org.springframework.security.web.csrf (spring-security-docs 6.0.0-M6 API)

package org.springframework.security.web.csrf

Related Packages

Package

Description

org.springframework.security.web

Spring Security's web security module.
Class

Description

CookieCsrfTokenRepository

A CsrfTokenRepository that persists the CSRF token in a cookie named "XSRF-TOKEN" and reads from the header "X-XSRF-TOKEN" following the conventions of AngularJS.

CsrfAuthenticationStrategy

CsrfAuthenticationStrategy is in charge of removing the CsrfToken upon authenticating.

CsrfException

Thrown when an invalid or missing CsrfToken is found in the HttpServletRequest

CsrfFilter

Applies CSRF protection using a synchronizer token pattern.

CsrfLogoutHandler

CsrfLogoutHandler is in charge of removing the CsrfToken upon logout.

CsrfToken

Provides the information about an expected CSRF token.

CsrfTokenRepository

An API to allow changing the method in which the expected CsrfToken is associated to the HttpServletRequest.

DefaultCsrfToken

A CSRF token that is used to protect against CSRF attacks.

HttpSessionCsrfTokenRepository

A CsrfTokenRepository that stores the CsrfToken in the HttpSession.

InvalidCsrfTokenException

Thrown when an expected CsrfToken exists, but it does not match the value present on the HttpServletRequest

LazyCsrfTokenRepository

A CsrfTokenRepository that delays saving new CsrfToken until the attributes of the CsrfToken that were generated are accessed.

MissingCsrfTokenException

Thrown when no expected CsrfToken is found but is required.