-
Interfaces Interface Description org.springframework.security.web.util.matcher.RequestVariablesExtractor
-
Classes Class Description org.springframework.security.config.annotation.web.servlet.configuration.WebMvcSecurityConfiguration This is applied internally using SpringWebMvcImportSelectororg.springframework.security.crypto.codec.Base64 Use java.util.Base64org.springframework.security.crypto.password.LdapShaPasswordEncoder Digest based password encoding is not considered secure. Instead use an adaptive one way function like BCryptPasswordEncoder, Pbkdf2PasswordEncoder, or SCryptPasswordEncoder. Even better useDelegatingPasswordEncoder
which supports password upgrades. There are no plans to remove this support. It is deprecated to indicate that this is a legacy implementation and using it is considered insecure.org.springframework.security.crypto.password.Md4PasswordEncoder Digest based password encoding is not considered secure. Instead use an adaptive one way function like BCryptPasswordEncoder, Pbkdf2PasswordEncoder, or SCryptPasswordEncoder. Even better useDelegatingPasswordEncoder
which supports password upgrades. There are no plans to remove this support. It is deprecated to indicate that this is a legacy implementation and using it is considered insecure.org.springframework.security.crypto.password.MessageDigestPasswordEncoder Digest based password encoding is not considered secure. Instead use an adaptive one way function like BCryptPasswordEncoder, Pbkdf2PasswordEncoder, or SCryptPasswordEncoder. Even better useDelegatingPasswordEncoder
which supports password upgrades. There are no plans to remove this support. It is deprecated to indicate that this is a legacy implementation and using it is considered insecure.org.springframework.security.crypto.password.NoOpPasswordEncoder This PasswordEncoder is not secure. Instead use an adaptive one way function like BCryptPasswordEncoder, Pbkdf2PasswordEncoder, or SCryptPasswordEncoder. Even better useDelegatingPasswordEncoder
which supports password upgrades. There are no plans to remove this support. It is deprecated to indicate that this is a legacy implementation and using it is considered insecure.org.springframework.security.crypto.password.StandardPasswordEncoder Digest based password encoding is not considered secure. Instead use an adaptive one way function like BCryptPasswordEncoder, Pbkdf2PasswordEncoder, or SCryptPasswordEncoder. Even better useDelegatingPasswordEncoder
which supports password upgrades. There are no plans to remove this support. It is deprecated to indicate that this is a legacy implementation and using it is considered insecure.org.springframework.security.ldap.server.ApacheDSContainer UseUnboundIdContainer
instead because ApacheDS 1.x is no longer supported with no GA version to replace it.org.springframework.security.oauth2.client.endpoint.NimbusAuthorizationCodeTokenResponseClient org.springframework.security.oauth2.jwt.NimbusJwtDecoderJwkSupport UseNimbusJwtDecoder
orJwtDecoders
insteadorg.springframework.security.web.bind.support.AuthenticationPrincipalArgumentResolver UseAuthenticationPrincipalArgumentResolver
instead.org.springframework.security.web.server.ServerFormLoginAuthenticationConverter useServerFormLoginAuthenticationConverter
instead.org.springframework.security.web.server.ServerHttpBasicAuthenticationConverter UseServerHttpBasicAuthenticationConverter
instead.
-
Annotation Types Annotation Type Description org.springframework.security.access.method.P use @{code org.springframework.security.core.parameters.P}org.springframework.security.config.annotation.web.servlet.configuration.EnableWebMvcSecurity Use EnableWebSecurity instead which will automatically add the Spring MVC related Security items.org.springframework.security.web.bind.annotation.AuthenticationPrincipal UseAuthenticationPrincipal
instead.
-
Constructors Constructor Description org.springframework.security.web.session.ConcurrentSessionFilter(SessionRegistry, String)