdapServerBeanDefinitionParser
 
parse(Element, ParserContext) - Method in class org.springframework.security.config.method.GlobalMethodSecurityBeanDefinitionParser
 
parse(Element, ParserContext) - Method in class org.springframework.security.config.SecurityNamespaceHandler
 
parse(Element, ParserContext) - Method in class org.springframework.security.config.websocket.WebSocketMessageBrokerSecurityBeanDefinitionParser
 
parseCache - Static variable in class org.springframework.security.web.savedrequest.FastHttpDateFormat
Parser cache.
parseDate(String, DateFormat[]) - Static method in class org.springframework.security.web.savedrequest.FastHttpDateFormat
Tries to parse the given date as an HTTP date.
parseInternal(Element, ParserContext) - Method in class org.springframework.security.config.method.MethodSecurityMetadataSourceBeanDefinitionParser
 
parseRootDnFromUrl(String) - Static method in class org.springframework.security.ldap.LdapUtils
Works out the root DN for an LDAP URL.
password(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
Populates the password.
password(String) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
Populates the password.
password(String) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.UserExchangeMutator
Specifies the password to use.
password(String) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.FormLoginRequestBuilder
The value of the password parameter.
password(String, String) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.FormLoginRequestBuilder
Specify both the password parameter name and the password.
password(String) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.DigestRequestPostProcessor
Configures the password to use
password(String) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.UserRequestPostProcessor
Populates the user's password.
PASSWORD_ENCODER - Static variable in class org.springframework.security.config.Elements
 
passwordAttribute(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.PasswordCompareConfigurer
The attribute in the directory which contains the user password.
passwordCompare() - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
 
PasswordComparisonAuthenticator - Class in org.springframework.security.ldap.authentication
An LdapAuthenticator which compares the login password with the value stored in the directory using a remote LDAP "compare" operation.
PasswordComparisonAuthenticator(BaseLdapPathContextSource) - Constructor for class org.springframework.security.ldap.authentication.PasswordComparisonAuthenticator
 
passwordEncoder(PasswordEncoder) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.PasswordCompareConfigurer
Us Allows specifying the PasswordEncoder to use.
passwordEncoder(PasswordEncoder) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
Specifies the PasswordEncoder to be used when authenticating with password comparison.
passwordEncoder(Function<String, String>) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
Encodes the current password (if non-null) and any future passwords supplied to User.UserBuilder.password(String).
PasswordEncoder - Interface in org.springframework.security.crypto.password
Service interface for encoding passwords.
PasswordEncoderFactories - Class in org.springframework.security.crypto.factory
Used for creating PasswordEncoder instances
PasswordEncoderParser - Class in org.springframework.security.config.authentication
Stateful parser for the <password-encoder> element.
PasswordEncoderParser(Element, ParserContext) - Constructor for class org.springframework.security.config.authentication.PasswordEncoderParser
 
passwordParam(String) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.FormLoginRequestBuilder
The HTTP parameter to place the password.
passwordParameter(String) - Method in class org.springframework.security.config.annotation.web.configurers.FormLoginConfigurer
The HTTP parameter to look for the password when performing authentication.
PasswordPolicyAwareContextSource - Class in org.springframework.security.ldap.ppolicy
Extended version of the DefaultSpringSecurityContextSource which adds support for the use of PasswordPolicyControl to make use of user account data stored in the directory.
PasswordPolicyAwareContextSource(String) - Constructor for class org.springframework.security.ldap.ppolicy.PasswordPolicyAwareContextSource
 
PasswordPolicyControl - Class in org.springframework.security.ldap.ppolicy
A Password Policy request control.
PasswordPolicyControl() - Constructor for class org.springframework.security.ldap.ppolicy.PasswordPolicyControl
Creates a non-critical (request) control.
PasswordPolicyControl(boolean) - Constructor for class org.springframework.security.ldap.ppolicy.PasswordPolicyControl
Creates a (request) control.
PasswordPolicyControlExtractor - Class in org.springframework.security.ldap.ppolicy
Obtains the PasswordPolicyControl from a context for use by other classes.
PasswordPolicyControlExtractor() - Constructor for class org.springframework.security.ldap.ppolicy.PasswordPolicyControlExtractor
 
PasswordPolicyControlFactory - Class in org.springframework.security.ldap.ppolicy
Transforms a control object to a PasswordPolicyResponseControl object, if appropriate.
PasswordPolicyControlFactory() - Constructor for class org.springframework.security.ldap.ppolicy.PasswordPolicyControlFactory
 
PasswordPolicyData - Interface in org.springframework.security.ldap.ppolicy
 
PasswordPolicyErrorStatus - Enum in org.springframework.security.ldap.ppolicy
Defines status codes for use with PasswordPolicyException, with error codes (for message source lookup) and default messages.
PasswordPolicyException - Exception in org.springframework.security.ldap.ppolicy
Generic exception raised by the ppolicy package.
PasswordPolicyException(PasswordPolicyErrorStatus) - Constructor for exception org.springframework.security.ldap.ppolicy.PasswordPolicyException
 
PasswordPolicyResponseControl - Class in org.springframework.security.ldap.ppolicy
Represents the response control received when a PasswordPolicyControl is used when binding to a directory.
PasswordPolicyResponseControl(byte[]) - Constructor for class org.springframework.security.ldap.ppolicy.PasswordPolicyResponseControl
Decodes the Ber encoded control data.
pathMatchers(HttpMethod, String...) - Static method in class org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers
Creates a matcher that matches on the specific method and any of the provided patterns.
pathMatchers(String...) - Static method in class org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers
Creates a matcher that matches on any of the provided patterns.
PathPatternParserServerWebExchangeMatcher - Class in org.springframework.security.web.server.util.matcher
Matches if the PathPattern matches the path within the application.
PathPatternParserServerWebExchangeMatcher(PathPattern) - Constructor for class org.springframework.security.web.server.util.matcher.PathPatternParserServerWebExchangeMatcher
 
PathPatternParserServerWebExchangeMatcher(PathPattern, HttpMethod) - Constructor for class org.springframework.security.web.server.util.matcher.PathPatternParserServerWebExchangeMatcher
 
PathPatternParserServerWebExchangeMatcher(String, HttpMethod) - Constructor for class org.springframework.security.web.server.util.matcher.PathPatternParserServerWebExchangeMatcher
 
PathPatternParserServerWebExchangeMatcher(String) - Constructor for class org.springframework.security.web.server.util.matcher.PathPatternParserServerWebExchangeMatcher
 
Pbkdf2PasswordEncoder - Class in org.springframework.security.crypto.password
A PasswordEncoder implementation that uses PBKDF2 with a configurable number of iterations and a random 8-byte random salt value.
Pbkdf2PasswordEncoder() - Constructor for class org.springframework.security.crypto.password.Pbkdf2PasswordEncoder
Constructs a PBKDF2 password encoder with no additional secret value.
Pbkdf2PasswordEncoder(CharSequence) - Constructor for class org.springframework.security.crypto.password.Pbkdf2PasswordEncoder
Constructs a standard password encoder with a secret value which is also included in the password hash.
Pbkdf2PasswordEncoder(CharSequence, int, int) - Constructor for class org.springframework.security.crypto.password.Pbkdf2PasswordEncoder
Constructs a standard password encoder with a secret value as well as iterations and hash.
Pbkdf2PasswordEncoder.SecretKeyFactoryAlgorithm - Enum in org.springframework.security.crypto.password
The Algorithm used for creating the SecretKeyFactory
performBuild() - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Subclasses must implement this method to build the object that is being returned.
performBuild() - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
 
performBuild() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
 
performBuild() - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
 
Permission - Interface in org.springframework.security.acls.model
Represents a permission granted to a Sid for a given domain object.
PermissionCacheOptimizer - Interface in org.springframework.security.access
Allows permissions to be pre-cached when using pre or post filtering with expressions
PermissionEvaluator - Interface in org.springframework.security.access
Strategy used in expression evaluation to determine whether a user has a permission or permissions for a given domain object.
PermissionFactory - Interface in org.springframework.security.acls.domain
Provides a simple mechanism to retrieve Permission instances from integer masks.
PermissionGrantingStrategy - Interface in org.springframework.security.acls.model
Allow customization of the logic for determining whether a permission or permissions are granted to a particular sid or sids by an Acl.
PERMIT_ALL_ATTRIBUTE - Static variable in class org.springframework.security.access.annotation.Jsr250SecurityConfig
 
permitAll() - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations
Always grants access.
permitAll - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
Allows "permitAll" expression
permitAll() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
 
permitAll() - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Equivalent of invoking permitAll(true)
permitAll(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
permitAll() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
Specify that URLs are allowed by anyone.
permitAll() - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
A shortcut for LogoutConfigurer.permitAll(boolean) with true as an argument.
permitAll(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
permitAll() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
Specify that Messages are allowed by anyone.
permitAll() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.AuthorizeExchangeSpec.Access
Allow access for anyone
PersistentRememberMeToken - Class in org.springframework.security.web.authentication.rememberme
 
PersistentRememberMeToken(String, String, String, Date) - Constructor for class org.springframework.security.web.authentication.rememberme.PersistentRememberMeToken
 
PersistentTokenBasedRememberMeServices - Class in org.springframework.security.web.authentication.rememberme
PersistentTokenBasedRememberMeServices(String, UserDetailsService, PersistentTokenRepository) - Constructor for class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices
 
PersistentTokenRepository - Interface in org.springframework.security.web.authentication.rememberme
The abstraction used by PersistentTokenBasedRememberMeServices to store the persistent login tokens for a user.
Person - Class in org.springframework.security.ldap.userdetails
UserDetails implementation whose properties are based on the LDAP schema for Person.
Person() - Constructor for class org.springframework.security.ldap.userdetails.Person
 
Person.Essence - Class in org.springframework.security.ldap.userdetails
 
PERSON_MAPPER_CLASS - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
PersonContextMapper - Class in org.springframework.security.ldap.userdetails
 
PersonContextMapper() - Constructor for class org.springframework.security.ldap.userdetails.PersonContextMapper
 
PHONE - Static variable in interface org.springframework.security.oauth2.core.oidc.OidcScopes
The phone scope requests access to the phone_number and phone_number_verified claims.
PHONE_NUMBER - Static variable in interface org.springframework.security.oauth2.core.oidc.StandardClaimNames
phone_number - the user's preferred phone number
PHONE_NUMBER_VERIFIED - Static variable in interface org.springframework.security.oauth2.core.oidc.StandardClaimNames
phone_number_verified - true if the user's phone number has been verified, otherwise false
PICTURE - Static variable in interface org.springframework.security.oauth2.core.oidc.StandardClaimNames
picture - the URL of the user's profile picture
populateContext(DirContextAdapter) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
 
populateContext(DirContextAdapter) - Method in class org.springframework.security.ldap.userdetails.Person
 
port(int) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.ContextSourceBuilder
The port to connect to LDAP to (the default is 33389 or random available port if unavailable).
PORT_MAPPING - Static variable in class org.springframework.security.config.Elements
 
PORT_MAPPINGS - Static variable in class org.springframework.security.config.Elements
 
portMapper() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Allows configuring a PortMapper that is available from AbstractConfiguredSecurityBuilder.getSharedObject(Class).
portMapper(PortMapper) - Method in class org.springframework.security.config.annotation.web.configurers.PortMapperConfigurer
Allows specifying the PortMapper instance.
portMapper(PortMapper) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HttpsRedirectSpec
Configures a custom HTTPS port to redirect to
PortMapper - Interface in org.springframework.security.web
PortMapper implementations provide callers with information about which HTTP ports are associated with which HTTPS ports on the system, and vice versa.
PortMapperConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Allows configuring a shared PortMapper instance used to determine the ports when redirecting between HTTP and HTTPS.
PortMapperConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.PortMapperConfigurer
Creates a new instance
PortMapperConfigurer.HttpPortMapping - Class in org.springframework.security.config.annotation.web.configurers
Allows specifying the HTTPS port for a given HTTP port when redirecting between HTTP and HTTPS.
PortMapperImpl - Class in org.springframework.security.web
Concrete implementation of PortMapper that obtains HTTP:HTTPS pairs from the application context.
PortMapperImpl() - Constructor for class org.springframework.security.web.PortMapperImpl
 
PortResolver - Interface in org.springframework.security.web
A PortResolver determines the port a web request was received on.
PortResolverImpl - Class in org.springframework.security.web
Concrete implementation of PortResolver that obtains the port from ServletRequest.getServerPort().
PortResolverImpl() - Constructor for class org.springframework.security.web.PortResolverImpl
 
POST - Static variable in class org.springframework.security.oauth2.core.ClientAuthenticationMethod
 
POST_INVOCATION_ADVICE - Static variable in class org.springframework.security.config.Elements
 
postalCode(String) - Method in class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim.Builder
Sets the zip code or postal code.
PostAuthorize - Annotation Type in org.springframework.security.access.prepost
Annotation for specifying a method access-control expression which will be evaluated after a method has been invoked.
postBuildAction(Runnable) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
Executes the Runnable immediately after the build takes place
PostFilter - Annotation Type in org.springframework.security.access.prepost
Annotation for specifying a method filtering expression which will be evaluated after a method has been invoked.
PostInvocationAdviceProvider - Class in org.springframework.security.access.prepost
AfterInvocationProvider which delegates to a PostInvocationAuthorizationAdvice instance passing it the PostInvocationAttribute created from @PostAuthorize and @PostFilter annotations.
PostInvocationAdviceProvider(PostInvocationAuthorizationAdvice) - Constructor for class org.springframework.security.access.prepost.PostInvocationAdviceProvider
 
PostInvocationAttribute - Interface in org.springframework.security.access.prepost
Marker interface for attributes which are created from combined @PostFilter and @PostAuthorize annotations.
PostInvocationAuthorizationAdvice - Interface in org.springframework.security.access.prepost
Performs filtering and authorization logic after a method is invoked.
postProcess(P) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Performs post processing of an object.
postProcess(O) - Method in interface org.springframework.security.config.annotation.ObjectPostProcessor
Initialize the object possibly returning a modified instance that should be used instead.
postProcess(T) - Method in class org.springframework.security.config.annotation.SecurityConfigurerAdapter
Performs post processing of an object.
postProcess(NativeWebRequest, Callable<T>, Object) - Method in class org.springframework.security.web.context.request.async.SecurityContextCallableProcessingInterceptor
 
postProcessBeanDefinitionRegistry(BeanDefinitionRegistry) - Method in class org.springframework.security.config.debug.SecurityDebugBeanFactoryPostProcessor
 
postProcessBeanFactory(ConfigurableListableBeanFactory) - Method in class org.springframework.security.config.debug.SecurityDebugBeanFactoryPostProcessor
 
postProcessRequest(MockHttpServletRequest) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.CsrfRequestPostProcessor
 
postProcessRequest(MockHttpServletRequest) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.DigestRequestPostProcessor
 
postProcessRequest(MockHttpServletRequest) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.UserRequestPostProcessor
 
postReceive(Message<?>, MessageChannel) - Method in class org.springframework.security.messaging.access.intercept.ChannelSecurityInterceptor
 
postSend(Message<?>, MessageChannel, boolean) - Method in class org.springframework.security.messaging.access.intercept.ChannelSecurityInterceptor
 
PRAGMA_VALUE - Static variable in class org.springframework.security.web.server.header.CacheControlServerHttpHeadersWriter
The value for pragma value
PRE_INVOCATION_ADVICE - Static variable in class org.springframework.security.config.Elements
 
PreAuthenticatedAuthenticationProvider - Class in org.springframework.security.web.authentication.preauth
Processes a pre-authenticated authentication request.
PreAuthenticatedAuthenticationProvider() - Constructor for class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider
 
PreAuthenticatedAuthenticationToken - Class in org.springframework.security.web.authentication.preauth
Authentication implementation for pre-authenticated authentication.
PreAuthenticatedAuthenticationToken(Object, Object) - Constructor for class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken
Constructor used for an authentication request.
PreAuthenticatedAuthenticationToken(Object, Object, Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken
Constructor used for an authentication response.
PreAuthenticatedCredentialsNotFoundException - Exception in org.springframework.security.web.authentication.preauth
 
PreAuthenticatedCredentialsNotFoundException(String) - Constructor for exception org.springframework.security.web.authentication.preauth.PreAuthenticatedCredentialsNotFoundException
 
PreAuthenticatedCredentialsNotFoundException(String, Throwable) - Constructor for exception org.springframework.security.web.authentication.preauth.PreAuthenticatedCredentialsNotFoundException
 
PreAuthenticatedGrantedAuthoritiesUserDetailsService - Class in org.springframework.security.web.authentication.preauth
This AuthenticationUserDetailsService implementation creates a UserDetails object based solely on the information contained in the given PreAuthenticatedAuthenticationToken.
PreAuthenticatedGrantedAuthoritiesUserDetailsService() - Constructor for class org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesUserDetailsService
 
PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails - Class in org.springframework.security.web.authentication.preauth
This WebAuthenticationDetails implementation allows for storing a list of pre-authenticated Granted Authorities.
PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails(HttpServletRequest, Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails
 
PreAuthorize - Annotation Type in org.springframework.security.access.prepost
Annotation for specifying a method access-control expression which will be evaluated to decide whether a method invocation is allowed or not.
preCommence(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.cas.web.CasAuthenticationEntryPoint
Template method for you to do your own pre-processing before the redirect occurs.
PREFERRED_USERNAME - Static variable in interface org.springframework.security.oauth2.core.oidc.StandardClaimNames
preferred_username - the preferred username that the user wishes to be referred to
prefersShortLivedTasks() - Method in class org.springframework.security.scheduling.DelegatingSecurityContextSchedulingTaskExecutor
 
PreFilter - Annotation Type in org.springframework.security.access.prepost
Annotation for specifying a method filtering expression which will be evaluated before a method has been invoked.
PreInvocationAttribute - Interface in org.springframework.security.access.prepost
Marker interface for attributes which are created from combined @PreFilter and @PreAuthorize annotations.
PreInvocationAuthorizationAdvice - Interface in org.springframework.security.access.prepost
Performs argument filtering and authorization logic before a method is invoked.
preInvocationAuthorizationAdvice() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
Creates the PreInvocationAuthorizationAdvice to be used.
PreInvocationAuthorizationAdviceVoter - Class in org.springframework.security.access.prepost
Voter which performs the actions using a PreInvocationAuthorizationAdvice implementation generated from @PreFilter and @PreAuthorize annotations.
PreInvocationAuthorizationAdviceVoter(PreInvocationAuthorizationAdvice) - Constructor for class org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter
 
prepareConnection(HttpURLConnection, int) - Method in class org.springframework.security.remoting.httpinvoker.AuthenticationSimpleHttpInvokerRequestExecutor
Called every time a HTTP invocation is made.
PrePostAdviceReactiveMethodInterceptor - Class in org.springframework.security.access.prepost
A MethodInterceptor that supports PreAuthorize and PostAuthorize for methods that return Mono or Flux
PrePostAdviceReactiveMethodInterceptor(MethodSecurityMetadataSource, PreInvocationAuthorizationAdvice, PostInvocationAuthorizationAdvice) - Constructor for class org.springframework.security.access.prepost.PrePostAdviceReactiveMethodInterceptor
Creates a new instance
PrePostAnnotationSecurityMetadataSource - Class in org.springframework.security.access.prepost
MethodSecurityMetadataSource which extracts metadata from the @PreFilter and @PreAuthorize annotations placed on a method.
PrePostAnnotationSecurityMetadataSource(PrePostInvocationAttributeFactory) - Constructor for class org.springframework.security.access.prepost.PrePostAnnotationSecurityMetadataSource
 
PrePostInvocationAttributeFactory - Interface in org.springframework.security.access.prepost
 
preProcess(NativeWebRequest, Callable<T>) - Method in class org.springframework.security.web.context.request.async.SecurityContextCallableProcessingInterceptor
 
preReceive(MessageChannel) - Method in class org.springframework.security.messaging.access.intercept.ChannelSecurityInterceptor
 
preSend(Message<?>, MessageChannel) - Method in class org.springframework.security.messaging.access.intercept.ChannelSecurityInterceptor
 
preSend(Message<?>, MessageChannel) - Method in class org.springframework.security.messaging.context.SecurityContextChannelInterceptor
 
preSend(Message<?>, MessageChannel) - Method in class org.springframework.security.messaging.web.csrf.CsrfChannelInterceptor
 
principal(Object) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
Sets the principal for Authentication objects of anonymous users
principalChanged(HttpServletRequest, Authentication) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
Determines if the current principal has changed.
PrincipalSid - Class in org.springframework.security.acls.domain
Represents an Authentication.getPrincipal() as a Sid.
PrincipalSid(String) - Constructor for class org.springframework.security.acls.domain.PrincipalSid
 
PrincipalSid(Authentication) - Constructor for class org.springframework.security.acls.domain.PrincipalSid
 
printBinary(int) - Static method in class org.springframework.security.acls.domain.AclFormattingUtils
Returns a representation of the active bits in the presented mask, with each active bit being denoted by character '*'.
printBinary(int, char) - Static method in class org.springframework.security.acls.domain.AclFormattingUtils
Returns a representation of the active bits in the presented mask, with each active bit being denoted by the passed character.
privilegeEvaluator(WebInvocationPrivilegeEvaluator) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
privilegeEvaluator() - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
Creates the WebInvocationPrivilegeEvaluator that is necessary for the JSP tag support.
proceed() - Method in class org.springframework.security.access.intercept.aspectj.MethodInvocationAdapter
 
proceed() - Method in class org.springframework.security.util.SimpleMethodInvocation
 
proceedWithObject() - Method in interface org.springframework.security.access.intercept.aspectj.AspectJCallback
 
processAction(ServerWebExchange, String, String) - Method in class org.springframework.security.web.reactive.result.view.CsrfRequestDataValueProcessor
 
processAction(HttpServletRequest, String) - Method in class org.springframework.security.web.servlet.support.csrf.CsrfRequestDataValueProcessor
 
processAction(HttpServletRequest, String, String) - Method in class org.springframework.security.web.servlet.support.csrf.CsrfRequestDataValueProcessor
 
processAutoLoginCookie(String[], HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
Called from autoLogin to process the submitted persistent login cookie.
processAutoLoginCookie(String[], HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices
Locates the presented cookie data in the token repository, using the series id.
processAutoLoginCookie(String[], HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices
 
processConfigAttribute - Variable in class org.springframework.security.acls.afterinvocation.AbstractAclProvider
 
processDomainObjectClass - Variable in class org.springframework.security.acls.afterinvocation.AbstractAclProvider
 
processFormFieldValue(ServerWebExchange, String, String, String) - Method in class org.springframework.security.web.reactive.result.view.CsrfRequestDataValueProcessor
 
processFormFieldValue(HttpServletRequest, String, String, String) - Method in class org.springframework.security.web.servlet.support.csrf.CsrfRequestDataValueProcessor
 
processUrl(ServerWebExchange, String) - Method in class org.springframework.security.web.reactive.result.view.CsrfRequestDataValueProcessor
 
processUrl(HttpServletRequest, String) - Method in class org.springframework.security.web.servlet.support.csrf.CsrfRequestDataValueProcessor
 
PROFILE - Static variable in interface org.springframework.security.oauth2.core.oidc.OidcScopes
The profile scope requests access to the default profile claims, which are: name, family_name, given_name, middle_name, nickname, preferred_username, profile, picture, website, gender, birthdate, zoneinfo, locale, updated_at.
PROFILE - Static variable in interface org.springframework.security.oauth2.core.oidc.StandardClaimNames
profile - the URL of the user's profile page
PROTECT - Static variable in class org.springframework.security.config.Elements
 
PROTECT_POINTCUT - Static variable in class org.springframework.security.config.Elements
 
providerConfigurationMetadata(Map<String, Object>) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder
Sets the metadata describing the provider's configuration.
ProviderManager - Class in org.springframework.security.authentication
Iterates an Authentication request through a list of AuthenticationProviders.
ProviderManager(List<AuthenticationProvider>) - Constructor for class org.springframework.security.authentication.ProviderManager
 
ProviderManager(List<AuthenticationProvider>, AuthenticationManager) - Constructor for class org.springframework.security.authentication.ProviderManager
 
ProviderManagerBuilder<B extends ProviderManagerBuilder<B>> - Interface in org.springframework.security.config.annotation.authentication
Interface for operating on a SecurityBuilder that creates a ProviderManager
ProviderNotFoundException - Exception in org.springframework.security.authentication
Thrown by ProviderManager if no AuthenticationProvider could be found that supports the presented Authentication object.
ProviderNotFoundException(String) - Constructor for exception org.springframework.security.authentication.ProviderNotFoundException
Constructs a ProviderNotFoundException with the specified message.
PS256 - Static variable in interface org.springframework.security.oauth2.jose.jws.JwsAlgorithms
RSASSA-PSS using SHA-256 and MGF1 with SHA-256 (Optional)
PS384 - Static variable in interface org.springframework.security.oauth2.jose.jws.JwsAlgorithms
RSASSA-PSS using SHA-384 and MGF1 with SHA-384 (Optional)
PS512 - Static variable in interface org.springframework.security.oauth2.jose.jws.JwsAlgorithms
RSASSA-PSS using SHA-512 and MGF1 with SHA-512 (Optional)
PublicInvocationEvent - Class in org.springframework.security.access.event
Event that is generated whenever a public secure object is invoked.
PublicInvocationEvent(Object) - Constructor for class org.springframework.security.access.event.PublicInvocationEvent
Construct the event, passing in the public secure object.
publicKey(RSAPublicKey) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpec
Configures a ReactiveJwtDecoder that leverages the provided RSAPublicKey
publishAuthenticationFailure(AuthenticationException, Authentication) - Method in interface org.springframework.security.authentication.AuthenticationEventPublisher
 
publishAuthenticationFailure(AuthenticationException, Authentication) - Method in class org.springframework.security.authentication.DefaultAuthenticationEventPublisher
 
publishAuthenticationSuccess(Authentication) - Method in interface org.springframework.security.authentication.AuthenticationEventPublisher
 
publishAuthenticationSuccess(Authentication) - Method in class org.springframework.security.authentication.DefaultAuthenticationEventPublisher
 
publishFailureEvent(UsernamePasswordAuthenticationToken, AuthenticationException) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
publishFailureEvent(UsernamePasswordAuthenticationToken, AuthenticationException) - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
publishSuccessEvent(UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
putInCache(MutableAcl) - Method in class org.springframework.security.acls.domain.EhCacheBasedAclCache
 
putInCache(MutableAcl) - Method in class org.springframework.security.acls.domain.SpringCacheBasedAclCache
 
putInCache(MutableAcl) - Method in interface org.springframework.security.acls.model.AclCache
 
putTicketInCache(CasAuthenticationToken) - Method in class org.springframework.security.cas.authentication.EhCacheBasedTicketCache
 
putTicketInCache(CasAuthenticationToken) - Method in class org.springframework.security.cas.authentication.NullStatelessTicketCache
This is a no-op since we are not storing tickets.
putTicketInCache(CasAuthenticationToken) - Method in class org.springframework.security.cas.authentication.SpringCacheBasedTicketCache
 
putTicketInCache(CasAuthenticationToken) - Method in interface org.springframework.security.cas.authentication.StatelessTicketCache
Adds the specified CasAuthenticationToken to the cache.
putUserInCache(UserDetails) - Method in class org.springframework.security.core.userdetails.cache.EhCacheBasedUserCache
 
putUserInCache(UserDetails) - Method in class org.springframework.security.core.userdetails.cache.NullUserCache
 
putUserInCache(UserDetails) - Method in class org.springframework.security.core.userdetails.cache.SpringCacheBasedUserCache
 
putUserInCache(UserDetails) - Method in interface org.springframework.security.core.userdetails.UserCache
Places a UserDetails in the cache.

Q

QUERY - Static variable in class org.springframework.security.oauth2.core.AuthenticationMethod
 
queryableText(CharSequence, CharSequence) - Static method in class org.springframework.security.crypto.encrypt.Encryptors
Creates an encryptor for queryable text strings that uses standard password-based encryption.

R

ReactiveAuthenticationManager - Interface in org.springframework.security.authentication
Determines if the provided Authentication can be authenticated.
ReactiveAuthenticationManagerAdapter - Class in org.springframework.security.authentication
Adapts an AuthenticationManager to the reactive APIs.
ReactiveAuthenticationManagerAdapter(AuthenticationManager) - Constructor for class org.springframework.security.authentication.ReactiveAuthenticationManagerAdapter
 
ReactiveAuthorizationManager<T> - Interface in org.springframework.security.authorization
A reactive authorization manager which can determine if an Authentication has access to a specific object.
ReactiveClientRegistrationRepository - Interface in org.springframework.security.oauth2.client.registration
A reactive repository for OAuth 2.0 / OpenID Connect 1.0 ClientRegistration(s).
ReactiveJwtAuthenticationConverterAdapter - Class in org.springframework.security.oauth2.server.resource.authentication
A reactive Converter for adapting a non-blocking imperative Converter
ReactiveJwtAuthenticationConverterAdapter(JwtAuthenticationConverter) - Constructor for class org.springframework.security.oauth2.server.resource.authentication.ReactiveJwtAuthenticationConverterAdapter
 
ReactiveJwtDecoder - Interface in org.springframework.security.oauth2.jwt
Implementations of this interface are responsible for "decoding" a JSON Web Token (JWT) from it's compact claims representation format to a Jwt.
ReactiveJwtDecoders - Class in org.springframework.security.oauth2.jwt
ReactiveOAuth2AccessTokenResponseClient<T extends AbstractOAuth2AuthorizationGrantRequest> - Interface in org.springframework.security.oauth2.client.endpoint
A reactive strategy for "exchanging" an authorization grant credential (e.g.
ReactiveOAuth2AuthorizedClientService - Interface in org.springframework.security.oauth2.client
Implementations of this interface are responsible for the management of Authorized Client(s), which provide the purpose of associating an Access Token credential to a Client and Resource Owner, who is the Principal that originally granted the authorization.
ReactiveOAuth2UserService<R extends OAuth2UserRequest,U extends OAuth2User> - Interface in org.springframework.security.oauth2.client.userinfo
Implementations of this interface are responsible for obtaining the user attributes of the End-User (Resource Owner) from the UserInfo Endpoint using the Access Token granted to the Client and returning an AuthenticatedPrincipal in the form of an OAuth2User.
ReactiveSecurityContextHolder - Class in org.springframework.security.core.context
Allows getting and setting the Spring SecurityContext into a Context.
ReactiveSecurityContextHolder() - Constructor for class org.springframework.security.core.context.ReactiveSecurityContextHolder
 
ReactiveUserDetailsPasswordService - Interface in org.springframework.security.core.userdetails
An API for changing a UserDetails password.
ReactiveUserDetailsService - Interface in org.springframework.security.core.userdetails
An API for finding the UserDetails by username.
ReactiveUserDetailsServiceResourceFactoryBean - Class in org.springframework.security.config.core.userdetails
ReactiveUserDetailsServiceResourceFactoryBean() - Constructor for class org.springframework.security.config.core.userdetails.ReactiveUserDetailsServiceResourceFactoryBean
 
ReactorContextTestExecutionListener - Class in org.springframework.security.test.context.support
Sets up the Reactor Context with the Authentication from the TestSecurityContextHolder and then clears the Reactor Context at the end of the tests.
ReactorContextTestExecutionListener() - Constructor for class org.springframework.security.test.context.support.ReactorContextTestExecutionListener
 
ReactorContextWebFilter - Class in org.springframework.security.web.server.context
ReactorContextWebFilter(ServerSecurityContextRepository) - Constructor for class org.springframework.security.web.server.context.ReactorContextWebFilter
 
read - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
 
READ - Static variable in class org.springframework.security.acls.domain.BasePermission
 
readAclById(ObjectIdentity, List<Sid>) - Method in class org.springframework.security.acls.jdbc.JdbcAclService
 
readAclById(ObjectIdentity) - Method in class org.springframework.security.acls.jdbc.JdbcAclService
 
readAclById(ObjectIdentity) - Method in interface org.springframework.security.acls.model.AclService
Same as AclService.readAclsById(List) except it returns only a single Acl.
readAclById(ObjectIdentity, List<Sid>) - Method in interface org.springframework.security.acls.model.AclService
Same as AclService.readAclsById(List, List) except it returns only a single Acl.
readAclsById(List<ObjectIdentity>, List<Sid>) - Method in class org.springframework.security.acls.jdbc.BasicLookupStrategy
The main method.
readAclsById(List<ObjectIdentity>) - Method in class org.springframework.security.acls.jdbc.JdbcAclService
 
readAclsById(List<ObjectIdentity>, List<Sid>) - Method in class org.springframework.security.acls.jdbc.JdbcAclService
 
readAclsById(List<ObjectIdentity>, List<Sid>) - Method in interface org.springframework.security.acls.jdbc.LookupStrategy
Perform database-specific optimized lookup.
readAclsById(List<ObjectIdentity>) - Method in interface org.springframework.security.acls.model.AclService
Obtains all the Acls that apply for the passed Objects.
readAclsById(List<ObjectIdentity>, List<Sid>) - Method in interface org.springframework.security.acls.model.AclService
Obtains all the Acls that apply for the passed Objects, but only for the security identifies passed.
readInternal(Class<? extends OAuth2AccessTokenResponse>, HttpInputMessage) - Method in class org.springframework.security.oauth2.core.http.converter.OAuth2AccessTokenResponseHttpMessageConverter
 
readInternal(Class<? extends OAuth2Error>, HttpInputMessage) - Method in class org.springframework.security.oauth2.core.http.converter.OAuth2ErrorHttpMessageConverter
 
realm(String) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.DigestRequestPostProcessor
Configures the realm to use
realmName(String) - Method in class org.springframework.security.config.annotation.web.configurers.HttpBasicConfigurer
Allows easily changing the realm, but leaving the remaining defaults in place.
REDIRECT_URI - Static variable in interface org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames
redirect_uri - used in Authorization Request and Access Token Request.
redirectionEndpoint() - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer
Returns the OAuth2LoginConfigurer.RedirectionEndpointConfig for configuring the Client's Redirection Endpoint.
RedirectServerAuthenticationEntryPoint - Class in org.springframework.security.web.server.authentication
Performs a redirect to a specified location.
RedirectServerAuthenticationEntryPoint(String) - Constructor for class org.springframework.security.web.server.authentication.RedirectServerAuthenticationEntryPoint
Creates an instance
RedirectServerAuthenticationFailureHandler - Class in org.springframework.security.web.server.authentication
Performs a redirect to a specified location.
RedirectServerAuthenticationFailureHandler(String) - Constructor for class org.springframework.security.web.server.authentication.RedirectServerAuthenticationFailureHandler
Creates an instance
RedirectServerAuthenticationSuccessHandler - Class in org.springframework.security.web.server.authentication
Performs a redirect on authentication success.
RedirectServerAuthenticationSuccessHandler() - Constructor for class org.springframework.security.web.server.authentication.RedirectServerAuthenticationSuccessHandler
Creates a new instance with location of "/"
RedirectServerAuthenticationSuccessHandler(String) - Constructor for class org.springframework.security.web.server.authentication.RedirectServerAuthenticationSuccessHandler
Creates a new instance with the specified location
RedirectServerLogoutSuccessHandler - Class in org.springframework.security.web.server.authentication.logout
Performs a redirect on log out success.
RedirectServerLogoutSuccessHandler() - Constructor for class org.springframework.security.web.server.authentication.logout.RedirectServerLogoutSuccessHandler
 
RedirectStrategy - Interface in org.springframework.security.web
Encapsulates the redirection logic for all classes in the framework which perform redirects.
redirectToHttps() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity
Configures HTTPS redirection rules.
redirectUri(String) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest.Builder
Sets the uri for the redirection endpoint.
redirectUri(String) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse.Builder
Sets the uri where the response was redirected to.
redirectUriTemplate(String) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder
Sets the uri (or uri template) for the redirection endpoint.
RedirectUrlBuilder - Class in org.springframework.security.web.util
Internal class for building redirect URLs.
RedirectUrlBuilder() - Constructor for class org.springframework.security.web.util.RedirectUrlBuilder
 
REFERRER_POLICY - Static variable in class org.springframework.security.web.server.header.ReferrerPolicyServerHttpHeadersWriter
 
referrerPolicy() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
Allows configuration for Referrer Policy.
referrerPolicy(ReferrerPolicyHeaderWriter.ReferrerPolicy) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
Allows configuration for Referrer Policy.
referrerPolicy(ReferrerPolicyServerHttpHeadersWriter.ReferrerPolicy) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec
Configures Referrer-Policy response header.
referrerPolicy() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec
Configures Referrer-Policy response header.
ReferrerPolicyHeaderWriter - Class in org.springframework.security.web.header.writers
Provides support for Referrer Policy.
ReferrerPolicyHeaderWriter() - Constructor for class org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter
Creates a new instance.
ReferrerPolicyHeaderWriter(ReferrerPolicyHeaderWriter.ReferrerPolicy) - Constructor for class org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter
Creates a new instance.
ReferrerPolicyHeaderWriter.ReferrerPolicy - Enum in org.springframework.security.web.header.writers
 
ReferrerPolicyServerHttpHeadersWriter - Class in org.springframework.security.web.server.header
Writes the Referrer-Policy response header.
ReferrerPolicyServerHttpHeadersWriter() - Constructor for class org.springframework.security.web.server.header.ReferrerPolicyServerHttpHeadersWriter
 
ReferrerPolicyServerHttpHeadersWriter.ReferrerPolicy - Enum in org.springframework.security.web.server.header
 
refresh() - Method in class org.springframework.security.authentication.jaas.memory.InMemoryConfiguration
Does nothing, but required for JDK5
REFRESH_TOKEN - Static variable in class org.springframework.security.oauth2.core.AuthorizationGrantType
 
REFRESH_TOKEN - Static variable in interface org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames
refresh_token - used in Access Token Request and Access Token Response.
refreshLastRequest() - Method in class org.springframework.security.core.session.SessionInformation
Refreshes the internal lastRequest to the current date and time.
refreshLastRequest(String) - Method in interface org.springframework.security.core.session.SessionRegistry
Updates the given sessionId so its last request time is equal to the present date and time.
refreshLastRequest(String) - Method in class org.springframework.security.core.session.SessionRegistryImpl
 
refreshToken(String) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse.Builder
Sets the refresh token associated to the access token.
RegexBasedAxFetchListFactory - Class in org.springframework.security.openid
 
RegexBasedAxFetchListFactory(Map<String, List<OpenIDAttribute>>) - Constructor for class org.springframework.security.openid.RegexBasedAxFetchListFactory
 
regexMatcher(String) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Allows configuring the HttpSecurity to only be invoked when matching the provided regex pattern.
regexMatchers(HttpMethod, String...) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
Maps a List of RegexRequestMatcher instances.
regexMatchers(String...) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
Create a List of RegexRequestMatcher instances that do not specify an HttpMethod.
RegExpAllowFromStrategy - Class in org.springframework.security.web.header.writers.frameoptions
Implementation which uses a regular expression to validate the supplied origin.
RegExpAllowFromStrategy(String) - Constructor for class org.springframework.security.web.header.writers.frameoptions.RegExpAllowFromStrategy
Creates a new instance
RegexRequestMatcher - Class in org.springframework.security.web.util.matcher
Uses a regular expression to decide whether a supplied the URL of a supplied HttpServletRequest.
RegexRequestMatcher(String, String) - Constructor for class org.springframework.security.web.util.matcher.RegexRequestMatcher
Creates a case-sensitive Pattern instance to match against the request.
RegexRequestMatcher(String, String, boolean) - Constructor for class org.springframework.security.web.util.matcher.RegexRequestMatcher
As above, but allows setting of whether case-insensitive matching should be used.
region(String) - Method in class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim.Builder
Sets the state, province, prefecture, or region.
registerAuthenticationEntryPoint(B, AuthenticationEntryPoint) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
 
registerDefaultAuthenticationEntryPoint(B) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
 
RegisteredOAuth2AuthorizedClient - Annotation Type in org.springframework.security.oauth2.client.annotation
This annotation may be used to resolve a method parameter to an argument value of type OAuth2AuthorizedClient.
registerExtractor(Class<? extends Throwable>, ThrowableCauseExtractor) - Method in class org.springframework.security.web.util.ThrowableAnalyzer
Registers a ThrowableCauseExtractor for the specified type.
registerMatcher(ServerWebExchangeMatcher) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.AuthorizeExchangeSpec
 
registerNewSession(String, Object) - Method in interface org.springframework.security.core.session.SessionRegistry
Registers a new session for the specified principal.
registerNewSession(String, Object) - Method in class org.springframework.security.core.session.SessionRegistryImpl
 
registerPermission(Permission, String) - Method in class org.springframework.security.acls.domain.DefaultPermissionFactory
 
registerPublicPermissions(Class<? extends Permission>) - Method in class org.springframework.security.acls.domain.DefaultPermissionFactory
Registers the public static fields of type Permission for a give class.
RegisterSessionAuthenticationStrategy - Class in org.springframework.security.web.authentication.session
Strategy used to register a user with the SessionRegistry after successful Authentication.
RegisterSessionAuthenticationStrategy(SessionRegistry) - Constructor for class org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy
 
registerStompEndpoints(StompEndpointRegistry) - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
 
REGISTRATION_ID - Static variable in interface org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames
Non-standard parameter (used internally).
registrationId(String) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder
Sets the registration id.
release() - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
 
REMEMBER_ME - Static variable in class org.springframework.security.config.Elements
 
rememberMe() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Allows configuring of Remember Me authentication.
rememberMe() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
Specify that URLs are allowed by users that have been remembered.
rememberMe() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
Specify that Messages are allowed by users that have been remembered.
RememberMeAuthenticationException - Exception in org.springframework.security.web.authentication.rememberme
This exception is thrown when an Authentication exception occurs while using the remember-me authentication.
RememberMeAuthenticationException(String, Throwable) - Constructor for exception org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationException
Constructs a RememberMeAuthenticationException with the specified message and root cause.
RememberMeAuthenticationException(String) - Constructor for exception org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationException
Constructs an RememberMeAuthenticationException with the specified message and no root cause.
RememberMeAuthenticationFilter - Class in org.springframework.security.web.authentication.rememberme
Detects if there is no Authentication object in the SecurityContext, and populates the context with a remember-me authentication token if a RememberMeServices implementation so requests.
RememberMeAuthenticationFilter(AuthenticationManager, RememberMeServices) - Constructor for class org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter
 
RememberMeAuthenticationProvider - Class in org.springframework.security.authentication
An AuthenticationProvider implementation that validates RememberMeAuthenticationTokens.
RememberMeAuthenticationProvider(String) - Constructor for class org.springframework.security.authentication.RememberMeAuthenticationProvider
 
RememberMeAuthenticationToken - Class in org.springframework.security.authentication
Represents a remembered Authentication.
RememberMeAuthenticationToken(String, Object, Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.authentication.RememberMeAuthenticationToken
Constructor.
RememberMeConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Configures Remember Me authentication.
RememberMeConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
Creates a new instance
rememberMeCookieDomain(String) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
The domain name within which the remember me cookie is visible.
rememberMeCookieName(String) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
The name of cookie which store the token for remember me authentication.
rememberMeParameter(String) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
The HTTP parameter used to indicate to remember the user at time of login.
rememberMeRequested(HttpServletRequest, String) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
Allows customization of whether a remember-me login has been requested.
rememberMeServices(RememberMeServices) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
Specify the RememberMeServices to use.
RememberMeServices - Interface in org.springframework.security.web.authentication
Implement by a class that is capable of providing a remember-me service.
RemoteAuthenticationException - Exception in org.springframework.security.authentication.rcp
Thrown if a RemoteAuthenticationManager cannot validate the presented authentication request.
RemoteAuthenticationException(String) - Constructor for exception org.springframework.security.authentication.rcp.RemoteAuthenticationException
Constructs a RemoteAuthenticationException with the specified message and no root cause.
RemoteAuthenticationManager - Interface in org.springframework.security.authentication.rcp
Allows remote clients to attempt authentication.
RemoteAuthenticationManagerImpl - Class in org.springframework.security.authentication.rcp
Server-side processor of a remote authentication request.
RemoteAuthenticationManagerImpl() - Constructor for class org.springframework.security.authentication.rcp.RemoteAuthenticationManagerImpl
 
RemoteAuthenticationProvider - Class in org.springframework.security.authentication.rcp
Client-side object which queries a RemoteAuthenticationManager to validate an authentication request.
RemoteAuthenticationProvider() - Constructor for class org.springframework.security.authentication.rcp.RemoteAuthenticationProvider
 
removeAuthorities(DistinguishedName, Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
 
removeAuthorizationRequest(HttpServletRequest) - Method in interface org.springframework.security.oauth2.client.web.AuthorizationRequestRepository
removeAuthorizationRequest(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.oauth2.client.web.AuthorizationRequestRepository
Removes and returns the OAuth2AuthorizationRequest associated to the provided HttpServletRequest and HttpServletResponse or if not available returns null.
removeAuthorizationRequest(HttpServletRequest) - Method in class org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizationRequestRepository
 
removeAuthorizationRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizationRequestRepository
 
removeAuthorizationRequest(ServerWebExchange) - Method in interface org.springframework.security.oauth2.client.web.server.ServerAuthorizationRequestRepository
Removes and returns the OAuth2AuthorizationRequest associated to the provided HttpServletRequest or if not available returns null.
removeAuthorizationRequest(ServerWebExchange) - Method in class org.springframework.security.oauth2.client.web.server.WebSessionOAuth2ServerAuthorizationRequestRepository
 
removeAuthorizedClient(String, String) - Method in class org.springframework.security.oauth2.client.InMemoryOAuth2AuthorizedClientService
 
removeAuthorizedClient(String, String) - Method in class org.springframework.security.oauth2.client.InMemoryReactiveOAuth2AuthorizedClientService
 
removeAuthorizedClient(String, String) - Method in interface org.springframework.security.oauth2.client.OAuth2AuthorizedClientService
Removes the OAuth2AuthorizedClient associated to the provided client registration identifier and End-User's Principal name.
removeAuthorizedClient(String, String) - Method in interface org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientService
Removes the OAuth2AuthorizedClient associated to the provided client registration identifier and End-User's Principal name.
removeAuthorizedClient(String, Authentication, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.oauth2.client.web.AuthenticatedPrincipalOAuth2AuthorizedClientRepository
 
removeAuthorizedClient(String, Authentication, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizedClientRepository
 
removeAuthorizedClient(String, Authentication, HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository
Removes the OAuth2AuthorizedClient associated to the provided client registration identifier and End-User Authentication (Resource Owner).
removeAuthorizedClient(String, Authentication, ServerWebExchange) - Method in class org.springframework.security.oauth2.client.web.server.AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository
 
removeAuthorizedClient(String, Authentication, ServerWebExchange) - Method in interface org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository
Removes the OAuth2AuthorizedClient associated to the provided client registration identifier and End-User Authentication (Resource Owner).
removeAuthorizedClient(String, Authentication, ServerWebExchange) - Method in class org.springframework.security.oauth2.client.web.server.UnAuthenticatedServerOAuth2AuthorizedClientRepository
 
removeAuthorizedClient(String, Authentication, ServerWebExchange) - Method in class org.springframework.security.oauth2.client.web.server.WebSessionServerOAuth2AuthorizedClientRepository
 
removeConfigurer(Class<C>) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Removes and returns the SecurityConfigurer by its class name or null if not found.
removeConfigurer(Class<C>) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder
Removes the SecurityConfigurer by its class name or null if not found.
removeConfigurers(Class<C>) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Removes all the SecurityConfigurer instances by its class name or an empty List if not found.
removeGroupAuthority(String, GrantedAuthority) - Method in interface org.springframework.security.provisioning.GroupManager
Deletes an authority from those assigned to a group
removeGroupAuthority(String, GrantedAuthority) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
removeMatchingRequest(ServerWebExchange) - Method in class org.springframework.security.web.server.savedrequest.NoOpServerRequestCache
 
removeMatchingRequest(ServerWebExchange) - Method in interface org.springframework.security.web.server.savedrequest.ServerRequestCache
If the provided ServerWebExchange matches the saved ServerHttpRequest gets the saved ServerHttpRequest
removeMatchingRequest(ServerWebExchange) - Method in class org.springframework.security.web.server.savedrequest.WebSessionServerRequestCache
 
removeRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.HttpSessionRequestCache
 
removeRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.NullRequestCache
 
removeRequest(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.savedrequest.RequestCache
Removes the cached request.
removeSessionInformation(String) - Method in interface org.springframework.security.core.session.SessionRegistry
Deletes all the session information being maintained for the specified sessionId.
removeSessionInformation(String) - Method in class org.springframework.security.core.session.SessionRegistryImpl
 
removeTicketFromCache(CasAuthenticationToken) - Method in class org.springframework.security.cas.authentication.EhCacheBasedTicketCache
 
removeTicketFromCache(String) - Method in class org.springframework.security.cas.authentication.EhCacheBasedTicketCache
 
removeTicketFromCache(CasAuthenticationToken) - Method in class org.springframework.security.cas.authentication.NullStatelessTicketCache
This is a no-op since we are not storing tickets.
removeTicketFromCache(String) - Method in class org.springframework.security.cas.authentication.NullStatelessTicketCache
This is a no-op since we are not storing tickets.
removeTicketFromCache(CasAuthenticationToken) - Method in class org.springframework.security.cas.authentication.SpringCacheBasedTicketCache
 
removeTicketFromCache(String) - Method in class org.springframework.security.cas.authentication.SpringCacheBasedTicketCache
 
removeTicketFromCache(CasAuthenticationToken) - Method in interface org.springframework.security.cas.authentication.StatelessTicketCache
Removes the specified ticket from the cache, as per StatelessTicketCache.removeTicketFromCache(String).
removeTicketFromCache(String) - Method in interface org.springframework.security.cas.authentication.StatelessTicketCache
Removes the specified ticket from the cache, meaning that future calls will require a new service ticket.
removeUserFromCache(UserDetails) - Method in class org.springframework.security.core.userdetails.cache.EhCacheBasedUserCache
 
removeUserFromCache(String) - Method in class org.springframework.security.core.userdetails.cache.EhCacheBasedUserCache
 
removeUserFromCache(String) - Method in class org.springframework.security.core.userdetails.cache.NullUserCache
 
removeUserFromCache(UserDetails) - Method in class org.springframework.security.core.userdetails.cache.SpringCacheBasedUserCache
 
removeUserFromCache(String) - Method in class org.springframework.security.core.userdetails.cache.SpringCacheBasedUserCache
 
removeUserFromCache(String) - Method in interface org.springframework.security.core.userdetails.UserCache
Removes the specified user from the cache.
removeUserFromGroup(String, String) - Method in interface org.springframework.security.provisioning.GroupManager
Deletes a user's membership of a group.
removeUserFromGroup(String, String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
removeUserTokens(String) - Method in class org.springframework.security.web.authentication.rememberme.InMemoryTokenRepositoryImpl
 
removeUserTokens(String) - Method in class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl
 
removeUserTokens(String) - Method in interface org.springframework.security.web.authentication.rememberme.PersistentTokenRepository
 
renameGroup(String, String) - Method in interface org.springframework.security.provisioning.GroupManager
Changes the name of a group without altering the assigned authorities or members.
renameGroup(String, String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
reportOnly() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.ContentSecurityPolicyConfig
Enables (includes) the Content-Security-Policy-Report-Only header in the response.
reportOnly(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.HpkpConfig
If true, the browser should not terminate the connection with the server.
reportOnly(boolean) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.ContentSecurityPolicySpec
Whether to include the Content-Security-Policy-Report-Only header in the response.
reportUri(URI) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.HpkpConfig
Sets the URI to which the browser should report pin validation failures.
reportUri(String) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.HpkpConfig
Sets the URI to which the browser should report pin validation failures.
request - Variable in class org.springframework.security.web.access.expression.WebSecurityExpressionRoot
Allows direct access to the request object
REQUEST_CACHE - Static variable in class org.springframework.security.config.Elements
 
RequestAttributeAuthenticationFilter - Class in org.springframework.security.web.authentication.preauth
A simple pre-authenticated filter which obtains the username from request attributes, for use with SSO systems such as Stanford WebAuth or Shibboleth.
RequestAttributeAuthenticationFilter() - Constructor for class org.springframework.security.web.authentication.preauth.RequestAttributeAuthenticationFilter
 
requestCache() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Allows configuring the Request Cache.
requestCache(RequestCache) - Method in class org.springframework.security.config.annotation.web.configurers.RequestCacheConfigurer
Allows explicit configuration of the RequestCache to be used.
requestCache() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity
Configures the request cache which is used when a flow is interrupted (i.e.
requestCache(ServerRequestCache) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.RequestCacheSpec
Configures the cache used
RequestCache - Interface in org.springframework.security.web.savedrequest
Implements "saved request" logic, allowing a single request to be retrieved and restarted after redirecting to an authentication mechanism.
RequestCacheAwareFilter - Class in org.springframework.security.web.savedrequest
Responsible for reconstituting the saved request if one is cached and it matches the current request.
RequestCacheAwareFilter() - Constructor for class org.springframework.security.web.savedrequest.RequestCacheAwareFilter
 
RequestCacheAwareFilter(RequestCache) - Constructor for class org.springframework.security.web.savedrequest.RequestCacheAwareFilter
 
RequestCacheConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Adds request cache for Spring Security.
RequestCacheConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.RequestCacheConfigurer
 
requestDataValueProcessor() - Method in class org.springframework.security.config.annotation.web.servlet.configuration.WebMvcSecurityConfiguration
Deprecated.
 
RequestHeaderAuthenticationFilter - Class in org.springframework.security.web.authentication.preauth
A simple pre-authenticated filter which obtains the username from a request header, for use with systems such as CA Siteminder.
RequestHeaderAuthenticationFilter() - Constructor for class org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter
 
RequestHeaderRequestMatcher - Class in org.springframework.security.web.util.matcher
A RequestMatcher that can be used to match request that contain a header with an expected header name and an expected value.
RequestHeaderRequestMatcher(String) - Constructor for class org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher
Creates a new instance that will match if a header by the name of RequestHeaderRequestMatcher.expectedHeaderName is present.
RequestHeaderRequestMatcher(String, String) - Constructor for class org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher
Creates a new instance that will match if a header by the name of RequestHeaderRequestMatcher.expectedHeaderName is present and if the RequestHeaderRequestMatcher.expectedHeaderValue is non-null the first value is the same.
RequestKey - Class in org.springframework.security.web.access.intercept
 
RequestKey(String) - Constructor for class org.springframework.security.web.access.intercept.RequestKey
 
RequestKey(String, String) - Constructor for class org.springframework.security.web.access.intercept.RequestKey
 
requestMatcher(RequestMatcher) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Allows configuring the HttpSecurity to only be invoked when matching the provided RequestMatcher.
requestMatcher(RequestMatcher) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.HstsConfig
Sets the RequestMatcher used to determine if the "Strict-Transport-Security" should be added.
RequestMatcher - Interface in org.springframework.security.web.util.matcher
Simple strategy to match an HttpServletRequest.
RequestMatcherDelegatingAccessDeniedHandler - Class in org.springframework.security.web.access
RequestMatcherDelegatingAccessDeniedHandler(LinkedHashMap<RequestMatcher, AccessDeniedHandler>, AccessDeniedHandler) - Constructor for class org.springframework.security.web.access.RequestMatcherDelegatingAccessDeniedHandler
Creates a new instance
RequestMatcherEditor - Class in org.springframework.security.web.util.matcher
PropertyEditor which creates ELRequestMatcher instances from Strings This allows to use a String in a BeanDefinition instead of an (inner) bean if a RequestMatcher is required, e.g.
RequestMatcherEditor() - Constructor for class org.springframework.security.web.util.matcher.RequestMatcherEditor
 
requestMatchers(RequestMatcher...) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
Associates a list of RequestMatcher instances with the AbstractConfigAttributeRequestMatcherRegistry
requestMatchers() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Allows specifying which HttpServletRequest instances this HttpSecurity will be invoked on.
requestMatchers - Variable in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.RequiresChannelUrl
 
RequestRejectedException - Exception in org.springframework.security.web.firewall
 
RequestRejectedException(String) - Constructor for exception org.springframework.security.web.firewall.RequestRejectedException
 
RequestVariablesExtractor - Interface in org.springframework.security.web.util.matcher
An interface for extracting URI variables from the HttpServletRequest.
requireCsrfProtectionMatcher(RequestMatcher) - Method in class org.springframework.security.config.annotation.web.configurers.CsrfConfigurer
Specify the RequestMatcher to use for determining when CSRF should be applied.
requireCsrfProtectionMatcher(ServerWebExchangeMatcher) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.CsrfSpec
Configures the ServerWebExchangeMatcher used to determine when CSRF protection is enabled.
required(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer.AttributeExchangeConfigurer.AttributeConfigurer
Specifies that this attribute is required.
requirePermission - Variable in class org.springframework.security.acls.afterinvocation.AbstractAclProvider
 
requires(String) - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.RequiresChannelUrl
 
requiresAuthentication(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.cas.web.CasAuthenticationFilter
Overridden to provide proxying capabilities.
requiresAuthentication(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
Indicates whether this filter should attempt to process a login request for the current invocation.
requiresAuthenticationMatcher(ServerWebExchangeMatcher) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.FormLoginSpec
Configures when authentication is performed.
requiresChannel() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Configures channel security.
requiresExitUser(HttpServletRequest) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
Checks the request URI for the presence of exitUserUrl.
requiresInsecure() - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.RequiresChannelUrl
 
requiresLogout(ServerWebExchangeMatcher) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.LogoutSpec
Configures when the log out will be triggered.
requiresLogout(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.logout.LogoutFilter
Allow subclasses to modify when a logout should take place.
requiresSecure() - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.RequiresChannelUrl
 
requiresSwitchUser(HttpServletRequest) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
Checks the request URI for the presence of switchUserUrl.
RESERVED_OFF - Static variable in interface org.springframework.security.acls.model.Permission
 
RESERVED_ON - Static variable in interface org.springframework.security.acls.model.Permission
 
reset() - Method in class org.springframework.security.web.firewall.FirewalledRequest
This method will be called once the request has passed through the security filter chain, when it is about to proceed to the application proper.
resolve(HttpServletRequest) - Method in class org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizationRequestResolver
 
resolve(HttpServletRequest, String) - Method in class org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizationRequestResolver
 
resolve(HttpServletRequest) - Method in interface org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestResolver
Returns the OAuth2AuthorizationRequest resolved from the provided HttpServletRequest or null if not available.
resolve(HttpServletRequest, String) - Method in interface org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestResolver
Returns the OAuth2AuthorizationRequest resolved from the provided HttpServletRequest or null if not available.
resolve(ServerWebExchange) - Method in class org.springframework.security.oauth2.client.web.server.DefaultServerOAuth2AuthorizationRequestResolver
 
resolve(ServerWebExchange, String) - Method in class org.springframework.security.oauth2.client.web.server.DefaultServerOAuth2AuthorizationRequestResolver
 
resolve(ServerWebExchange) - Method in interface org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizationRequestResolver
Returns the OAuth2AuthorizationRequest resolved from the provided HttpServletRequest or null if not available.
resolve(ServerWebExchange, String) - Method in interface org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizationRequestResolver
Returns the OAuth2AuthorizationRequest resolved from the provided HttpServletRequest or null if not available.
resolve(HttpServletRequest) - Method in interface org.springframework.security.oauth2.server.resource.web.BearerTokenResolver
Resolve any Bearer Token value from the request.
resolve(HttpServletRequest) - Method in class org.springframework.security.oauth2.server.resource.web.DefaultBearerTokenResolver
Resolve any Bearer Token value from the request.
resolveArgument(MethodParameter, Message<?>) - Method in class org.springframework.security.messaging.context.AuthenticationPrincipalArgumentResolver
 
resolveArgument(MethodParameter, ModelAndViewContainer, NativeWebRequest, WebDataBinderFactory) - Method in class org.springframework.security.oauth2.client.web.method.annotation.OAuth2AuthorizedClientArgumentResolver
 
resolveArgument(MethodParameter, BindingContext, ServerWebExchange) - Method in class org.springframework.security.oauth2.client.web.reactive.result.method.annotation.OAuth2AuthorizedClientArgumentResolver
 
resolveArgument(MethodParameter, ModelAndViewContainer, NativeWebRequest, WebDataBinderFactory) - Method in class org.springframework.security.web.bind.support.AuthenticationPrincipalArgumentResolver
Deprecated.
 
resolveArgument(MethodParameter, ModelAndViewContainer, NativeWebRequest, WebDataBinderFactory) - Method in class org.springframework.security.web.method.annotation.AuthenticationPrincipalArgumentResolver
 
resolveArgument(MethodParameter, ModelAndViewContainer, NativeWebRequest, WebDataBinderFactory) - Method in class org.springframework.security.web.method.annotation.CsrfTokenArgumentResolver
 
resolveArgument(MethodParameter, BindingContext, ServerWebExchange) - Method in class org.springframework.security.web.reactive.result.method.annotation.AuthenticationPrincipalArgumentResolver
 
resolveException(LoginException) - Method in class org.springframework.security.authentication.jaas.DefaultLoginExceptionResolver
 
resolveException(LoginException) - Method in interface org.springframework.security.authentication.jaas.LoginExceptionResolver
Translates a Jaas LoginException to an SpringSecurityException.
resolveIpAddress(String) - Method in interface org.springframework.security.remoting.dns.DnsResolver
Resolves the IP Address (A record) to the specified host name.
resolveIpAddress(String) - Method in class org.springframework.security.remoting.dns.JndiDnsResolver
 
resolveServiceEntry(String, String) - Method in interface org.springframework.security.remoting.dns.DnsResolver
Resolves the host name for the specified service in the specified domain
resolveServiceEntry(String, String) - Method in class org.springframework.security.remoting.dns.JndiDnsResolver
 
resolveServiceIpAddress(String, String) - Method in interface org.springframework.security.remoting.dns.DnsResolver
Resolves the host name for the specified service and then the IP Address for this host in one call.
resolveServiceIpAddress(String, String) - Method in class org.springframework.security.remoting.dns.JndiDnsResolver
 
RESPONSE_TYPE - Static variable in interface org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames
response_type - used in Authorization Request.
retrieveEntry(String, String[]) - Method in class org.springframework.security.ldap.SpringSecurityLdapTemplate
Composes an object from the attributes of the given DN.
retrieveObjectIdentityPrimaryKey(ObjectIdentity) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
Retrieves the primary key from the acl_object_identity table for the passed ObjectIdentity.
retrievePassword(Authentication) - Method in class org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices
 
retrieveUser(String, UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
Allows subclasses to actually retrieve the UserDetails from an implementation-specific location, with the option of throwing an AuthenticationException immediately if the presented credentials are incorrect (this is especially useful if it is necessary to bind to a resource as the user in order to obtain or generate a UserDetails).
retrieveUser(String, UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
 
retrieveUserName(Authentication) - Method in class org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices
 
RetryWithHttpEntryPoint - Class in org.springframework.security.web.access.channel
Commences an insecure channel by retrying the original request using HTTP.
RetryWithHttpEntryPoint() - Constructor for class org.springframework.security.web.access.channel.RetryWithHttpEntryPoint
 
RetryWithHttpsEntryPoint - Class in org.springframework.security.web.access.channel
Commences a secure channel by retrying the original request using HTTPS.
RetryWithHttpsEntryPoint() - Constructor for class org.springframework.security.web.access.channel.RetryWithHttpsEntryPoint
 
ROLE_PREVIOUS_ADMINISTRATOR - Static variable in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
 
RoleHierarchy - Interface in org.springframework.security.access.hierarchicalroles
The simple interface of a role hierarchy.
RoleHierarchyAuthoritiesMapper - Class in org.springframework.security.access.hierarchicalroles
 
RoleHierarchyAuthoritiesMapper(RoleHierarchy) - Constructor for class org.springframework.security.access.hierarchicalroles.RoleHierarchyAuthoritiesMapper
 
roleHierarchyFromMap(Map<String, List<String>>) - Static method in class org.springframework.security.access.hierarchicalroles.RoleHierarchyUtils
Converts the supplied Map of role name to implied role name(s) to a string representation understood by RoleHierarchyImpl.setHierarchy(String).
RoleHierarchyImpl - Class in org.springframework.security.access.hierarchicalroles
This class defines a role hierarchy for use with the UserDetailsServiceWrapper.
RoleHierarchyImpl() - Constructor for class org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl
 
RoleHierarchyUtils - Class in org.springframework.security.access.hierarchicalroles
Utility methods for RoleHierarchy.
RoleHierarchyVoter - Class in org.springframework.security.access.vote
Extended RoleVoter which uses a RoleHierarchy definition to determine the roles allocated to the current user before voting.
RoleHierarchyVoter(RoleHierarchy) - Constructor for class org.springframework.security.access.vote.RoleHierarchyVoter
 
rolePrefix(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
A non-empty string prefix that will be added as a prefix to the existing roles.
rolePrefix(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
A non-empty string prefix that will be added to role strings loaded from persistent storage (default is "").
rolePrefix(String) - Method in class org.springframework.security.config.annotation.web.configurers.ServletApiConfigurer
 
roles(String...) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
Populates the roles.
roles(String...) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
Populates the roles.
roles(String...) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.UserExchangeMutator
Specifies the roles to use.
roles(String...) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.UserRequestPostProcessor
Specify the roles of the user to authenticate as.
RoleVoter - Class in org.springframework.security.access.vote
Votes if any ConfigAttribute.getAttribute() starts with a prefix indicating that it is a role.
RoleVoter() - Constructor for class org.springframework.security.access.vote.RoleVoter
 
root(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.ContextSourceBuilder
Optional root suffix for the embedded LDAP server.
RS256 - Static variable in interface org.springframework.security.oauth2.jose.jws.JwsAlgorithms
RSASSA-PKCS1-v1_5 using SHA-256 (Recommended)
RS384 - Static variable in interface org.springframework.security.oauth2.jose.jws.JwsAlgorithms
RSASSA-PKCS1-v1_5 using SHA-384 (Optional)
RS512 - Static variable in interface org.springframework.security.oauth2.jose.jws.JwsAlgorithms
RSASSA-PKCS1-v1_5 using SHA-512 (Optional)
run() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextRunnable
 
RunAsImplAuthenticationProvider - Class in org.springframework.security.access.intercept
An AuthenticationProvider implementation that can authenticate a RunAsUserToken.
RunAsImplAuthenticationProvider() - Constructor for class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider
 
RunAsManager - Interface in org.springframework.security.access.intercept
Creates a new temporary Authentication object for the current secure object invocation only.
runAsManager() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
Provide a custom RunAsManager for the default implementation of GlobalMethodSecurityConfiguration.methodSecurityInterceptor().
RunAsManagerImpl - Class in org.springframework.security.access.intercept
Basic concrete implementation of a RunAsManager.
RunAsManagerImpl() - Constructor for class org.springframework.security.access.intercept.RunAsManagerImpl
 
RunAsUserToken - Class in org.springframework.security.access.intercept
An immutable Authentication implementation that supports RunAsManagerImpl.
RunAsUserToken(String, Object, Object, Collection<? extends GrantedAuthority>, Class<? extends Authentication>) - Constructor for class org.springframework.security.access.intercept.RunAsUserToken
 

S

sameOrigin() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.FrameOptionsConfig
Specify to allow any request that comes from the same origin to frame this application.
sameOriginDisabled() - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
Determines if a CSRF token is required for connecting.
SamlServiceProperties - Class in org.springframework.security.cas
Sets the appropriate parameters for CAS's implementation of SAML (which is not guaranteed to be actually SAML compliant).
SamlServiceProperties() - Constructor for class org.springframework.security.cas.SamlServiceProperties
 
save(ServerWebExchange, SecurityContext) - Method in class org.springframework.security.web.server.context.NoOpServerSecurityContextRepository
 
save(ServerWebExchange, SecurityContext) - Method in interface org.springframework.security.web.server.context.ServerSecurityContextRepository
Saves the SecurityContext
save(ServerWebExchange, SecurityContext) - Method in class org.springframework.security.web.server.context.WebSessionServerSecurityContextRepository
 
saveAuthorizationRequest(T, HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.oauth2.client.web.AuthorizationRequestRepository
Persists the OAuth2AuthorizationRequest associating it to the provided HttpServletRequest and/or HttpServletResponse.
saveAuthorizationRequest(OAuth2AuthorizationRequest, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizationRequestRepository
 
saveAuthorizationRequest(T, ServerWebExchange) - Method in interface org.springframework.security.oauth2.client.web.server.ServerAuthorizationRequestRepository
Persists the OAuth2AuthorizationRequest associating it to the provided HttpServletRequest and/or HttpServletResponse.
saveAuthorizationRequest(OAuth2AuthorizationRequest, ServerWebExchange) - Method in class org.springframework.security.oauth2.client.web.server.WebSessionOAuth2ServerAuthorizationRequestRepository
 
saveAuthorizedClient(OAuth2AuthorizedClient, Authentication) - Method in class org.springframework.security.oauth2.client.InMemoryOAuth2AuthorizedClientService
 
saveAuthorizedClient(OAuth2AuthorizedClient, Authentication) - Method in class org.springframework.security.oauth2.client.InMemoryReactiveOAuth2AuthorizedClientService
 
saveAuthorizedClient(OAuth2AuthorizedClient, Authentication) - Method in interface org.springframework.security.oauth2.client.OAuth2AuthorizedClientService
Saves the OAuth2AuthorizedClient associating it to the provided End-User Authentication (Resource Owner).
saveAuthorizedClient(OAuth2AuthorizedClient, Authentication) - Method in interface org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientService
Saves the OAuth2AuthorizedClient associating it to the provided End-User Authentication (Resource Owner).
saveAuthorizedClient(OAuth2AuthorizedClient, Authentication, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.oauth2.client.web.AuthenticatedPrincipalOAuth2AuthorizedClientRepository
 
saveAuthorizedClient(OAuth2AuthorizedClient, Authentication, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizedClientRepository
 
saveAuthorizedClient(OAuth2AuthorizedClient, Authentication, HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository
Saves the OAuth2AuthorizedClient associating it to the provided End-User Authentication (Resource Owner).
saveAuthorizedClient(OAuth2AuthorizedClient, Authentication, ServerWebExchange) - Method in class org.springframework.security.oauth2.client.web.server.AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository
 
saveAuthorizedClient(OAuth2AuthorizedClient, Authentication, ServerWebExchange) - Method in interface org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository
Saves the OAuth2AuthorizedClient associating it to the provided End-User Authentication (Resource Owner).
saveAuthorizedClient(OAuth2AuthorizedClient, Authentication, ServerWebExchange) - Method in class org.springframework.security.oauth2.client.web.server.UnAuthenticatedServerOAuth2AuthorizedClientRepository
 
saveAuthorizedClient(OAuth2AuthorizedClient, Authentication, ServerWebExchange) - Method in class org.springframework.security.oauth2.client.web.server.WebSessionServerOAuth2AuthorizedClientRepository
 
saveContext(SecurityContext, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.context.HttpSessionSecurityContextRepository
 
saveContext(SecurityContext, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.context.NullSecurityContextRepository
 
saveContext(SecurityContext) - Method in class org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper
Implements the logic for storing the security context.
saveContext(SecurityContext, HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.context.SecurityContextRepository
Stores the security context on completion of a request.
SaveContextOnUpdateOrErrorResponseWrapper - Class in org.springframework.security.web.context
Base class for response wrappers which encapsulate the logic for storing a security context and which store the SecurityContext when a sendError(), sendRedirect, getOutputStream().close(), getOutputStream().flush(), getWriter().close(), or getWriter().flush() happens on the same thread that this SaveContextOnUpdateOrErrorResponseWrapper was created.
SaveContextOnUpdateOrErrorResponseWrapper(HttpServletResponse, boolean) - Constructor for class org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper
 
SavedCookie - Class in org.springframework.security.web.savedrequest
Stores off the values of a cookie in a serializable holder
SavedCookie(String, String, String, String, int, String, boolean, int) - Constructor for class org.springframework.security.web.savedrequest.SavedCookie
 
SavedCookie(Cookie) - Constructor for class org.springframework.security.web.savedrequest.SavedCookie
 
SavedRequest - Interface in org.springframework.security.web.savedrequest
Encapsulates the functionality required of a cached request for both an authentication mechanism (typically form-based login) to redirect to the original URL and for a RequestCache to build a wrapped request, reproducing the original request data.
SavedRequestAwareAuthenticationSuccessHandler - Class in org.springframework.security.web.authentication
An authentication success strategy which can make use of the DefaultSavedRequest which may have been stored in the session by the ExceptionTranslationFilter.
SavedRequestAwareAuthenticationSuccessHandler() - Constructor for class org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler
 
saveException(HttpServletRequest, AuthenticationException) - Method in class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
Caches the AuthenticationException for use in view rendering.
saveRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.HttpSessionRequestCache
Stores the current request, provided the configuration properties allow it.
saveRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.NullRequestCache
 
saveRequest(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.savedrequest.RequestCache
Caches the current request for later retrieval, once authentication has taken place.
saveRequest(ServerWebExchange) - Method in class org.springframework.security.web.server.savedrequest.NoOpServerRequestCache
 
saveRequest(ServerWebExchange) - Method in interface org.springframework.security.web.server.savedrequest.ServerRequestCache
Save the ServerHttpRequest
saveRequest(ServerWebExchange) - Method in class org.springframework.security.web.server.savedrequest.WebSessionServerRequestCache
 
saveToken(CsrfToken, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.csrf.CookieCsrfTokenRepository
 
saveToken(CsrfToken, HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.csrf.CsrfTokenRepository
Saves the CsrfToken using the HttpServletRequest and HttpServletResponse.
saveToken(CsrfToken, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository
 
saveToken(CsrfToken, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.csrf.LazyCsrfTokenRepository
Does nothing if the CsrfToken is not null.
saveToken(ServerWebExchange, CsrfToken) - Method in class org.springframework.security.web.server.csrf.CookieServerCsrfTokenRepository
 
saveToken(ServerWebExchange, CsrfToken) - Method in interface org.springframework.security.web.server.csrf.ServerCsrfTokenRepository
Saves the CsrfToken using the ServerWebExchange.
saveToken(ServerWebExchange, CsrfToken) - Method in class org.springframework.security.web.server.csrf.WebSessionServerCsrfTokenRepository
 
schedule(Runnable, long, TimeUnit) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextScheduledExecutorService
 
schedule(Callable<V>, long, TimeUnit) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextScheduledExecutorService
 
scheduleAtFixedRate(Runnable, long, long, TimeUnit) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextScheduledExecutorService
 
scheduleWithFixedDelay(Runnable, long, long, TimeUnit) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextScheduledExecutorService
 
scope(String...) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder
Sets the scope(s) used for the client.
scope(Collection<String>) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder
Sets the scope(s) used for the client.
scope(String...) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest.Builder
Sets the scope(s).
SCOPE - Static variable in interface org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames
scope - used in Authorization Request, Authorization Response, Access Token Request and Access Token Response.
scopes(Set<String>) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse.Builder
Sets the scope(s) associated to the access token.
scopes(Set<String>) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest.Builder
Sets the scope(s).
SCryptPasswordEncoder - Class in org.springframework.security.crypto.scrypt
Implementation of PasswordEncoder that uses the SCrypt hashing function.
SCryptPasswordEncoder() - Constructor for class org.springframework.security.crypto.scrypt.SCryptPasswordEncoder
 
SCryptPasswordEncoder(int, int, int, int, int) - Constructor for class org.springframework.security.crypto.scrypt.SCryptPasswordEncoder
Creates a new instance
searchForMultipleAttributeValues(String, String, Object[], String[]) - Method in class org.springframework.security.ldap.SpringSecurityLdapTemplate
Performs a search using the supplied filter and returns the values of each named attribute found in all entries matched by the search.
searchForSingleAttributeValues(String, String, Object[], String) - Method in class org.springframework.security.ldap.SpringSecurityLdapTemplate
Performs a search using the supplied filter and returns the union of the values of the named attribute found in all entries matched by the search.
searchForSingleEntry(String, String, Object[]) - Method in class org.springframework.security.ldap.SpringSecurityLdapTemplate
Performs a search, with the requirement that the search shall return a single directory entry, and uses the supplied mapper to create the object from that entry.
searchForSingleEntryInternal(DirContext, SearchControls, String, String, Object[]) - Static method in class org.springframework.security.ldap.SpringSecurityLdapTemplate
Internal method extracted to avoid code duplication in AD search.
searchForUser(String) - Method in class org.springframework.security.ldap.search.FilterBasedLdapUserSearch
Return the LdapUserDetails containing the user's information
searchForUser(String) - Method in interface org.springframework.security.ldap.search.LdapUserSearch
Locates a single user in the directory and returns the LDAP information for that user.
SecureChannelProcessor - Class in org.springframework.security.web.access.channel
Ensures channel security is active by review of HttpServletRequest.isSecure() responses.
SecureChannelProcessor() - Constructor for class org.springframework.security.web.access.channel.SecureChannelProcessor
 
Secured - Annotation Type in org.springframework.security.access.annotation
Java 5 annotation for describing service layer security attributes.
SecuredAnnotationSecurityMetadataSource - Class in org.springframework.security.access.annotation
Sources method security metadata from Spring Security's Secured annotation.
SecuredAnnotationSecurityMetadataSource() - Constructor for class org.springframework.security.access.annotation.SecuredAnnotationSecurityMetadataSource
 
SecuredAnnotationSecurityMetadataSource(AnnotationMetadataExtractor) - Constructor for class org.springframework.security.access.annotation.SecuredAnnotationSecurityMetadataSource
 
secureRandom() - Static method in class org.springframework.security.crypto.keygen.KeyGenerators
Create a BytesKeyGenerator that uses a SecureRandom to generate keys of 8 bytes in length.
secureRandom(int) - Static method in class org.springframework.security.crypto.keygen.KeyGenerators
Create a BytesKeyGenerator that uses a SecureRandom to generate keys of a custom length.
SecureRandomFactoryBean - Class in org.springframework.security.core.token
Creates a SecureRandom instance.
SecureRandomFactoryBean() - Constructor for class org.springframework.security.core.token.SecureRandomFactoryBean
 
SecurityBuilder<O> - Interface in org.springframework.security.config.annotation
Interface for building an Object
securityCheck(Acl, int) - Method in interface org.springframework.security.acls.domain.AclAuthorizationStrategy
 
securityCheck(Acl, int) - Method in class org.springframework.security.acls.domain.AclAuthorizationStrategyImpl
 
SecurityConfig - Class in org.springframework.security.access
Stores a ConfigAttribute as a String.
SecurityConfig(String) - Constructor for class org.springframework.security.access.SecurityConfig
 
SecurityConfigurer<O,B extends SecurityBuilder<O>> - Interface in org.springframework.security.config.annotation
Allows for configuring a SecurityBuilder.
SecurityConfigurerAdapter<O,B extends SecurityBuilder<O>> - Class in org.springframework.security.config.annotation
A base class for SecurityConfigurer that allows subclasses to only implement the methods they are interested in.
SecurityConfigurerAdapter() - Constructor for class org.springframework.security.config.annotation.SecurityConfigurerAdapter
 
securityContext() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Sets up management of the SecurityContext on the SecurityContextHolder between HttpServletRequest's.
SecurityContext - Interface in org.springframework.security.core.context
Interface defining the minimum security information associated with the current thread of execution.
securityContext(SecurityContext) - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors
Establish the specified SecurityContext to be used.
SecurityContextCallableProcessingInterceptor - Class in org.springframework.security.web.context.request.async
Allows for integration with Spring MVC's Callable support.
SecurityContextCallableProcessingInterceptor() - Constructor for class org.springframework.security.web.context.request.async.SecurityContextCallableProcessingInterceptor
SecurityContextCallableProcessingInterceptor(SecurityContext) - Constructor for class org.springframework.security.web.context.request.async.SecurityContextCallableProcessingInterceptor
securityContextChannelInterceptor() - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
 
SecurityContextChannelInterceptor - Class in org.springframework.security.messaging.context
Creates a ExecutorChannelInterceptor that will obtain the Authentication from the specified Message.getHeaders().
SecurityContextChannelInterceptor() - Constructor for class org.springframework.security.messaging.context.SecurityContextChannelInterceptor
Creates a new instance using the header of the name SimpMessageHeaderAccessor.USER_HEADER.
SecurityContextChannelInterceptor(String) - Constructor for class org.springframework.security.messaging.context.SecurityContextChannelInterceptor
Creates a new instance that uses the specified header to obtain the Authentication.
SecurityContextConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Allows persisting and restoring of the SecurityContext found on the SecurityContextHolder for each request by configuring the SecurityContextPersistenceFilter.
SecurityContextConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.SecurityContextConfigurer
Creates a new instance
SecurityContextHolder - Class in org.springframework.security.core.context
Associates a given SecurityContext with the current execution thread.
SecurityContextHolder() - Constructor for class org.springframework.security.core.context.SecurityContextHolder
 
SecurityContextHolderAwareRequestFilter - Class in org.springframework.security.web.servletapi
A Filter which populates the ServletRequest with a request wrapper which implements the servlet API security methods.
SecurityContextHolderAwareRequestFilter() - Constructor for class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter
 
SecurityContextHolderAwareRequestWrapper - Class in org.springframework.security.web.servletapi
A Spring Security-aware HttpServletRequestWrapper, which uses the SecurityContext-defined Authentication object to implement the servlet API security methods: SecurityContextHolderAwareRequestWrapper.getUserPrincipal() SecurityContextHolderAwareRequestWrapper.isUserInRole(String) HttpServletRequestWrapper.getRemoteUser().
SecurityContextHolderAwareRequestWrapper(HttpServletRequest, String) - Constructor for class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestWrapper
Creates a new instance with AuthenticationTrustResolverImpl.
SecurityContextHolderAwareRequestWrapper(HttpServletRequest, AuthenticationTrustResolver, String) - Constructor for class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestWrapper
Creates a new instance
SecurityContextHolderStrategy - Interface in org.springframework.security.core.context
A strategy for storing security context information against a thread.
SecurityContextImpl - Class in org.springframework.security.core.context
Base implementation of SecurityContext.
SecurityContextImpl() - Constructor for class org.springframework.security.core.context.SecurityContextImpl
 
SecurityContextImpl(Authentication) - Constructor for class org.springframework.security.core.context.SecurityContextImpl
 
SecurityContextLoginModule - Class in org.springframework.security.authentication.jaas
An implementation of LoginModule that uses a Spring Security SecurityContext to provide authentication.
SecurityContextLoginModule() - Constructor for class org.springframework.security.authentication.jaas.SecurityContextLoginModule
 
SecurityContextLogoutHandler - Class in org.springframework.security.web.authentication.logout
Performs a logout by modifying the SecurityContextHolder.
SecurityContextLogoutHandler() - Constructor for class org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler
 
SecurityContextPersistenceFilter - Class in org.springframework.security.web.context
Populates the SecurityContextHolder with information obtained from the configured SecurityContextRepository prior to the request and stores it back in the repository once the request has completed and clearing the context holder.
SecurityContextPersistenceFilter() - Constructor for class org.springframework.security.web.context.SecurityContextPersistenceFilter
 
SecurityContextPersistenceFilter(SecurityContextRepository) - Constructor for class org.springframework.security.web.context.SecurityContextPersistenceFilter
 
securityContextRepository(SecurityContextRepository) - Method in class org.springframework.security.config.annotation.web.configurers.SecurityContextConfigurer
Specifies the shared SecurityContextRepository that is to be used
securityContextRepository(ServerSecurityContextRepository) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.FormLoginSpec
The ServerSecurityContextRepository used to save the Authentication.
securityContextRepository(ServerSecurityContextRepository) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HttpBasicSpec
The ServerSecurityContextRepository used to save the Authentication.
securityContextRepository(ServerSecurityContextRepository) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity
The strategy used with ReactorContextWebFilter.
SecurityContextRepository - Interface in org.springframework.security.web.context
Strategy used for persisting a SecurityContext between requests.
SecurityContextServerLogoutHandler - Class in org.springframework.security.web.server.authentication.logout
A ServerLogoutHandler which removes the SecurityContext using the provided ServerSecurityContextRepository
SecurityContextServerLogoutHandler() - Constructor for class org.springframework.security.web.server.authentication.logout.SecurityContextServerLogoutHandler
 
SecurityContextServerWebExchange - Class in org.springframework.security.web.server.context
Overrides the ServerWebExchange.getPrincipal() with the provided SecurityContext
SecurityContextServerWebExchange(ServerWebExchange, Mono<SecurityContext>) - Constructor for class org.springframework.security.web.server.context.SecurityContextServerWebExchange
 
SecurityContextServerWebExchangeWebFilter - Class in org.springframework.security.web.server.context
Override the ServerWebExchange.getPrincipal() to be looked up using ReactiveSecurityContextHolder.
SecurityContextServerWebExchangeWebFilter() - Constructor for class org.springframework.security.web.server.context.SecurityContextServerWebExchangeWebFilter
 
SecurityDebugBeanFactoryPostProcessor - Class in org.springframework.security.config.debug
 
SecurityDebugBeanFactoryPostProcessor() - Constructor for class org.springframework.security.config.debug.SecurityDebugBeanFactoryPostProcessor
 
SecurityEvaluationContextExtension - Class in org.springframework.security.data.repository.query
By defining this object as a Bean, Spring Security is exposed as SpEL expressions for creating Spring Data queries.
SecurityEvaluationContextExtension() - Constructor for class org.springframework.security.data.repository.query.SecurityEvaluationContextExtension
Creates a new instance that uses the current Authentication found on the SecurityContextHolder.
SecurityEvaluationContextExtension(Authentication) - Constructor for class org.springframework.security.data.repository.query.SecurityEvaluationContextExtension
Creates a new instance that always uses the same Authentication object.
SecurityExpressionHandler<T> - Interface in org.springframework.security.access.expression
Facade which isolates Spring Security's requirements for evaluating security expressions from the implementation of the underlying expression objects
SecurityExpressionOperations - Interface in org.springframework.security.access.expression
Standard interface for expression root objects used with expression-based security.
SecurityExpressionRoot - Class in org.springframework.security.access.expression
Base root object for use in Spring Security expression evaluations.
SecurityExpressionRoot(Authentication) - Constructor for class org.springframework.security.access.expression.SecurityExpressionRoot
Creates a new instance
SecurityFilterChain - Interface in org.springframework.security.web
Defines a filter chain which is capable of being matched against an HttpServletRequest.
SecurityHeaders - Class in org.springframework.security.web.http
Utilities for interacting with HttpHeaders
securityInterceptor(FilterSecurityInterceptor) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
SecurityJackson2Modules - Class in org.springframework.security.jackson2
This utility class will find all the SecurityModules in classpath.
securityMatcher(ServerWebExchangeMatcher) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity
The ServerExchangeMatcher that determines which requests apply to this HttpSecurity instance.
SecurityMetadataSource - Interface in org.springframework.security.access
Implemented by classes that store and can identify the ConfigAttributes that applies to a given secure object invocation.
SecurityMockMvcConfigurers - Class in org.springframework.security.test.web.servlet.setup
Provides Security related MockMvcConfigurer implementations.
SecurityMockMvcConfigurers() - Constructor for class org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers
 
SecurityMockMvcRequestBuilders - Class in org.springframework.security.test.web.servlet.request
Contains Spring Security related MockMvc RequestBuilders.
SecurityMockMvcRequestBuilders.FormLoginRequestBuilder - Class in org.springframework.security.test.web.servlet.request
Creates a form based login request including any necessary CsrfToken.
SecurityMockMvcRequestBuilders.LogoutRequestBuilder - Class in org.springframework.security.test.web.servlet.request
Creates a logout request (including any necessary CsrfToken)
SecurityMockMvcRequestPostProcessors - Class in org.springframework.security.test.web.servlet.request
Contains MockMvc RequestPostProcessor implementations for Spring Security.
SecurityMockMvcRequestPostProcessors.CsrfRequestPostProcessor - Class in org.springframework.security.test.web.servlet.request
Populates a valid CsrfToken into the request.
SecurityMockMvcRequestPostProcessors.DigestRequestPostProcessor - Class in org.springframework.security.test.web.servlet.request
 
SecurityMockMvcRequestPostProcessors.UserRequestPostProcessor - Class in org.springframework.security.test.web.servlet.request
Creates a UsernamePasswordAuthenticationToken and sets the principal to be a User and associates it to the MockHttpServletRequest.
SecurityMockMvcResultMatchers - Class in org.springframework.security.test.web.servlet.response
Security related MockMvc ResultMatchers.
SecurityMockMvcResultMatchers.AuthenticatedMatcher - Class in org.springframework.security.test.web.servlet.response
A MockMvc ResultMatcher that verifies a specific user is associated to the MvcResult.
SecurityMockServerConfigurers - Class in org.springframework.security.test.web.reactive.server
Test utilities for working with Spring Security and WebTestClient.Builder.apply(WebTestClientConfigurer).
SecurityMockServerConfigurers() - Constructor for class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers
 
SecurityMockServerConfigurers.CsrfMutator - Class in org.springframework.security.test.web.reactive.server
 
SecurityMockServerConfigurers.UserExchangeMutator - Class in org.springframework.security.test.web.reactive.server
Updates the WebServerExchange using {@link SecurityMockServerConfigurers#mockUser(UserDetails)}.
SecurityNamespaceHandler - Class in org.springframework.security.config
Parses elements from the "security" namespace (http://www.springframework.org/schema/security).
SecurityNamespaceHandler() - Constructor for class org.springframework.security.config.SecurityNamespaceHandler
 
SecurityTestExecutionListeners - Annotation Type in org.springframework.security.test.context.annotation
There are many times a user may want to use Spring Security's test support (i.e.
SecurityWebApplicationContextUtils - Class in org.springframework.security.web.context.support
Spring Security extension to Spring's WebApplicationContextUtils.
SecurityWebApplicationContextUtils() - Constructor for class org.springframework.security.web.context.support.SecurityWebApplicationContextUtils
 
SecurityWebFilterChain - Interface in org.springframework.security.web.server
Defines a filter chain which is capable of being matched against a ServerWebExchange in order to decide whether it applies to that request.
SecurityWebFiltersOrder - Enum in org.springframework.security.config.web.server
 
sendError(int) - Method in class org.springframework.security.web.util.OnCommittedResponseWrapper
Makes sure OnCommittedResponseWrapper.onResponseCommitted() is invoked before calling the superclass sendError()
sendError(int, String) - Method in class org.springframework.security.web.util.OnCommittedResponseWrapper
Makes sure OnCommittedResponseWrapper.onResponseCommitted() is invoked before calling the superclass sendError()
sendRedirect(HttpServletRequest, HttpServletResponse, String) - Method in class org.springframework.security.web.DefaultRedirectStrategy
Redirects the response to the supplied URL.
sendRedirect(HttpServletRequest, HttpServletResponse, String) - Method in interface org.springframework.security.web.RedirectStrategy
Performs a redirect to the supplied URL
sendRedirect(ServerWebExchange, URI) - Method in class org.springframework.security.web.server.DefaultServerRedirectStrategy
 
sendRedirect(ServerWebExchange, URI) - Method in interface org.springframework.security.web.server.ServerRedirectStrategy
Performs a redirect based upon the provided ServerWebExchange and URI
sendRedirect(String) - Method in class org.springframework.security.web.util.OnCommittedResponseWrapper
Makes sure OnCommittedResponseWrapper.onResponseCommitted() is invoked before calling the superclass sendRedirect()
sendStartAuthentication(HttpServletRequest, HttpServletResponse, FilterChain, AuthenticationException) - Method in class org.springframework.security.web.access.ExceptionTranslationFilter
 
SERIAL_VERSION_UID - Static variable in class org.springframework.security.core.SpringSecurityCoreVersion
Global Serialization value for Spring Security classes.
SERVER_ERROR - Static variable in interface org.springframework.security.oauth2.core.OAuth2ErrorCodes
server_error - The authorization server encountered an unexpected condition that prevented it from fulfilling the request.
ServerAccessDeniedHandler - Interface in org.springframework.security.web.server.authorization
 
ServerAuthenticationConverter - Interface in org.springframework.security.web.server.authentication
A strategy used for converting from a ServerWebExchange to an Authentication used for authenticating with a provided ReactiveAuthenticationManager.
ServerAuthenticationEntryPoint - Interface in org.springframework.security.web.server
Used to request authentication
ServerAuthenticationEntryPointFailureHandler - Class in org.springframework.security.web.server.authentication
ServerAuthenticationEntryPointFailureHandler(ServerAuthenticationEntryPoint) - Constructor for class org.springframework.security.web.server.authentication.ServerAuthenticationEntryPointFailureHandler
 
ServerAuthenticationFailureHandler - Interface in org.springframework.security.web.server.authentication
Handles authentication failure
ServerAuthenticationSuccessHandler - Interface in org.springframework.security.web.server.authentication
Handles authentication success
ServerAuthorizationRequestRepository<T extends OAuth2AuthorizationRequest> - Interface in org.springframework.security.oauth2.client.web.server
Implementations of this interface are responsible for the persistence of OAuth2AuthorizationRequest between requests.
ServerBearerTokenAuthenticationConverter - Class in org.springframework.security.oauth2.server.resource.web.server
A strategy for resolving Bearer Tokens from the ServerWebExchange.
ServerBearerTokenAuthenticationConverter() - Constructor for class org.springframework.security.oauth2.server.resource.web.server.ServerBearerTokenAuthenticationConverter
 
ServerCsrfTokenRepository - Interface in org.springframework.security.web.server.csrf
An API to allow changing the method in which the expected CsrfToken is associated to the ServerWebExchange.
ServerFormLoginAuthenticationConverter - Class in org.springframework.security.web.server.authentication
Converts a ServerWebExchange into a UsernamePasswordAuthenticationToken from the form data HTTP parameters.
ServerFormLoginAuthenticationConverter() - Constructor for class org.springframework.security.web.server.authentication.ServerFormLoginAuthenticationConverter
 
ServerFormLoginAuthenticationConverter - Class in org.springframework.security.web.server
Deprecated.
ServerFormLoginAuthenticationConverter() - Constructor for class org.springframework.security.web.server.ServerFormLoginAuthenticationConverter
Deprecated.
 
ServerHttpBasicAuthenticationConverter - Class in org.springframework.security.web.server.authentication
Converts from a ServerWebExchange to an Authentication that can be authenticated.
ServerHttpBasicAuthenticationConverter() - Constructor for class org.springframework.security.web.server.authentication.ServerHttpBasicAuthenticationConverter
 
ServerHttpBasicAuthenticationConverter - Class in org.springframework.security.web.server
Deprecated.
ServerHttpBasicAuthenticationConverter() - Constructor for class org.springframework.security.web.server.ServerHttpBasicAuthenticationConverter
Deprecated.
 
ServerHttpHeadersWriter - Interface in org.springframework.security.web.server.header
Interface for writing headers just before the response is committed.
ServerHttpSecurity - Class in org.springframework.security.config.web.server
A ServerHttpSecurity is similar to Spring Security's HttpSecurity but for WebFlux.
ServerHttpSecurity() - Constructor for class org.springframework.security.config.web.server.ServerHttpSecurity
 
ServerHttpSecurity.AuthorizeExchangeSpec - Class in org.springframework.security.config.web.server
Configures authorization
ServerHttpSecurity.AuthorizeExchangeSpec.Access - Class in org.springframework.security.config.web.server
Configures the access for a particular set of exchanges.
ServerHttpSecurity.CorsSpec - Class in org.springframework.security.config.web.server
Configures CORS support within Spring Security.
ServerHttpSecurity.CsrfSpec - Class in org.springframework.security.config.web.server
Configures CSRF Protection
ServerHttpSecurity.ExceptionHandlingSpec - Class in org.springframework.security.config.web.server
Configures exception handling
ServerHttpSecurity.FormLoginSpec - Class in org.springframework.security.config.web.server
Configures Form Based authentication
ServerHttpSecurity.HeaderSpec - Class in org.springframework.security.config.web.server
Configures HTTP Response Headers.
ServerHttpSecurity.HeaderSpec.CacheSpec - Class in org.springframework.security.config.web.server
Configures cache control headers
ServerHttpSecurity.HeaderSpec.ContentSecurityPolicySpec - Class in org.springframework.security.config.web.server
Configures Content-Security-Policy response header.
ServerHttpSecurity.HeaderSpec.ContentTypeOptionsSpec - Class in org.springframework.security.config.web.server
The content type headers
ServerHttpSecurity.HeaderSpec.FeaturePolicySpec - Class in org.springframework.security.config.web.server
Configures Feature-Policy response header.
ServerHttpSecurity.HeaderSpec.FrameOptionsSpec - Class in org.springframework.security.config.web.server
Configures frame options response header
ServerHttpSecurity.HeaderSpec.HstsSpec - Class in org.springframework.security.config.web.server
Configures Strict Transport Security response header
ServerHttpSecurity.HeaderSpec.ReferrerPolicySpec - Class in org.springframework.security.config.web.server
Configures Referrer-Policy response header.
ServerHttpSecurity.HeaderSpec.XssProtectionSpec - Class in org.springframework.security.config.web.server
Configures x-xss-protection response header
ServerHttpSecurity.HttpBasicSpec - Class in org.springframework.security.config.web.server
Configures HTTP Basic Authentication
ServerHttpSecurity.HttpsRedirectSpec - Class in org.springframework.security.config.web.server
Configures HTTPS redirection rules
ServerHttpSecurity.LogoutSpec - Class in org.springframework.security.config.web.server
Configures log out
ServerHttpSecurity.OAuth2ClientSpec - Class in org.springframework.security.config.web.server
 
ServerHttpSecurity.OAuth2LoginSpec - Class in org.springframework.security.config.web.server
 
ServerHttpSecurity.OAuth2ResourceServerSpec - Class in org.springframework.security.config.web.server
Configures OAuth2 Resource Server Support
ServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpec - Class in org.springframework.security.config.web.server
Configures JWT Resource Server Support
ServerHttpSecurity.RequestCacheSpec - Class in org.springframework.security.config.web.server
Configures the request cache which is used when a flow is interrupted (i.e.
ServerLogoutHandler - Interface in org.springframework.security.web.server.authentication.logout
Handles log out
ServerLogoutSuccessHandler - Interface in org.springframework.security.web.server.authentication.logout
Strategy for when log out was successfully performed (typically after ServerLogoutHandler is invoked).
ServerOAuth2AuthorizationCodeAuthenticationTokenConverter - Class in org.springframework.security.oauth2.client.web.server
Converts from a ServerWebExchange to an OAuth2LoginAuthenticationToken that can be authenticated.
ServerOAuth2AuthorizationCodeAuthenticationTokenConverter(ReactiveClientRegistrationRepository) - Constructor for class org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizationCodeAuthenticationTokenConverter
 
ServerOAuth2AuthorizationRequestResolver - Interface in org.springframework.security.oauth2.client.web.server
Implementations of this interface are capable of resolving an OAuth2AuthorizationRequest from the provided ServerWebExchange.
ServerOAuth2AuthorizedClientExchangeFilterFunction - Class in org.springframework.security.oauth2.client.web.reactive.function.client
Provides an easy mechanism for using an OAuth2AuthorizedClient to make OAuth2 requests by including the token as a Bearer Token.
ServerOAuth2AuthorizedClientExchangeFilterFunction(ReactiveClientRegistrationRepository, ServerOAuth2AuthorizedClientRepository) - Constructor for class org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction
 
ServerOAuth2AuthorizedClientRepository - Interface in org.springframework.security.oauth2.client.web.server
Implementations of this interface are responsible for the persistence of Authorized Client(s) between requests.
ServerRedirectStrategy - Interface in org.springframework.security.web.server
A strategy for performing redirects.
ServerRequestCache - Interface in org.springframework.security.web.server.savedrequest
Saves a ServerHttpRequest so it can be "replayed" later.
ServerRequestCacheWebFilter - Class in org.springframework.security.web.server.savedrequest
A WebFilter that replays any matching request in ServerRequestCache
ServerRequestCacheWebFilter() - Constructor for class org.springframework.security.web.server.savedrequest.ServerRequestCacheWebFilter
 
ServerSecurityContextRepository - Interface in org.springframework.security.web.server.context
Strategy used for persisting a SecurityContext between requests.
serverWebExchange(ServerWebExchange) - Static method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction
Modifies the ClientRequest.attributes() to include the OAuth2AuthorizedClient to be used for providing the Bearer Token.
ServerWebExchangeDelegatingServerAccessDeniedHandler - Class in org.springframework.security.web.server.authorization
ServerWebExchangeDelegatingServerAccessDeniedHandler(ServerWebExchangeDelegatingServerAccessDeniedHandler.DelegateEntry...) - Constructor for class org.springframework.security.web.server.authorization.ServerWebExchangeDelegatingServerAccessDeniedHandler
Creates a new instance
ServerWebExchangeDelegatingServerAccessDeniedHandler(List<ServerWebExchangeDelegatingServerAccessDeniedHandler.DelegateEntry>) - Constructor for class org.springframework.security.web.server.authorization.ServerWebExchangeDelegatingServerAccessDeniedHandler
Creates a new instance
ServerWebExchangeDelegatingServerAccessDeniedHandler.DelegateEntry - Class in org.springframework.security.web.server.authorization
 
ServerWebExchangeMatcher - Interface in org.springframework.security.web.server.util.matcher
An interface for determining if a ServerWebExchangeMatcher matches.
ServerWebExchangeMatcher.MatchResult - Class in org.springframework.security.web.server.util.matcher
The result of matching
ServerWebExchangeMatcherEntry<T> - Class in org.springframework.security.web.server.util.matcher
A rich object for associating a ServerWebExchangeMatcher to another object.
ServerWebExchangeMatcherEntry(ServerWebExchangeMatcher, T) - Constructor for class org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcherEntry
 
ServerWebExchangeMatchers - Class in org.springframework.security.web.server.util.matcher
Provides factory methods for creating common ServerWebExchangeMatcher
ServiceAuthenticationDetails - Interface in org.springframework.security.cas.web.authentication
In order for the CasAuthenticationProvider to provide the correct service url to authenticate the ticket, the returned value of Authentication.getDetails() should implement this interface when tickets can be sent to any URL rather than only ServiceProperties.getService().
ServiceAuthenticationDetailsSource - Class in org.springframework.security.cas.web.authentication
The AuthenticationDetailsSource that is set on the CasAuthenticationFilter should return a value that implements ServiceAuthenticationDetails if the application needs to authenticate dynamic service urls.
ServiceAuthenticationDetailsSource(ServiceProperties) - Constructor for class org.springframework.security.cas.web.authentication.ServiceAuthenticationDetailsSource
Creates an implementation that uses the specified ServiceProperites and the default CAS artifactParameterName.
ServiceAuthenticationDetailsSource(ServiceProperties, String) - Constructor for class org.springframework.security.cas.web.authentication.ServiceAuthenticationDetailsSource
Creates an implementation that uses the specified artifactParameterName
ServiceProperties - Class in org.springframework.security.cas
Stores properties related to this CAS service.
ServiceProperties() - Constructor for class org.springframework.security.cas.ServiceProperties
 
servletApi() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Integrates the HttpServletRequest methods with the values found on the SecurityContext.
ServletApiConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Implements select methods from the HttpServletRequest using the SecurityContext from the SecurityContextHolder.
ServletApiConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.ServletApiConfigurer
Creates a new instance
ServletOAuth2AuthorizedClientExchangeFilterFunction - Class in org.springframework.security.oauth2.client.web.reactive.function.client
Provides an easy mechanism for using an OAuth2AuthorizedClient to make OAuth2 requests by including the token as a Bearer Token.
ServletOAuth2AuthorizedClientExchangeFilterFunction() - Constructor for class org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction
 
ServletOAuth2AuthorizedClientExchangeFilterFunction(ClientRegistrationRepository, OAuth2AuthorizedClientRepository) - Constructor for class org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction
 
servletPath(String) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity.MvcMatchersRequestMatcherConfigurer
 
servletPath(String) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity.MvcMatchersIgnoredRequestConfigurer
 
servletPath(String) - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.MvcMatchersRequiresChannelUrl
 
servletPath(String) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.MvcMatchersAuthorizedUrl
 
servletPath(String) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.MvcMatchersAuthorizedUrl
 
SESSION_MANAGEMENT - Static variable in class org.springframework.security.config.Elements
 
sessionAuthenticationErrorUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
Defines the URL of the error page which should be shown when the SessionAuthenticationStrategy raises an exception.
SessionAuthenticationException - Exception in org.springframework.security.web.authentication.session
Thrown by an SessionAuthenticationStrategy to indicate that an authentication object is not valid for the current session, typically because the same user has exceeded the number of sessions they are allowed to have concurrently.
SessionAuthenticationException(String) - Constructor for exception org.springframework.security.web.authentication.session.SessionAuthenticationException
 
sessionAuthenticationFailureHandler(AuthenticationFailureHandler) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
Defines the AuthenticationFailureHandler which will be used when the SessionAuthenticationStrategy raises an exception.
sessionAuthenticationStrategy(SessionAuthenticationStrategy) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
Allows explicitly specifying the SessionAuthenticationStrategy.
SessionAuthenticationStrategy - Interface in org.springframework.security.web.authentication.session
Allows pluggable support for HttpSession-related behaviour when an authentication occurs.
sessionCreated(HttpSessionEvent) - Method in class org.springframework.security.web.session.HttpSessionEventPublisher
Handles the HttpSessionEvent by publishing a HttpSessionCreatedEvent to the application appContext.
SessionCreationEvent - Class in org.springframework.security.core.session
Generic session creation event which indicates that a session (potentially represented by a security context) has begun.
SessionCreationEvent(Object) - Constructor for class org.springframework.security.core.session.SessionCreationEvent
 
sessionCreationPolicy(SessionCreationPolicy) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
Allows specifying the SessionCreationPolicy
SessionCreationPolicy - Enum in org.springframework.security.config.http
Specifies the various session creation policies for Spring Security.
sessionDestroyed(HttpSessionEvent) - Method in class org.springframework.security.web.session.HttpSessionEventPublisher
Handles the HttpSessionEvent by publishing a HttpSessionDestroyedEvent to the application appContext.
SessionDestroyedEvent - Class in org.springframework.security.core.session
Generic "session termination" event which indicates that a session (potentially represented by a security context) has ended.
SessionDestroyedEvent(Object) - Constructor for class org.springframework.security.core.session.SessionDestroyedEvent
 
sessionFixation() - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
 
SessionFixationConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.SessionFixationConfigurer
 
SessionFixationProtectionEvent - Class in org.springframework.security.web.authentication.session
Indicates a session ID was changed for the purposes of session fixation protection.
SessionFixationProtectionEvent(Authentication, String, String) - Constructor for class org.springframework.security.web.authentication.session.SessionFixationProtectionEvent
Constructs a new session fixation protection event.
SessionFixationProtectionStrategy - Class in org.springframework.security.web.authentication.session
The default implementation of SessionAuthenticationStrategy when using < Servlet 3.1.
SessionFixationProtectionStrategy() - Constructor for class org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy
 
SessionInformation - Class in org.springframework.security.core.session
Represents a record of a session within the Spring Security framework.
SessionInformation(Object, String, Date) - Constructor for class org.springframework.security.core.session.SessionInformation
 
SessionInformationExpiredEvent - Class in org.springframework.security.web.session
An event for when a SessionInformation is expired.
SessionInformationExpiredEvent(SessionInformation, HttpServletRequest, HttpServletResponse) - Constructor for class org.springframework.security.web.session.SessionInformationExpiredEvent
Creates a new instance
SessionInformationExpiredStrategy - Interface in org.springframework.security.web.session
Determines the behaviour of the ConcurrentSessionFilter when an expired session is detected in the ConcurrentSessionFilter.
sessionManagement() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Allows configuring of Session Management.
SessionManagementConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Allows configuring session management.
SessionManagementConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
Creates a new instance
SessionManagementConfigurer.ConcurrencyControlConfigurer - Class in org.springframework.security.config.annotation.web.configurers
Allows configuring controlling of multiple sessions.
SessionManagementConfigurer.SessionFixationConfigurer - Class in org.springframework.security.config.annotation.web.configurers
Allows configuring SessionFixation protection
SessionManagementFilter - Class in org.springframework.security.web.session
Detects that a user has been authenticated since the start of the request and, if they have, calls the configured SessionAuthenticationStrategy to perform any session-related activity such as activating session-fixation protection mechanisms or checking for multiple concurrent logins.
SessionManagementFilter(SecurityContextRepository) - Constructor for class org.springframework.security.web.session.SessionManagementFilter
 
SessionManagementFilter(SecurityContextRepository, SessionAuthenticationStrategy) - Constructor for class org.springframework.security.web.session.SessionManagementFilter
 
sessionRegistry(SessionRegistry) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.ConcurrencyControlConfigurer
Controls the SessionRegistry implementation used.
SessionRegistry - Interface in org.springframework.security.core.session
Maintains a registry of SessionInformation instances.
SessionRegistryImpl - Class in org.springframework.security.core.session
Default implementation of SessionRegistry which listens for SessionDestroyedEvents published in the Spring application context.
SessionRegistryImpl() - Constructor for class org.springframework.security.core.session.SessionRegistryImpl
 
SessionRegistryImpl(ConcurrentMap<Object, Set<String>>, Map<String, SessionInformation>) - Constructor for class org.springframework.security.core.session.SessionRegistryImpl
 
set(Permission) - Method in class org.springframework.security.acls.domain.CumulativePermission
 
setAccess(String) - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag
 
setAccessDecisionManager(AccessDecisionManager) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
 
setAccessDeniedHandler(AccessDeniedHandler) - Method in class org.springframework.security.web.access.ExceptionTranslationFilter
 
setAccessDeniedHandler(AccessDeniedHandler) - Method in class org.springframework.security.web.csrf.CsrfFilter
Specifies a AccessDeniedHandler that should be used when CSRF protection fails.
setAccessDeniedHandler(ServerAccessDeniedHandler) - Method in class org.springframework.security.web.server.authorization.ExceptionTranslationWebFilter
Sets the access denied handler.
setAccessDeniedHandler(ServerAccessDeniedHandler) - Method in class org.springframework.security.web.server.csrf.CsrfWebFilter
 
setAccessTokenExpiresSkew(Duration) - Method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction
An access token will be considered expired by comparing its expiration to now + this skewed Duration.
setAccessTokenExpiresSkew(Duration) - Method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction
An access token will be considered expired by comparing its expiration to now + this skewed Duration.
setAccountNonExpired(boolean) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
 
setAccountNonLocked(boolean) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
 
setAclClassIdSupported(boolean) - Method in class org.springframework.security.acls.jdbc.BasicLookupStrategy
 
setAclClassIdSupported(boolean) - Method in class org.springframework.security.acls.jdbc.JdbcAclService
 
setAclClassIdSupported(boolean) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
 
setAclClassIdUtils(AclClassIdUtils) - Method in class org.springframework.security.acls.jdbc.BasicLookupStrategy
 
setAclClassIdUtils(AclClassIdUtils) - Method in class org.springframework.security.acls.jdbc.JdbcAclService
 
setAdditionalExceptionMappings(Properties) - Method in class org.springframework.security.authentication.DefaultAuthenticationEventPublisher
Sets additional exception to event mappings.
setAddPrefixIfAlreadyExisting(boolean) - Method in class org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper
 
setAfterInvocationManager(AfterInvocationManager) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
 
setAlgorithm(String) - Method in class org.springframework.security.core.token.SecureRandomFactoryBean
Allows the Pseudo Random Number Generator (PRNG) algorithm to be nominated.
setAlgorithm(Pbkdf2PasswordEncoder.SecretKeyFactoryAlgorithm) - Method in class org.springframework.security.crypto.password.Pbkdf2PasswordEncoder
Sets the algorithm to use.
setAllowBackSlash(boolean) - Method in class org.springframework.security.web.firewall.StrictHttpFirewall
Determines if a backslash "\" or a URL encoded backslash "%5C" should be allowed in the path or not.
setAllowedHttpMethods(Collection<String>) - Method in class org.springframework.security.web.firewall.StrictHttpFirewall
Determines which HTTP methods should be allowed.
setAllowFormEncodedBodyParameter(boolean) - Method in class org.springframework.security.oauth2.server.resource.web.DefaultBearerTokenResolver
Set if transport of access token using form-encoded body parameter is supported.
setAllowIfAllAbstainDecisions(boolean) - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager
 
setAllowIfEqualGrantedDeniedDecisions(boolean) - Method in class org.springframework.security.access.vote.ConsensusBased
 
setAllowSemicolon(boolean) - Method in class org.springframework.security.web.firewall.StrictHttpFirewall
Determines if semicolon is allowed in the URL (i.e.
setAllowSessionCreation(boolean) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
 
setAllowSessionCreation(boolean) - Method in class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
 
setAllowSessionCreation(boolean) - Method in class org.springframework.security.web.context.HttpSessionSecurityContextRepository
If set to true (the default), a session will be created (if required) to store the security context if it is determined that its contents are different from the default empty context value.
setAllowUriQueryParameter(boolean) - Method in class org.springframework.security.oauth2.server.resource.web.DefaultBearerTokenResolver
Set if transport of access token using URI query parameter is supported.
setAllowUriQueryParameter(boolean) - Method in class org.springframework.security.oauth2.server.resource.web.server.ServerBearerTokenAuthenticationConverter
Set if transport of access token using URI query parameter is supported.
setAllowUrlEncodedPercent(boolean) - Method in class org.springframework.security.web.firewall.StrictHttpFirewall
Determines if a percent "%" that is URL encoded "%25" should be allowed in the path or not.
setAllowUrlEncodedPeriod(boolean) - Method in class org.springframework.security.web.firewall.StrictHttpFirewall
Determines if a period "." that is URL encoded "%2E" should be allowed in the path or not.
setAllowUrlEncodedSlash(boolean) - Method in class org.springframework.security.web.firewall.DefaultHttpFirewall
Sets if the application should allow a URL encoded slash character.
setAllowUrlEncodedSlash(boolean) - Method in class org.springframework.security.web.firewall.StrictHttpFirewall
Determines if a slash "/" that is URL encoded "%2F" should be allowed in the path or not.
setAlwaysReauthenticate(boolean) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
Indicates whether the AbstractSecurityInterceptor should ignore the Authentication.isAuthenticated() property.
setAlwaysRemember(boolean) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
 
setAlwaysUseDefaultTargetUrl(boolean) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
If true, will always redirect to the value of defaultTargetUrl (defaults to false).
setAnonymousAuthentication(Authentication) - Method in class org.springframework.security.messaging.context.SecurityContextChannelInterceptor
Allows setting the Authentication used for anonymous authentication.
setAnonymousAuthorizedClientRepository(OAuth2AuthorizedClientRepository) - Method in class org.springframework.security.oauth2.client.web.AuthenticatedPrincipalOAuth2AuthorizedClientRepository
Sets the OAuth2AuthorizedClientRepository used for requests that are unauthenticated (or anonymous).
setAnonymousAuthorizedClientRepository(ServerOAuth2AuthorizedClientRepository) - Method in class org.springframework.security.oauth2.client.web.server.AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository
Sets the ServerOAuth2AuthorizedClientRepository used for requests that are unauthenticated (or anonymous).
setAnonymousClass(Class<? extends Authentication>) - Method in class org.springframework.security.authentication.AuthenticationTrustResolverImpl
 
setApplicationContext(ApplicationContext) - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
 
setApplicationContext(ApplicationContext) - Method in class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
 
setApplicationContext(ApplicationContext) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
 
setApplicationContext(ApplicationContext) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
 
setApplicationContext(ApplicationContext) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
 
setApplicationContext(ApplicationContext) - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
 
setApplicationContext(ApplicationContext) - Method in class org.springframework.security.config.http.UserDetailsServiceFactoryBean
 
setApplicationContext(ApplicationContext) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity
 
setApplicationContext(ApplicationContext) - Method in class org.springframework.security.ldap.server.ApacheDSContainer
 
setApplicationContext(ApplicationContext) - Method in class org.springframework.security.ldap.server.UnboundIdContainer
 
setApplicationEventPublisher(ApplicationEventPublisher) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
 
setApplicationEventPublisher(ApplicationEventPublisher) - Method in class org.springframework.security.authentication.DefaultAuthenticationEventPublisher
 
setApplicationEventPublisher(ApplicationEventPublisher) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
 
setApplicationEventPublisher(ApplicationEventPublisher) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
 
setApplicationEventPublisher(ApplicationEventPublisher) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
 
setApplicationEventPublisher(ApplicationEventPublisher) - Method in class org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter
 
setApplicationEventPublisher(ApplicationEventPublisher) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
 
setArtifactParameter(String) - Method in class org.springframework.security.cas.ServiceProperties
Configures the Request Parameter to look for when attempting to see if a CAS ticket was sent from the server.
setAsText(String) - Method in class org.springframework.security.core.userdetails.memory.UserAttributeEditor
 
setAsText(String) - Method in class org.springframework.security.web.util.matcher.RequestMatcherEditor
 
setAttributeNames(Set<String>) - Method in class org.springframework.security.ldap.userdetails.NestedLdapAuthoritiesPopulator
Sets the attribute names to retrieve for each ldap groups.
setAttributePrefix(String) - Method in class org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper
 
setAttributes2grantedAuthoritiesMap(Map<?, ?>) - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
 
setAttributesToRetrieve(String[]) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
 
setAuthenticateAllArtifacts(boolean) - Method in class org.springframework.security.cas.ServiceProperties
If true, then any non-null artifact (ticket) should be authenticated.
setAuthenticated(boolean) - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
 
setAuthenticated(boolean) - Method in class org.springframework.security.authentication.UsernamePasswordAuthenticationToken
 
setAuthenticated(boolean) - Method in interface org.springframework.security.core.Authentication
See Authentication.isAuthenticated() for a full description.
setAuthentication(Authentication) - Method in interface org.springframework.security.core.context.SecurityContext
Changes the currently authenticated principal, or removes the authentication information.
setAuthentication(Authentication) - Method in class org.springframework.security.core.context.SecurityContextImpl
 
setAuthentication(Authentication) - Static method in class org.springframework.security.test.context.TestSecurityContextHolder
Creates a new SecurityContext with the given Authentication.
setAuthenticationConfiguration(AuthenticationConfiguration) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
 
setAuthenticationConverter(Function<ServerWebExchange, Mono<Authentication>>) - Method in class org.springframework.security.web.server.authentication.AuthenticationWebFilter
setAuthenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
 
setAuthenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.web.authentication.AnonymousAuthenticationFilter
 
setAuthenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
 
setAuthenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
 
setAuthenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
 
setAuthenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
 
setAuthenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
 
setAuthenticationEntryPoint(AuthenticationEntryPoint) - Method in class org.springframework.security.oauth2.server.resource.web.BearerTokenAuthenticationFilter
Set the AuthenticationEntryPoint to use.
setAuthenticationEntryPoint(DigestAuthenticationEntryPoint) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
 
setAuthenticationEntryPoint(ServerAuthenticationEntryPoint) - Method in class org.springframework.security.web.server.authorization.ExceptionTranslationWebFilter
Sets the authentication entry point used when authentication is required
setAuthenticationEntryPoint(AuthenticationEntryPoint) - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter
Sets the AuthenticationEntryPoint used when integrating HttpServletRequest with Servlet 3 APIs.
setAuthenticationEventPublisher(AuthenticationEventPublisher) - Method in class org.springframework.security.authentication.ProviderManager
 
setAuthenticationFailureHandler(AuthenticationFailureHandler) - Method in class org.springframework.security.cas.web.CasAuthenticationFilter
Wraps the AuthenticationFailureHandler to distinguish between handling proxy ticket authentication failures and service ticket failures.
setAuthenticationFailureHandler(AuthenticationFailureHandler) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
 
setAuthenticationFailureHandler(AuthenticationFailureHandler) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
Sets the strategy used to handle a failed authentication.
setAuthenticationFailureHandler(ServerAuthenticationFailureHandler) - Method in class org.springframework.security.web.server.authentication.AuthenticationWebFilter
Sets the failure handler used when authentication fails.
setAuthenticationFailureHandler(AuthenticationFailureHandler) - Method in class org.springframework.security.web.session.SessionManagementFilter
The handler which will be invoked if the AuthenticatedSessionStrategy raises a SessionAuthenticationException, indicating that the user is not allowed to be authenticated for this session (typically because they already have too many sessions open).
setAuthenticationFilter(F) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Sets the Authentication Filter
setAuthenticationManager(AuthenticationManager) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
 
setAuthenticationManager(AuthenticationManager) - Method in class org.springframework.security.authentication.rcp.RemoteAuthenticationManagerImpl
 
setAuthenticationManager(AuthenticationManager) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
 
setAuthenticationManager(AuthenticationManager) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
setAuthenticationManager(AuthenticationManager) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
 
setAuthenticationManager(AuthenticationManager) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
 
setAuthenticationManager(AuthenticationManager) - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter
Sets the AuthenticationManager used when integrating HttpServletRequest with Servlet 3 APIs.
setAuthenticationSuccessHandler(AuthenticationSuccessHandler) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
Sets the strategy used to handle a successful authentication.
setAuthenticationSuccessHandler(AuthenticationSuccessHandler) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
Sets the strategy used to handle a successful authentication.
setAuthenticationSuccessHandler(AuthenticationSuccessHandler) - Method in class org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter
Allows control over the destination a remembered user is sent to when they are successfully authenticated.
setAuthenticationSuccessHandler(ServerAuthenticationSuccessHandler) - Method in class org.springframework.security.web.server.authentication.AuthenticationWebFilter
Sets the authentication success handler.
setAuthenticationTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.access.vote.AuthenticatedVoter
 
setAuthenticationTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.web.access.ExceptionTranslationFilter
 
setAuthenticationUrl(String) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
 
setAuthenticationUserDetailsService(AuthenticationUserDetailsService<CasAssertionAuthenticationToken>) - Method in class org.springframework.security.cas.authentication.CasAuthenticationProvider
 
setAuthenticationUserDetailsService(AuthenticationUserDetailsService<OpenIDAuthenticationToken>) - Method in class org.springframework.security.openid.OpenIDAuthenticationProvider
Used to load the UserDetails for the authenticated OpenID user.
setAuthorities(List<GrantedAuthority>) - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
Set all authorities for this user.
setAuthorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
 
setAuthoritiesAsString(List<String>) - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
Set all authorities for this user from String values.
setAuthoritiesByUsernameQuery(String) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
Allows the default query string used to retrieve authorities based on username to be overridden, if default table or column names need to be changed.
setAuthoritiesMapper(GrantedAuthoritiesMapper) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
 
setAuthoritiesMapper(GrantedAuthoritiesMapper) - Method in class org.springframework.security.cas.authentication.CasAuthenticationProvider
 
setAuthoritiesMapper(GrantedAuthoritiesMapper) - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
 
setAuthoritiesMapper(GrantedAuthoritiesMapper) - Method in class org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationProvider
Sets the GrantedAuthoritiesMapper used for mapping OAuth2User.getAuthorities() to a new set of authorities which will be associated to the OAuth2LoginAuthenticationToken.
setAuthoritiesMapper(GrantedAuthoritiesMapper) - Method in class org.springframework.security.oauth2.client.oidc.authentication.OidcAuthorizationCodeAuthenticationProvider
Sets the GrantedAuthoritiesMapper used for mapping OAuth2User.getAuthorities()} to a new set of authorities which will be associated to the OAuth2LoginAuthenticationToken.
setAuthoritiesMapper(GrantedAuthoritiesMapper) - Method in class org.springframework.security.openid.OpenIDAuthenticationProvider
 
setAuthoritiesMapper(GrantedAuthoritiesMapper) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
 
setAuthorityGranters(AuthorityGranter[]) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
Set the AuthorityGranters that should be consulted for role names to be granted to the Authentication.
setAuthorizationRequestRepository(AuthorizationRequestRepository<OAuth2AuthorizationRequest>) - Method in class org.springframework.security.oauth2.client.web.OAuth2AuthorizationCodeGrantFilter
Sets the repository for stored OAuth2AuthorizationRequest's.
setAuthorizationRequestRepository(AuthorizationRequestRepository<OAuth2AuthorizationRequest>) - Method in class org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter
Sets the repository used for storing OAuth2AuthorizationRequest's.
setAuthorizationRequestRepository(AuthorizationRequestRepository<OAuth2AuthorizationRequest>) - Method in class org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter
Sets the repository for stored OAuth2AuthorizationRequest's.
setAuthorizationRequestRepository(ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest>) - Method in class org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationRequestRedirectWebFilter
Sets the repository used for storing OAuth2AuthorizationRequest's.
setAuthorizationRequestRepository(ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest>) - Method in class org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizationCodeAuthenticationTokenConverter
setBatchSize(int) - Method in class org.springframework.security.acls.jdbc.BasicLookupStrategy
 
setBeanClassLoader(ClassLoader) - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource
 
setBeanClassLoader(ClassLoader) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
 
setBeanFactory(BeanFactory) - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityMetadataSourceAdvisor
 
setBeanFactory(BeanFactory) - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
 
setBeanFactory(BeanFactory) - Method in class org.springframework.security.config.authentication.AuthenticationManagerFactoryBean
 
setBeanResolver(BeanResolver) - Method in class org.springframework.security.web.method.annotation.AuthenticationPrincipalArgumentResolver
Sets the BeanResolver to be used on the expressions
setBeanResolver(BeanResolver) - Method in class org.springframework.security.web.reactive.result.method.annotation.AuthenticationPrincipalArgumentResolver
Sets the BeanResolver to be used on the expressions
setBearerTokenResolver(BearerTokenResolver) - Method in class org.springframework.security.oauth2.server.resource.web.BearerTokenAuthenticationFilter
Set the BearerTokenResolver to use.
setBlock(boolean) - Method in class org.springframework.security.web.header.writers.XXssProtectionHeaderWriter
If false, will not specify the mode as blocked.
setBlock(boolean) - Method in class org.springframework.security.web.server.header.XXssProtectionServerHttpHeadersWriter
If false, will not specify the mode as blocked.
setBuilder(B) - Method in class org.springframework.security.config.annotation.SecurityConfigurerAdapter
Sets the SecurityBuilder to be used.
setCache(Ehcache) - Method in class org.springframework.security.cas.authentication.EhCacheBasedTicketCache
 
setCache(Ehcache) - Method in class org.springframework.security.core.userdetails.cache.EhCacheBasedUserCache
 
setCallbackHandlers(JaasAuthenticationCallbackHandler[]) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
Set the JAASAuthentcationCallbackHandler array to handle callback objects generated by the LoginContext.login method.
setCarLicense(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
 
setCertificatePassord(String) - Method in class org.springframework.security.ldap.server.ApacheDSContainer
Will set the certificate password on the underlying LdapServer.
setChangePasswordSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
setChannelDecisionManager(ChannelDecisionManager) - Method in class org.springframework.security.web.access.channel.ChannelProcessingFilter
 
setChannelProcessors(List<?>) - Method in class org.springframework.security.web.access.channel.ChannelDecisionManagerImpl
 
setCheckForPrincipalChanges(boolean) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
If set, the pre-authenticated principal will be checked on each request and compared against the name of the current Authentication object.
setClaimedIdentityFieldName(String) - Method in class org.springframework.security.openid.OpenIDAuthenticationFilter
The name of the request parameter containing the OpenID identity, as submitted from the initial login form.
setClaimSetConverter(Converter<Map<String, Object>, Map<String, Object>>) - Method in class org.springframework.security.oauth2.jwt.NimbusJwtDecoderJwkSupport
Use the following Converter for manipulating the JWT's claim set
setClassIdentityQuery(String) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
Sets the query that will be used to retrieve the identity of a newly created row in the acl_class table.
setClassPrimaryKeyQuery(String) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
 
setClearAuthentication(boolean) - Method in class org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler
If true, removes the Authentication from the SecurityContext to prevent issues with concurrent requests.
setClientCredentialsTokenResponseClient(OAuth2AccessTokenResponseClient<OAuth2ClientCredentialsGrantRequest>) - Method in class org.springframework.security.oauth2.client.web.method.annotation.OAuth2AuthorizedClientArgumentResolver
Sets the client used when requesting an access token credential at the Token Endpoint for the client_credentials grant.
setClientCredentialsTokenResponseClient(ReactiveOAuth2AccessTokenResponseClient<OAuth2ClientCredentialsGrantRequest>) - Method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction
Sets the ReactiveOAuth2AccessTokenResponseClient to be used for getting an OAuth2AuthorizedClient for client_credentials grant.
setClientCredentialsTokenResponseClient(OAuth2AccessTokenResponseClient<OAuth2ClientCredentialsGrantRequest>) - Method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction
Sets the OAuth2AccessTokenResponseClient to be used for getting an OAuth2AuthorizedClient for client_credentials grant.
setClock(Clock) - Method in class org.springframework.security.oauth2.jwt.JwtTimestampValidator
' Use this Clock with Instant.now() for assessing timestamp validity
setCn(String[]) - Method in class org.springframework.security.ldap.userdetails.Person.Essence
 
setConfiguration(Configuration) - Method in class org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider
Sets the Configuration to use for Authentication.
setConsumer(OpenIDConsumer) - Method in class org.springframework.security.openid.OpenIDAuthenticationFilter
 
setContentLength(int) - Method in class org.springframework.security.web.util.OnCommittedResponseWrapper
 
setContentLengthLong(long) - Method in class org.springframework.security.web.util.OnCommittedResponseWrapper
 
setContentNegotationStrategy(ContentNegotiationStrategy) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
 
setContext(SecurityContext) - Static method in class org.springframework.security.core.context.SecurityContextHolder
Associates a new SecurityContext with the current thread of execution.
setContext(SecurityContext) - Method in interface org.springframework.security.core.context.SecurityContextHolderStrategy
Sets the current context.
setContext(SecurityContext) - Static method in class org.springframework.security.test.context.TestSecurityContextHolder
setContextEnvironmentProperties(Map<String, Object>) - Method in class org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider
Allows a custom environment properties to be used to create initial LDAP context.
setContextPath(String) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
 
setContextPath(String) - Method in class org.springframework.security.web.util.RedirectUrlBuilder
 
setContextRelative(boolean) - Method in class org.springframework.security.web.DefaultRedirectStrategy
If true, causes any redirection URLs to be calculated minus the protocol and context path (defaults to false).
setContextRelative(boolean) - Method in class org.springframework.security.web.server.DefaultServerRedirectStrategy
Sets if the location is relative to the context.
setContinueChainBeforeSuccessfulAuthentication(boolean) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
Indicates if the filter chain should be continued prior to delegation to AbstractAuthenticationProcessingFilter.successfulAuthentication(HttpServletRequest, HttpServletResponse, FilterChain, Authentication) , which may be useful in certain environment (such as Tapestry applications).
setContinueFilterChainOnUnsuccessfulAuthentication(boolean) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
If set to true, any AuthenticationException raised by the AuthenticationManager will be swallowed, and the request will be allowed to proceed, potentially using alternative authentication mechanisms.
setConvertAttributeToLowerCase(boolean) - Method in class org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper
 
setConvertAttributeToUpperCase(boolean) - Method in class org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper
 
setConvertSubErrorCodesToExceptions(boolean) - Method in class org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider
By default, a failed authentication (LDAP error 49) will result in a BadCredentialsException.
setConvertToLowerCase(boolean) - Method in class org.springframework.security.core.authority.mapping.SimpleAuthorityMapper
Whether to convert the authority value to lower case in the mapping.
setConvertToUpperCase(boolean) - Method in class org.springframework.security.cas.userdetails.GrantedAuthorityFromAssertionAttributesUserDetailsService
Converts the returned attribute values to uppercase values.
setConvertToUpperCase(boolean) - Method in class org.springframework.security.core.authority.mapping.SimpleAuthorityMapper
Whether to convert the authority value to upper case in the mapping.
setConvertToUpperCase(boolean) - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
Convert the role to uppercase
setConvertToUpperCase(boolean) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsMapper
Determines whether role field values will be converted to upper case when loaded.
setCookie(String[], int, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
Sets the cookie on the response.
setCookieDomain(String) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
 
setCookieDomain(String) - Method in class org.springframework.security.web.server.csrf.CookieServerCsrfTokenRepository
Sets the cookie domain
setCookieHttpOnly(boolean) - Method in class org.springframework.security.web.csrf.CookieCsrfTokenRepository
Sets the HttpOnly attribute on the cookie containing the CSRF token.
setCookieHttpOnly(boolean) - Method in class org.springframework.security.web.server.csrf.CookieServerCsrfTokenRepository
Sets the HttpOnly attribute on the cookie containing the CSRF token
setCookieName(String) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
 
setCookieName(String) - Method in class org.springframework.security.web.csrf.CookieCsrfTokenRepository
Sets the name of the cookie that the expected CSRF token is saved to and read from.
setCookieName(String) - Method in class org.springframework.security.web.server.csrf.CookieServerCsrfTokenRepository
Sets the cookie name
setCookiePath(String) - Method in class org.springframework.security.web.csrf.CookieCsrfTokenRepository
Set the path that the Cookie will be created with.
setCookiePath(String) - Method in class org.springframework.security.web.server.csrf.CookieServerCsrfTokenRepository
Sets the cookie path
setCookies(List<SavedCookie>) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
 
setCookies(List<Cookie>) - Method in class org.springframework.security.web.savedrequest.SimpleSavedRequest
 
setCount(int) - Method in class org.springframework.security.openid.OpenIDAttribute
 
setCreateAuthenticatedToken(boolean) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
If you set this property, the Authentication object, which is created after the successful digest authentication will be marked as authenticated and filled with the authorities loaded by the UserDetailsService.
setCreateAuthoritySql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
setCreateEmptySubject(boolean) - Method in class org.springframework.security.web.jaasapi.JaasApiIntegrationFilter
Sets createEmptySubject.
setCreateNewSession(boolean) - Method in class org.springframework.security.web.session.SimpleRedirectInvalidSessionStrategy
Determines whether a new session should be created before redirecting (to avoid possible looping issues where the same session ID is sent with the redirected request).
setCreateSessionAllowed(boolean) - Method in class org.springframework.security.web.savedrequest.HttpSessionRequestCache
If true, indicates that it is permitted to store the target URL and exception information in a new HttpSession (the default).
setCreateTableOnStartup(boolean) - Method in class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl
Intended for convenience in debugging.
setCreateUserSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
setCredentialsCharset(String) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
 
setCredentialsEnvironmentVariable(String) - Method in class org.springframework.security.web.authentication.preauth.RequestAttributeAuthenticationFilter
 
setCredentialsNonExpired(boolean) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
 
setCredentialsRequestHeader(String) - Method in class org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter
 
setCsrfTokenRepository(HttpServletRequest, CsrfTokenRepository) - Static method in class org.springframework.security.test.web.support.WebTestUtils
Sets the CsrfTokenRepository for the specified HttpServletRequest.
setCsrfTokenRepository(ServerCsrfTokenRepository) - Method in class org.springframework.security.web.server.csrf.CsrfWebFilter
 
setCtxFactory(InitialContextFactory) - Method in class org.springframework.security.remoting.dns.JndiDnsResolver
Allows to inject an own JNDI context factory.
setDefaultAccessDeniedHandler(ServerAccessDeniedHandler) - Method in class org.springframework.security.web.server.authorization.ServerWebExchangeDelegatingServerAccessDeniedHandler
setDefaultAuthority(String) - Method in class org.springframework.security.core.authority.mapping.SimpleAuthorityMapper
Sets a default authority to be assigned to all users
setDefaultClientRegistrationId(String) - Method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction
If set, will be used as the default ClientRegistration.getRegistrationId().
setDefaultClientRegistrationId(String) - Method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction
If set, will be used as the default ClientRegistration.getRegistrationId().
setDefaultEntryPoint(AuthenticationEntryPoint) - Method in class org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint
EntryPoint which is used when no RequestMatcher returned true
setDefaultEntryPoint(ServerAuthenticationEntryPoint) - Method in class org.springframework.security.web.server.DelegatingServerAuthenticationEntryPoint
EntryPoint which is used when no RequestMatcher returned true
setDefaultFailureUrl(String) - Method in class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
The URL which will be used as the failure destination.
setDefaultLogoutSuccessHandler(LogoutSuccessHandler) - Method in class org.springframework.security.web.authentication.logout.DelegatingLogoutSuccessHandler
Sets the default LogoutSuccessHandler if no other handlers available
setDefaultOAuth2AuthorizedClient(boolean) - Method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction
If true, a default OAuth2AuthorizedClient can be discovered from the current Authentication.
setDefaultOAuth2AuthorizedClient(boolean) - Method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction
If true, a default OAuth2AuthorizedClient can be discovered from the current Authentication.
setDefaultPasswordEncoderForMatches(PasswordEncoder) - Method in class org.springframework.security.crypto.password.DelegatingPasswordEncoder
Sets the PasswordEncoder to delegate to for DelegatingPasswordEncoder.matches(CharSequence, String) if the id is not mapped to a PasswordEncoder.
setDefaultRole(String) - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
The default role which will be assigned to all users.
setDefaultRolePrefix(String) - Method in class org.springframework.security.access.annotation.Jsr250MethodSecurityMetadataSource
Sets the default prefix to be added to RolesAllowed.
setDefaultRolePrefix(String) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
setDefaultRolePrefix(String) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
setDefaultRolePrefix(String) - Method in class org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler
setDefaultTargetUrl(String) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
Supplies the default target Url that will be used if no saved request is found in the session, or the alwaysUseDefaultTargetUrl property is set to true.
setDeleteEntryByObjectIdentityForeignKeySql(String) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
 
setDeleteGroupAuthoritiesSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
setDeleteGroupAuthoritySql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
setDeleteGroupMemberSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
setDeleteGroupMembersSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
setDeleteGroupSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
setDeleteObjectIdentityByPrimaryKeySql(String) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
 
setDeleteUserAuthoritiesSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
setDeleteUserSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
setDepartmentNumber(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
 
setDerefLinkFlag(boolean) - Method in class org.springframework.security.ldap.search.FilterBasedLdapUserSearch
Sets the corresponding property on the SearchControls instance used in the search.
setDescription(String) - Method in class org.springframework.security.ldap.userdetails.Person.Essence
 
setDestinationIndicator(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
 
setDetails(Object) - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
 
setDetails(HttpServletRequest, UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
Provided so that subclasses may configure what is put into the authentication request's details property.
setDisableUrlRewriting(boolean) - Method in class org.springframework.security.web.context.HttpSessionSecurityContextRepository
Allows the use of session identifiers in URLs to be disabled.
setDisplayName(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
 
setDn(String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
 
setDn(Name) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
 
setDomainObject(Object) - Method in class org.springframework.security.taglibs.authz.AccessControlListTag
 
setEmployeeNumber(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
 
setEnableAuthorities(boolean) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
Enables loading of authorities (roles) from the authorities table.
setEnabled(boolean) - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
 
setEnabled(boolean) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
 
setEnabled(boolean) - Method in class org.springframework.security.web.header.writers.XXssProtectionHeaderWriter
If true, will contain a value of 1.
setEnabled(boolean) - Method in class org.springframework.security.web.server.header.XXssProtectionServerHttpHeadersWriter
If true, will contain a value of 1.
setEnableGroups(boolean) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
Enables support for group authorities.
setEncodeHashAsBase64(boolean) - Method in class org.springframework.security.crypto.password.Md4PasswordEncoder
Deprecated.
 
setEncodeHashAsBase64(boolean) - Method in class org.springframework.security.crypto.password.MessageDigestPasswordEncoder
Deprecated.
 
setEncodeHashAsBase64(boolean) - Method in class org.springframework.security.crypto.password.Pbkdf2PasswordEncoder
Sets if the resulting hash should be encoded as Base64.
setEncodeServiceUrlWithSessionId(boolean) - Method in class org.springframework.security.cas.web.CasAuthenticationEntryPoint
Sets whether to encode the service url with the session id or not.
setEntriesInheriting(boolean) - Method in class org.springframework.security.acls.domain.AclImpl
 
setEntriesInheriting(boolean) - Method in interface org.springframework.security.acls.model.MutableAcl
Change the value returned by Acl.isEntriesInheriting().
setEntryPoint(ChannelEntryPoint) - Method in class org.springframework.security.web.access.channel.InsecureChannelProcessor
 
setEntryPoint(ChannelEntryPoint) - Method in class org.springframework.security.web.access.channel.SecureChannelProcessor
 
setEraseCredentialsAfterAuthentication(boolean) - Method in class org.springframework.security.authentication.ProviderManager
If set to, a resulting Authentication which implements the CredentialsContainer interface will have its eraseCredentials method called before it is returned from the authenticate() method.
setErrorConverter(Converter<Map<String, String>, OAuth2Error>) - Method in class org.springframework.security.oauth2.core.http.converter.OAuth2ErrorHttpMessageConverter
Sets the Converter used for converting the OAuth 2.0 Error parameters to an OAuth2Error.
setErrorPage(String) - Method in class org.springframework.security.web.access.AccessDeniedHandlerImpl
The error page to use.
setErrorParametersConverter(Converter<OAuth2Error, Map<String, String>>) - Method in class org.springframework.security.oauth2.core.http.converter.OAuth2ErrorHttpMessageConverter
Sets the Converter used for converting the OAuth2Error to a Map representation of the OAuth 2.0 Error parameters.
setExceptionIfHeaderMissing(boolean) - Method in class org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter
Defines whether an exception should be raised if the principal header is missing.
setExceptionIfMaximumExceeded(boolean) - Method in class org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy
Sets the exceptionIfMaximumExceeded property, which determines whether the user should be prevented from opening more sessions than allowed.
setExceptionIfVariableMissing(boolean) - Method in class org.springframework.security.web.authentication.preauth.RequestAttributeAuthenticationFilter
Defines whether an exception should be raised if the principal variable is missing.
setExceptionMappings(Map<?, ?>) - Method in class org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler
Sets the map of exception types (by name) to URLs.
setExitUserMatcher(RequestMatcher) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
Set the matcher to respond to exit user processing.
setExitUserUrl(String) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
Set the URL to respond to exit user processing.
setExpressionHandler(MethodSecurityExpressionHandler) - Method in class org.springframework.security.access.expression.method.ExpressionBasedPreInvocationAdvice
 
setExpressionHandler(SecurityExpressionHandler<Message<T>>) - Method in class org.springframework.security.messaging.access.expression.MessageExpressionVoter
 
setExpressionHandler(SecurityExpressionHandler<FilterInvocation>) - Method in class org.springframework.security.web.access.expression.WebExpressionVoter
 
setExpressionParser(ExpressionParser) - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
 
setFailureHandler(AuthenticationFailureHandler) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
Used to define custom behaviour when a switch fails.
setFailureUrl(String) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
 
setFilterChainProxySecurityConfigurer(ObjectPostProcessor<Object>, List<SecurityConfigurer<Filter, WebSecurity>>) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
Sets the <SecurityConfigurer<FilterChainProxy, WebSecurityBuilder> instances used to create the web configuration.
setFilterChainValidator(FilterChainProxy.FilterChainValidator) - Method in class org.springframework.security.web.FilterChainProxy
Used (internally) to specify a validation strategy for the filters in each configured chain.
setFilterObject(Object) - Method in interface org.springframework.security.access.expression.method.MethodSecurityExpressionOperations
 
setFilterProcessesUrl(String) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
Sets the URL that determines if authentication is required
setFilterProcessesUrl(String) - Method in class org.springframework.security.web.authentication.logout.LogoutFilter
 
setFindAllGroupsSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
setFindChildrenQuery(String) - Method in class org.springframework.security.acls.jdbc.JdbcAclService
Allows customization of the SQL query used to find child object identities.
setFindGroupIdSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
setFindUsersInGroupSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
setFirewall(HttpFirewall) - Method in class org.springframework.security.web.FilterChainProxy
Sets the "firewall" implementation which will be used to validate and wrap (or potentially reject) the incoming requests.
setForceEagerSessionCreation(boolean) - Method in class org.springframework.security.web.context.SecurityContextPersistenceFilter
 
setForceHttps(boolean) - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
Set to true to force login form access to be via https.
setForceLowerCasePrefix(boolean) - Method in class org.springframework.security.crypto.password.LdapShaPasswordEncoder
Deprecated.
 
setForcePrincipalAsString(boolean) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
 
setForeignKeysInDatabase(boolean) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
 
setFormLoginEnabled(boolean) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
 
setFormLoginEnabled(boolean) - Method in class org.springframework.security.web.server.ui.LoginPageGeneratingWebFilter
 
setGivenName(String) - Method in class org.springframework.security.ldap.userdetails.Person.Essence
 
setGlobalAuthenticationConfigurers(List<GlobalAuthenticationConfigurerAdapter>) - Method in class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
 
setGraceLoginsRemaining(int) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
 
setGroupAuthoritiesByUsernameQuery(String) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
Allows the default query string used to retrieve group authorities based on username to be overridden, if default table or column names need to be changed.
setGroupAuthoritiesSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
setGroupMemberAttributeName(String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
Sets the name of the multi-valued attribute which holds the DNs of users who are members of a group.
setGroupRoleAttribute(String) - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
 
setGroupRoleAttributeName(String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
 
setGroupSearchBase(String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
 
setGroupSearchFilter(String) - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
 
setHasPermission(String) - Method in class org.springframework.security.taglibs.authz.AccessControlListTag
 
setHeaderName(String) - Method in class org.springframework.security.web.csrf.CookieCsrfTokenRepository
Sets the name of the HTTP header that should be used to provide the token.
setHeaderName(String) - Method in class org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository
Sets the header name that the CsrfToken is expected to appear on and the header that the response will contain the CsrfToken.
setHeaderName(String) - Method in class org.springframework.security.web.server.csrf.CookieServerCsrfTokenRepository
Sets the header name
setHeaderName(String) - Method in class org.springframework.security.web.server.csrf.WebSessionServerCsrfTokenRepository
Sets the header name that the CsrfToken is expected to appear on and the header that the response will contain the CsrfToken.
setHeaders(Map<String, List<String>>) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
 
setHeaders(Map<String, List<String>>) - Method in class org.springframework.security.web.savedrequest.SimpleSavedRequest
 
setHideUserNotFoundExceptions(boolean) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
By default the AbstractUserDetailsAuthenticationProvider throws a BadCredentialsException if a username is not found or the password is incorrect.
setHideUserNotFoundExceptions(boolean) - Method in class org.springframework.security.ldap.authentication.LdapAuthenticationProvider
 
setHierarchy(String) - Method in class org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl
Set the role hierarchy and pre-calculate for every role the set of all reachable roles, i.e.
setHomePhone(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
 
setHomePostalAddress(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
 
setHtmlEscape(String) - Method in class org.springframework.security.taglibs.authz.AuthenticationTag
Set HTML escaping for this tag, as boolean value.
setHttpStatus(HttpStatus) - Method in class org.springframework.security.web.server.DefaultServerRedirectStrategy
The HttpStatus to use for the redirect.
setId(String) - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
 
setIgnoredMediaTypes(Set<MediaType>) - Method in class org.springframework.security.web.server.util.matcher.MediaTypeServerWebExchangeMatcher
Set the MediaType to ignore from the ContentNegotiationStrategy.
setIgnoredMediaTypes(Set<MediaType>) - Method in class org.springframework.security.web.util.matcher.MediaTypeRequestMatcher
Set the MediaType to ignore from the ContentNegotiationStrategy.
setIgnorePartialResultException(boolean) - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
Sets the corresponding property on the underlying template, avoiding specific issues with Active Directory.
setImportMetadata(AnnotationMetadata) - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
Obtains the attributes from EnableGlobalMethodSecurity if this class was imported using the EnableGlobalMethodSecurity annotation.
setImportMetadata(AnnotationMetadata) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
 
setIncludeSubDomains(boolean) - Method in class org.springframework.security.web.header.writers.HpkpHeaderWriter
If true, the pinning policy applies to this pinned host as well as any subdomains of the host's domain name.
setIncludeSubDomains(boolean) - Method in class org.springframework.security.web.header.writers.HstsHeaderWriter
If true, subdomains should be considered HSTS Hosts too.
setIncludeSubDomains(boolean) - Method in class org.springframework.security.web.server.header.StrictTransportSecurityServerHttpHeadersWriter
Sets if subdomains should be included.
setInitials(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
 
setInsecureKeyword(String) - Method in class org.springframework.security.web.access.channel.InsecureChannelProcessor
 
setInsertClassSql(String) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
 
setInsertEntrySql(String) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
 
setInsertGroupAuthoritySql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
setInsertGroupMemberSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
setInsertGroupSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
setInsertObjectIdentitySql(String) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
 
setInsertSidSql(String) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
 
setInternalMethod(String) - Method in class org.springframework.security.acls.AclEntryVoter
 
setInvalidateHttpSession(boolean) - Method in class org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler
Causes the HttpSession to be invalidated when this LogoutHandler is invoked.
setInvalidateSessionOnPrincipalChange(boolean) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
If checkForPrincipalChanges is set, and a change of principal is detected, determines whether any existing session should be invalidated before proceeding to authenticate the new principal.
setInvalidSessionStrategy(InvalidSessionStrategy) - Method in class org.springframework.security.web.session.SessionManagementFilter
Sets the strategy which will be invoked instead of allowing the filter chain to prceed, if the user agent requests an invalid session Id.
setIterations(int) - Method in class org.springframework.security.crypto.password.MessageDigestPasswordEncoder
Deprecated.
Sets the number of iterations for which the calculated hash value should be "stretched".
setJwtAuthenticationConverter(Converter<Jwt, ? extends AbstractAuthenticationToken>) - Method in class org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationProvider
 
setJwtAuthenticationConverter(Converter<Jwt, ? extends Mono<? extends AbstractAuthenticationToken>>) - Method in class org.springframework.security.oauth2.server.resource.authentication.JwtReactiveAuthenticationManager
Use the given Converter for converting a Jwt into an AbstractAuthenticationToken.
setJwtValidator(OAuth2TokenValidator<Jwt>) - Method in class org.springframework.security.oauth2.jwt.NimbusJwtDecoderJwkSupport
Use this Jwt Validator
setJwtValidator(OAuth2TokenValidator<Jwt>) - Method in class org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder
Use the provided OAuth2TokenValidator to validate incoming Jwts.
setKey(String) - Method in class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider
 
setKey(String) - Method in class org.springframework.security.access.intercept.RunAsManagerImpl
 
setKey(String) - Method in class org.springframework.security.cas.authentication.CasAuthenticationProvider
 
setKey(String) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
 
setKeyStoreFile(File) - Method in class org.springframework.security.ldap.server.ApacheDSContainer
The keyStore must not be null and must be a valid file.
setLdapOverSslEnabled(boolean) - Method in class org.springframework.security.ldap.server.ApacheDSContainer
If set to true will enable LDAP over SSL (LDAPs).
setLocales(List<Locale>) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
 
setLocales(List<Locale>) - Method in class org.springframework.security.web.savedrequest.SimpleSavedRequest
 
setLocation(URI) - Method in class org.springframework.security.web.server.authentication.RedirectServerAuthenticationSuccessHandler
Where the user is redirected to upon authentication success
setLoginConfig(Resource) - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
Set the JAAS login configuration file.
setLoginContextName(String) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
Set the loginContextName, this name is used as the index to the configuration specified in the loginConfig property.
setLoginExceptionResolver(LoginExceptionResolver) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
 
setLoginPageUrl(String) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
 
setLogInteractiveAuthenticationSuccessEvents(boolean) - Method in class org.springframework.security.authentication.event.LoggerListener
 
setLoginUrl(String) - Method in class org.springframework.security.cas.web.CasAuthenticationEntryPoint
 
setLogoutHandler(ServerLogoutHandler) - Method in class org.springframework.security.web.server.authentication.logout.LogoutWebFilter
setLogoutHandlers(List<LogoutHandler>) - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter
Sets the LogoutHandlers used when integrating with HttpServletRequest with Servlet 3 APIs.
setLogoutHandlers(LogoutHandler[]) - Method in class org.springframework.security.web.session.ConcurrentSessionFilter
 
setLogoutRequestMatcher(RequestMatcher) - Method in class org.springframework.security.web.authentication.logout.LogoutFilter
 
setLogoutSuccessHandler(ServerLogoutSuccessHandler) - Method in class org.springframework.security.web.server.authentication.logout.LogoutWebFilter
setLogoutSuccessUrl(String) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
 
setLogoutSuccessUrl(URI) - Method in class org.springframework.security.web.server.authentication.logout.RedirectServerLogoutSuccessHandler
The URL to redirect to after successfully logging out.
setLookupObjectIdentitiesWhereClause(String) - Method in class org.springframework.security.acls.jdbc.BasicLookupStrategy
The SQL for the where clause used in the lookupObjectIdentities method.
setLookupPrimaryKeysWhereClause(String) - Method in class org.springframework.security.acls.jdbc.BasicLookupStrategy
The SQL for the where clause used in the lookupPrimaryKey method.
setMail(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
 
setMappableAttributes(Set<String>) - Method in class org.springframework.security.core.authority.mapping.SimpleMappableAttributesRetriever
 
setMappableRolesRetriever(MappableAttributesRetriever) - Method in class org.springframework.security.web.authentication.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource
 
setMaxAge(Duration) - Method in class org.springframework.security.web.server.header.StrictTransportSecurityServerHttpHeadersWriter
Sets the max age of the header.
setMaxAgeInSeconds(long) - Method in class org.springframework.security.web.header.writers.HpkpHeaderWriter
Sets the value (in seconds) for the max-age directive of the Public-Key-Pins header.
setMaxAgeInSeconds(long) - Method in class org.springframework.security.web.header.writers.HstsHeaderWriter
Sets the value (in seconds) for the max-age directive of the Strict-Transport-Security header.
setMaximumSessions(int) - Method in class org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy
Sets the maxSessions property.
setMaxSearchDepth(int) - Method in class org.springframework.security.ldap.userdetails.NestedLdapAuthoritiesPopulator
How far should a nested search go.
setMessageExpessionHandler(List<SecurityExpressionHandler<Message<Object>>>) - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
Deprecated.
setMessageExpressionHandler(List<SecurityExpressionHandler<Message<Object>>>) - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
 
setMessageSource(MessageSource) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
 
setMessageSource(MessageSource) - Method in class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider
 
setMessageSource(MessageSource) - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager
 
setMessageSource(MessageSource) - Method in class org.springframework.security.acls.afterinvocation.AclEntryAfterInvocationProvider
 
setMessageSource(MessageSource) - Method in class org.springframework.security.authentication.AnonymousAuthenticationProvider
 
setMessageSource(MessageSource) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
 
setMessageSource(MessageSource) - Method in class org.springframework.security.authentication.ProviderManager
 
setMessageSource(MessageSource) - Method in class org.springframework.security.authentication.RememberMeAuthenticationProvider
 
setMessageSource(MessageSource) - Method in class org.springframework.security.cas.authentication.CasAuthenticationProvider
 
setMessageSource(MessageSource) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
 
setMessageSource(MessageSource) - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
 
setMessageSource(MessageSource) - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticator
 
setMessageSource(MessageSource) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
 
setMessageSource(MessageSource) - Method in class org.springframework.security.web.authentication.preauth.x509.SubjectDnX509PrincipalExtractor
 
setMessageSource(MessageSource) - Method in class org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy
Sets the MessageSource used for reporting errors back to the user when the user has exceeded the maximum number of authentications.
setMessageSource(MessageSource) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
 
setMessageSource(MessageSource) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
 
setMethod(String) - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag
 
setMethod(String) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
 
setMethod(String) - Method in class org.springframework.security.web.savedrequest.SimpleSavedRequest
 
setMethod(HttpMethod) - Method in class org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher
 
setMethodSecurityExpressionHandler(List<MethodSecurityExpressionHandler>) - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
 
setMigrateSessionAttributes(boolean) - Method in class org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy
Defines whether attributes should be migrated to a new session or not.
setMobile(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
 
setMode(XFrameOptionsServerHttpHeadersWriter.Mode) - Method in class org.springframework.security.web.server.header.XFrameOptionsServerHttpHeadersWriter
Sets the X-Frame-Options mode.
setNonceValiditySeconds(int) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
 
setO(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
 
setOauth2AuthenticationUrlToClientName(Map<String, String>) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
 
setOauth2AuthenticationUrlToClientName(Map<String, String>) - Method in class org.springframework.security.web.server.ui.LoginPageGeneratingWebFilter
 
setOauth2LoginEnabled(boolean) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
 
setOauth2UserService(ReactiveOAuth2UserService<OAuth2UserRequest, OAuth2User>) - Method in class org.springframework.security.oauth2.client.oidc.userinfo.OidcReactiveOAuth2UserService
 
setOauth2UserService(OAuth2UserService<OAuth2UserRequest, OAuth2User>) - Method in class org.springframework.security.oauth2.client.oidc.userinfo.OidcUserService
Sets the OAuth2UserService used when requesting the user info resource.
setObjectIdentityGenerator(ObjectIdentityGenerator) - Method in class org.springframework.security.acls.AclPermissionEvaluator
 
setObjectIdentityPrimaryKeyQuery(String) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
 
setObjectIdentityRetrievalStrategy(ObjectIdentityRetrievalStrategy) - Method in class org.springframework.security.acls.AclEntryVoter
 
setObjectIdentityRetrievalStrategy(ObjectIdentityRetrievalStrategy) - Method in class org.springframework.security.acls.AclPermissionCacheOptimizer
 
setObjectIdentityRetrievalStrategy(ObjectIdentityRetrievalStrategy) - Method in class org.springframework.security.acls.AclPermissionEvaluator
 
setObjectIdentityRetrievalStrategy(ObjectIdentityRetrievalStrategy) - Method in class org.springframework.security.acls.afterinvocation.AbstractAclProvider
 
setObjectPostProcessor(ObjectPostProcessor<Object>) - Method in class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
 
setObjectPostProcessor(ObjectPostProcessor<Object>) - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
 
setObjectPostProcessor(ObjectPostProcessor<Object>) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
 
setObjectPostProcessor(ObjectPostProcessor<Object>) - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
 
setObserveOncePerRequest(boolean) - Method in class org.springframework.security.web.access.intercept.FilterSecurityInterceptor
 
setOpenIDauthenticationUrl(String) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
 
setOpenIdEnabled(boolean) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
 
setOpenIDusernameParameter(String) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
 
setOrder(int) - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider
 
setOrder(int) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
 
setOrderByClause(String) - Method in class org.springframework.security.acls.jdbc.BasicLookupStrategy
The SQL for the "order by" clause used in both queries.
setOu(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
 
setOwner(Sid) - Method in class org.springframework.security.acls.domain.AclImpl
 
setOwner(Sid) - Method in interface org.springframework.security.acls.model.MutableAcl
Changes the present owner to a different owner.
setOwner(Sid) - Method in interface org.springframework.security.acls.model.OwnershipAcl
 
setPageContext(PageContext) - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
 
setParameter(String) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
Sets the name of the parameter which should be checked for to see if a remember-me has been requested during a login request.
setParameterName(String) - Method in class org.springframework.security.web.csrf.CookieCsrfTokenRepository
Sets the name of the HTTP request parameter that should be used to provide a token.
setParameterName(String) - Method in class org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository
Sets the HttpServletRequest parameter name that the CsrfToken is expected to appear on
setParameterName(String) - Method in class org.springframework.security.web.server.csrf.CookieServerCsrfTokenRepository
Sets the parameter name
setParameterName(String) - Method in class org.springframework.security.web.server.csrf.WebSessionServerCsrfTokenRepository
Sets the HttpServletRequest parameter name that the CsrfToken is expected to appear on
setParameterNameDiscoverer(ParameterNameDiscoverer) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
Sets the ParameterNameDiscoverer to use.
setParameters(Map<String, String[]>) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
 
setParameters(Map<String, String[]>) - Method in class org.springframework.security.web.savedrequest.SimpleSavedRequest
 
setParent(Acl) - Method in class org.springframework.security.acls.domain.AclImpl
 
setParent(Acl) - Method in interface org.springframework.security.acls.model.MutableAcl
Changes the parent of this ACL.
setParent(Tag) - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
 
setPassword(String) - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
 
setPassword(String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
 
setPasswordAlreadyEncoded(boolean) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
 
setPasswordAttributeName(String) - Method in class org.springframework.security.ldap.authentication.PasswordComparisonAuthenticator
 
setPasswordAttributeName(String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
 
setPasswordAttributeName(String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsMapper
The name of the attribute which contains the user's password.
setPasswordEncoder(PasswordEncoder) - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
Sets the PasswordEncoder instance to be used to encode and validate passwords.
setPasswordEncoder(PasswordEncoder) - Method in class org.springframework.security.authentication.UserDetailsRepositoryReactiveAuthenticationManager
The PasswordEncoder that is used for validating the password.
setPasswordEncoder(PasswordEncoder) - Method in class org.springframework.security.ldap.authentication.PasswordComparisonAuthenticator
 
setPasswordParameter(String) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
 
setPasswordParameter(String) - Method in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
Sets the parameter name which will be used to obtain the password from the login request..
setPasswordParameter(String) - Method in class org.springframework.security.web.server.ServerFormLoginAuthenticationConverter
Deprecated.
The parameter name of the form data to extract the password
setPathInfo(String) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
 
setPathInfo(String) - Method in class org.springframework.security.web.util.RedirectUrlBuilder
 
setPermissionCacheOptimizer(PermissionCacheOptimizer) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
 
setPermissionEvaluator(PermissionEvaluator) - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
 
setPermissionEvaluator(PermissionEvaluator) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
 
setPermissionFactory(PermissionFactory) - Method in class org.springframework.security.acls.AclPermissionEvaluator
 
setPermissionFactory(PermissionFactory) - Method in class org.springframework.security.acls.jdbc.BasicLookupStrategy
Sets the PermissionFactory instance which will be used to convert loaded permission data values to Permissions.
setPins(Map<String, String>) - Method in class org.springframework.security.web.header.writers.HpkpHeaderWriter
Sets the value for the pin- directive of the Public-Key-Pins header.
setPolicy(ReferrerPolicyHeaderWriter.ReferrerPolicy) - Method in class org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter
Sets the policy to be used in the response header.
setPolicy(ReferrerPolicyServerHttpHeadersWriter.ReferrerPolicy) - Method in class org.springframework.security.web.server.header.ReferrerPolicyServerHttpHeadersWriter
Set the policy to be used in the response header.
setPolicyDirectives(String) - Method in class org.springframework.security.web.header.writers.ContentSecurityPolicyHeaderWriter
Sets the security policy directive(s) to be used in the response header.
setPolicyDirectives(String) - Method in class org.springframework.security.web.header.writers.FeaturePolicyHeaderWriter
Set the security policy directive(s) to be used in the response header.
setPolicyDirectives(String) - Method in class org.springframework.security.web.server.header.ContentSecurityPolicyServerHttpHeadersWriter
Set the policy directive(s) to be used in the response header.
setPolicyDirectives(String) - Method in class org.springframework.security.web.server.header.FeaturePolicyServerHttpHeadersWriter
Set the policy directive(s) to be used in the response header.
setPort(int) - Method in class org.springframework.security.ldap.server.ApacheDSContainer
 
setPort(int) - Method in class org.springframework.security.ldap.server.UnboundIdContainer
 
setPort(int) - Method in class org.springframework.security.web.util.RedirectUrlBuilder
 
setPortMapper(PortMapper) - Method in class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
 
setPortMapper(PortMapper) - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
 
setPortMapper(PortMapper) - Method in class org.springframework.security.web.PortResolverImpl
 
setPortMapper(PortMapper) - Method in class org.springframework.security.web.server.transport.HttpsRedirectWebFilter
Use this PortMapper for mapping custom ports
setPortMappings(Map<String, String>) - Method in class org.springframework.security.web.PortMapperImpl
Set to override the default HTTP port to HTTPS port mappings of 80:443, and 8080:8443.
setPortResolver(PortResolver) - Method in class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
 
setPortResolver(PortResolver) - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
 
setPortResolver(PortResolver) - Method in class org.springframework.security.web.savedrequest.HttpSessionRequestCache
 
setPostalAddress(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
 
setPostalCode(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
 
setPostAuthenticationChecks(UserDetailsChecker) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
 
setPostOnly(boolean) - Method in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
Defines whether only HTTP POST requests will be allowed by this filter.
setPreAuthenticatedUserDetailsService(AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken>) - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider
Set the AuthenticatedUserDetailsService to be used to load the UserDetails for the authenticated user.
setPreAuthenticationChecks(UserDetailsChecker) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
Sets the policy will be used to verify the status of the loaded UserDetails before validation of the credentials takes place.
setPrefix(String) - Method in class org.springframework.security.core.authority.mapping.SimpleAuthorityMapper
Sets the prefix which should be added to the authority name (if it doesn't already exist)
setPrincipalEnvironmentVariable(String) - Method in class org.springframework.security.web.authentication.preauth.RequestAttributeAuthenticationFilter
 
setPrincipalExtractor(X509PrincipalExtractor) - Method in class org.springframework.security.web.authentication.preauth.x509.X509AuthenticationFilter
 
setPrincipalRequestHeader(String) - Method in class org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter
 
setProcessConfigAttribute(String) - Method in class org.springframework.security.acls.afterinvocation.AbstractAclProvider
 
setProcessDomainObjectClass(Class<?>) - Method in class org.springframework.security.access.vote.AbstractAclVoter
 
setProcessDomainObjectClass(Class<?>) - Method in class org.springframework.security.acls.afterinvocation.AbstractAclProvider
 
setProperty(String) - Method in class org.springframework.security.taglibs.authz.AuthenticationTag
 
setProtectedFieldValue(String, Object, Object) - Static method in class org.springframework.security.util.FieldUtils
 
setProviders(List<?>) - Method in class org.springframework.security.access.intercept.AfterInvocationProviderManager
 
setProxyAuthenticationFailureHandler(AuthenticationFailureHandler) - Method in class org.springframework.security.cas.web.CasAuthenticationFilter
Sets the AuthenticationFailureHandler for proxy requests.
setProxyGrantingTicketStorage(ProxyGrantingTicketStorage) - Method in class org.springframework.security.cas.web.CasAuthenticationFilter
 
setProxyReceptorUrl(String) - Method in class org.springframework.security.cas.web.CasAuthenticationFilter
 
setPseudoRandomNumberBytes(int) - Method in class org.springframework.security.core.token.KeyBasedPersistenceTokenService
 
setPublishAuthorizationSuccess(boolean) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
Only AuthorizationFailureEvent will be published.
setQuery(String) - Method in class org.springframework.security.web.util.RedirectUrlBuilder
 
setQueryString(String) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
 
setRealm(String) - Method in class org.springframework.security.web.server.authentication.HttpBasicServerAuthenticationEntryPoint
Sets the realm to be used
setRealmMapping(Map<String, String>) - Method in class org.springframework.security.openid.OpenIDAuthenticationFilter
Maps the return_to url to a realm, for example:
setRealmName(String) - Method in class org.springframework.security.oauth2.server.resource.web.access.BearerTokenAccessDeniedHandler
Set the default realm name to use in the bearer token error response
setRealmName(String) - Method in class org.springframework.security.oauth2.server.resource.web.access.server.BearerTokenServerAccessDeniedHandler
Set the default realm name to use in the bearer token error response
setRealmName(String) - Method in class org.springframework.security.oauth2.server.resource.web.BearerTokenAuthenticationEntryPoint
Set the default realm name to use in the bearer token error response
setRealmName(String) - Method in class org.springframework.security.oauth2.server.resource.web.server.BearerTokenServerAuthenticationEntryPoint
 
setRealmName(String) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint
 
setRealmName(String) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
 
setRedirectStrategy(RedirectStrategy) - Method in class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
Sets the strategy to be used for redirecting to the required channel URL.
setRedirectStrategy(RedirectStrategy) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
Allows overriding of the behaviour when redirecting to a target URL.
setRedirectStrategy(RedirectStrategy) - Method in class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
Allows overriding of the behaviour when redirecting to a target URL.
setRedirectStrategy(ServerRedirectStrategy) - Method in class org.springframework.security.web.server.authentication.RedirectServerAuthenticationEntryPoint
Sets the RedirectStrategy to use.
setRedirectStrategy(ServerRedirectStrategy) - Method in class org.springframework.security.web.server.authentication.RedirectServerAuthenticationFailureHandler
Sets the RedirectStrategy to use.
setRedirectStrategy(ServerRedirectStrategy) - Method in class org.springframework.security.web.server.authentication.RedirectServerAuthenticationSuccessHandler
The RedirectStrategy to use.
setRedirectStrategy(RedirectStrategy) - Method in class org.springframework.security.web.session.ConcurrentSessionFilter
setRedirectUrl(String) - Method in class org.springframework.security.web.savedrequest.SimpleSavedRequest
 
setRefreshConfigurationOnStartup(boolean) - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
If set, a call to Configuration#refresh() will be made by #configureJaas(Resource) method.
setRejectPublicInvocations(boolean) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
By rejecting public invocations (and setting this property to true), essentially you are ensuring that every secure object invocation advised by AbstractSecurityInterceptor has a configuration attribute defined.
setRememberMeClass(Class<? extends Authentication>) - Method in class org.springframework.security.authentication.AuthenticationTrustResolverImpl
 
setRememberMeParameter(String) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
 
setRememberMeServices(RememberMeServices) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
 
setRememberMeServices(RememberMeServices) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
 
setRemoteAuthenticationManager(RemoteAuthenticationManager) - Method in class org.springframework.security.authentication.rcp.RemoteAuthenticationProvider
 
setRenameGroupSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
setReportOnly(boolean) - Method in class org.springframework.security.web.header.writers.ContentSecurityPolicyHeaderWriter
If true, includes the Content-Security-Policy-Report-Only header in the response, otherwise, defaults to the Content-Security-Policy header.
setReportOnly(boolean) - Method in class org.springframework.security.web.header.writers.HpkpHeaderWriter
To get a Public-Key-Pins header you should set this to false, otherwise the header will be Public-Key-Pins-Report-Only.
setReportOnly(boolean) - Method in class org.springframework.security.web.server.header.ContentSecurityPolicyServerHttpHeadersWriter
Set whether to include the Content-Security-Policy-Report-Only header in the response.
setReportUri(URI) - Method in class org.springframework.security.web.header.writers.HpkpHeaderWriter
Sets the URI to which the browser should report pin validation failures.
setReportUri(String) - Method in class org.springframework.security.web.header.writers.HpkpHeaderWriter
Sets the URI to which the browser should report pin validation failures.
setRequest(HttpServletRequest) - Method in class org.springframework.security.web.context.HttpRequestResponseHolder
 
setRequestCache(RequestCache) - Method in class org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter
Sets the RequestCache used for storing the current request before redirecting the OAuth 2.0 Authorization Request.
setRequestCache(RequestCache) - Method in class org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler
 
setRequestCache(ServerRequestCache) - Method in class org.springframework.security.web.server.authentication.RedirectServerAuthenticationEntryPoint
The request cache to use to save the request before sending a redirect.
setRequestCache(ServerRequestCache) - Method in class org.springframework.security.web.server.authentication.RedirectServerAuthenticationSuccessHandler
Sets the ServerRequestCache used to redirect to.
setRequestCache(ServerRequestCache) - Method in class org.springframework.security.web.server.savedrequest.ServerRequestCacheWebFilter
 
setRequestEntityConverter(Converter<OAuth2AuthorizationCodeGrantRequest, RequestEntity<?>>) - Method in class org.springframework.security.oauth2.client.endpoint.DefaultAuthorizationCodeTokenResponseClient
Sets the Converter used for converting the OAuth2AuthorizationCodeGrantRequest to a RequestEntity representation of the OAuth 2.0 Access Token Request.
setRequestEntityConverter(Converter<OAuth2ClientCredentialsGrantRequest, RequestEntity<?>>) - Method in class org.springframework.security.oauth2.client.endpoint.DefaultClientCredentialsTokenResponseClient
Sets the Converter used for converting the OAuth2ClientCredentialsGrantRequest to a RequestEntity representation of the OAuth 2.0 Access Token Request.
setRequestEntityConverter(Converter<OAuth2UserRequest, RequestEntity<?>>) - Method in class org.springframework.security.oauth2.client.userinfo.CustomUserTypesOAuth2UserService
Sets the Converter used for converting the OAuth2UserRequest to a RequestEntity representation of the UserInfo Request.
setRequestEntityConverter(Converter<OAuth2UserRequest, RequestEntity<?>>) - Method in class org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService
Sets the Converter used for converting the OAuth2UserRequest to a RequestEntity representation of the UserInfo Request.
setRequestMatcher(RequestMatcher) - Method in class org.springframework.security.web.header.writers.HstsHeaderWriter
Sets the RequestMatcher used to determine if the "Strict-Transport-Security" should be added.
setRequestMatcher(RequestMatcher) - Method in class org.springframework.security.web.savedrequest.HttpSessionRequestCache
Allows selective use of saved requests for a subset of requests.
setRequestURI(String) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
 
setRequestURL(String) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
 
setRequireCsrfProtectionMatcher(RequestMatcher) - Method in class org.springframework.security.web.csrf.CsrfFilter
Specifies a RequestMatcher that is used to determine if CSRF protection should be applied.
setRequireCsrfProtectionMatcher(ServerWebExchangeMatcher) - Method in class org.springframework.security.web.server.csrf.CsrfWebFilter
 
setRequired(boolean) - Method in class org.springframework.security.openid.OpenIDAttribute
 
setRequiresAuthenticationMatcher(ServerWebExchangeMatcher) - Method in class org.springframework.security.web.server.authentication.AuthenticationWebFilter
Sets the matcher used to determine when creating an Authentication from AuthenticationWebFilter.setServerAuthenticationConverter(ServerAuthenticationConverter) to be authentication.
setRequiresAuthenticationRequestMatcher(RequestMatcher) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
 
setRequiresHttpsRedirectMatcher(ServerWebExchangeMatcher) - Method in class org.springframework.security.web.server.transport.HttpsRedirectWebFilter
Use this ServerWebExchangeMatcher to narrow which requests are redirected to HTTPS.
setRequiresLogoutMatcher(ServerWebExchangeMatcher) - Method in class org.springframework.security.web.server.authentication.logout.LogoutWebFilter
 
setResolveHiddenInputs(Function<HttpServletRequest, Map<String, String>>) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
Sets a Function used to resolve a Map of the hidden inputs where the key is the name of the input and the value is the value of the input.
setResolveHiddenInputs(Function<HttpServletRequest, Map<String, String>>) - Method in class org.springframework.security.web.authentication.ui.DefaultLogoutPageGeneratingFilter
Sets a Function used to resolve a Map of the hidden inputs where the key is the name of the input and the value is the value of the input.
setResource(Resource) - Method in class org.springframework.security.config.core.userdetails.ReactiveUserDetailsServiceResourceFactoryBean
Sets a Resource that is a Properties file in the format defined in UserDetailsResourceFactoryBean.
setResource(Resource) - Method in class org.springframework.security.config.core.userdetails.UserDetailsResourceFactoryBean
Sets a Resource that is a Properties file in the format defined in UserDetailsResourceFactoryBean.
setResource(Resource) - Method in class org.springframework.security.config.provisioning.UserDetailsManagerResourceFactoryBean
Sets a Resource that is a Properties file in the format defined in UserDetailsResourceFactoryBean.
setResourceLoader(ResourceLoader) - Method in class org.springframework.security.config.core.userdetails.ReactiveUserDetailsServiceResourceFactoryBean
 
setResourceLoader(ResourceLoader) - Method in class org.springframework.security.config.core.userdetails.UserDetailsResourceFactoryBean
 
setResourceLoader(ResourceLoader) - Method in class org.springframework.security.config.provisioning.UserDetailsManagerResourceFactoryBean
 
setResourceLoader(ResourceLoader) - Method in class org.springframework.security.web.authentication.preauth.j2ee.WebXmlMappableAttributesRetriever
 
setResourceLocation(String) - Method in class org.springframework.security.config.core.userdetails.ReactiveUserDetailsServiceResourceFactoryBean
Sets the location of a Resource that is a Properties file in the format defined in UserDetailsResourceFactoryBean.
setResourceLocation(String) - Method in class org.springframework.security.config.core.userdetails.UserDetailsResourceFactoryBean
Sets the location of a Resource that is a Properties file in the format defined in UserDetailsResourceFactoryBean.
setResourceLocation(String) - Method in class org.springframework.security.config.provisioning.UserDetailsManagerResourceFactoryBean
Sets the location of a Resource that is a Properties file in the format defined in UserDetailsResourceFactoryBean.
setResponse(HttpServletResponse) - Method in class org.springframework.security.web.context.HttpRequestResponseHolder
 
setRestOperations(RestOperations) - Method in class org.springframework.security.oauth2.client.endpoint.DefaultAuthorizationCodeTokenResponseClient
Sets the RestOperations used when requesting the OAuth 2.0 Access Token Response.
setRestOperations(RestOperations) - Method in class org.springframework.security.oauth2.client.endpoint.DefaultClientCredentialsTokenResponseClient
Sets the RestOperations used when requesting the OAuth 2.0 Access Token Response.
setRestOperations(RestOperations) - Method in class org.springframework.security.oauth2.client.userinfo.CustomUserTypesOAuth2UserService
Sets the RestOperations used when requesting the UserInfo resource.
setRestOperations(RestOperations) - Method in class org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService
Sets the RestOperations used when requesting the UserInfo resource.
setRestOperations(RestOperations) - Method in class org.springframework.security.oauth2.jwt.NimbusJwtDecoderJwkSupport
Sets the RestOperations used when requesting the JSON Web Key (JWK) Set.
setReturningAttributes(String[]) - Method in class org.springframework.security.ldap.search.FilterBasedLdapUserSearch
Specifies the attributes that will be returned as part of the search.
setReturnObject(Object, EvaluationContext) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
 
setReturnObject(Object, EvaluationContext) - Method in interface org.springframework.security.access.expression.method.MethodSecurityExpressionHandler
Used to inform the expression system of the return object for the given evaluation context.
setReturnObject(Object) - Method in interface org.springframework.security.access.expression.method.MethodSecurityExpressionOperations
 
setReturnToUrlParameters(Set<String>) - Method in class org.springframework.security.openid.OpenIDAuthenticationFilter
Specifies any extra parameters submitted along with the identity field which should be appended to the return_to URL which is assembled by OpenIDAuthenticationFilter.buildReturnToUrl(javax.servlet.http.HttpServletRequest).
setRoleAttributes(String[]) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsMapper
The names of any attributes in the user's entry which represent application roles.
setRoleHierarchy(RoleHierarchy) - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
 
setRoleHierarchy(RoleHierarchy) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
 
setRoleMapper(AttributesMapper) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
 
setRolePrefix(String) - Method in class org.springframework.security.access.intercept.RunAsManagerImpl
Allows the default role prefix of ROLE_ to be overridden.
setRolePrefix(String) - Method in class org.springframework.security.access.vote.RoleVoter
Allows the default role prefix of ROLE_ to be overridden.
setRolePrefix(String) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
Allows a default role prefix to be specified.
setRolePrefix(String) - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
Sets the prefix which will be prepended to the values loaded from the directory.
setRolePrefix(String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsMapper
The prefix that should be applied to the role names
setRolePrefix(String) - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter
 
setRoomNumber(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
 
setRunAsManager(RunAsManager) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
 
setSaveRequestMatcher(ServerWebExchangeMatcher) - Method in class org.springframework.security.web.server.savedrequest.WebSessionServerRequestCache
Sets the matcher to determine if the request should be saved.
setScheduler(Scheduler) - Method in class org.springframework.security.authentication.UserDetailsRepositoryReactiveAuthenticationManager
setScheme(String) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
 
setScheme(String) - Method in class org.springframework.security.web.util.RedirectUrlBuilder
 
setScope(String) - Method in class org.springframework.security.taglibs.authz.AuthenticationTag
 
setSearchControls(SearchControls) - Method in class org.springframework.security.ldap.SpringSecurityLdapTemplate
Sets the search controls which will be used for search operations by the template.
setSearchFilter(String) - Method in class org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider
The LDAP filter string to search for the user being authenticated.
setSearchSubtree(boolean) - Method in class org.springframework.security.ldap.search.FilterBasedLdapUserSearch
If true then searches the entire subtree as identified by context, if false (the default) then only searches the level identified by the context.
setSearchSubtree(boolean) - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
If set to true, a subtree scope search will be performed.
setSearchTimeLimit(int) - Method in class org.springframework.security.ldap.search.FilterBasedLdapUserSearch
The time to wait before the search fails; the default is zero, meaning forever.
setSecureKeyword(String) - Method in class org.springframework.security.web.access.channel.SecureChannelProcessor
 
setSecureRandom(SecureRandom) - Method in class org.springframework.security.core.token.KeyBasedPersistenceTokenService
 
setSecurityContextRepository(HttpServletRequest, SecurityContextRepository) - Static method in class org.springframework.security.test.web.support.WebTestUtils
Sets the SecurityContextRepository for the specified HttpServletRequest.
setSecurityContextRepository(ServerSecurityContextRepository) - Method in class org.springframework.security.web.server.authentication.AuthenticationWebFilter
Sets the repository for persisting the SecurityContext.
setSecurityContextRepository(ServerSecurityContextRepository) - Method in class org.springframework.security.web.server.authentication.logout.SecurityContextServerLogoutHandler
Sets the ServerSecurityContextRepository that should be used for logging out.
setSecurityInterceptor(AbstractSecurityInterceptor) - Method in class org.springframework.security.access.intercept.MethodInvocationPrivilegeEvaluator
 
setSecurityMetadataSource(MethodSecurityMetadataSource) - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor
 
setSecurityMetadataSource(FilterInvocationSecurityMetadataSource) - Method in class org.springframework.security.web.access.channel.ChannelProcessingFilter
 
setSecurityMetadataSource(FilterInvocationSecurityMetadataSource) - Method in class org.springframework.security.web.access.intercept.FilterSecurityInterceptor
 
setSeed(Resource) - Method in class org.springframework.security.core.token.SecureRandomFactoryBean
Allows the user to specify a resource which will act as a seed for the SecureRandom instance.
setSelectClause(String) - Method in class org.springframework.security.acls.jdbc.BasicLookupStrategy
The SQL for the select clause.
setSendRenew(boolean) - Method in class org.springframework.security.cas.ServiceProperties
 
setSeriesLength(int) - Method in class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices
 
setServerAuthenticationConverter(ServerAuthenticationConverter) - Method in class org.springframework.security.web.server.authentication.AuthenticationWebFilter
Sets the strategy used for converting from a ServerWebExchange to an Authentication used for authenticating with the provided ReactiveAuthenticationManager.
setServerInteger(Integer) - Method in class org.springframework.security.core.token.KeyBasedPersistenceTokenService
 
setServerName(String) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
 
setServerName(String) - Method in class org.springframework.security.web.util.RedirectUrlBuilder
 
setServerPort(int) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
 
setServerSecret(String) - Method in class org.springframework.security.core.token.KeyBasedPersistenceTokenService
 
setService(String) - Method in class org.springframework.security.cas.ServiceProperties
 
setServiceParameter(String) - Method in class org.springframework.security.cas.ServiceProperties
 
setServiceProperties(ServiceProperties) - Method in class org.springframework.security.cas.authentication.CasAuthenticationProvider
 
setServiceProperties(ServiceProperties) - Method in class org.springframework.security.cas.web.CasAuthenticationEntryPoint
 
setServiceProperties(ServiceProperties) - Method in class org.springframework.security.cas.web.CasAuthenticationFilter
 
setServletPath(String) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
 
setServletPath(String) - Method in class org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher
The servlet path to match on.
setServletPath(String) - Method in class org.springframework.security.web.util.RedirectUrlBuilder
 
setSessionAttributeName(String) - Method in class org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository
Sets the HttpSession attribute name that the CsrfToken is stored in
setSessionAttributeName(String) - Method in class org.springframework.security.web.server.csrf.WebSessionServerCsrfTokenRepository
Sets the HttpSession attribute name that the CsrfToken is stored in
setSessionAttrName(String) - Method in class org.springframework.security.web.savedrequest.HttpSessionRequestCache
If the sessionAttrName property is set, the request is stored in the session using this attribute name.
setSessionAuthenticationStrategy(SessionAuthenticationStrategy) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
The session handling strategy which will be invoked immediately after an authentication request is successfully processed by the AuthenticationManager.
setSharedObject(Class<C>, C) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Sets an object that is shared by multiple SecurityConfigurer.
setSharedObject(Class<C>, C) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
 
setSharedObject(Class<C>, C) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder
Sets an object that is shared by multiple SecurityConfigurer.
setSidIdentityQuery(String) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
Sets the query that will be used to retrieve the identity of a newly created row in the acl_sid table.
setSidPrimaryKeyQuery(String) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
 
setSidRetrievalStrategy(SidRetrievalStrategy) - Method in class org.springframework.security.acls.AclEntryVoter
 
setSidRetrievalStrategy(SidRetrievalStrategy) - Method in class org.springframework.security.acls.AclPermissionCacheOptimizer
 
setSidRetrievalStrategy(SidRetrievalStrategy) - Method in class org.springframework.security.acls.AclPermissionEvaluator
 
setSidRetrievalStrategy(SidRetrievalStrategy) - Method in class org.springframework.security.acls.afterinvocation.AbstractAclProvider
 
setSidRetrievalStrategy(SidRetrievalStrategy) - Method in class org.springframework.security.acls.domain.AclAuthorizationStrategyImpl
 
setSn(String) - Method in class org.springframework.security.ldap.userdetails.Person.Essence
 
setSpringSecurityContextAttrName(String) - Method in class org.springframework.security.web.server.context.WebSessionServerSecurityContextRepository
Sets the session attribute name used to save and load the SecurityContext
setSpringSecurityContextKey(String) - Method in class org.springframework.security.web.context.HttpSessionSecurityContextRepository
Allows the session attribute name to be customized for this repository instance.
setStatelessTicketCache(StatelessTicketCache) - Method in class org.springframework.security.cas.authentication.CasAuthenticationProvider
 
setStrategyName(String) - Static method in class org.springframework.security.core.context.SecurityContextHolder
Changes the preferred strategy.
setStreet(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
 
setStringSeparator(String) - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
 
setSubjectDnRegex(String) - Method in class org.springframework.security.web.authentication.preauth.x509.SubjectDnX509PrincipalExtractor
Sets the regular expression which will by used to extract the user name from the certificate's Subject DN.
setSuccessHandler(AuthenticationSuccessHandler) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
Used to define custom behaviour on a successful switch or exit user.
setSwitchAuthorityRole(String) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
Allows the role of the switchAuthority to be customized.
setSwitchFailureUrl(String) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
Sets the URL to which a user should be redirected if the switch fails.
setSwitchUserAuthorityChanger(SwitchUserAuthorityChanger) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
 
setSwitchUserMatcher(RequestMatcher) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
Set the matcher to respond to switch user processing.
setSwitchUserUrl(String) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
Set the URL to respond to switch user processing.
setTargetUrl(String) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
Sets the URL to go to after a successful switch / exit user request.
setTargetUrlParameter(String) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
If this property is set, the current request will be checked for this a parameter with this name and the value used as the target URL if present.
setTelephoneNumber(String) - Method in class org.springframework.security.ldap.userdetails.Person.Essence
 
setThrowableAnalyzer(ThrowableAnalyzer) - Method in class org.springframework.security.web.access.ExceptionTranslationFilter
 
setThrowExceptionWhenTokenRejected(boolean) - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider
If true, causes the provider to throw a BadCredentialsException if the presented authentication request is invalid (contains a null principal or credentials).
setTicketValidator(TicketValidator) - Method in class org.springframework.security.cas.authentication.CasAuthenticationProvider
 
setTimeBeforeExpiration(int) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
 
setTitle(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
 
setTokenLength(int) - Method in class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices
 
setTokenResponseConverter(Converter<Map<String, String>, OAuth2AccessTokenResponse>) - Method in class org.springframework.security.oauth2.core.http.converter.OAuth2AccessTokenResponseHttpMessageConverter
Sets the Converter used for converting the OAuth 2.0 Access Token Response parameters to an OAuth2AccessTokenResponse.
setTokenResponseParametersConverter(Converter<OAuth2AccessTokenResponse, Map<String, String>>) - Method in class org.springframework.security.oauth2.core.http.converter.OAuth2AccessTokenResponseHttpMessageConverter
Sets the Converter used for converting the OAuth2AccessTokenResponse to a Map representation of the OAuth 2.0 Access Token Response parameters.
setTokenValiditySeconds(int) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
 
setTokenValiditySeconds(int) - Method in class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices
 
setTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
Sets the AuthenticationTrustResolver to be used.
setTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
 
setTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
 
setTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.messaging.access.expression.DefaultMessageSecurityExpressionHandler
 
setTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler
Sets the AuthenticationTrustResolver to be used.
setTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.web.context.HttpSessionSecurityContextRepository
Sets the AuthenticationTrustResolver to be used.
setTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter
Sets the AuthenticationTrustResolver to be used.
setTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.web.session.SessionManagementFilter
Sets the AuthenticationTrustResolver to be used.
setUid(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
 
setUnsafeAllowAnyHttpMethod(boolean) - Method in class org.springframework.security.web.firewall.StrictHttpFirewall
Sets if any HTTP method is allowed.
setUpdateObjectIdentity(String) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
 
setUpdateUserSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
setupModule(Module.SetupContext) - Method in class org.springframework.security.cas.jackson2.CasJackson2Module
 
setupModule(Module.SetupContext) - Method in class org.springframework.security.jackson2.CoreJackson2Module
 
setupModule(Module.SetupContext) - Method in class org.springframework.security.web.jackson2.WebJackson2Module
 
setupModule(Module.SetupContext) - Method in class org.springframework.security.web.jackson2.WebServletJackson2Module
 
setUrl(String) - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag
 
setUseAuthenticationRequestCredentials(boolean) - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
Determines whether the supplied password will be used as the credentials in the successful authentication token.
setUseEquals(boolean) - Method in class org.springframework.security.web.server.util.matcher.MediaTypeServerWebExchangeMatcher
If set to true, matches on exact MediaType, else uses MediaType.isCompatibleWith(MediaType).
setUseEquals(boolean) - Method in class org.springframework.security.web.util.matcher.MediaTypeRequestMatcher
If set to true, matches on exact MediaType, else uses MediaType.isCompatibleWith(MediaType).
setUseForward(boolean) - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
Tells if we are to do a forward to the loginFormUrl using the RequestDispatcher, instead of a 302 redirect.
setUseForward(boolean) - Method in class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
If set to true, performs a forward to the failure destination URL instead of a redirect.
setUsePasswordAttrCompare(boolean) - Method in class org.springframework.security.ldap.authentication.PasswordComparisonAuthenticator
 
setUsePasswordModifyExtensionOperation(boolean) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
Sets the method by which a user's password gets modified.
setUserAttributes(String[]) - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticator
Sets the user attributes which will be retrieved from the directory.
setUserCache(UserCache) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
 
setUserCache(UserCache) - Method in class org.springframework.security.config.authentication.CachingUserDetailsService
 
setUserCache(UserCache) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
Optionally sets the UserCache if one is in use in the application.
setUserCache(UserCache) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
 
setUserDetailsChecker(UserDetailsChecker) - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider
Sets the strategy which will be used to validate the loaded UserDetails object for the user.
setUserDetailsChecker(UserDetailsChecker) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
Sets the strategy to be used to validate the UserDetails object obtained for the user when processing a remember-me cookie to automatically log in a user.
setUserDetailsChecker(UserDetailsChecker) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
 
setUserDetailsContextMapper(UserDetailsContextMapper) - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
Allows a custom strategy to be used for creating the UserDetails which will be stored as the principal in the Authentication returned by the AbstractLdapAuthenticationProvider.createSuccessfulAuthentication(org.springframework.security.authentication.UsernamePasswordAuthenticationToken, org.springframework.security.core.userdetails.UserDetails) method.
setUserDetailsMapper(UserDetailsContextMapper) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
 
setUserDetailsMapper(UserDetailsContextMapper) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsService
 
setUserDetailsPasswordService(UserDetailsPasswordService) - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
 
setUserDetailsPasswordService(ReactiveUserDetailsPasswordService) - Method in class org.springframework.security.authentication.UserDetailsRepositoryReactiveAuthenticationManager
Sets the service to use for upgrading passwords on successful authentication.
setUserDetailsService(UserDetailsService) - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
 
setUserDetailsService(UserDetailsService) - Method in class org.springframework.security.cas.authentication.CasAuthenticationProvider
 
setUserDetailsService(UserDetailsService) - Method in class org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper
Set the wrapped UserDetailsService implementation
setUserDetailsService(UserDetailsService) - Method in class org.springframework.security.openid.OpenIDAuthenticationProvider
Used to load the UserDetails for the authenticated OpenID user.
setUserDetailsService(UserDetailsService) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
Sets the authentication data access object.
setUserDetailsService(UserDetailsService) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
 
setUserDnPatterns(String[]) - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticator
Sets the pattern which will be used to supply a DN for the user.
setUseReferer(boolean) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
If set to true the Referer header will be used (if available).
setUserExistsSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
setUsername(String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
 
setUsernameBasedPrimaryKey(boolean) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
If true (the default), indicates the JdbcDaoImpl.getUsersByUsernameQuery() returns a username in response to a query.
setUsernameMapper(LdapUsernameToDnMapper) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
 
setUsernameParameter(String) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
Allows the parameter containing the username to be customized.
setUsernameParameter(String) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
 
setUsernameParameter(String) - Method in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
Sets the parameter name which will be used to obtain the username from the login request.
setUsernameParameter(String) - Method in class org.springframework.security.web.server.ServerFormLoginAuthenticationConverter
Deprecated.
The parameter name of the form data to extract the username
setUserRoles2GrantedAuthoritiesMapper(Attributes2GrantedAuthoritiesMapper) - Method in class org.springframework.security.web.authentication.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource
 
setUsersByUsernameQuery(String) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
Allows the default query string used to retrieve users based on username to be overridden, if default table or column names need to be changed.
setUserSearch(LdapUserSearch) - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticator
 
setUseSecureCookie(boolean) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
Whether the cookie should be flagged as secure or not.
setValidateConfigAttributes(boolean) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor
 
setVar(String) - Method in class org.springframework.security.taglibs.authz.AccessControlListTag
 
setVar(String) - Method in class org.springframework.security.taglibs.authz.AuthenticationTag
 
setVar(String) - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
 
setWebClient(WebClient) - Method in class org.springframework.security.oauth2.client.userinfo.DefaultReactiveOAuth2UserService
Sets the WebClient used for retrieving the user endpoint
setWebSphereGroups2GrantedAuthoritiesMapper(Attributes2GrantedAuthoritiesMapper) - Method in class org.springframework.security.web.authentication.preauth.websphere.WebSpherePreAuthenticatedWebAuthenticationDetailsSource
 
setWorkingDirectory(File) - Method in class org.springframework.security.ldap.server.ApacheDSContainer
 
sha(byte[]) - Static method in class org.springframework.security.core.token.Sha512DigestUtils
Calculates the SHA digest and returns the value as a byte[].
sha(String) - Static method in class org.springframework.security.core.token.Sha512DigestUtils
Calculates the SHA digest and returns the value as a byte[].
Sha512DigestUtils - Class in org.springframework.security.core.token
Provides SHA512 digest methods.
Sha512DigestUtils() - Constructor for class org.springframework.security.core.token.Sha512DigestUtils
 
shaHex(byte[]) - Static method in class org.springframework.security.core.token.Sha512DigestUtils
Calculates the SHA digest and returns the value as a hex string.
shaHex(String) - Static method in class org.springframework.security.core.token.Sha512DigestUtils
Calculates the SHA digest and returns the value as a hex string.
shared(int) - Static method in class org.springframework.security.crypto.keygen.KeyGenerators
Create a BytesKeyGenerator that returns a single, shared SecureRandom key of a custom length.
shutdown() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
 
shutdownNow() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
 
Sid - Interface in org.springframework.security.acls.model
A security identity recognised by the ACL system.
sidRetrievalStrategy - Variable in class org.springframework.security.acls.afterinvocation.AbstractAclProvider
 
SidRetrievalStrategy - Interface in org.springframework.security.acls.model
Strategy interface that provides an ability to determine the Sid instances applicable for an Authentication.
SidRetrievalStrategyImpl - Class in org.springframework.security.acls.domain
Basic implementation of SidRetrievalStrategy that creates a Sid for the principal, as well as every granted authority the principal holds.
SidRetrievalStrategyImpl() - Constructor for class org.springframework.security.acls.domain.SidRetrievalStrategyImpl
 
SidRetrievalStrategyImpl(RoleHierarchy) - Constructor for class org.springframework.security.acls.domain.SidRetrievalStrategyImpl
 
SimpDestinationMessageMatcher - Class in org.springframework.security.messaging.util.matcher
MessageMatcher which compares a pre-defined pattern against the destination of a Message.
SimpDestinationMessageMatcher(String) - Constructor for class org.springframework.security.messaging.util.matcher.SimpDestinationMessageMatcher
Creates a new instance with the specified pattern, null SimpMessageType (matches any type), and a AntPathMatcher created from the default constructor.
SimpDestinationMessageMatcher(String, PathMatcher) - Constructor for class org.springframework.security.messaging.util.matcher.SimpDestinationMessageMatcher
Creates a new instance with the specified pattern and PathMatcher.
simpDestMatchers(String...) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry
Maps a List of SimpDestinationMessageMatcher instances without regard to the SimpMessageType.
simpDestPathMatcher(PathMatcher) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry
SimpleAttributes2GrantedAuthoritiesMapper - Class in org.springframework.security.core.authority.mapping
This class implements the Attributes2GrantedAuthoritiesMapper interface by doing a one-to-one mapping from roles to Spring Security GrantedAuthorities.
SimpleAttributes2GrantedAuthoritiesMapper() - Constructor for class org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper
 
SimpleAuthorityMapper - Class in org.springframework.security.core.authority.mapping
Simple one-to-one GrantedAuthoritiesMapper which allows for case conversion of the authority name and the addition of a string prefix (which defaults to ROLE_ ).
SimpleAuthorityMapper() - Constructor for class org.springframework.security.core.authority.mapping.SimpleAuthorityMapper
 
SimpleGrantedAuthority - Class in org.springframework.security.core.authority
Basic concrete implementation of a GrantedAuthority.
SimpleGrantedAuthority(String) - Constructor for class org.springframework.security.core.authority.SimpleGrantedAuthority
 
SimpleGrantedAuthorityMixin - Class in org.springframework.security.jackson2
Jackson Mixin class helps in serialize/deserialize SimpleGrantedAuthority.
SimpleGrantedAuthorityMixin(String) - Constructor for class org.springframework.security.jackson2.SimpleGrantedAuthorityMixin
Mixin Constructor.
SimpleMappableAttributesRetriever - Class in org.springframework.security.core.authority.mapping
This class implements the MappableAttributesRetriever interface by just returning a list of mappable attributes as previously set using the corresponding setter method.
SimpleMappableAttributesRetriever() - Constructor for class org.springframework.security.core.authority.mapping.SimpleMappableAttributesRetriever
 
SimpleMethodInvocation - Class in org.springframework.security.util
Represents the AOP Alliance MethodInvocation.
SimpleMethodInvocation(Object, Method, Object...) - Constructor for class org.springframework.security.util.SimpleMethodInvocation
 
SimpleMethodInvocation() - Constructor for class org.springframework.security.util.SimpleMethodInvocation
 
SimpleRedirectInvalidSessionStrategy - Class in org.springframework.security.web.session
Performs a redirect to a fixed URL when an invalid requested session is detected by the SessionManagementFilter.
SimpleRedirectInvalidSessionStrategy(String) - Constructor for class org.springframework.security.web.session.SimpleRedirectInvalidSessionStrategy
 
SimpleRedirectSessionInformationExpiredStrategy - Class in org.springframework.security.web.session
Performs a redirect to a fixed URL when an expired session is detected by the ConcurrentSessionFilter.
SimpleRedirectSessionInformationExpiredStrategy(String) - Constructor for class org.springframework.security.web.session.SimpleRedirectSessionInformationExpiredStrategy
 
SimpleRedirectSessionInformationExpiredStrategy(String, RedirectStrategy) - Constructor for class org.springframework.security.web.session.SimpleRedirectSessionInformationExpiredStrategy
 
SimpleSavedRequest - Class in org.springframework.security.web.savedrequest
A Bean implementation of SavedRequest
SimpleSavedRequest() - Constructor for class org.springframework.security.web.savedrequest.SimpleSavedRequest
 
SimpleSavedRequest(String) - Constructor for class org.springframework.security.web.savedrequest.SimpleSavedRequest
 
SimpleSavedRequest(SavedRequest) - Constructor for class org.springframework.security.web.savedrequest.SimpleSavedRequest
 
SimpleUrlAuthenticationFailureHandler - Class in org.springframework.security.web.authentication
AuthenticationFailureHandler which performs a redirect to the value of the defaultFailureUrl property when the onAuthenticationFailure method is called.
SimpleUrlAuthenticationFailureHandler() - Constructor for class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
 
SimpleUrlAuthenticationFailureHandler(String) - Constructor for class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
 
SimpleUrlAuthenticationSuccessHandler - Class in org.springframework.security.web.authentication
AuthenticationSuccessHandler which can be configured with a default URL which users should be sent to upon successful authentication.
SimpleUrlAuthenticationSuccessHandler() - Constructor for class org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler
 
SimpleUrlAuthenticationSuccessHandler(String) - Constructor for class org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler
Constructor which sets the defaultTargetUrl property of the base class.
SimpleUrlLogoutSuccessHandler - Class in org.springframework.security.web.authentication.logout
Handles the navigation on logout by delegating to the AbstractAuthenticationTargetUrlRequestHandler base class logic.
SimpleUrlLogoutSuccessHandler() - Constructor for class org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler
 
simpMessageDestMatchers(String...) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry
Maps a List of SimpDestinationMessageMatcher instances that match on SimpMessageType.MESSAGE.
SimpMessageTypeMatcher - Class in org.springframework.security.messaging.util.matcher
A MessageMatcher that matches if the provided Message has a type that is the same as the SimpMessageType that was specified in the constructor.
SimpMessageTypeMatcher(SimpMessageType) - Constructor for class org.springframework.security.messaging.util.matcher.SimpMessageTypeMatcher
Creates a new instance
simpSubscribeDestMatchers(String...) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry
Maps a List of SimpDestinationMessageMatcher instances that match on SimpMessageType.SUBSCRIBE.
simpTypeMatchers(SimpMessageType...) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry
Maps a List of SimpDestinationMessageMatcher instances.
SPRING_SECURITY_CONTEXT_KEY - Static variable in class org.springframework.security.web.context.HttpSessionSecurityContextRepository
The default key under which the security context will be stored in the session.
SPRING_SECURITY_FILTER_CHAIN - Static variable in class org.springframework.security.config.BeanIds
External alias for FilterChainProxy bean, for use in web.xml files
SPRING_SECURITY_FORM_PASSWORD_KEY - Static variable in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
 
SPRING_SECURITY_FORM_USERNAME_KEY - Static variable in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
 
SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY - Static variable in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
 
SPRING_SECURITY_SWITCH_USERNAME_KEY - Static variable in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
 
SpringCacheBasedAclCache - Class in org.springframework.security.acls.domain
Simple implementation of AclCache that delegates to Cache implementation.
SpringCacheBasedAclCache(Cache, PermissionGrantingStrategy, AclAuthorizationStrategy) - Constructor for class org.springframework.security.acls.domain.SpringCacheBasedAclCache
 
SpringCacheBasedTicketCache - Class in org.springframework.security.cas.authentication
Caches tickets using a Spring IoC defined Cache.
SpringCacheBasedTicketCache(Cache) - Constructor for class org.springframework.security.cas.authentication.SpringCacheBasedTicketCache
 
SpringCacheBasedUserCache - Class in org.springframework.security.core.userdetails.cache
Caches UserDetails instances in a Spring defined Cache.
SpringCacheBasedUserCache(Cache) - Constructor for class org.springframework.security.core.userdetails.cache.SpringCacheBasedUserCache
 
springSecurity() - Static method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers
Sets up Spring Security's WebTestClient test support
springSecurity() - Static method in class org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers
Configures the MockMvcBuilder for use with Spring Security.
springSecurity(Filter) - Static method in class org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers
Configures the MockMvcBuilder for use with Spring Security.
SpringSecurityAuthenticationSource - Class in org.springframework.security.ldap.authentication
An AuthenticationSource to retrieve authentication information stored in Spring Security's SecurityContextHolder.
SpringSecurityAuthenticationSource() - Constructor for class org.springframework.security.ldap.authentication.SpringSecurityAuthenticationSource
 
SpringSecurityCoreVersion - Class in org.springframework.security.core
Internal class used for checking version compatibility in a deployed application.
SpringSecurityCoreVersion() - Constructor for class org.springframework.security.core.SpringSecurityCoreVersion
 
springSecurityFilterChain() - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
Creates the Spring Security Filter Chain
SpringSecurityLdapTemplate - Class in org.springframework.security.ldap
Extension of Spring LDAP's LdapTemplate class which adds extra functionality required by Spring Security.
SpringSecurityLdapTemplate(ContextSource) - Constructor for class org.springframework.security.ldap.SpringSecurityLdapTemplate
 
SpringSecurityMessageSource - Class in org.springframework.security.core
The default MessageSource used by Spring Security.
SpringSecurityMessageSource() - Constructor for class org.springframework.security.core.SpringSecurityMessageSource
 
standard(CharSequence, CharSequence) - Static method in class org.springframework.security.crypto.encrypt.Encryptors
Creates a standard password-based bytes encryptor using 256 bit AES encryption.
StandardClaimAccessor - Interface in org.springframework.security.oauth2.core.oidc
A ClaimAccessor for the "Standard Claims" that can be returned either in the UserInfo Response or the ID Token.
StandardClaimNames - Interface in org.springframework.security.oauth2.core.oidc
The names of the "Standard Claims" defined by the OpenID Connect Core 1.0 specification that can be returned either in the UserInfo Response or the ID Token.
StandardPasswordEncoder - Class in org.springframework.security.crypto.password
Deprecated.
Digest based password encoding is not considered secure. Instead use an adaptive one way function like BCryptPasswordEncoder, Pbkdf2PasswordEncoder, or SCryptPasswordEncoder. Even better use DelegatingPasswordEncoder which supports password upgrades. There are no plans to remove this support. It is deprecated to indicate that this is a legacy implementation and using it is considered insecure.
StandardPasswordEncoder() - Constructor for class org.springframework.security.crypto.password.StandardPasswordEncoder
Deprecated.
Constructs a standard password encoder with no additional secret value.
StandardPasswordEncoder(CharSequence) - Constructor for class org.springframework.security.crypto.password.StandardPasswordEncoder
Deprecated.
Constructs a standard password encoder with a secret value which is also included in the password hash.
start() - Method in class org.springframework.security.ldap.server.ApacheDSContainer
 
start() - Method in class org.springframework.security.ldap.server.UnboundIdContainer
 
state(String) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest.Builder
Sets the state.
state(String) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse.Builder
Sets the state.
STATE - Static variable in interface org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames
state - used in Authorization Request and Authorization Response.
StatelessTicketCache - Interface in org.springframework.security.cas.authentication
Caches CAS service tickets and CAS proxy tickets for stateless connections.
StaticAllowFromStrategy - Class in org.springframework.security.web.header.writers.frameoptions
Simple implementation of the AllowFromStrategy
StaticAllowFromStrategy(URI) - Constructor for class org.springframework.security.web.header.writers.frameoptions.StaticAllowFromStrategy
 
StaticHeadersWriter - Class in org.springframework.security.web.header.writers
HeaderWriter implementation which writes the same Header instance.
StaticHeadersWriter(List<Header>) - Constructor for class org.springframework.security.web.header.writers.StaticHeadersWriter
Creates a new instance
StaticHeadersWriter(String, String...) - Constructor for class org.springframework.security.web.header.writers.StaticHeadersWriter
Creates a new instance with a single header
StaticServerHttpHeadersWriter - Class in org.springframework.security.web.server.header
Allows specifying HttpHeaders that should be written to the response.
StaticServerHttpHeadersWriter(HttpHeaders) - Constructor for class org.springframework.security.web.server.header.StaticServerHttpHeadersWriter
 
StaticServerHttpHeadersWriter.Builder - Class in org.springframework.security.web.server.header
 
statusError() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse
Returns true if the Authorization Request failed, otherwise false.
statusOk() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse
Returns true if the Authorization Request succeeded, otherwise false.
stop() - Method in class org.springframework.security.ldap.server.ApacheDSContainer
 
stop() - Method in class org.springframework.security.ldap.server.UnboundIdContainer
 
streetAddress(String) - Method in class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim.Builder
Sets the full street address, which may include house number, street name, P.O.
STRICT_TRANSPORT_SECURITY - Static variable in class org.springframework.security.web.server.header.StrictTransportSecurityServerHttpHeadersWriter
 
StrictHttpFirewall - Class in org.springframework.security.web.firewall
A strict implementation of HttpFirewall that rejects any suspicious requests with a RequestRejectedException.
StrictHttpFirewall() - Constructor for class org.springframework.security.web.firewall.StrictHttpFirewall
 
StrictTransportSecurityServerHttpHeadersWriter - Class in org.springframework.security.web.server.header
Writes the Strict-Transport-Security if the request is secure.
StrictTransportSecurityServerHttpHeadersWriter() - Constructor for class org.springframework.security.web.server.header.StrictTransportSecurityServerHttpHeadersWriter
 
string() - Static method in class org.springframework.security.crypto.keygen.KeyGenerators
Creates a StringKeyGenerator that hex-encodes SecureRandom keys of 8 bytes in length.
StringKeyGenerator - Interface in org.springframework.security.crypto.keygen
A generator for unique string keys.
stronger(CharSequence, CharSequence) - Static method in class org.springframework.security.crypto.encrypt.Encryptors
Creates a standard password-based bytes encryptor using 256 bit AES encryption with Galois Counter Mode (GCM).
SUB - Static variable in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimNames
sub - the Subject identifier
SUB - Static variable in interface org.springframework.security.oauth2.core.oidc.StandardClaimNames
sub - the Subject identifier
SUB - Static variable in interface org.springframework.security.oauth2.jwt.JwtClaimNames
sub - the Subject claim identifies the principal that is the subject of the JWT
subArray(byte[], int, int) - Static method in class org.springframework.security.crypto.util.EncodingUtils
Extract a sub array of bytes out of the byte array.
SubjectDnX509PrincipalExtractor - Class in org.springframework.security.web.authentication.preauth.x509
Obtains the principal from a certificate using a regular expression match against the Subject (as returned by a call to X509Certificate.getSubjectDN()).
SubjectDnX509PrincipalExtractor() - Constructor for class org.springframework.security.web.authentication.preauth.x509.SubjectDnX509PrincipalExtractor
 
subjectPrincipalRegex(String) - Method in class org.springframework.security.config.annotation.web.configurers.X509Configurer
Specifies the regex to extract the principal from the certificate.
submit(Callable<T>) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
 
submit(Runnable, T) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
 
submit(Runnable) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
 
submit(Runnable) - Method in class org.springframework.security.task.DelegatingSecurityContextAsyncTaskExecutor
 
submit(Callable<T>) - Method in class org.springframework.security.task.DelegatingSecurityContextAsyncTaskExecutor
 
success(String) - Static method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse
Returns a new OAuth2AuthorizationResponse.Builder, initialized with the authorization code.
success() - Static method in class org.springframework.security.oauth2.core.OAuth2TokenValidatorResult
Construct a successful OAuth2TokenValidatorResult
successForwardUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.FormLoginConfigurer
Forward Authentication Success Handler
successfulAuthentication(HttpServletRequest, HttpServletResponse, FilterChain, Authentication) - Method in class org.springframework.security.cas.web.CasAuthenticationFilter
 
successfulAuthentication(HttpServletRequest, HttpServletResponse, FilterChain, Authentication) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
Default behaviour for successful authentication.
successfulAuthentication(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
Puts the Authentication instance returned by the authentication manager into the secure context.
successHandler(AuthenticationSuccessHandler) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Specifies the AuthenticationSuccessHandler to be used.
supports(ConfigAttribute) - Method in interface org.springframework.security.access.AccessDecisionManager
Indicates whether this AccessDecisionManager is able to process authorization requests presented with the passed ConfigAttribute.
supports(Class<?>) - Method in interface org.springframework.security.access.AccessDecisionManager
Indicates whether the AccessDecisionManager implementation is able to provide access control decisions for the indicated secured object type.
supports(ConfigAttribute) - Method in interface org.springframework.security.access.AccessDecisionVoter
Indicates whether this AccessDecisionVoter is able to vote on the passed ConfigAttribute.
supports(Class<?>) - Method in interface org.springframework.security.access.AccessDecisionVoter
Indicates whether the AccessDecisionVoter implementation is able to provide access control votes for the indicated secured object type.
supports(ConfigAttribute) - Method in interface org.springframework.security.access.AfterInvocationProvider
Indicates whether this AfterInvocationProvider is able to participate in a decision involving the passed ConfigAttribute.
supports(Class<?>) - Method in interface org.springframework.security.access.AfterInvocationProvider
Indicates whether the AfterInvocationProvider is able to provide "after invocation" processing for the indicated secured object type.
supports(ConfigAttribute) - Method in class org.springframework.security.access.annotation.Jsr250Voter
The specified config attribute is supported if its an instance of a Jsr250SecurityConfig.
supports(Class<?>) - Method in class org.springframework.security.access.annotation.Jsr250Voter
All classes are supported.
supports(ConfigAttribute) - Method in interface org.springframework.security.access.intercept.AfterInvocationManager
Indicates whether this AfterInvocationManager is able to process "after invocation" requests presented with the passed ConfigAttribute.
supports(Class<?>) - Method in interface org.springframework.security.access.intercept.AfterInvocationManager
Indicates whether the AfterInvocationManager implementation is able to provide access control decisions for the indicated secured object type.
supports(ConfigAttribute) - Method in class org.springframework.security.access.intercept.AfterInvocationProviderManager
 
supports(Class<?>) - Method in class org.springframework.security.access.intercept.AfterInvocationProviderManager
Iterates through all AfterInvocationProviders and ensures each can support the presented class.
supports(Class<?>) - Method in class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider
 
supports(ConfigAttribute) - Method in interface org.springframework.security.access.intercept.RunAsManager
Indicates whether this RunAsManager is able to process the passed ConfigAttribute.
supports(Class<?>) - Method in interface org.springframework.security.access.intercept.RunAsManager
Indicates whether the RunAsManager implementation is able to provide run-as replacement for the indicated secure object type.
supports(ConfigAttribute) - Method in class org.springframework.security.access.intercept.RunAsManagerImpl
 
supports(Class<?>) - Method in class org.springframework.security.access.intercept.RunAsManagerImpl
This implementation supports any type of class, because it does not query the presented secure object.
supports(Class<?>) - Method in class org.springframework.security.access.method.AbstractMethodSecurityMetadataSource
 
supports(ConfigAttribute) - Method in class org.springframework.security.access.prepost.PostInvocationAdviceProvider
 
supports(Class<?>) - Method in class org.springframework.security.access.prepost.PostInvocationAdviceProvider
 
supports(ConfigAttribute) - Method in class org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter
 
supports(Class<?>) - Method in class org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter
 
supports(Class<?>) - Method in interface org.springframework.security.access.SecurityMetadataSource
Indicates whether the SecurityMetadataSource implementation is able to provide ConfigAttributes for the indicated secure object type.
supports(ConfigAttribute) - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager
 
supports(Class<?>) - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager
Iterates through all AccessDecisionVoters and ensures each can support the presented class.
supports(Class<?>) - Method in class org.springframework.security.access.vote.AbstractAclVoter
This implementation supports only MethodSecurityInterceptor, because it queries the presented MethodInvocation.
supports(ConfigAttribute) - Method in class org.springframework.security.access.vote.AuthenticatedVoter
 
supports(Class<?>) - Method in class org.springframework.security.access.vote.AuthenticatedVoter
This implementation supports any type of class, because it does not query the presented secure object.
supports(ConfigAttribute) - Method in class org.springframework.security.access.vote.RoleVoter
 
supports(Class<?>) - Method in class org.springframework.security.access.vote.RoleVoter
This implementation supports any type of class, because it does not query the presented secure object.
supports(ConfigAttribute) - Method in class org.springframework.security.acls.AclEntryVoter
 
supports(ConfigAttribute) - Method in class org.springframework.security.acls.afterinvocation.AbstractAclProvider
 
supports(Class<?>) - Method in class org.springframework.security.acls.afterinvocation.AbstractAclProvider
This implementation supports any type of class, because it does not query the presented secure object.
supports(Class<?>) - Method in class org.springframework.security.authentication.AnonymousAuthenticationProvider
 
supports(Class<?>) - Method in interface org.springframework.security.authentication.AuthenticationProvider
Returns true if this AuthenticationProvider supports the indicated Authentication object.
supports(Class<?>) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
 
supports(Class<?>) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
 
supports(Class<?>) - Method in class org.springframework.security.authentication.rcp.RemoteAuthenticationProvider
 
supports(Class<?>) - Method in class org.springframework.security.authentication.RememberMeAuthenticationProvider
 
supports(Class<?>) - Method in class org.springframework.security.authentication.TestingAuthenticationProvider
 
supports(Class<?>) - Method in class org.springframework.security.cas.authentication.CasAuthenticationProvider
 
supports(Class<?>) - Method in class org.springframework.security.config.authentication.AuthenticationManagerBeanDefinitionParser.NullAuthenticationProvider
 
supports(Class<?>) - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
 
supports(ConfigAttribute) - Method in class org.springframework.security.messaging.access.expression.MessageExpressionVoter
 
supports(Class<?>) - Method in class org.springframework.security.messaging.access.expression.MessageExpressionVoter
 
supports(Class<?>) - Method in class org.springframework.security.messaging.access.intercept.DefaultMessageSecurityMetadataSource
 
supports(Class<?>) - Method in class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationProvider
 
supports(Class<?>) - Method in class org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationProvider
 
supports(Class<?>) - Method in class org.springframework.security.oauth2.client.oidc.authentication.OidcAuthorizationCodeAuthenticationProvider
 
supports(Class<?>) - Method in class org.springframework.security.oauth2.core.http.converter.OAuth2AccessTokenResponseHttpMessageConverter
 
supports(Class<?>) - Method in class org.springframework.security.oauth2.core.http.converter.OAuth2ErrorHttpMessageConverter
 
supports(Class<?>) - Method in class org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationProvider
Returns true if this AuthenticationProvider supports the indicated Authentication object.
supports(Class<?>) - Method in class org.springframework.security.openid.OpenIDAuthenticationProvider
 
supports(ConfigAttribute) - Method in interface org.springframework.security.web.access.channel.ChannelDecisionManager
Indicates whether this ChannelDecisionManager is able to process the passed ConfigAttribute.
supports(ConfigAttribute) - Method in class org.springframework.security.web.access.channel.ChannelDecisionManagerImpl
 
supports(ConfigAttribute) - Method in interface org.springframework.security.web.access.channel.ChannelProcessor
Indicates whether this ChannelProcessor is able to process the passed ConfigAttribute.
supports(ConfigAttribute) - Method in class org.springframework.security.web.access.channel.InsecureChannelProcessor
 
supports(ConfigAttribute) - Method in class org.springframework.security.web.access.channel.SecureChannelProcessor
 
supports(ConfigAttribute) - Method in class org.springframework.security.web.access.expression.WebExpressionVoter
 
supports(Class<?>) - Method in class org.springframework.security.web.access.expression.WebExpressionVoter
 
supports(Class<?>) - Method in class org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource
 
supports(Class<?>) - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider
Indicate that this provider only supports PreAuthenticatedAuthenticationToken (sub)classes.
supportsParameter(MethodParameter) - Method in class org.springframework.security.messaging.context.AuthenticationPrincipalArgumentResolver
 
supportsParameter(MethodParameter) - Method in class org.springframework.security.oauth2.client.web.method.annotation.OAuth2AuthorizedClientArgumentResolver
 
supportsParameter(MethodParameter) - Method in class org.springframework.security.oauth2.client.web.reactive.result.method.annotation.OAuth2AuthorizedClientArgumentResolver
 
supportsParameter(MethodParameter) - Method in class org.springframework.security.web.bind.support.AuthenticationPrincipalArgumentResolver
Deprecated.
 
supportsParameter(MethodParameter) - Method in class org.springframework.security.web.method.annotation.AuthenticationPrincipalArgumentResolver
 
supportsParameter(MethodParameter) - Method in class org.springframework.security.web.method.annotation.CsrfTokenArgumentResolver
 
supportsParameter(MethodParameter) - Method in class org.springframework.security.web.reactive.result.method.annotation.AuthenticationPrincipalArgumentResolver
 
SwitchUserAuthorityChanger - Interface in org.springframework.security.web.authentication.switchuser
Allows subclasses to modify the GrantedAuthority list that will be assigned to the principal when they assume the identity of a different principal.
SwitchUserFilter - Class in org.springframework.security.web.authentication.switchuser
Switch User processing filter responsible for user context switching.
SwitchUserFilter() - Constructor for class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
 
SwitchUserGrantedAuthority - Class in org.springframework.security.web.authentication.switchuser
Custom GrantedAuthority used by SwitchUserFilter
SwitchUserGrantedAuthority(String, Authentication) - Constructor for class org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority
 
SYSTEM_PROPERTY - Static variable in class org.springframework.security.core.context.SecurityContextHolder
 

T

TagLibConfig - Class in org.springframework.security.taglibs
internal configuration class for taglibs.
TagLibConfig() - Constructor for class org.springframework.security.taglibs.TagLibConfig
 
TEMPORARILY_UNAVAILABLE - Static variable in interface org.springframework.security.oauth2.core.OAuth2ErrorCodes
temporarily_unavailable - The authorization server is currently unable to handle the request due to a temporary overloading or maintenance of the server.
TestExecutionEvent - Enum in org.springframework.security.test.context.support
Represents the events on the methods of TestExecutionListener
TestingAuthenticationProvider - Class in org.springframework.security.authentication
TestingAuthenticationProvider() - Constructor for class org.springframework.security.authentication.TestingAuthenticationProvider
 
TestingAuthenticationToken - Class in org.springframework.security.authentication
An Authentication implementation that is designed for use whilst unit testing.
TestingAuthenticationToken(Object, Object) - Constructor for class org.springframework.security.authentication.TestingAuthenticationToken
 
TestingAuthenticationToken(Object, Object, String...) - Constructor for class org.springframework.security.authentication.TestingAuthenticationToken
 
TestingAuthenticationToken(Object, Object, List<GrantedAuthority>) - Constructor for class org.springframework.security.authentication.TestingAuthenticationToken
 
testSecurityContext() - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors
Creates a RequestPostProcessor that can be used to ensure that the resulting request is ran with the user in the TestSecurityContextHolder.
TestSecurityContextHolder - Class in org.springframework.security.test.context
The TestSecurityContextHolder is very similar to SecurityContextHolder, but is necessary for testing.
text(CharSequence, CharSequence) - Static method in class org.springframework.security.crypto.encrypt.Encryptors
Creates a text encryptor that uses "standard" password-based encryption.
TextEncryptor - Interface in org.springframework.security.crypto.encrypt
Service interface for symmetric encryption of text strings.
TextEscapeUtils - Class in org.springframework.security.web.util
Internal utility for escaping characters in HTML strings.
TextEscapeUtils() - Constructor for class org.springframework.security.web.util.TextEscapeUtils
 
THIRTY_TWO_RESERVED_OFF - Static variable in interface org.springframework.security.acls.model.Permission
 
ThrowableAnalyzer - Class in org.springframework.security.web.util
Handler for analyzing Throwable instances.
ThrowableAnalyzer() - Constructor for class org.springframework.security.web.util.ThrowableAnalyzer
Creates a new ThrowableAnalyzer instance.
ThrowableCauseExtractor - Interface in org.springframework.security.web.util
Interface for handlers extracting the cause out of a specific Throwable type.
Token - Interface in org.springframework.security.core.token
A token issued by TokenService.
TOKEN - Static variable in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponseType
 
TOKEN_TYPE - Static variable in interface org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames
token_type - used in Authorization Response and Access Token Response.
TokenBasedRememberMeServices - Class in org.springframework.security.web.authentication.rememberme
Identifies previously remembered users by a Base-64 encoded cookie.
TokenBasedRememberMeServices(String, UserDetailsService) - Constructor for class org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices
 
tokenEndpoint() - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer
Returns the OAuth2LoginConfigurer.TokenEndpointConfig for configuring the Authorization Server's Token Endpoint.
tokenRepository(PersistentTokenRepository) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
Specifies the PersistentTokenRepository to use.
tokenResponseConverter - Variable in class org.springframework.security.oauth2.core.http.converter.OAuth2AccessTokenResponseHttpMessageConverter
 
tokenResponseParametersConverter - Variable in class org.springframework.security.oauth2.core.http.converter.OAuth2AccessTokenResponseHttpMessageConverter
 
TokenService - Interface in org.springframework.security.core.token
Provides a mechanism to allocate and rebuild secure, randomised tokens.
tokenType(OAuth2AccessToken.TokenType) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse.Builder
Sets the token type.
tokenUri(String) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder
Sets the uri for the token endpoint.
tokenValiditySeconds(int) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
Allows specifying how long (in seconds) a token is valid for
toString() - Method in class org.springframework.security.access.intercept.RunAsUserToken
 
toString() - Method in class org.springframework.security.access.SecurityConfig
 
toString() - Method in class org.springframework.security.acls.domain.AbstractPermission
 
toString() - Method in class org.springframework.security.acls.domain.AccessControlEntryImpl
 
toString() - Method in class org.springframework.security.acls.domain.AclImpl
 
toString() - Method in class org.springframework.security.acls.domain.GrantedAuthoritySid
 
toString() - Method in class org.springframework.security.acls.domain.ObjectIdentityImpl
 
toString() - Method in class org.springframework.security.acls.domain.PrincipalSid
 
toString() - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
 
toString() - Method in class org.springframework.security.authentication.jaas.JaasGrantedAuthority
 
toString() - Method in class org.springframework.security.cas.authentication.CasAuthenticationToken
 
toString() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextCallable
 
toString() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextRunnable
 
toString() - Method in class org.springframework.security.core.authority.SimpleGrantedAuthority
 
toString() - Method in class org.springframework.security.core.context.SecurityContextHolder
 
toString() - Method in class org.springframework.security.core.context.SecurityContextImpl
 
toString() - Method in class org.springframework.security.core.token.DefaultToken
 
toString() - Method in class org.springframework.security.core.userdetails.User
 
toString() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyResponseControl
Create a textual representation containing error and warning messages, if any are present.
toString() - Method in class org.springframework.security.ldap.search.FilterBasedLdapUserSearch
 
toString() - Method in class org.springframework.security.ldap.userdetails.LdapAuthority
 
toString() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
 
toString() - Method in class org.springframework.security.messaging.util.matcher.SimpDestinationMessageMatcher
 
toString() - Method in class org.springframework.security.messaging.util.matcher.SimpMessageTypeMatcher
 
toString() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration
 
toString() - Method in class org.springframework.security.oauth2.core.OAuth2Error
 
toString() - Method in class org.springframework.security.oauth2.core.user.DefaultOAuth2User
 
toString() - Method in class org.springframework.security.oauth2.core.user.OAuth2UserAuthority
 
toString() - Method in class org.springframework.security.openid.OpenIDAttribute
 
toString() - Method in enum org.springframework.security.openid.OpenIDAuthenticationStatus
 
toString() - Method in class org.springframework.security.openid.OpenIDAuthenticationToken
 
toString() - Method in class org.springframework.security.web.access.intercept.RequestKey
 
toString() - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails
 
toString() - Method in class org.springframework.security.web.authentication.session.CompositeSessionAuthenticationStrategy
 
toString() - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority
 
toString() - Method in class org.springframework.security.web.authentication.WebAuthenticationDetails
 
toString() - Method in class org.springframework.security.web.DefaultSecurityFilterChain
 
toString() - Method in class org.springframework.security.web.FilterChainProxy
 
toString() - Method in class org.springframework.security.web.FilterInvocation
 
toString() - Method in class org.springframework.security.web.firewall.FirewalledRequest
 
toString() - Method in class org.springframework.security.web.header.Header
 
toString() - Method in class org.springframework.security.web.header.writers.ContentSecurityPolicyHeaderWriter
 
toString() - Method in class org.springframework.security.web.header.writers.DelegatingRequestMatcherHeaderWriter
 
toString() - Method in class org.springframework.security.web.header.writers.FeaturePolicyHeaderWriter
 
toString() - Method in class org.springframework.security.web.header.writers.StaticHeadersWriter
 
toString() - Method in class org.springframework.security.web.header.writers.XXssProtectionHeaderWriter
 
toString() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
 
toString() - Method in class org.springframework.security.web.server.util.matcher.AndServerWebExchangeMatcher
 
toString() - Method in class org.springframework.security.web.server.util.matcher.MediaTypeServerWebExchangeMatcher
 
toString() - Method in class org.springframework.security.web.server.util.matcher.NegatedServerWebExchangeMatcher
 
toString() - Method in class org.springframework.security.web.server.util.matcher.OrServerWebExchangeMatcher
 
toString() - Method in class org.springframework.security.web.server.util.matcher.PathPatternParserServerWebExchangeMatcher
 
toString() - Method in class org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher
 
toString() - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestWrapper
 
toString() - Method in class org.springframework.security.web.util.matcher.AndRequestMatcher
 
toString() - Method in class org.springframework.security.web.util.matcher.AntPathRequestMatcher
 
toString() - Method in class org.springframework.security.web.util.matcher.AnyRequestMatcher
 
toString() - Method in class org.springframework.security.web.util.matcher.ELRequestMatcher
 
toString() - Method in class org.springframework.security.web.util.matcher.MediaTypeRequestMatcher
 
toString() - Method in class org.springframework.security.web.util.matcher.NegatedRequestMatcher
 
toString() - Method in class org.springframework.security.web.util.matcher.OrRequestMatcher
 
toString() - Method in class org.springframework.security.web.util.matcher.RegexRequestMatcher
 
toString() - Method in class org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher
 
Transient - Annotation Type in org.springframework.security.core
A marker for Authentications that should never be stored across requests, for example a bearer token authentication
TWO_WEEKS_S - Static variable in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
 
type(String) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer.AttributeExchangeConfigurer.AttributeConfigurer
The OpenID attribute type.

U

UnanimousBased - Class in org.springframework.security.access.vote
Simple concrete implementation of AccessDecisionManager that requires all voters to abstain or grant access.
UnanimousBased(List<AccessDecisionVoter<? extends Object>>) - Constructor for class org.springframework.security.access.vote.UnanimousBased
 
unauthenticated() - Static method in class org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers
ResultMatcher that verifies that no user is authenticated.
UnAuthenticatedServerOAuth2AuthorizedClientRepository - Class in org.springframework.security.oauth2.client.web.server
Provides support for an unauthenticated user.
UnAuthenticatedServerOAuth2AuthorizedClientRepository() - Constructor for class org.springframework.security.oauth2.client.web.server.UnAuthenticatedServerOAuth2AuthorizedClientRepository
 
UNAUTHORIZED_CLIENT - Static variable in interface org.springframework.security.oauth2.core.OAuth2ErrorCodes
unauthorized_client - The client is not authorized to request an authorization code or access token using this method.
UnboundIdContainer - Class in org.springframework.security.ldap.server
 
UnboundIdContainer(String, String) - Constructor for class org.springframework.security.ldap.server.UnboundIdContainer
 
UnloadedSidException - Exception in org.springframework.security.acls.model
Thrown if an Acl cannot perform an operation because it only loaded a subset of Sids and the caller has requested details for an unloaded Sid .
UnloadedSidException(String) - Constructor for exception org.springframework.security.acls.model.UnloadedSidException
Constructs an NotFoundException with the specified message.
UnloadedSidException(String, Throwable) - Constructor for exception org.springframework.security.acls.model.UnloadedSidException
Constructs an NotFoundException with the specified message and root cause.
unsuccessfulAuthentication(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
Default behaviour for unsuccessful authentication.
unsuccessfulAuthentication(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
Ensures the authentication object in the secure context is set to null when authentication fails.
UNSUPPORTED_GRANT_TYPE - Static variable in interface org.springframework.security.oauth2.core.OAuth2ErrorCodes
unsupported_grant_type - The authorization grant type is not supported by the authorization server.
UNSUPPORTED_RESPONSE_TYPE - Static variable in interface org.springframework.security.oauth2.core.OAuth2ErrorCodes
unsupported_response_type - The authorization server does not support obtaining an authorization code or access token using this method.
updateAccessDefaults(B) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Updates the default values for access.
updateAce(int, Permission) - Method in class org.springframework.security.acls.domain.AclImpl
 
updateAce(int, Permission) - Method in interface org.springframework.security.acls.model.MutableAcl
 
updateAcl(MutableAcl) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
This implementation will simply delete all ACEs in the database and recreate them on each invocation of this method.
updateAcl(MutableAcl) - Method in interface org.springframework.security.acls.model.MutableAclService
Changes an existing Acl in the database.
updateAuditing(int, boolean, boolean) - Method in class org.springframework.security.acls.domain.AclImpl
 
updateAuditing(int, boolean, boolean) - Method in interface org.springframework.security.acls.model.AuditableAcl
 
updateAuthenticationDefaults() - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Updates the default values for authentication.
UPDATED_AT - Static variable in interface org.springframework.security.oauth2.core.oidc.StandardClaimNames
updated_at - the time the user's information was last updated
updateObjectIdentity(MutableAcl) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
Updates an existing acl_object_identity row, with new information presented in the passed MutableAcl object.
updatePassword(UserDetails, String) - Method in class org.springframework.security.core.userdetails.MapReactiveUserDetailsService
 
updatePassword(UserDetails, String) - Method in interface org.springframework.security.core.userdetails.ReactiveUserDetailsPasswordService
Modify the specified user's password.
updatePassword(UserDetails, String) - Method in interface org.springframework.security.core.userdetails.UserDetailsPasswordService
Modify the specified user's password.
updatePassword(UserDetails, String) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
 
updateToken(String, String, Date) - Method in class org.springframework.security.web.authentication.rememberme.InMemoryTokenRepositoryImpl
 
updateToken(String, String, Date) - Method in class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl
 
updateToken(String, String, Date) - Method in interface org.springframework.security.web.authentication.rememberme.PersistentTokenRepository
 
updateUser(UserDetails) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
 
updateUser(UserDetails) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
 
updateUser(UserDetails) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
updateUser(UserDetails) - Method in interface org.springframework.security.provisioning.UserDetailsManager
Update the specified user.
upgradeEncoding(String) - Method in class org.springframework.security.crypto.password.DelegatingPasswordEncoder
 
upgradeEncoding(String) - Method in interface org.springframework.security.crypto.password.PasswordEncoder
Returns true if the encoded password should be encoded again for better security, else false.
url(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.ContextSourceBuilder
Specifies the ldap server URL when not using the embedded LDAP server.
URL_SAFE - Static variable in class org.springframework.security.crypto.codec.Base64
Deprecated.
Encode using Base64-like encoding that is URL- and Filename-safe as described in Section 4 of RFC3548: https://tools.ietf.org/html/rfc3548.
UrlAuthorizationConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Adds URL based authorization using DefaultFilterInvocationSecurityMetadataSource.
UrlAuthorizationConfigurer(ApplicationContext) - Constructor for class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer
 
UrlAuthorizationConfigurer.AuthorizedUrl - Class in org.springframework.security.config.annotation.web.configurers
Maps the specified RequestMatcher instances to ConfigAttribute instances.
UrlAuthorizationConfigurer.MvcMatchersAuthorizedUrl - Class in org.springframework.security.config.annotation.web.configurers
UrlAuthorizationConfigurer.StandardInterceptUrlRegistry - Class in org.springframework.security.config.annotation.web.configurers
 
UrlUtils - Class in org.springframework.security.web.util
Provides static methods for composing URLs.
UrlUtils() - Constructor for class org.springframework.security.web.util.UrlUtils
 
useInvalidToken() - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.CsrfRequestPostProcessor
Populates an invalid token value on the request.
User - Class in org.springframework.security.core.userdetails
Models core user information retrieved by a UserDetailsService.
User(String, String, Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.core.userdetails.User
Calls the more complex constructor with all boolean arguments set to true.
User(String, String, boolean, boolean, boolean, boolean, Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.core.userdetails.User
Construct the User with the details required by DaoAuthenticationProvider.
user(String) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.FormLoginRequestBuilder
The value of the username parameter.
user(String, String) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.FormLoginRequestBuilder
Specify both the password parameter name and the password.
user(String) - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors
user(UserDetails) - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors
User.UserBuilder - Class in org.springframework.security.core.userdetails
Builds the user to be added.
USER_DETAILS_SERVICE - Static variable in class org.springframework.security.config.BeanIds
 
USER_DETAILS_SERVICE_FACTORY - Static variable in class org.springframework.security.config.BeanIds
 
USER_SERVICE - Static variable in class org.springframework.security.config.Elements
 
UserAttribute - Class in org.springframework.security.core.userdetails.memory
Used by InMemoryUserDetailsManager to temporarily store the attributes associated with a user.
UserAttribute() - Constructor for class org.springframework.security.core.userdetails.memory.UserAttribute
 
UserAttributeEditor - Class in org.springframework.security.core.userdetails.memory
Property editor that creates a UserAttribute from a comma separated list of values.
UserAttributeEditor() - Constructor for class org.springframework.security.core.userdetails.memory.UserAttributeEditor
 
userAuthoritiesMapper(GrantedAuthoritiesMapper) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer.UserInfoEndpointConfig
userCache(UserCache) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
Defines the UserCache to use
UserCache - Interface in org.springframework.security.core.userdetails
Provides a cache of UserDetails objects.
UserDetails - Interface in org.springframework.security.core.userdetails
Provides core user information.
UserDetailsAwareConfigurer<B extends ProviderManagerBuilder<B>,U extends UserDetailsService> - Class in org.springframework.security.config.annotation.authentication.configurers.userdetails
Base class that allows access to the UserDetailsService for using as a default value with AuthenticationManagerBuilder.
UserDetailsAwareConfigurer() - Constructor for class org.springframework.security.config.annotation.authentication.configurers.userdetails.UserDetailsAwareConfigurer
 
UserDetailsByNameServiceWrapper<T extends Authentication> - Class in org.springframework.security.core.userdetails
This implementation for AuthenticationUserDetailsService wraps a regular Spring Security UserDetailsService implementation, to retrieve a UserDetails object based on the user name contained in an Authentication object.
UserDetailsByNameServiceWrapper() - Constructor for class org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper
Constructs an empty wrapper for compatibility with Spring Security 2.0.x's method of using a setter.
UserDetailsByNameServiceWrapper(UserDetailsService) - Constructor for class org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper
Constructs a new wrapper using the supplied UserDetailsService as the service to delegate to.
UserDetailsChecker - Interface in org.springframework.security.core.userdetails
Called by classes which make use of a UserDetailsService to check the status of the loaded UserDetails object.
userDetailsContextMapper(UserDetailsContextMapper) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
Allows explicit customization of the loaded user object by specifying a UserDetailsContextMapper bean which will be called with the context information from the user's directory entry.
userDetailsContextMapper - Variable in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
 
UserDetailsContextMapper - Interface in org.springframework.security.ldap.userdetails
Operations to map a UserDetails object to and from a Spring LDAP DirContextOperations implementation.
UserDetailsManager - Interface in org.springframework.security.provisioning
An extension of the UserDetailsService which provides the ability to create new users and update existing ones.
UserDetailsManagerConfigurer<B extends ProviderManagerBuilder<B>,C extends UserDetailsManagerConfigurer<B,C>> - Class in org.springframework.security.config.annotation.authentication.configurers.provisioning
Base class for populating an AuthenticationManagerBuilder with a UserDetailsManager.
UserDetailsManagerConfigurer(UserDetailsManager) - Constructor for class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer
 
UserDetailsManagerConfigurer.UserDetailsBuilder - Class in org.springframework.security.config.annotation.authentication.configurers.provisioning
Builds the user to be added.
UserDetailsManagerResourceFactoryBean - Class in org.springframework.security.config.provisioning
Constructs an InMemoryUserDetailsManager from a resource using UserDetailsResourceFactoryBean.
UserDetailsManagerResourceFactoryBean() - Constructor for class org.springframework.security.config.provisioning.UserDetailsManagerResourceFactoryBean
 
UserDetailsMapFactoryBean - Class in org.springframework.security.config.core.userdetails
Creates a Collection<UserDetails> from a @{code Map} in the format of
UserDetailsMapFactoryBean(Map<String, String>) - Constructor for class org.springframework.security.config.core.userdetails.UserDetailsMapFactoryBean
 
UserDetailsPasswordService - Interface in org.springframework.security.core.userdetails
An API for changing a UserDetails password.
UserDetailsRepositoryReactiveAuthenticationManager - Class in org.springframework.security.authentication
A ReactiveAuthenticationManager that uses a ReactiveUserDetailsService to validate the provided username and password.
UserDetailsRepositoryReactiveAuthenticationManager(ReactiveUserDetailsService) - Constructor for class org.springframework.security.authentication.UserDetailsRepositoryReactiveAuthenticationManager
 
UserDetailsResourceFactoryBean - Class in org.springframework.security.config.core.userdetails
Parses a Resource that is a Properties file in the format of: username=password[,enabled|disabled],roles...
UserDetailsResourceFactoryBean() - Constructor for class org.springframework.security.config.core.userdetails.UserDetailsResourceFactoryBean
 
userDetailsService(T) - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
Add authentication based upon the custom UserDetailsService that is passed in.
userDetailsService(UserDetailsService) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
 
userDetailsService() - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
Allows modifying and accessing the UserDetailsService from WebSecurityConfigurerAdapter.userDetailsServiceBean() without interacting with the ApplicationContext.
userDetailsService(UserDetailsService) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
Specifies the UserDetailsService used to look up the UserDetails when a remember me token is valid.
userDetailsService(UserDetailsService) - Method in class org.springframework.security.config.annotation.web.configurers.X509Configurer
userDetailsService(UserDetailsService) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder
Allows adding an additional UserDetailsService to be used
UserDetailsService - Interface in org.springframework.security.core.userdetails
Core interface which loads user-specific data.
userDetailsServiceBean() - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
Override this method to expose a UserDetailsService created from WebSecurityConfigurerAdapter.configure(AuthenticationManagerBuilder) as a bean.
UserDetailsServiceConfigurer<B extends ProviderManagerBuilder<B>,C extends UserDetailsServiceConfigurer<B,C,U>,U extends UserDetailsService> - Class in org.springframework.security.config.annotation.authentication.configurers.userdetails
Allows configuring a UserDetailsService within a AuthenticationManagerBuilder.
UserDetailsServiceConfigurer(U) - Constructor for class org.springframework.security.config.annotation.authentication.configurers.userdetails.UserDetailsServiceConfigurer
Creates a new instance
UserDetailsServiceFactoryBean - Class in org.springframework.security.config.http
Bean used to lookup a named UserDetailsService or AuthenticationUserDetailsService.
UserDetailsServiceFactoryBean() - Constructor for class org.springframework.security.config.http.UserDetailsServiceFactoryBean
 
UserDetailsServiceLdapAuthoritiesPopulator - Class in org.springframework.security.ldap.authentication
Simple LdapAuthoritiesPopulator which delegates to a UserDetailsService, using the name which was supplied at login as the username.
UserDetailsServiceLdapAuthoritiesPopulator(UserDetailsService) - Constructor for class org.springframework.security.ldap.authentication.UserDetailsServiceLdapAuthoritiesPopulator
 
userDnPatterns(String...) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
If your users are at a fixed location in the directory (i.e.
userExists(String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
 
userExists(String) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
 
userExists(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
 
userExists(String) - Method in interface org.springframework.security.provisioning.UserDetailsManager
Check if a user with the supplied login name exists in the system.
userInfoAuthenticationMethod(AuthenticationMethod) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder
Sets the authentication method for the user info endpoint.
userInfoEndpoint() - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer
Returns the OAuth2LoginConfigurer.UserInfoEndpointConfig for configuring the Authorization Server's UserInfo Endpoint.
userInfoUri(String) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder
Sets the uri for the user info endpoint.
username(String) - Method in class org.springframework.security.core.userdetails.User.UserBuilder
Populates the username.
userNameAttributeName(String) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder
Sets the attribute name used to access the user's name from the user info response.
UsernameNotFoundException - Exception in org.springframework.security.core.userdetails
Thrown if an UserDetailsService implementation cannot locate a User by its username.
UsernameNotFoundException(String) - Constructor for exception org.springframework.security.core.userdetails.UsernameNotFoundException
Constructs a UsernameNotFoundException with the specified message.
UsernameNotFoundException(String, Throwable) - Constructor for exception org.springframework.security.core.userdetails.UsernameNotFoundException
Constructs a UsernameNotFoundException with the specified message and root cause.
usernameParameter(String) - Method in class org.springframework.security.config.annotation.web.configurers.FormLoginConfigurer
The HTTP parameter to look for the username when performing authentication.
UsernamePasswordAuthenticationFilter - Class in org.springframework.security.web.authentication
Processes an authentication form submission.
UsernamePasswordAuthenticationFilter() - Constructor for class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
 
UsernamePasswordAuthenticationToken - Class in org.springframework.security.authentication
An Authentication implementation that is designed for simple presentation of a username and password.
UsernamePasswordAuthenticationToken(Object, Object) - Constructor for class org.springframework.security.authentication.UsernamePasswordAuthenticationToken
This constructor can be safely used by any code that wishes to create a UsernamePasswordAuthenticationToken, as the AbstractAuthenticationToken.isAuthenticated() will return false.
UsernamePasswordAuthenticationToken(Object, Object, Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.authentication.UsernamePasswordAuthenticationToken
This constructor should only be used by AuthenticationManager or AuthenticationProvider implementations that are satisfied with producing a trusted (i.e.
userParameter(String) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.FormLoginRequestBuilder
The HTTP parameter to place the username.
usersByUsernameQuery(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
Sets the query to be used for finding a user by their username.
userSearchBase(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
Search base for user searches.
userSearchFilter(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
The LDAP filter used to search for users (optional).
userService(OAuth2UserService<OAuth2UserRequest, OAuth2User>) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer.UserInfoEndpointConfig
Sets the OAuth 2.0 service used for obtaining the user attributes of the End-User from the UserInfo Endpoint.
UserServiceBeanDefinitionParser - Class in org.springframework.security.config.authentication
 
UserServiceBeanDefinitionParser() - Constructor for class org.springframework.security.config.authentication.UserServiceBeanDefinitionParser
 
useSecureCookie(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
Whether the cookie should be flagged as secure or not.
Utf8 - Class in org.springframework.security.crypto.codec
UTF-8 Charset encoder/decoder.
Utf8() - Constructor for class org.springframework.security.crypto.codec.Utf8
 

V

validate(FilterChainProxy) - Method in class org.springframework.security.config.http.DefaultFilterChainValidator
 
validate(T) - Method in class org.springframework.security.oauth2.core.DelegatingOAuth2TokenValidator
Verify the validity and/or constraints of the provided OAuth 2.0 Token.
validate(T) - Method in interface org.springframework.security.oauth2.core.OAuth2TokenValidator
Verify the validity and/or constraints of the provided OAuth 2.0 Token.
validate(Jwt) - Method in class org.springframework.security.oauth2.jwt.JwtIssuerValidator
Verify the validity and/or constraints of the provided OAuth 2.0 Token.
validate(Jwt) - Method in class org.springframework.security.oauth2.jwt.JwtTimestampValidator
Verify the validity and/or constraints of the provided OAuth 2.0 Token.
validate(FilterChainProxy) - Method in interface org.springframework.security.web.FilterChainProxy.FilterChainValidator
 
valueOf(String) - Static method in enum org.springframework.security.config.http.MatcherType
Returns the enum constant of this type with the specified name.
valueOf(String) - Static method in enum org.springframework.security.config.http.SessionCreationPolicy
Returns the enum constant of this type with the specified name.
valueOf(String) - Static method in enum org.springframework.security.config.oauth2.client.CommonOAuth2Provider
Returns the enum constant of this type with the specified name.
valueOf(String) - Static method in enum org.springframework.security.config.web.server.SecurityWebFiltersOrder
Returns the enum constant of this type with the specified name.
valueOf(String) - Static method in enum org.springframework.security.crypto.password.Pbkdf2PasswordEncoder.SecretKeyFactoryAlgorithm
Returns the enum constant of this type with the specified name.
valueOf(String) - Static method in enum org.springframework.security.ldap.ppolicy.PasswordPolicyErrorStatus
Returns the enum constant of this type with the specified name.
valueOf(String) - Static method in enum org.springframework.security.openid.OpenIDAuthenticationStatus
Returns the enum constant of this type with the specified name.
valueOf(String) - Static method in enum org.springframework.security.test.context.support.TestExecutionEvent
Returns the enum constant of this type with the specified name.
valueOf(String) - Static method in enum org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter.XFrameOptionsMode
Returns the enum constant of this type with the specified name.
valueOf(String) - Static method in enum org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter.ReferrerPolicy
Returns the enum constant of this type with the specified name.
valueOf(String) - Static method in enum org.springframework.security.web.server.header.ReferrerPolicyServerHttpHeadersWriter.ReferrerPolicy
Returns the enum constant of this type with the specified name.
valueOf(String) - Static method in enum org.springframework.security.web.server.header.XFrameOptionsServerHttpHeadersWriter.Mode
Returns the enum constant of this type with the specified name.
values() - Static method in enum org.springframework.security.config.http.MatcherType
Returns an array containing the constants of this enum type, in the order they are declared.
values() - Static method in enum org.springframework.security.config.http.SessionCreationPolicy
Returns an array containing the constants of this enum type, in the order they are declared.
values() - Static method in enum org.springframework.security.config.oauth2.client.CommonOAuth2Provider
Returns an array containing the constants of this enum type, in the order they are declared.
values() - Static method in enum org.springframework.security.config.web.server.SecurityWebFiltersOrder
Returns an array containing the constants of this enum type, in the order they are declared.
values() - Static method in enum org.springframework.security.crypto.password.Pbkdf2PasswordEncoder.SecretKeyFactoryAlgorithm
Returns an array containing the constants of this enum type, in the order they are declared.
values() - Static method in enum org.springframework.security.ldap.ppolicy.PasswordPolicyErrorStatus
Returns an array containing the constants of this enum type, in the order they are declared.
values() - Static method in enum org.springframework.security.openid.OpenIDAuthenticationStatus
Returns an array containing the constants of this enum type, in the order they are declared.
values() - Static method in enum org.springframework.security.test.context.support.TestExecutionEvent
Returns an array containing the constants of this enum type, in the order they are declared.
values() - Static method in enum org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter.XFrameOptionsMode
Returns an array containing the constants of this enum type, in the order they are declared.
values() - Static method in enum org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter.ReferrerPolicy
Returns an array containing the constants of this enum type, in the order they are declared.
values() - Static method in enum org.springframework.security.web.server.header.ReferrerPolicyServerHttpHeadersWriter.ReferrerPolicy
Returns an array containing the constants of this enum type, in the order they are declared.
values() - Static method in enum org.springframework.security.web.server.header.XFrameOptionsServerHttpHeadersWriter.Mode
Returns an array containing the constants of this enum type, in the order they are declared.
verify(Mono<Authentication>, T) - Method in interface org.springframework.security.authorization.ReactiveAuthorizationManager
Determines if access should be granted for a specific authentication and object
verifyThrowableHierarchy(Throwable, Class<? extends Throwable>) - Static method in class org.springframework.security.web.util.ThrowableAnalyzer
Verifies that the provided throwable is a valid subclass of the provided type (or of the type itself).
verifyToken(String) - Method in class org.springframework.security.core.token.KeyBasedPersistenceTokenService
 
verifyToken(String) - Method in interface org.springframework.security.core.token.TokenService
Permits verification the Token.getKey() was issued by this TokenService and reconstructs the corresponding Token.
vote(Authentication, S, Collection<ConfigAttribute>) - Method in interface org.springframework.security.access.AccessDecisionVoter
Indicates whether or not access is granted.
vote(Authentication, Object, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.annotation.Jsr250Voter
Votes according to JSR 250.
vote(Authentication, MethodInvocation, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter
 
vote(Authentication, Object, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.vote.AuthenticatedVoter
 
vote(Authentication, Object, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.vote.RoleVoter
 
vote(Authentication, MethodInvocation, Collection<ConfigAttribute>) - Method in class org.springframework.security.acls.AclEntryVoter
 
vote(Authentication, Message<T>, Collection<ConfigAttribute>) - Method in class org.springframework.security.messaging.access.expression.MessageExpressionVoter
 
vote(Authentication, FilterInvocation, Collection<ConfigAttribute>) - Method in class org.springframework.security.web.access.expression.WebExpressionVoter
 

W

WEB_INVOCATION_PRIVILEGE_EVALUATOR_ATTRIBUTE - Static variable in class org.springframework.security.web.WebAttributes
Set as a request attribute to override the default WebInvocationPrivilegeEvaluator
WebAsyncManagerIntegrationFilter - Class in org.springframework.security.web.context.request.async
Provides integration between the SecurityContext and Spring Web's WebAsyncManager by using the SecurityContextCallableProcessingInterceptor.beforeConcurrentHandling(org.springframework.web.context.request.NativeWebRequest, Callable) to populate the SecurityContext on the Callable.
WebAsyncManagerIntegrationFilter() - Constructor for class org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter
 
WebAttributes - Class in org.springframework.security.web
Well-known keys which are used to store Spring Security information in request or session scope.
WebAttributes() - Constructor for class org.springframework.security.web.WebAttributes
 
WebAuthenticationDetails - Class in org.springframework.security.web.authentication
A holder of selected HTTP details related to a web authentication request.
WebAuthenticationDetails(HttpServletRequest) - Constructor for class org.springframework.security.web.authentication.WebAuthenticationDetails
Records the remote address and will also set the session Id if a session already exists (it won't create one).
WebAuthenticationDetailsSource - Class in org.springframework.security.web.authentication
Implementation of AuthenticationDetailsSource which builds the details object from an HttpServletRequest object, creating a WebAuthenticationDetails .
WebAuthenticationDetailsSource() - Constructor for class org.springframework.security.web.authentication.WebAuthenticationDetailsSource
 
WebClientReactiveAuthorizationCodeTokenResponseClient - Class in org.springframework.security.oauth2.client.endpoint
An implementation of an ReactiveOAuth2AccessTokenResponseClient that "exchanges" an authorization code credential for an access token credential at the Authorization Server's Token Endpoint.
WebClientReactiveAuthorizationCodeTokenResponseClient() - Constructor for class org.springframework.security.oauth2.client.endpoint.WebClientReactiveAuthorizationCodeTokenResponseClient
 
WebClientReactiveClientCredentialsTokenResponseClient - Class in org.springframework.security.oauth2.client.endpoint
An implementation of an ReactiveOAuth2AccessTokenResponseClient that "exchanges" an authorization code credential for an access token credential at the Authorization Server's Token Endpoint.
WebClientReactiveClientCredentialsTokenResponseClient() - Constructor for class org.springframework.security.oauth2.client.endpoint.WebClientReactiveClientCredentialsTokenResponseClient
 
WebExpressionVoter - Class in org.springframework.security.web.access.expression
Voter which handles web authorisation decisions.
WebExpressionVoter() - Constructor for class org.springframework.security.web.access.expression.WebExpressionVoter
 
WebFilterChainProxy - Class in org.springframework.security.web.server
Used to delegate to a List of SecurityWebFilterChain instances.
WebFilterChainProxy(List<SecurityWebFilterChain>) - Constructor for class org.springframework.security.web.server.WebFilterChainProxy
 
WebFilterChainProxy(SecurityWebFilterChain...) - Constructor for class org.springframework.security.web.server.WebFilterChainProxy
 
WebFilterChainServerAuthenticationSuccessHandler - Class in org.springframework.security.web.server.authentication
Success handler that continues the filter chain after authentication success.
WebFilterChainServerAuthenticationSuccessHandler() - Constructor for class org.springframework.security.web.server.authentication.WebFilterChainServerAuthenticationSuccessHandler
 
WebFilterExchange - Class in org.springframework.security.web.server
A composite of the ServerWebExchange and the WebFilterChain.
WebFilterExchange(ServerWebExchange, WebFilterChain) - Constructor for class org.springframework.security.web.server.WebFilterExchange
 
WebInvocationPrivilegeEvaluator - Interface in org.springframework.security.web.access
Allows users to determine whether they have privileges for a given web URI.
WebJackson2Module - Class in org.springframework.security.web.jackson2
Jackson module for spring-security-web.
WebJackson2Module() - Constructor for class org.springframework.security.web.jackson2.WebJackson2Module
 
WebMvcSecurityConfiguration - Class in org.springframework.security.config.annotation.web.servlet.configuration
Deprecated.
This is applied internally using SpringWebMvcImportSelector
WebMvcSecurityConfiguration() - Constructor for class org.springframework.security.config.annotation.web.servlet.configuration.WebMvcSecurityConfiguration
Deprecated.
 
WebSecurity - Class in org.springframework.security.config.annotation.web.builders
The WebSecurity is created by WebSecurityConfiguration to create the FilterChainProxy known as the Spring Security Filter Chain (springSecurityFilterChain).
WebSecurity(ObjectPostProcessor<Object>) - Constructor for class org.springframework.security.config.annotation.web.builders.WebSecurity
Creates a new instance
WebSecurity.IgnoredRequestConfigurer - Class in org.springframework.security.config.annotation.web.builders
Allows registering RequestMatcher instances that should be ignored by Spring Security.
WebSecurity.MvcMatchersIgnoredRequestConfigurer - Class in org.springframework.security.config.annotation.web.builders
WebSecurityConfiguration - Class in org.springframework.security.config.annotation.web.configuration
Uses a WebSecurity to create the FilterChainProxy that performs the web based security for Spring Security.
WebSecurityConfiguration() - Constructor for class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
 
WebSecurityConfigurer<T extends SecurityBuilder<javax.servlet.Filter>> - Interface in org.springframework.security.config.annotation.web
Allows customization to the WebSecurity.
WebSecurityConfigurerAdapter - Class in org.springframework.security.config.annotation.web.configuration
Provides a convenient base class for creating a WebSecurityConfigurer instance.
WebSecurityConfigurerAdapter() - Constructor for class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
Creates an instance with the default configuration enabled.
WebSecurityConfigurerAdapter(boolean) - Constructor for class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
Creates an instance which allows specifying if the default configuration should be enabled.
webSecurityExpressionHandler() - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
 
WebSecurityExpressionRoot - Class in org.springframework.security.web.access.expression
 
WebSecurityExpressionRoot(Authentication, FilterInvocation) - Constructor for class org.springframework.security.web.access.expression.WebSecurityExpressionRoot
 
WebServletJackson2Module - Class in org.springframework.security.web.jackson2
Jackson module for spring-security-web related to servlet.
WebServletJackson2Module() - Constructor for class org.springframework.security.web.jackson2.WebServletJackson2Module
 
WebSessionOAuth2ServerAuthorizationRequestRepository - Class in org.springframework.security.oauth2.client.web.server
An implementation of an ServerAuthorizationRequestRepository that stores OAuth2AuthorizationRequest in the WebSession.
WebSessionOAuth2ServerAuthorizationRequestRepository() - Constructor for class org.springframework.security.oauth2.client.web.server.WebSessionOAuth2ServerAuthorizationRequestRepository
 
WebSessionServerCsrfTokenRepository - Class in org.springframework.security.web.server.csrf
A ServerCsrfTokenRepository that stores the CsrfToken in the HttpSession.
WebSessionServerCsrfTokenRepository() - Constructor for class org.springframework.security.web.server.csrf.WebSessionServerCsrfTokenRepository
 
WebSessionServerOAuth2AuthorizedClientRepository - Class in org.springframework.security.oauth2.client.web.server
An implementation of an OAuth2AuthorizedClientRepository that stores OAuth2AuthorizedClient's in the HttpSession.
WebSessionServerOAuth2AuthorizedClientRepository() - Constructor for class org.springframework.security.oauth2.client.web.server.WebSessionServerOAuth2AuthorizedClientRepository
 
WebSessionServerRequestCache - Class in org.springframework.security.web.server.savedrequest
An implementation of ServerRequestCache that saves the ServerHttpRequest in the WebSession.
WebSessionServerRequestCache() - Constructor for class org.springframework.security.web.server.savedrequest.WebSessionServerRequestCache
 
WebSessionServerSecurityContextRepository - Class in org.springframework.security.web.server.context
Stores the SecurityContext in the WebSession.
WebSessionServerSecurityContextRepository() - Constructor for class org.springframework.security.web.server.context.WebSessionServerSecurityContextRepository
 
WEBSITE - Static variable in interface org.springframework.security.oauth2.core.oidc.StandardClaimNames
website - the URL of the user's web page or blog
WEBSOCKET_MESSAGE_BROKER - Static variable in class org.springframework.security.config.Elements
 
WebSocketMessageBrokerSecurityBeanDefinitionParser - Class in org.springframework.security.config.websocket
Parses Spring Security's websocket namespace support.
WebSocketMessageBrokerSecurityBeanDefinitionParser() - Constructor for class org.springframework.security.config.websocket.WebSocketMessageBrokerSecurityBeanDefinitionParser
 
WebSpherePreAuthenticatedProcessingFilter - Class in org.springframework.security.web.authentication.preauth.websphere
This AbstractPreAuthenticatedProcessingFilter implementation is based on WebSphere authentication.
WebSpherePreAuthenticatedProcessingFilter() - Constructor for class org.springframework.security.web.authentication.preauth.websphere.WebSpherePreAuthenticatedProcessingFilter
Public constructor which overrides the default AuthenticationDetails class to be used.
WebSpherePreAuthenticatedWebAuthenticationDetailsSource - Class in org.springframework.security.web.authentication.preauth.websphere
This AuthenticationDetailsSource implementation will set the pre-authenticated granted authorities based on the WebSphere groups for the current WebSphere user, mapped using the configured Attributes2GrantedAuthoritiesMapper.
WebSpherePreAuthenticatedWebAuthenticationDetailsSource() - Constructor for class org.springframework.security.web.authentication.preauth.websphere.WebSpherePreAuthenticatedWebAuthenticationDetailsSource
 
WebSpherePreAuthenticatedWebAuthenticationDetailsSource(WASUsernameAndGroupsExtractor) - Constructor for class org.springframework.security.web.authentication.preauth.websphere.WebSpherePreAuthenticatedWebAuthenticationDetailsSource
 
WebTestUtils - Class in org.springframework.security.test.web.support
A utility class for testing spring security
WebXmlMappableAttributesRetriever - Class in org.springframework.security.web.authentication.preauth.j2ee
This MappableAttributesRetriever implementation reads the list of defined J2EE roles from a web.xml file and returns these from { WebXmlMappableAttributesRetriever.getMappableAttributes().
WebXmlMappableAttributesRetriever() - Constructor for class org.springframework.security.web.authentication.preauth.j2ee.WebXmlMappableAttributesRetriever
 
WhiteListedAllowFromStrategy - Class in org.springframework.security.web.header.writers.frameoptions
Implementation which checks the supplied origin against a list of allowed origins.
WhiteListedAllowFromStrategy(Collection<String>) - Constructor for class org.springframework.security.web.header.writers.frameoptions.WhiteListedAllowFromStrategy
Creates a new instance
WithAnonymousUser - Annotation Type in org.springframework.security.test.context.support
When used with WithSecurityContextTestExecutionListener this annotation can be added to a test method to emulate running with an anonymous user.
withAuthentication(Authentication) - Static method in class org.springframework.security.core.context.ReactiveSecurityContextHolder
withAuthentication(Consumer<Authentication>) - Method in class org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.AuthenticatedMatcher
Allows for any validating the authentication with arbitrary assertions
withAuthentication(Authentication) - Method in class org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.AuthenticatedMatcher
Specifies the expected Authentication
withAuthenticationName(String) - Method in class org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.AuthenticatedMatcher
Specifies the expected Principal.getName()
withAuthenticationPrincipal(Object) - Method in class org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.AuthenticatedMatcher
Specifies the expected principal
withAuthorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.AuthenticatedMatcher
withDefaultPasswordEncoder() - Static method in class org.springframework.security.core.userdetails.User
Deprecated.
Using this method is not considered safe for production, but is acceptable for demos and getting started. For production purposes, ensure the password is encoded externally. See the method Javadoc for additional details. There are no plans to remove this support. It is deprecated to indicate that this is considered insecure for production purposes.
withDefaults(Map<String, Converter<Object, ?>>) - Static method in class org.springframework.security.oauth2.jwt.MappedJwtClaimSetConverter
Construct a MappedJwtClaimSetConverter, overriding individual claim converters with the provided Map of Converters.
withDefaultSchema() - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
Populates the default schema that allows users and authorities to be stored.
withHttpOnlyFalse() - Static method in class org.springframework.security.web.csrf.CookieCsrfTokenRepository
Factory method to conveniently create an instance that has CookieCsrfTokenRepository.setCookieHttpOnly(boolean) set to false.
withHttpOnlyFalse() - Static method in class org.springframework.security.web.server.csrf.CookieServerCsrfTokenRepository
Factory method to conveniently create an instance that has CookieServerCsrfTokenRepository.setCookieHttpOnly(boolean) set to false.
WithMockUser - Annotation Type in org.springframework.security.test.context.support
When used with WithSecurityContextTestExecutionListener this annotation can be added to a test method to emulate running with a mocked user.
withObjectPostProcessor(ObjectPostProcessor<?>) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
Adds an ObjectPostProcessor for this class.
withObjectPostProcessor(ObjectPostProcessor<?>) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer
 
withObjectPostProcessor(ObjectPostProcessor<?>) - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.ChannelRequestMatcherRegistry
Adds an ObjectPostProcessor for this class.
withObjectPostProcessor(ObjectPostProcessor<?>) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry
Adds an ObjectPostProcessor for this class.
withObjectPostProcessor(ObjectPostProcessor<?>) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.StandardInterceptUrlRegistry
Adds an ObjectPostProcessor for this class.
withObjectPostProcessor(ObjectPostProcessor<?>) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer
Adds an ObjectPostProcessor for this class.
withPins(Map<String, String>) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.HpkpConfig
Sets the value for the pin- directive of the Public-Key-Pins header.
withRegistrationId(String) - Static method in class org.springframework.security.oauth2.client.registration.ClientRegistration
Returns a new ClientRegistration.Builder, initialized with the provided registration identifier.
withResponse(OAuth2AccessTokenResponse) - Static method in class org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse
Returns a new OAuth2AccessTokenResponse.Builder, initialized with the provided response
withRoles(String...) - Method in class org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.AuthenticatedMatcher
withSecurityContext(Mono<? extends SecurityContext>) - Static method in class org.springframework.security.core.context.ReactiveSecurityContextHolder
Creates a Reactor Context that contains the Mono<SecurityContext> that can be merged into another Context
WithSecurityContext - Annotation Type in org.springframework.security.test.context.support
An annotation to determine what SecurityContext to use.
withSecurityContext(SecurityContext) - Method in class org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.AuthenticatedMatcher
Specifies the expected SecurityContext
WithSecurityContextFactory<A extends java.lang.annotation.Annotation> - Interface in org.springframework.security.test.context.support
An API that works with WithUserTestExcecutionListener for creating a SecurityContext that is populated in the TestSecurityContextHolder.
WithSecurityContextTestExecutionListener - Class in org.springframework.security.test.context.support
A TestExecutionListener that will find annotations that are annotated with WithSecurityContext on a test method or at the class level.
WithSecurityContextTestExecutionListener() - Constructor for class org.springframework.security.test.context.support.WithSecurityContextTestExecutionListener
 
withToken(String) - Static method in class org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse
Returns a new OAuth2AccessTokenResponse.Builder, initialized with the provided access token value.
withUser(UserDetails) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer
Allows adding a user to the UserDetailsManager that is being created.
withUser(User.UserBuilder) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer
Allows adding a user to the UserDetailsManager that is being created.
withUser(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer
Allows adding a user to the UserDetailsManager that is being created.
withUserDetails(UserDetails) - Static method in class org.springframework.security.core.userdetails.User
 
WithUserDetails - Annotation Type in org.springframework.security.test.context.support
When used with WithSecurityContextTestExecutionListener this annotation can be added to a test method to emulate running with a UserDetails returned from the UserDetailsService.
withUsername(String) - Static method in class org.springframework.security.core.userdetails.User
Creates a UserBuilder with a specified user name
withUsername(String) - Method in class org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.AuthenticatedMatcher
Specifies the expected username
write - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
 
WRITE - Static variable in class org.springframework.security.acls.domain.BasePermission
 
writeHeaders(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.header.HeaderWriter
Create a Header instance.
writeHeaders(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.header.writers.CacheControlHeadersWriter
 
writeHeaders(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.header.writers.ContentSecurityPolicyHeaderWriter
 
writeHeaders(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.header.writers.DelegatingRequestMatcherHeaderWriter
 
writeHeaders(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.header.writers.FeaturePolicyHeaderWriter
 
writeHeaders(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter
Writes the X-Frame-Options header value, overwritting any previous value.
writeHeaders(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.header.writers.HpkpHeaderWriter
 
writeHeaders(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.header.writers.HstsHeaderWriter
 
writeHeaders(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter
 
writeHeaders(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.header.writers.StaticHeadersWriter
 
writeHeaders(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.header.writers.XXssProtectionHeaderWriter
 
writeHttpHeaders(ServerWebExchange) - Method in class org.springframework.security.web.server.header.CacheControlServerHttpHeadersWriter
 
writeHttpHeaders(ServerWebExchange) - Method in class org.springframework.security.web.server.header.CompositeServerHttpHeadersWriter
 
writeHttpHeaders(ServerWebExchange) - Method in class org.springframework.security.web.server.header.ContentSecurityPolicyServerHttpHeadersWriter
 
writeHttpHeaders(ServerWebExchange) - Method in class org.springframework.security.web.server.header.ContentTypeOptionsServerHttpHeadersWriter
 
writeHttpHeaders(ServerWebExchange) - Method in class org.springframework.security.web.server.header.FeaturePolicyServerHttpHeadersWriter
 
writeHttpHeaders(ServerWebExchange) - Method in class org.springframework.security.web.server.header.ReferrerPolicyServerHttpHeadersWriter
 
writeHttpHeaders(ServerWebExchange) - Method in interface org.springframework.security.web.server.header.ServerHttpHeadersWriter
Write the headers to the response.
writeHttpHeaders(ServerWebExchange) - Method in class org.springframework.security.web.server.header.StaticServerHttpHeadersWriter
 
writeHttpHeaders(ServerWebExchange) - Method in class org.springframework.security.web.server.header.StrictTransportSecurityServerHttpHeadersWriter
 
writeHttpHeaders(ServerWebExchange) - Method in class org.springframework.security.web.server.header.XContentTypeOptionsServerHttpHeadersWriter
 
writeHttpHeaders(ServerWebExchange) - Method in class org.springframework.security.web.server.header.XFrameOptionsServerHttpHeadersWriter
 
writeHttpHeaders(ServerWebExchange) - Method in class org.springframework.security.web.server.header.XXssProtectionServerHttpHeadersWriter
 
writeInternal(OAuth2AccessTokenResponse, HttpOutputMessage) - Method in class org.springframework.security.oauth2.core.http.converter.OAuth2AccessTokenResponseHttpMessageConverter
 
writeInternal(OAuth2Error, HttpOutputMessage) - Method in class org.springframework.security.oauth2.core.http.converter.OAuth2ErrorHttpMessageConverter
 
writeMessage(String) - Method in class org.springframework.security.taglibs.authz.AuthenticationTag
 

X

x509() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Configures X509 based pre authentication.
X509 - Static variable in class org.springframework.security.config.Elements
 
x509(X509Certificate...) - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors
Populates the provided X509Certificate instances on the request.
x509(String) - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors
Finds an X509Cetificate using a resoureName and populates it on the request.
x509AuthenticationFilter(X509AuthenticationFilter) - Method in class org.springframework.security.config.annotation.web.configurers.X509Configurer
Allows specifying the entire X509AuthenticationFilter.
X509AuthenticationFilter - Class in org.springframework.security.web.authentication.preauth.x509
 
X509AuthenticationFilter() - Constructor for class org.springframework.security.web.authentication.preauth.x509.X509AuthenticationFilter
 
X509Configurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Adds X509 based pre authentication to an application.
X509Configurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.X509Configurer
Creates a new instance
x509PrincipalExtractor(X509PrincipalExtractor) - Method in class org.springframework.security.config.annotation.web.configurers.X509Configurer
X509PrincipalExtractor - Interface in org.springframework.security.web.authentication.preauth.x509
Obtains the principal from an X509Certificate for use within the framework.
X_CONTENT_OPTIONS - Static variable in class org.springframework.security.web.server.header.ContentTypeOptionsServerHttpHeadersWriter
 
X_CONTENT_OPTIONS - Static variable in class org.springframework.security.web.server.header.XContentTypeOptionsServerHttpHeadersWriter
 
X_FRAME_OPTIONS - Static variable in class org.springframework.security.web.server.header.XFrameOptionsServerHttpHeadersWriter
 
X_XSS_PROTECTION - Static variable in class org.springframework.security.web.server.header.XXssProtectionServerHttpHeadersWriter
 
XContentTypeOptionsHeaderWriter - Class in org.springframework.security.web.header.writers
A StaticHeadersWriter that inserts headers to prevent content sniffing.
XContentTypeOptionsHeaderWriter() - Constructor for class org.springframework.security.web.header.writers.XContentTypeOptionsHeaderWriter
Creates a new instance
XContentTypeOptionsServerHttpHeadersWriter - Class in org.springframework.security.web.server.header
Adds X-Content-Type-Options: nosniff
XContentTypeOptionsServerHttpHeadersWriter() - Constructor for class org.springframework.security.web.server.header.XContentTypeOptionsServerHttpHeadersWriter
 
XFRAME_OPTIONS_HEADER - Static variable in class org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter
 
XFrameOptionsHeaderWriter - Class in org.springframework.security.web.header.writers.frameoptions
HeaderWriter implementation for the X-Frame-Options headers.
XFrameOptionsHeaderWriter() - Constructor for class org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter
XFrameOptionsHeaderWriter(XFrameOptionsHeaderWriter.XFrameOptionsMode) - Constructor for class org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter
Creates a new instance
XFrameOptionsHeaderWriter(AllowFromStrategy) - Constructor for class org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter
XFrameOptionsHeaderWriter.XFrameOptionsMode - Enum in org.springframework.security.web.header.writers.frameoptions
The possible values for the X-Frame-Options header.
XFrameOptionsServerHttpHeadersWriter - Class in org.springframework.security.web.server.header
ServerHttpHeadersWriter implementation for the X-Frame-Options headers.
XFrameOptionsServerHttpHeadersWriter() - Constructor for class org.springframework.security.web.server.header.XFrameOptionsServerHttpHeadersWriter
 
XFrameOptionsServerHttpHeadersWriter.Mode - Enum in org.springframework.security.web.server.header
The X-Frame-Options values.
xssProtection() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
Note this is not comprehensive XSS protection!
xssProtection() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec
Configures x-xss-protection response header.
xssProtectionEnabled(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.XXssConfig
If true, the header value will contain a value of 1.
XXssProtectionHeaderWriter - Class in org.springframework.security.web.header.writers
XXssProtectionHeaderWriter() - Constructor for class org.springframework.security.web.header.writers.XXssProtectionHeaderWriter
Create a new instance
XXssProtectionServerHttpHeadersWriter - Class in org.springframework.security.web.server.header
Add the x-xss-protection header.
XXssProtectionServerHttpHeadersWriter() - Constructor for class org.springframework.security.web.server.header.XXssProtectionServerHttpHeadersWriter
Creates a new instance

Z

ZONEINFO - Static variable in interface org.springframework.security.oauth2.core.oidc.StandardClaimNames
zoneinfo - the user's time zone
A B C D E F G H I J K L M N O P Q R S T U V W X Z