Index (spring-security-docs 6.0.8 API)

$ A B C D E F G H I J K L M N O P Q R S T U V W X Z _
All Classes and Interfaces|All Packages|Constant Field Values|Serialized Form

$

$2A - Enum constant in enum class org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder.BCryptVersion
$2B - Enum constant in enum class org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder.BCryptVersion
$2Y - Enum constant in enum class org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder.BCryptVersion

A

abort() - Method in class org.springframework.security.authentication.jaas.SecurityContextLoginModule: Abort the authentication process by forgetting the Spring Security Authentication.
AbstractAccessDecisionManager - Class in org.springframework.security.access.vote: Deprecated.
Use AuthorizationManager instead
AbstractAccessDecisionManager(List<AccessDecisionVoter<?>>) - Constructor for class org.springframework.security.access.vote.AbstractAccessDecisionManager: Deprecated.
AbstractAclProvider - Class in org.springframework.security.acls.afterinvocation: Abstract AfterInvocationProvider which provides commonly-used ACL-related services.
AbstractAclProvider(AclService, String, List<Permission>) - Constructor for class org.springframework.security.acls.afterinvocation.AbstractAclProvider
AbstractAclVoter - Class in org.springframework.security.access.vote: Deprecated.
Now used by only-deprecated classes. Generally speaking, in-memory ACL is no longer advised, so no replacement is planned at this point.
AbstractAclVoter() - Constructor for class org.springframework.security.access.vote.AbstractAclVoter: Deprecated.
AbstractAuthenticationEvent - Class in org.springframework.security.authentication.event: Represents an application authentication event.
AbstractAuthenticationEvent(Authentication) - Constructor for class org.springframework.security.authentication.event.AbstractAuthenticationEvent
AbstractAuthenticationFailureEvent - Class in org.springframework.security.authentication.event: Abstract application event which indicates authentication failure for some reason.
AbstractAuthenticationFailureEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AbstractAuthenticationFailureEvent
AbstractAuthenticationFilterConfigurer,T extends AbstractAuthenticationFilterConfigurer<B,T,F>,F extends AbstractAuthenticationProcessingFilter> - Class in org.springframework.security.config.annotation.web.configurers: Base class for configuring AbstractAuthenticationFilterConfigurer.
AbstractAuthenticationFilterConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer: Creates a new instance with minimal defaults
AbstractAuthenticationFilterConfigurer(F, String) - Constructor for class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer: Creates a new instance
AbstractAuthenticationProcessingFilter - Class in org.springframework.security.web.authentication: Abstract processor of browser-based HTTP-based authentication requests.
AbstractAuthenticationProcessingFilter(String) - Constructor for class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
AbstractAuthenticationProcessingFilter(String, AuthenticationManager) - Constructor for class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter: Creates a new instance with a default filterProcessesUrl and an AuthenticationManager
AbstractAuthenticationProcessingFilter(RequestMatcher) - Constructor for class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter: Creates a new instance
AbstractAuthenticationProcessingFilter(RequestMatcher, AuthenticationManager) - Constructor for class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter: Creates a new instance with a RequestMatcher and an AuthenticationManager
AbstractAuthenticationTargetUrlRequestHandler - Class in org.springframework.security.web.authentication: Base class containing the logic used by strategies which handle redirection to a URL and are passed an Authentication object as part of the contract.
AbstractAuthenticationTargetUrlRequestHandler() - Constructor for class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
AbstractAuthenticationToken - Class in org.springframework.security.authentication: Base class for Authentication objects.
AbstractAuthenticationToken(Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.authentication.AbstractAuthenticationToken: Creates a token with the supplied array of authorities.
AbstractAuthorizationEvent - Class in org.springframework.security.access.event: Deprecated.
Authorization events have moved. Consider AuthorizationGrantedEvent and AuthorizationDeniedEvent
AbstractAuthorizationEvent(Object) - Constructor for class org.springframework.security.access.event.AbstractAuthorizationEvent: Deprecated.

Construct the event, passing in the secure object being intercepted.
AbstractAuthorizeTag - Class in org.springframework.security.taglibs.authz: A base class for an <authorize> tag that is independent of the tag rendering technology (JSP, Facelets).
AbstractAuthorizeTag() - Constructor for class org.springframework.security.taglibs.authz.AbstractAuthorizeTag
AbstractConfigAttributeRequestMatcherRegistry<C> - Class in org.springframework.security.config.annotation.web.configurers: A base class for registering RequestMatcher's.
AbstractConfigAttributeRequestMatcherRegistry() - Constructor for class org.springframework.security.config.annotation.web.configurers.AbstractConfigAttributeRequestMatcherRegistry
AbstractConfiguredSecurityBuilder<O,B extends SecurityBuilder<O>> - Class in org.springframework.security.config.annotation: A base SecurityBuilder that allows SecurityConfigurer to be applied to it.
AbstractConfiguredSecurityBuilder(ObjectPostProcessor<Object>) - Constructor for class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder: Creates a new instance with the provided ObjectPostProcessor.
AbstractConfiguredSecurityBuilder(ObjectPostProcessor<Object>, boolean) - Constructor for class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder: Creates a new instance with the provided ObjectPostProcessor.
AbstractDaoAuthenticationConfigurer,C extends AbstractDaoAuthenticationConfigurer<B,C,U>,U extends UserDetailsService> - Class in org.springframework.security.config.annotation.authentication.configurers.userdetails: Allows configuring a DaoAuthenticationProvider
AbstractFallbackMethodSecurityMetadataSource - Class in org.springframework.security.access.method: Deprecated.
Use the use-authorization-manager attribute for <method-security> and <intercept-methods> instead or use annotation-based or AuthorizationManager-based authorization
AbstractFallbackMethodSecurityMetadataSource() - Constructor for class org.springframework.security.access.method.AbstractFallbackMethodSecurityMetadataSource: Deprecated.
AbstractHttpConfigurer<T extends AbstractHttpConfigurer<T,B>,B extends HttpSecurityBuilder> - Class in org.springframework.security.config.annotation.web.configurers: Adds a convenient base class for SecurityConfigurer instances that operate on HttpSecurity.
AbstractHttpConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer
AbstractInterceptUrlConfigurer<C extends AbstractInterceptUrlConfigurer<C,H>,H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers: Deprecated.
Use AuthorizeHttpRequestsConfigurer instead
AbstractInterceptUrlConfigurer.AbstractInterceptUrlRegistry<R extends AbstractInterceptUrlConfigurer<C,H>.AbstractInterceptUrlRegistry<R,T>,T> - Class in org.springframework.security.config.annotation.web.configurers: Deprecated.
AbstractJaasAuthenticationProvider - Class in org.springframework.security.authentication.jaas: An AuthenticationProvider implementation that retrieves user details from a JAAS login configuration.
AbstractJaasAuthenticationProvider() - Constructor for class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
AbstractLdapAuthenticationManagerFactory<T extends AbstractLdapAuthenticator> - Class in org.springframework.security.config.ldap: Creates an AuthenticationManager that can perform LDAP authentication.
AbstractLdapAuthenticationProvider - Class in org.springframework.security.ldap.authentication: Base class for the standard LdapAuthenticationProvider and the ActiveDirectoryLdapAuthenticationProvider.
AbstractLdapAuthenticationProvider() - Constructor for class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
AbstractLdapAuthenticator - Class in org.springframework.security.ldap.authentication: Base class for the authenticator implementations.
AbstractLdapAuthenticator(ContextSource) - Constructor for class org.springframework.security.ldap.authentication.AbstractLdapAuthenticator: Create an initialized instance with the ContextSource provided.
AbstractMessageMatcherComposite<T> - Class in org.springframework.security.messaging.util.matcher: Abstract MessageMatcher containing multiple MessageMatcher
AbstractMethodSecurityMetadataSource - Class in org.springframework.security.access.method: Deprecated.
Use the use-authorization-manager attribute for <method-security> and <intercept-methods> instead or use annotation-based or AuthorizationManager-based authorization
AbstractMethodSecurityMetadataSource() - Constructor for class org.springframework.security.access.method.AbstractMethodSecurityMetadataSource: Deprecated.
AbstractOAuth2AuthorizationGrantRequest - Class in org.springframework.security.oauth2.client.endpoint: Base implementation of an OAuth 2.0 Authorization Grant request that holds an authorization grant credential and is used when initiating a request to the Authorization Server's Token Endpoint.
AbstractOAuth2AuthorizationGrantRequest(AuthorizationGrantType, ClientRegistration) - Constructor for class org.springframework.security.oauth2.client.endpoint.AbstractOAuth2AuthorizationGrantRequest: Sub-class constructor.
AbstractOAuth2Token - Class in org.springframework.security.oauth2.core: Base class for OAuth 2.0 Token implementations.
AbstractOAuth2Token(String) - Constructor for class org.springframework.security.oauth2.core.AbstractOAuth2Token: Sub-class constructor.
AbstractOAuth2Token(String, Instant, Instant) - Constructor for class org.springframework.security.oauth2.core.AbstractOAuth2Token: Sub-class constructor.
AbstractOAuth2TokenAuthenticationToken<T extends OAuth2Token> - Class in org.springframework.security.oauth2.server.resource.authentication: Base class for AbstractAuthenticationToken implementations that expose common attributes between different OAuth 2.0 Access Token Formats.
AbstractOAuth2TokenAuthenticationToken(T) - Constructor for class org.springframework.security.oauth2.server.resource.authentication.AbstractOAuth2TokenAuthenticationToken: Sub-class constructor.
AbstractOAuth2TokenAuthenticationToken(T, Object, Object, Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.oauth2.server.resource.authentication.AbstractOAuth2TokenAuthenticationToken
AbstractOAuth2TokenAuthenticationToken(T, Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.oauth2.server.resource.authentication.AbstractOAuth2TokenAuthenticationToken: Sub-class constructor.
AbstractPasswordEncoder - Class in org.springframework.security.crypto.password: Abstract base class for password encoders
AbstractPasswordEncoder() - Constructor for class org.springframework.security.crypto.password.AbstractPasswordEncoder
AbstractPermission - Class in org.springframework.security.acls.domain: Provides an abstract superclass for Permission implementations.
AbstractPermission(int) - Constructor for class org.springframework.security.acls.domain.AbstractPermission: Sets the permission mask and uses the '*' character to represent active bits when represented as a bit pattern string.
AbstractPermission(int, char) - Constructor for class org.springframework.security.acls.domain.AbstractPermission: Sets the permission mask and uses the specified character for active bits.
AbstractPreAuthenticatedProcessingFilter - Class in org.springframework.security.web.authentication.preauth: Base class for processing filters that handle pre-authenticated authentication requests, where it is assumed that the principal has already been authenticated by an external system.
AbstractPreAuthenticatedProcessingFilter() - Constructor for class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
AbstractRememberMeServices - Class in org.springframework.security.web.authentication.rememberme: Base class for RememberMeServices implementations.
AbstractRememberMeServices(String, UserDetailsService) - Constructor for class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
AbstractRequestMatcherRegistry<C> - Class in org.springframework.security.config.annotation.web: A base class for registering RequestMatcher's.
AbstractRequestMatcherRegistry() - Constructor for class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
AbstractRequestParameterAllowFromStrategy - Class in org.springframework.security.web.header.writers.frameoptions: Deprecated.
ALLOW-FROM is an obsolete directive that no longer works in modern browsers. Instead use Content-Security-Policy with the frame-ancestors directive.
AbstractRetryEntryPoint - Class in org.springframework.security.web.access.channel
AbstractRetryEntryPoint(String, int) - Constructor for class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
AbstractSaml2AuthenticationRequest - Class in org.springframework.security.saml2.provider.service.authentication: Data holder for AuthNRequest parameters to be sent using either the Saml2MessageBinding.POST or Saml2MessageBinding.REDIRECT binding.
AbstractSaml2AuthenticationRequest.Builder<T extends AbstractSaml2AuthenticationRequest.Builder<T>> - Class in org.springframework.security.saml2.provider.service.authentication: A builder for AbstractSaml2AuthenticationRequest and its subclasses.
AbstractSecurityBuilder<O> - Class in org.springframework.security.config.annotation: A base SecurityBuilder that ensures the object being built is only built one time.
AbstractSecurityBuilder() - Constructor for class org.springframework.security.config.annotation.AbstractSecurityBuilder
AbstractSecurityExpressionHandler<T> - Class in org.springframework.security.access.expression: Base implementation of the facade which isolates Spring Security's requirements for evaluating security expressions from the implementation of the underlying expression objects.
AbstractSecurityExpressionHandler() - Constructor for class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
AbstractSecurityInterceptor - Class in org.springframework.security.access.intercept: Deprecated.
Use AuthorizationFilter instead for filter security, AuthorizationChannelInterceptor for messaging security, or AuthorizationManagerBeforeMethodInterceptor and AuthorizationManagerAfterMethodInterceptor for method security.
AbstractSecurityInterceptor() - Constructor for class org.springframework.security.access.intercept.AbstractSecurityInterceptor: Deprecated.
AbstractSecurityWebApplicationInitializer - Class in org.springframework.security.web.context: Registers the DelegatingFilterProxy to use the springSecurityFilterChain before any other registered Filter.
AbstractSecurityWebApplicationInitializer() - Constructor for class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer: Creates a new instance that assumes the Spring Security configuration is loaded by some other means than this class.
AbstractSecurityWebApplicationInitializer(Class<?>...) - Constructor for class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer: Creates a new instance that will instantiate the ContextLoaderListener with the specified classes.
AbstractSecurityWebSocketMessageBrokerConfigurer - Class in org.springframework.security.config.annotation.web.socket: Deprecated.
Use EnableWebSocketSecurity instead
AbstractSecurityWebSocketMessageBrokerConfigurer() - Constructor for class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer: Deprecated.
AbstractServerWebExchangeMatcherRegistry<T> - Class in org.springframework.security.config.web.server
AbstractSessionEvent - Class in org.springframework.security.core.session: Abstract superclass for all session related events.
AbstractSessionEvent(Object) - Constructor for class org.springframework.security.core.session.AbstractSessionEvent
AbstractSessionFixationProtectionStrategy - Class in org.springframework.security.web.authentication.session: A base class for performing session fixation protection.
AbstractSessionFixationProtectionStrategy.NullEventPublisher - Class in org.springframework.security.web.authentication.session
AbstractUserDetailsAuthenticationProvider - Class in org.springframework.security.authentication.dao: A base AuthenticationProvider that allows subclasses to override and work with UserDetails objects.
AbstractUserDetailsAuthenticationProvider() - Constructor for class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
AbstractUserDetailsReactiveAuthenticationManager - Class in org.springframework.security.authentication: A base ReactiveAuthenticationManager that allows subclasses to override and work with UserDetails objects.
AbstractUserDetailsReactiveAuthenticationManager() - Constructor for class org.springframework.security.authentication.AbstractUserDetailsReactiveAuthenticationManager
AbstractUserDetailsServiceBeanDefinitionParser - Class in org.springframework.security.config.authentication
AbstractUserDetailsServiceBeanDefinitionParser() - Constructor for class org.springframework.security.config.authentication.AbstractUserDetailsServiceBeanDefinitionParser
AbstractWebClientReactiveOAuth2AccessTokenResponseClient<T extends AbstractOAuth2AuthorizationGrantRequest> - Class in org.springframework.security.oauth2.client.endpoint: Abstract base class for all of the WebClientReactive*TokenResponseClients that communicate to the Authorization Server's Token Endpoint.
acceptMediaType(MediaType) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.FormLoginRequestBuilder: Specify a media type to set as the Accept header in the request.
access(String) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl: Deprecated.

Allows specifying that URLs are secured by an arbitrary expression
access(String) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint: Deprecated.

Allows specifying that Messages are secured by an arbitrary expression
access(String...) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.AuthorizedUrl: Deprecated.

Specifies that the user must have the specified ConfigAttribute's
access(AuthorizationManager<MessageAuthorizationContext<?>>) - Method in class org.springframework.security.messaging.access.intercept.MessageMatcherDelegatingAuthorizationManager.Builder.Constraint: Allows specifying that Messages are secured by an arbitrary expression
access(AuthorizationManager<RequestAuthorizationContext>) - Method in class org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer.AuthorizedUrl: Allows specifying a custom AuthorizationManager.
access(ReactiveAuthorizationManager<PayloadExchangeAuthorizationContext>) - Method in class org.springframework.security.config.annotation.rsocket.RSocketSecurity.AuthorizePayloadsSpec.Access
access(ReactiveAuthorizationManager<AuthorizationContext>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.AuthorizeExchangeSpec.Access: Allows plugging in a custom authorization strategy
Access() - Constructor for class org.springframework.security.config.web.server.ServerHttpSecurity.AuthorizeExchangeSpec.Access
ACCESS_ABSTAIN - Static variable in interface org.springframework.security.access.AccessDecisionVoter: Deprecated.
ACCESS_DENIED - Static variable in interface org.springframework.security.access.AccessDecisionVoter: Deprecated.
ACCESS_DENIED - Static variable in class org.springframework.security.oauth2.core.OAuth2ErrorCodes: access_denied - The resource owner or authorization server denied the request.
ACCESS_DENIED_403 - Static variable in class org.springframework.security.web.WebAttributes: Used to cache an AccessDeniedException in the request for rendering.
ACCESS_DENIED_HANDLER - Static variable in class org.springframework.security.config.Elements
ACCESS_GRANTED - Static variable in interface org.springframework.security.access.AccessDecisionVoter: Deprecated.
ACCESS_TOKEN - Static variable in class org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames: access_token - used in Authorization Response and Access Token Response.
AccessControlEntry - Interface in org.springframework.security.acls.model: Represents an individual permission assignment within an Acl.
AccessControlEntryImpl - Class in org.springframework.security.acls.domain: An immutable default implementation of AccessControlEntry.
AccessControlEntryImpl(Serializable, Acl, Sid, Permission, boolean, boolean, boolean) - Constructor for class org.springframework.security.acls.domain.AccessControlEntryImpl
AccessControlListTag - Class in org.springframework.security.taglibs.authz: An implementation of Tag that allows its body through if all authorizations are granted to the request's principal.
AccessControlListTag() - Constructor for class org.springframework.security.taglibs.authz.AccessControlListTag
accessDecisionManager() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration: Deprecated.

Allows subclasses to provide a custom AccessDecisionManager.
accessDecisionManager(AccessDecisionManager) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractInterceptUrlConfigurer.AbstractInterceptUrlRegistry: Deprecated.

Allows setting the AccessDecisionManager.
AccessDecisionManager - Interface in org.springframework.security.access: Deprecated.
Use AuthorizationManager instead
AccessDecisionVoter<S> - Interface in org.springframework.security.access: Deprecated.
Use AuthorizationManager instead
AccessDeniedException - Exception in org.springframework.security.access: Thrown if an Authentication object does not hold a required authority.
AccessDeniedException(String) - Constructor for exception org.springframework.security.access.AccessDeniedException: Constructs an AccessDeniedException with the specified message.
AccessDeniedException(String, Throwable) - Constructor for exception org.springframework.security.access.AccessDeniedException: Constructs an AccessDeniedException with the specified message and root cause.
accessDeniedHandler(AccessDeniedHandler) - Method in class org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer: Specifies the AccessDeniedHandler to be used
accessDeniedHandler(AccessDeniedHandler) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer
accessDeniedHandler(ServerAccessDeniedHandler) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.CsrfSpec: Configures the ServerAccessDeniedHandler used when a CSRF token is invalid.
accessDeniedHandler(ServerAccessDeniedHandler) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.ExceptionHandlingSpec: Configures what to do when an authenticated user does not hold a required authority
accessDeniedHandler(ServerAccessDeniedHandler) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec: Configures the ServerAccessDeniedHandler to use for requests authenticating with Bearer Tokens.
AccessDeniedHandler - Interface in org.springframework.security.web.access: Used by ExceptionTranslationFilter to handle an AccessDeniedException.
AccessDeniedHandlerImpl - Class in org.springframework.security.web.access: Base implementation of AccessDeniedHandler.
AccessDeniedHandlerImpl() - Constructor for class org.springframework.security.web.access.AccessDeniedHandlerImpl
accessDeniedPage(String) - Method in class org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer: Shortcut to specify the AccessDeniedHandler to be used is a specific error page
accessToken(OAuth2AccessToken) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.OAuth2ClientMutator: Use this OAuth2AccessToken
accessToken(OAuth2AccessToken) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.OAuth2ClientRequestPostProcessor: Use this OAuth2AccessToken
accessTokenHash(String) - Method in class org.springframework.security.oauth2.core.oidc.OidcIdToken.Builder: Use this access token hash in the resulting OidcIdToken
accessTokenResponseClient(OAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest>) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2ClientConfigurer.AuthorizationCodeGrantConfigurer: Sets the client used for requesting the access token credential from the Token Endpoint.
accessTokenResponseClient(OAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest>) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer.TokenEndpointConfig: Sets the client used for requesting the access token credential from the Token Endpoint.
accessTokenResponseClient(OAuth2AccessTokenResponseClient<OAuth2ClientCredentialsGrantRequest>) - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClientProviderBuilder.ClientCredentialsGrantBuilder: Sets the client used when requesting an access token credential at the Token Endpoint.
accessTokenResponseClient(OAuth2AccessTokenResponseClient<OAuth2PasswordGrantRequest>) - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClientProviderBuilder.PasswordGrantBuilder: Sets the client used when requesting an access token credential at the Token Endpoint.
accessTokenResponseClient(OAuth2AccessTokenResponseClient<OAuth2RefreshTokenGrantRequest>) - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClientProviderBuilder.RefreshTokenGrantBuilder: Sets the client used when requesting an access token credential at the Token Endpoint.
accessTokenResponseClient(ReactiveOAuth2AccessTokenResponseClient<OAuth2ClientCredentialsGrantRequest>) - Method in class org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder.ClientCredentialsGrantBuilder: Sets the client used when requesting an access token credential at the Token Endpoint.
accessTokenResponseClient(ReactiveOAuth2AccessTokenResponseClient<OAuth2PasswordGrantRequest>) - Method in class org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder.PasswordGrantBuilder: Sets the client used when requesting an access token credential at the Token Endpoint.
accessTokenResponseClient(ReactiveOAuth2AccessTokenResponseClient<OAuth2RefreshTokenGrantRequest>) - Method in class org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder.RefreshTokenGrantBuilder: Sets the client used when requesting an access token credential at the Token Endpoint.
ACCOUNT_LOCKED - Enum constant in enum class org.springframework.security.ldap.ppolicy.PasswordPolicyErrorStatus
accountExpired(boolean) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder: Defines if the account is expired or not.
accountExpired(boolean) - Method in class org.springframework.security.core.userdetails.User.UserBuilder: Defines if the account is expired or not.
accountExpired(boolean) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.UserExchangeMutator
AccountExpiredException - Exception in org.springframework.security.authentication: Thrown if an authentication request is rejected because the account has expired.
AccountExpiredException(String) - Constructor for exception org.springframework.security.authentication.AccountExpiredException: Constructs a AccountExpiredException with the specified message.
AccountExpiredException(String, Throwable) - Constructor for exception org.springframework.security.authentication.AccountExpiredException: Constructs a AccountExpiredException with the specified message and root cause.
accountLocked(boolean) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder: Defines if the account is locked or not.
accountLocked(boolean) - Method in class org.springframework.security.core.userdetails.User.UserBuilder: Defines if the account is locked or not.
accountLocked(boolean) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.UserExchangeMutator
AccountStatusException - Exception in org.springframework.security.authentication: Base class for authentication exceptions which are caused by a particular user account status (locked, disabled etc).
AccountStatusException(String) - Constructor for exception org.springframework.security.authentication.AccountStatusException
AccountStatusException(String, Throwable) - Constructor for exception org.springframework.security.authentication.AccountStatusException
AccountStatusUserDetailsChecker - Class in org.springframework.security.authentication
AccountStatusUserDetailsChecker() - Constructor for class org.springframework.security.authentication.AccountStatusUserDetailsChecker
Acl - Interface in org.springframework.security.acls.model: Represents an access control list (ACL) for a domain object.
AclAuthorizationStrategy - Interface in org.springframework.security.acls.domain: Strategy used by AclImpl to determine whether a principal is permitted to call adminstrative methods on the AclImpl.
AclAuthorizationStrategyImpl - Class in org.springframework.security.acls.domain: Default implementation of AclAuthorizationStrategy.
AclAuthorizationStrategyImpl(GrantedAuthority...) - Constructor for class org.springframework.security.acls.domain.AclAuthorizationStrategyImpl: Constructor.
AclCache - Interface in org.springframework.security.acls.model: A caching layer for JdbcAclService.
AclDataAccessException - Exception in org.springframework.security.acls.model: Abstract base class for Acl data operations.
AclDataAccessException(String) - Constructor for exception org.springframework.security.acls.model.AclDataAccessException: Constructs an AclDataAccessException with the specified message and no root cause.
AclDataAccessException(String, Throwable) - Constructor for exception org.springframework.security.acls.model.AclDataAccessException: Constructs an AclDataAccessException with the specified message and root cause.
AclEntryAfterInvocationCollectionFilteringProvider - Class in org.springframework.security.acls.afterinvocation: Given a Collection of domain object instances returned from a secure object invocation, remove any Collection elements the principal does not have appropriate permission to access as defined by the AclService.
AclEntryAfterInvocationCollectionFilteringProvider(AclService, List<Permission>) - Constructor for class org.springframework.security.acls.afterinvocation.AclEntryAfterInvocationCollectionFilteringProvider
AclEntryAfterInvocationProvider - Class in org.springframework.security.acls.afterinvocation: Given a domain object instance returned from a secure object invocation, ensures the principal has appropriate permission as defined by the AclService.
AclEntryAfterInvocationProvider(AclService, String, List<Permission>) - Constructor for class org.springframework.security.acls.afterinvocation.AclEntryAfterInvocationProvider
AclEntryAfterInvocationProvider(AclService, List<Permission>) - Constructor for class org.springframework.security.acls.afterinvocation.AclEntryAfterInvocationProvider
AclEntryVoter - Class in org.springframework.security.acls: Given a domain object instance passed as a method argument, ensures the principal has appropriate permission as indicated by the AclService.
AclEntryVoter(AclService, String, Permission[]) - Constructor for class org.springframework.security.acls.AclEntryVoter
AclFormattingUtils - Class in org.springframework.security.acls.domain: Utility methods for displaying ACL information.
AclFormattingUtils() - Constructor for class org.springframework.security.acls.domain.AclFormattingUtils
AclImpl - Class in org.springframework.security.acls.domain: Base implementation of Acl.
AclImpl(ObjectIdentity, Serializable, AclAuthorizationStrategy, AuditLogger) - Constructor for class org.springframework.security.acls.domain.AclImpl: Minimal constructor, which should be used MutableAclService.createAcl(ObjectIdentity) .
AclImpl(ObjectIdentity, Serializable, AclAuthorizationStrategy, PermissionGrantingStrategy, Acl, List<Sid>, boolean, Sid) - Constructor for class org.springframework.security.acls.domain.AclImpl: Full constructor, which should be used by persistence tools that do not provide field-level access features.
AclPermissionCacheOptimizer - Class in org.springframework.security.acls: Batch loads ACLs for collections of objects to allow optimised filtering.
AclPermissionCacheOptimizer(AclService) - Constructor for class org.springframework.security.acls.AclPermissionCacheOptimizer
AclPermissionEvaluator - Class in org.springframework.security.acls: Used by Spring Security's expression-based access control implementation to evaluate permissions for a particular object using the ACL module.
AclPermissionEvaluator(AclService) - Constructor for class org.springframework.security.acls.AclPermissionEvaluator
aclService - Variable in class org.springframework.security.acls.afterinvocation.AbstractAclProvider
AclService - Interface in org.springframework.security.acls.model: Provides retrieval of Acl instances.
ACR - Static variable in class org.springframework.security.oauth2.core.oidc.IdTokenClaimNames: acr - the Authentication Context Class Reference
ACTIVE - Static variable in class org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimNames: active - Indicator whether or not the token is currently active
ActiveDirectoryAuthenticationException - Exception in org.springframework.security.ldap.authentication.ad: Thrown as a translation of an AuthenticationException when attempting to authenticate against Active Directory using ActiveDirectoryLdapAuthenticationProvider.
ActiveDirectoryLdapAuthenticationProvider - Class in org.springframework.security.ldap.authentication.ad: Specialized LDAP authentication provider which uses Active Directory configuration conventions.
ActiveDirectoryLdapAuthenticationProvider(String, String) - Constructor for class org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider
ActiveDirectoryLdapAuthenticationProvider(String, String, String) - Constructor for class org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider
add(PayloadExchangeMatcherEntry<ReactiveAuthorizationManager<PayloadExchangeAuthorizationContext>>) - Method in class org.springframework.security.rsocket.authorization.PayloadExchangeMatcherReactiveAuthorizationManager.Builder
add(ServerWebExchangeMatcherEntry<ReactiveAuthorizationManager<AuthorizationContext>>) - Method in class org.springframework.security.web.server.authorization.DelegatingReactiveAuthorizationManager.Builder
add(ServerWebExchangeMatcher, ReactiveAuthenticationManager) - Method in class org.springframework.security.web.server.authentication.ServerWebExchangeDelegatingReactiveAuthenticationManagerResolver.Builder: Maps a ServerWebExchangeMatcher to an ReactiveAuthenticationManager.
add(RequestMatcher, AuthenticationManager) - Method in class org.springframework.security.web.authentication.RequestMatcherDelegatingAuthenticationManagerResolver.Builder: Maps a RequestMatcher to an AuthorizationManager.
add(RequestMatcher, AuthorizationManager<RequestAuthorizationContext>) - Method in class org.springframework.security.web.access.intercept.RequestMatcherDelegatingAuthorizationManager.Builder: Maps a RequestMatcher to an AuthorizationManager.
addArgumentResolvers(List<HandlerMethodArgumentResolver>) - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer: Deprecated.
addArgumentResolvers(List<HandlerMethodArgumentResolver>) - Method in class org.springframework.security.config.annotation.web.servlet.configuration.WebMvcSecurityConfiguration: Deprecated.
addAuthorities(DistinguishedName, Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
addAuthority(GrantedAuthority) - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
addAuthority(GrantedAuthority) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence: Adds the authority to the list, unless it is already there, in which case it is ignored
addCn(String) - Method in class org.springframework.security.ldap.userdetails.Person.Essence
addConverters(ConverterRegistry) - Static method in class org.springframework.security.oauth2.core.converter.ClaimConversionService: Adds the converters that provide type conversion for claim values to the provided ConverterRegistry.
addCustomAuthorities(String, List<GrantedAuthority>) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl: Allows subclasses to add their own granted authorities to the list to be returned in the UserDetails.
addFilter(Filter) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
addFilter(Filter) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder: Adds a Filter that must be an instance of or extend one of the Filters provided within the Security framework.
addFilterAfter(Filter, Class<? extends Filter>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
addFilterAfter(Filter, Class<? extends Filter>) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder: Allows adding a Filter after one of the known Filter classes.
addFilterAfter(WebFilter, SecurityWebFiltersOrder) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Adds a WebFilter after specific position.
addFilterAt(Filter, Class<? extends Filter>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Adds the Filter at the location of the specified Filter class.
addFilterAt(WebFilter, SecurityWebFiltersOrder) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Adds a WebFilter at a specific position.
addFilterBefore(Filter, Class<? extends Filter>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
addFilterBefore(Filter, Class<? extends Filter>) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder: Allows adding a Filter before one of the known Filter classes.
addFilterBefore(WebFilter, SecurityWebFiltersOrder) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Adds a WebFilter before specific position.
addGroupAuthority(String, GrantedAuthority) - Method in interface org.springframework.security.provisioning.GroupManager: Assigns a new authority to a group.
addGroupAuthority(String, GrantedAuthority) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
addHeader(String, String) - Method in class org.springframework.security.web.util.OnCommittedResponseWrapper
addHeadersConverter(Converter<OAuth2PasswordGrantRequest, HttpHeaders>) - Method in class org.springframework.security.oauth2.client.endpoint.OAuth2PasswordGrantRequestEntityConverter: Add (compose) the provided headersConverter to the current Converter used for converting the AbstractOAuth2AuthorizationGrantRequest instance to a HttpHeaders used in the OAuth 2.0 Access Token Request headers.
addHeadersConverter(Converter<T, HttpHeaders>) - Method in class org.springframework.security.oauth2.client.endpoint.AbstractWebClientReactiveOAuth2AccessTokenResponseClient: Add (compose) the provided headersConverter to the current Converter used for converting the AbstractOAuth2AuthorizationGrantRequest instance to a HttpHeaders used in the OAuth 2.0 Access Token Request headers.
addHeaderWriter(HeaderWriter) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer: Adds a HeaderWriter instance
additionalAuthenticationChecks(UserDetails, UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider: Allows subclasses to perform any additional checks of a returned (or cached) UserDetails for a given authentication request.
additionalAuthenticationChecks(UserDetails, UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
additionalParameters(Consumer<Map<String, Object>>) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest.Builder: A Consumer to be provided access to the additional parameter(s) allowing the ability to add, replace, or remove.
additionalParameters(Map<String, Object>) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse.Builder: Sets the additional parameters returned in the response.
additionalParameters(Map<String, Object>) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest.Builder: Sets the additional parameter(s) used in the request.
addListener(SmartApplicationListener) - Method in class org.springframework.security.context.DelegatingApplicationListener: Adds a new SmartApplicationListener to use.
addLogoutHandler(LogoutHandler) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer: Adds a LogoutHandler.
addObjectPostProcessor(ObjectPostProcessor<?>) - Method in class org.springframework.security.config.annotation.SecurityConfigurerAdapter: Adds an ObjectPostProcessor to be used for this SecurityConfigurerAdapter.
addParametersConverter(Converter<OAuth2PasswordGrantRequest, MultiValueMap<String, String>>) - Method in class org.springframework.security.oauth2.client.endpoint.OAuth2PasswordGrantRequestEntityConverter: Add (compose) the provided parametersConverter to the current Converter used for converting the AbstractOAuth2AuthorizationGrantRequest instance to a MultiValueMap of the parameters used in the OAuth 2.0 Access Token Request body.
addParametersConverter(Converter<T, MultiValueMap<String, String>>) - Method in class org.springframework.security.oauth2.client.endpoint.AbstractWebClientReactiveOAuth2AccessTokenResponseClient: Add (compose) the provided parametersConverter to the current Converter used for converting the AbstractOAuth2AuthorizationGrantRequest instance to a MultiValueMap used in the OAuth 2.0 Access Token Request body.
addPayloadInterceptor(PayloadInterceptor) - Method in class org.springframework.security.config.annotation.rsocket.RSocketSecurity: Adds a PayloadInterceptor to be used.
address(String) - Method in class org.springframework.security.oauth2.core.oidc.OidcUserInfo.Builder: Use this address in the resulting OidcUserInfo
ADDRESS - Static variable in class org.springframework.security.oauth2.core.oidc.OidcScopes: The address scope requests access to the address claim.
ADDRESS - Static variable in class org.springframework.security.oauth2.core.oidc.StandardClaimNames: address - the user's preferred postal address
AddressStandardClaim - Interface in org.springframework.security.oauth2.core.oidc: The Address Claim represents a physical mailing address defined by the OpenID Connect Core 1.0 specification that can be returned either in the UserInfo Response or the ID Token.
addSecureMethod(Class<?>, Method, List<ConfigAttribute>) - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource: Deprecated.

Adds configuration attributes for a specific method, for example where the method has been matched using a pointcut expression.
addSecureMethod(Class<?>, String, List<ConfigAttribute>) - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource: Deprecated.

Add configuration attributes for a secure method.
addSecurityFilterChainBuilder(SecurityBuilder<? extends SecurityFilterChain>) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity: Adds builders to create SecurityFilterChain instances.
addSha256Pins(String...) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.HpkpConfig: Deprecated.

Adds a list of SHA256 hashed pins for the pin- directive of the Public-Key-Pins header.
addSha256Pins(String...) - Method in class org.springframework.security.web.header.writers.HpkpHeaderWriter: Deprecated.

Adds a list of SHA256 hashed pins for the pin- directive of the Public-Key-Pins header.
addUserToGroup(String, String) - Method in interface org.springframework.security.provisioning.GroupManager: Makes a user a member of a particular group.
addUserToGroup(String, String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
admin - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
ADMINISTRATION - Static variable in class org.springframework.security.acls.domain.BasePermission
AesBytesEncryptor - Class in org.springframework.security.crypto.encrypt: Encryptor that uses AES encryption.
AesBytesEncryptor(String, CharSequence) - Constructor for class org.springframework.security.crypto.encrypt.AesBytesEncryptor: Constructs an encryptor that uses AES encryption.
AesBytesEncryptor(String, CharSequence, BytesKeyGenerator) - Constructor for class org.springframework.security.crypto.encrypt.AesBytesEncryptor: Constructs an encryptor that uses AES encryption.
AesBytesEncryptor(String, CharSequence, BytesKeyGenerator, AesBytesEncryptor.CipherAlgorithm) - Constructor for class org.springframework.security.crypto.encrypt.AesBytesEncryptor: Constructs an encryptor that uses AES encryption.
AesBytesEncryptor(SecretKey, BytesKeyGenerator, AesBytesEncryptor.CipherAlgorithm) - Constructor for class org.springframework.security.crypto.encrypt.AesBytesEncryptor: Constructs an encryptor that uses AES encryption.
AesBytesEncryptor.CipherAlgorithm - Enum Class in org.springframework.security.crypto.encrypt
AffirmativeBased - Class in org.springframework.security.access.vote: Deprecated.
Use AuthorizationManager instead
AffirmativeBased(List<AccessDecisionVoter<?>>) - Constructor for class org.springframework.security.access.vote.AffirmativeBased: Deprecated.
after(Authentication, MethodInvocation, PostInvocationAttribute, Object) - Method in class org.springframework.security.access.expression.method.ExpressionBasedPostInvocationAdvice: Deprecated.
after(Authentication, MethodInvocation, PostInvocationAttribute, Object) - Method in interface org.springframework.security.access.prepost.PostInvocationAuthorizationAdvice: Deprecated.
AFTER_INVOCATION_PROVIDER - Static variable in class org.springframework.security.config.Elements
afterConfigureAdded(WebTestClient.MockServerSpec<?>) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.CsrfMutator
afterConfigureAdded(WebTestClient.MockServerSpec<?>) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.JwtMutator
afterConfigureAdded(WebTestClient.MockServerSpec<?>) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.OAuth2ClientMutator
afterConfigureAdded(WebTestClient.MockServerSpec<?>) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.OAuth2LoginMutator
afterConfigureAdded(WebTestClient.MockServerSpec<?>) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.OidcLoginMutator
afterConfigureAdded(WebTestClient.MockServerSpec<?>) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.OpaqueTokenMutator
afterConfigureAdded(WebTestClient.MockServerSpec<?>) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.UserExchangeMutator
afterConfigurerAdded(WebTestClient.Builder, WebHttpHandlerBuilder, ClientHttpConnector) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.CsrfMutator
afterConfigurerAdded(WebTestClient.Builder, WebHttpHandlerBuilder, ClientHttpConnector) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.JwtMutator
afterConfigurerAdded(WebTestClient.Builder, WebHttpHandlerBuilder, ClientHttpConnector) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.OAuth2ClientMutator
afterConfigurerAdded(WebTestClient.Builder, WebHttpHandlerBuilder, ClientHttpConnector) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.OAuth2LoginMutator
afterConfigurerAdded(WebTestClient.Builder, WebHttpHandlerBuilder, ClientHttpConnector) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.OidcLoginMutator
afterConfigurerAdded(WebTestClient.Builder, WebHttpHandlerBuilder, ClientHttpConnector) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.OpaqueTokenMutator
afterConfigurerAdded(WebTestClient.Builder, WebHttpHandlerBuilder, ClientHttpConnector) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.UserExchangeMutator
afterHandshake(ServerHttpRequest, ServerHttpResponse, WebSocketHandler, Exception) - Method in class org.springframework.security.messaging.web.socket.server.CsrfTokenHandshakeInterceptor
afterInvocation(InterceptorStatusToken, Object) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor: Deprecated.

Completes the work of the AbstractSecurityInterceptor after the secure object invocation has been completed.
afterInvocationManager() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration: Deprecated.

Provide a custom AfterInvocationManager for the default implementation of GlobalMethodSecurityConfiguration.methodSecurityInterceptor(MethodSecurityMetadataSource).
AfterInvocationManager - Interface in org.springframework.security.access.intercept: Deprecated.
Use delegation with AuthorizationManager
AfterInvocationProvider - Interface in org.springframework.security.access: Deprecated.
Use delegation with AuthorizationManager
AfterInvocationProviderManager - Class in org.springframework.security.access.intercept: Deprecated.
Use delegation with AuthorizationManager
AfterInvocationProviderManager() - Constructor for class org.springframework.security.access.intercept.AfterInvocationProviderManager: Deprecated.
afterMessageHandled(Message<?>, MessageChannel, MessageHandler, Exception) - Method in class org.springframework.security.messaging.context.SecurityContextChannelInterceptor
afterPropertiesSet() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor: Deprecated.
afterPropertiesSet() - Method in class org.springframework.security.access.intercept.AfterInvocationProviderManager: Deprecated.
afterPropertiesSet() - Method in class org.springframework.security.access.intercept.MethodInvocationPrivilegeEvaluator: Deprecated.
afterPropertiesSet() - Method in class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider: Deprecated.
afterPropertiesSet() - Method in class org.springframework.security.access.intercept.RunAsManagerImpl: Deprecated.
afterPropertiesSet() - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager: Deprecated.
afterPropertiesSet() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
afterPropertiesSet() - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider: Validates the required properties are set.
afterPropertiesSet() - Method in class org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider
afterPropertiesSet() - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
afterPropertiesSet() - Method in class org.springframework.security.authentication.ProviderManager
afterPropertiesSet() - Method in class org.springframework.security.authentication.RememberMeAuthenticationProvider
afterPropertiesSet() - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
afterPropertiesSet() - Method in class org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper: Check whether all properties have been set to correct values.
afterPropertiesSet() - Method in class org.springframework.security.core.authority.mapping.SimpleAuthorityMapper
afterPropertiesSet() - Method in class org.springframework.security.core.token.KeyBasedPersistenceTokenService
afterPropertiesSet() - Method in class org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper: Check whether all required properties have been set.
afterPropertiesSet() - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticator
afterPropertiesSet() - Method in class org.springframework.security.ldap.server.ApacheDSContainer: Deprecated.
afterPropertiesSet() - Method in class org.springframework.security.ldap.server.UnboundIdContainer
afterPropertiesSet() - Method in class org.springframework.security.web.access.channel.ChannelDecisionManagerImpl
afterPropertiesSet() - Method in class org.springframework.security.web.access.channel.ChannelProcessingFilter
afterPropertiesSet() - Method in class org.springframework.security.web.access.channel.InsecureChannelProcessor
afterPropertiesSet() - Method in class org.springframework.security.web.access.channel.SecureChannelProcessor
afterPropertiesSet() - Method in class org.springframework.security.web.access.ExceptionTranslationFilter
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.AnonymousAuthenticationFilter
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter: Check whether all required properties have been set.
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource: Check that all required properties have been set.
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.preauth.j2ee.WebXmlMappableAttributesRetriever: Loads the web.xml file using the configured ResourceLoader and parses the role-name elements from it, using these as the set of mappableAttributes.
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider: Check whether all required properties have been set.
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
afterPropertiesSet() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
afterPropertiesSet() - Method in class org.springframework.security.web.FilterChainProxy
afterPropertiesSet() - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter
afterPropertiesSet() - Method in class org.springframework.security.web.session.ConcurrentSessionFilter
afterReceiveCompletion(Message<?>, MessageChannel, Exception) - Method in class org.springframework.security.messaging.access.intercept.ChannelSecurityInterceptor: Deprecated.
afterSendCompletion(Message<?>, MessageChannel, boolean, Exception) - Method in class org.springframework.security.messaging.access.intercept.ChannelSecurityInterceptor: Deprecated.
afterSendCompletion(Message<?>, MessageChannel, boolean, Exception) - Method in class org.springframework.security.messaging.context.SecurityContextChannelInterceptor
afterSingletonsInstantiated() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration: Deprecated.
afterSingletonsInstantiated() - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer: Deprecated.
afterSpringSecurityFilterChain(ServletContext) - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer: Invoked after the springSecurityFilterChain is added.
afterTestClass(TestContext) - Method in class org.springframework.security.test.context.support.ReactorContextTestExecutionListener
afterTestExecution(TestContext) - Method in class org.springframework.security.test.context.support.ReactorContextTestExecutionListener
afterTestMethod(TestContext) - Method in class org.springframework.security.test.context.support.ReactorContextTestExecutionListener
afterTestMethod(TestContext) - Method in class org.springframework.security.test.context.support.WithSecurityContextTestExecutionListener: Clears out the TestSecurityContextHolder and the SecurityContextHolder after each test method.
ALG - Static variable in class org.springframework.security.oauth2.jwt.JoseHeaderNames: alg - the algorithm header identifies the cryptographic algorithm used to secure a JWS or JWE
algorithm(JwaAlgorithm) - Method in class org.springframework.security.oauth2.jwt.JwsHeader.Builder: Sets the JWA algorithm used to digitally sign the JWS or encrypt the JWE.
ALL - Enum constant in enum class org.springframework.security.web.header.writers.ClearSiteDataHeaderWriter.Directive
ALL - Enum constant in enum class org.springframework.security.web.server.header.ClearSiteDataServerHttpHeadersWriter.Directive
allocateToken(String) - Method in class org.springframework.security.core.token.KeyBasedPersistenceTokenService
allocateToken(String) - Method in interface org.springframework.security.core.token.TokenService: Forces the allocation of a new Token.
allOf(AuthorizationManager<T>...) - Static method in class org.springframework.security.authorization.AuthorizationManagers: Creates an AuthorizationManager that grants access if all AuthorizationManagers granted or abstained, if managers are empty then granted decision is returned.
ALLOW_FROM - Enum constant in enum class org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter.XFrameOptionsMode: Deprecated.
ALLOW-FROM is an obsolete directive that no longer works in modern browsers. Instead use Content-Security-Policy with the frame-ancestors directive.
allowableSessionsExceeded(List<SessionInformation>, int, SessionRegistry) - Method in class org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy: Allows subclasses to customise behaviour when too many sessions are detected.
allowed(String) - Method in class org.springframework.security.web.header.writers.frameoptions.AbstractRequestParameterAllowFromStrategy: Deprecated.

Method to be implemented by base classes, used to determine if the supplied origin is allowed.
allowed(String) - Method in class org.springframework.security.web.header.writers.frameoptions.RegExpAllowFromStrategy: Deprecated.
allowed(String) - Method in class org.springframework.security.web.header.writers.frameoptions.WhiteListedAllowFromStrategy: Deprecated.
AllowFromStrategy - Interface in org.springframework.security.web.header.writers.frameoptions: Deprecated.
ALLOW-FROM is an obsolete directive that no longer works in modern browsers. Instead use Content-Security-Policy with the frame-ancestors directive.
AlreadyBuiltException - Exception in org.springframework.security.config.annotation: Thrown when AbstractSecurityBuilder.build() is two or more times.
AlreadyBuiltException(String) - Constructor for exception org.springframework.security.config.annotation.AlreadyBuiltException
AlreadyExistsException - Exception in org.springframework.security.acls.model: Thrown if an Acl entry already exists for the object.
AlreadyExistsException(String) - Constructor for exception org.springframework.security.acls.model.AlreadyExistsException: Constructs an AlreadyExistsException with the specified message.
AlreadyExistsException(String, Throwable) - Constructor for exception org.springframework.security.acls.model.AlreadyExistsException: Constructs an AlreadyExistsException with the specified message and root cause.
ALWAYS - Enum constant in enum class org.springframework.security.config.http.SessionCreationPolicy: Always create an HttpSession
alwaysRemember(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer: Whether the cookie should always be created even if the remember-me parameter is not set.
AMR - Static variable in class org.springframework.security.oauth2.core.oidc.IdTokenClaimNames: amr - the Authentication Methods References
and() - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.ContextSourceBuilder: Gets the LdapAuthenticationProviderConfigurer for further customizations
and() - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.PasswordCompareConfigurer: Allows obtaining a reference to the LdapAuthenticationProviderConfigurer for further customizations
and() - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder: Returns the UserDetailsManagerConfigurer for method chaining (i.e.
and() - Method in class org.springframework.security.config.annotation.SecurityConfigurerAdapter: Return the SecurityBuilder when done using the SecurityConfigurer.
and() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity.RequestMatcherConfigurer: Return the HttpSecurity for further customizations
and() - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity.IgnoredRequestConfigurer: Returns the WebSecurity to be returned for chaining.
and() - Method in class org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry: Return the HttpSecurityBuilder when done using the AuthorizeHttpRequestsConfigurer.
and() - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.ChannelRequestMatcherRegistry: Return the SecurityBuilder when done using the SecurityConfigurer.
and() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry: Deprecated.
and() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.CacheControlConfig: Allows completing configuration of Cache Control and continuing configuration of headers.
and() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.ContentSecurityPolicyConfig: Allows completing configuration of Content Security Policy and continuing configuration of headers.
and() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.ContentTypeOptionsConfig: Allows customizing the HeadersConfigurer
and() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.CrossOriginEmbedderPolicyConfig: Allows completing configuration of Cross-Origin-Embedder-Policy and continuing configuration of headers.
and() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.CrossOriginOpenerPolicyConfig: Allows completing configuration of Cross Origin Opener Policy and continuing configuration of headers.
and() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.CrossOriginResourcePolicyConfig: Allows completing configuration of Cross-Origin-Resource-Policy and continuing configuration of headers.
and() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.FeaturePolicyConfig: Allows completing configuration of Feature Policy and continuing configuration of headers.
and() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.FrameOptionsConfig: Allows continuing customizing the headers configuration.
and() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.HpkpConfig: Deprecated.

Allows completing configuration of Public Key Pinning and continuing configuration of headers.
and() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.HstsConfig: Allows completing configuration of Strict Transport Security and continuing configuration of headers.
and() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.PermissionsPolicyConfig: Allows completing configuration of Permissions Policy and continuing configuration of headers.
and() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.ReferrerPolicyConfig
and() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.XXssConfig: Allows completing configuration of X-XSS-Protection and continuing configuration of headers.
and() - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2ClientConfigurer.AuthorizationCodeGrantConfigurer: Returns the OAuth2ClientConfigurer for further configuration.
and() - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer.AuthorizationEndpointConfig: Returns the OAuth2LoginConfigurer for further configuration.
and() - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer.RedirectionEndpointConfig: Returns the OAuth2LoginConfigurer for further configuration.
and() - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer.TokenEndpointConfig: Returns the OAuth2LoginConfigurer for further configuration.
and() - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer.UserInfoEndpointConfig: Returns the OAuth2LoginConfigurer for further configuration.
and() - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer.JwtConfigurer
and() - Method in class org.springframework.security.config.annotation.web.configurers.saml2.Saml2LogoutConfigurer.LogoutRequestConfigurer
and() - Method in class org.springframework.security.config.annotation.web.configurers.saml2.Saml2LogoutConfigurer.LogoutResponseConfigurer
and() - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.ConcurrencyControlConfigurer: Used to chain back to the SessionManagementConfigurer
and() - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.StandardInterceptUrlRegistry: Deprecated.
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.AnonymousSpec: Allows method chaining to continue configuring the ServerHttpSecurity
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.AuthorizeExchangeSpec: Allows method chaining to continue configuring the ServerHttpSecurity
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.CorsSpec: Allows method chaining to continue configuring the ServerHttpSecurity
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.CsrfSpec: Allows method chaining to continue configuring the ServerHttpSecurity
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.ExceptionHandlingSpec: Allows method chaining to continue configuring the ServerHttpSecurity
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.FormLoginSpec: Allows method chaining to continue configuring the ServerHttpSecurity
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec: Allows method chaining to continue configuring the ServerHttpSecurity
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.ContentSecurityPolicySpec: Allows method chaining to continue configuring the ServerHttpSecurity.
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.CrossOriginEmbedderPolicySpec: Allows method chaining to continue configuring the ServerHttpSecurity.
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.CrossOriginOpenerPolicySpec: Allows method chaining to continue configuring the ServerHttpSecurity.
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.CrossOriginResourcePolicySpec: Allows method chaining to continue configuring the ServerHttpSecurity.
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.FeaturePolicySpec: Allows method chaining to continue configuring the ServerHttpSecurity.
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.HstsSpec: Allows method chaining to continue configuring the ServerHttpSecurity
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.PermissionsPolicySpec: Allows method chaining to continue configuring the ServerHttpSecurity.
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.ReferrerPolicySpec: Allows method chaining to continue configuring the ServerHttpSecurity.
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HttpBasicSpec: Allows method chaining to continue configuring the ServerHttpSecurity
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HttpsRedirectSpec: Allows method chaining to continue configuring the ServerHttpSecurity
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.LogoutSpec: Allows method chaining to continue configuring the ServerHttpSecurity
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ClientSpec: Allows method chaining to continue configuring the ServerHttpSecurity
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2LoginSpec: Allows method chaining to continue configuring the ServerHttpSecurity
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpec
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec.OpaqueTokenSpec: Allows method chaining to continue configuring the ServerHttpSecurity
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.PasswordManagementSpec: Allows method chaining to continue configuring the ServerHttpSecurity.
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.RequestCacheSpec: Allows method chaining to continue configuring the ServerHttpSecurity
and() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.X509Spec
AndMessageMatcher<T> - Class in org.springframework.security.messaging.util.matcher: MessageMatcher that will return true if all of the passed in MessageMatcher instances match.
AndMessageMatcher(List<MessageMatcher<T>>) - Constructor for class org.springframework.security.messaging.util.matcher.AndMessageMatcher: Creates a new instance
AndMessageMatcher(MessageMatcher<T>...) - Constructor for class org.springframework.security.messaging.util.matcher.AndMessageMatcher: Creates a new instance
AndRequestMatcher - Class in org.springframework.security.web.util.matcher: RequestMatcher that will return true if all of the passed in RequestMatcher instances match.
AndRequestMatcher(List<RequestMatcher>) - Constructor for class org.springframework.security.web.util.matcher.AndRequestMatcher: Creates a new instance
AndRequestMatcher(RequestMatcher...) - Constructor for class org.springframework.security.web.util.matcher.AndRequestMatcher: Creates a new instance
AndServerWebExchangeMatcher - Class in org.springframework.security.web.server.util.matcher: Matches if all the provided ServerWebExchangeMatcher match
AndServerWebExchangeMatcher(List<ServerWebExchangeMatcher>) - Constructor for class org.springframework.security.web.server.util.matcher.AndServerWebExchangeMatcher
AndServerWebExchangeMatcher(ServerWebExchangeMatcher...) - Constructor for class org.springframework.security.web.server.util.matcher.AndServerWebExchangeMatcher
AnnotationMetadataExtractor<A extends Annotation> - Interface in org.springframework.security.access.annotation: Deprecated.
Used only by now-deprecated classes. Consider SecuredAuthorizationManager for `@Secured` methods.
AnnotationParameterNameDiscoverer - Class in org.springframework.security.core.parameters: Allows finding parameter names using the value attribute of any number of Annotation instances.
AnnotationParameterNameDiscoverer(String...) - Constructor for class org.springframework.security.core.parameters.AnnotationParameterNameDiscoverer
AnnotationParameterNameDiscoverer(Set<String>) - Constructor for class org.springframework.security.core.parameters.AnnotationParameterNameDiscoverer
anonymous() - Static method in class org.springframework.security.authorization.AuthenticatedAuthorizationManager: Creates an instance of AuthenticatedAuthorizationManager that determines if the Authentication is anonymous.
anonymous() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Allows configuring how an anonymous user is represented.
anonymous() - Method in class org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer.AuthorizedUrl: Specify that URLs are allowed by anonymous users.
anonymous() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl: Deprecated.

Specify that URLs are allowed by anonymous users.
anonymous() - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.AuthorizedUrl: Deprecated.

Specifies that an anonymous user is allowed access
anonymous() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint: Deprecated.

Specify that Messages are allowed by anonymous users.
anonymous() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Enables and Configures anonymous authentication.
anonymous() - Method in class org.springframework.security.messaging.access.intercept.MessageMatcherDelegatingAuthorizationManager.Builder.Constraint: Specify that Messages are allowed by anonymous users.
anonymous() - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors: Establish a SecurityContext that uses an AnonymousAuthenticationToken.
anonymous(Customizer<AnonymousConfigurer<HttpSecurity>>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Allows configuring how an anonymous user is represented.
anonymous(Customizer<ServerHttpSecurity.AnonymousSpec>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Enables and Configures anonymous authentication.
ANONYMOUS - Enum constant in enum class org.springframework.security.config.annotation.rsocket.PayloadInterceptorOrder: Where anonymous authentication is placed.
ANONYMOUS - Static variable in class org.springframework.security.config.Elements
ANONYMOUS_AUTHENTICATION - Enum constant in enum class org.springframework.security.config.web.server.SecurityWebFiltersOrder: Instance of AnonymousAuthenticationWebFilter
AnonymousAuthenticationFilter - Class in org.springframework.security.web.authentication: Detects if there is no Authentication object in the SecurityContextHolder, and populates it with one if needed.
AnonymousAuthenticationFilter(String) - Constructor for class org.springframework.security.web.authentication.AnonymousAuthenticationFilter: Creates a filter with a principal named "anonymousUser" and the single authority "ROLE_ANONYMOUS".
AnonymousAuthenticationFilter(String, Object, List<GrantedAuthority>) - Constructor for class org.springframework.security.web.authentication.AnonymousAuthenticationFilter
AnonymousAuthenticationProvider - Class in org.springframework.security.authentication: An AuthenticationProvider implementation that validates AnonymousAuthenticationTokens.
AnonymousAuthenticationProvider(String) - Constructor for class org.springframework.security.authentication.AnonymousAuthenticationProvider
AnonymousAuthenticationToken - Class in org.springframework.security.authentication: Represents an anonymous Authentication.
AnonymousAuthenticationToken(String, Object, Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.authentication.AnonymousAuthenticationToken: Constructor.
AnonymousAuthenticationWebFilter - Class in org.springframework.security.web.server.authentication: Detects if there is no Authentication object in the ReactiveSecurityContextHolder, and populates it with one if needed.
AnonymousAuthenticationWebFilter(String) - Constructor for class org.springframework.security.web.server.authentication.AnonymousAuthenticationWebFilter: Creates a filter with a principal named "anonymousUser" and the single authority "ROLE_ANONYMOUS".
AnonymousAuthenticationWebFilter(String, Object, List<GrantedAuthority>) - Constructor for class org.springframework.security.web.server.authentication.AnonymousAuthenticationWebFilter
AnonymousConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers: Configures Anonymous authentication (i.e.
AnonymousConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer: Creates a new instance
AnonymousPayloadInterceptor - Class in org.springframework.security.rsocket.authentication: If ReactiveSecurityContextHolder is empty populates an AnonymousAuthenticationToken
AnonymousPayloadInterceptor(String) - Constructor for class org.springframework.security.rsocket.authentication.AnonymousPayloadInterceptor: Creates a filter with a principal named "anonymousUser" and the single authority "ROLE_ANONYMOUS".
AnonymousPayloadInterceptor(String, Object, List<GrantedAuthority>) - Constructor for class org.springframework.security.rsocket.authentication.AnonymousPayloadInterceptor
ant - Enum constant in enum class org.springframework.security.config.http.MatcherType
antMatcher(String) - Static method in class org.springframework.security.web.util.matcher.AntPathRequestMatcher: Creates a matcher with the specific pattern which will match all HTTP methods in a case-sensitive manner.
antMatcher(HttpMethod) - Static method in class org.springframework.security.web.util.matcher.AntPathRequestMatcher: Creates a matcher that will match all request with the supplied HTTP method in a case-sensitive manner.
antMatcher(HttpMethod, String) - Static method in class org.springframework.security.web.util.matcher.AntPathRequestMatcher: Creates a matcher with the supplied pattern and HTTP method in a case-sensitive manner.
AntPathRequestMatcher - Class in org.springframework.security.web.util.matcher: Matcher which compares a pre-defined ant-style pattern against the URL ( servletPath + pathInfo) of an HttpServletRequest.
AntPathRequestMatcher(String) - Constructor for class org.springframework.security.web.util.matcher.AntPathRequestMatcher: Creates a matcher with the specific pattern which will match all HTTP methods in a case sensitive manner.
AntPathRequestMatcher(String, String) - Constructor for class org.springframework.security.web.util.matcher.AntPathRequestMatcher: Creates a matcher with the supplied pattern and HTTP method in a case sensitive manner.
AntPathRequestMatcher(String, String, boolean) - Constructor for class org.springframework.security.web.util.matcher.AntPathRequestMatcher: Creates a matcher with the supplied pattern which will match the specified Http method
AntPathRequestMatcher(String, String, boolean, UrlPathHelper) - Constructor for class org.springframework.security.web.util.matcher.AntPathRequestMatcher: Creates a matcher with the supplied pattern which will match the specified Http method
ANY_CHANNEL - Static variable in class org.springframework.security.web.access.channel.ChannelDecisionManagerImpl
ANY_MESSAGE - Static variable in interface org.springframework.security.messaging.util.matcher.MessageMatcher: Matches every Message
anyExchange() - Method in class org.springframework.security.config.annotation.rsocket.RSocketSecurity.AuthorizePayloadsSpec: Always matches
anyExchange() - Method in class org.springframework.security.config.web.server.AbstractServerWebExchangeMatcherRegistry: Maps any request.
anyExchange() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.AuthorizeExchangeSpec: Disables authorization.
anyExchange() - Static method in class org.springframework.security.rsocket.util.matcher.PayloadExchangeMatchers
anyExchange() - Static method in class org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers: Matches any exchange
anyMessage() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry: Deprecated.

Maps any Message to a security expression.
anyMessage() - Method in class org.springframework.security.messaging.access.intercept.MessageMatcherDelegatingAuthorizationManager.Builder: Maps any Message to a security expression.
anyOf(AuthorizationManager<T>...) - Static method in class org.springframework.security.authorization.AuthorizationManagers: Creates an AuthorizationManager that grants access if at least one AuthorizationManager granted or abstained, if managers are empty then denied decision is returned.
anyRequest() - Method in class org.springframework.security.config.annotation.rsocket.RSocketSecurity.AuthorizePayloadsSpec: Matches if PayloadExchangeType.isRequest() is true, else not a match
anyRequest() - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry: Maps any request.
anyRequest() - Static method in class org.springframework.security.rsocket.util.matcher.PayloadExchangeMatchers
AnyRequestMatcher - Class in org.springframework.security.web.util.matcher: Matches any supplied request.
ApacheDSContainer - Class in org.springframework.security.ldap.server: Deprecated.
Use UnboundIdContainer instead because ApacheDS 1.x is no longer supported with no GA version to replace it.
ApacheDSContainer(String, String) - Constructor for class org.springframework.security.ldap.server.ApacheDSContainer: Deprecated.
appendFilters(ServletContext, Filter...) - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer: Inserts the provided Filters after existing Filters using default generated names, AbstractSecurityWebApplicationInitializer.getSecurityDispatcherTypes(), and AbstractSecurityWebApplicationInitializer.isAsyncSecuritySupported().
apply(C) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder: Applies a SecurityConfigurerAdapter to this SecurityBuilder and invokes SecurityConfigurerAdapter.setBuilder(SecurityBuilder).
apply(Row, RowMetadata) - Method in class org.springframework.security.oauth2.client.R2dbcReactiveOAuth2AuthorizedClientService.OAuth2AuthorizedClientRowMapper
apply(SocketAcceptor) - Method in class org.springframework.security.rsocket.core.PayloadSocketAcceptorInterceptor
apply(SocketAcceptor) - Method in class org.springframework.security.rsocket.core.SecuritySocketAcceptorInterceptor
apply(JdbcOAuth2AuthorizedClientService.OAuth2AuthorizedClientHolder) - Method in class org.springframework.security.oauth2.client.JdbcOAuth2AuthorizedClientService.OAuth2AuthorizedClientParametersMapper
apply(OAuth2AuthorizeRequest) - Method in class org.springframework.security.oauth2.client.AuthorizedClientServiceOAuth2AuthorizedClientManager.DefaultContextAttributesMapper
apply(OAuth2AuthorizeRequest) - Method in class org.springframework.security.oauth2.client.AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager.DefaultContextAttributesMapper
apply(OAuth2AuthorizeRequest) - Method in class org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizedClientManager.DefaultContextAttributesMapper
apply(OAuth2AuthorizeRequest) - Method in class org.springframework.security.oauth2.client.web.DefaultReactiveOAuth2AuthorizedClientManager.DefaultContextAttributesMapper
apply(R2dbcReactiveOAuth2AuthorizedClientService.OAuth2AuthorizedClientHolder) - Method in class org.springframework.security.oauth2.client.R2dbcReactiveOAuth2AuthorizedClientService.OAuth2AuthorizedClientParametersMapper
apply(ServerWebExchange) - Method in class org.springframework.security.web.server.ServerFormLoginAuthenticationConverter: Deprecated.
apply(ServerWebExchange) - Method in class org.springframework.security.web.server.ServerHttpBasicAuthenticationConverter: Deprecated.
Argon2PasswordEncoder - Class in org.springframework.security.crypto.argon2: Implementation of PasswordEncoder that uses the Argon2 hashing function.
Argon2PasswordEncoder(int, int, int, int, int) - Constructor for class org.springframework.security.crypto.argon2.Argon2PasswordEncoder: Constructs an Argon2 password encoder with the provided parameters.
asHeader() - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.CsrfRequestPostProcessor: Instead of using the CsrfToken as a request parameter (default) will populate the CsrfToken as a header.
AspectJCallback - Interface in org.springframework.security.access.intercept.aspectj: Deprecated.
This class will be removed from the public API. Please either use `spring-security-aspects`, Spring Security's method security support or create your own class that uses Spring AOP annotations.
AspectJMethodSecurityInterceptor - Class in org.springframework.security.access.intercept.aspectj: Deprecated.
This class will be removed from the public API. Please either use `spring-security-aspects`, Spring Security's method security support or create your own class that uses Spring AOP annotations.
AspectJMethodSecurityInterceptor() - Constructor for class org.springframework.security.access.intercept.aspectj.AspectJMethodSecurityInterceptor: Deprecated.
assertingPartyDetails(Consumer<RelyingPartyRegistration.AssertingPartyDetails.Builder>) - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.Builder: Apply this Consumer to further configure the Asserting Party details
ASSERTION - Static variable in class org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames: assertion - used in Access Token Request.
assertionConsumerServiceBinding(Saml2MessageBinding) - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.Builder: Set the AssertionConsumerService Binding.
assertionConsumerServiceLocation(String) - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.Builder: Set the AssertionConsumerService Location.
AT_HASH - Static variable in class org.springframework.security.oauth2.core.oidc.IdTokenClaimNames: at_hash - the Access Token hash value
ATT_GROUP_ROLE_ATTRIBUTE - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
ATT_GROUP_SEARCH_BASE - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
ATT_GROUP_SEARCH_FILTER - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
ATT_HASH - Static variable in class org.springframework.security.config.authentication.PasswordEncoderParser
ATT_LDIF_FILE - Static variable in class org.springframework.security.config.ldap.LdapServerBeanDefinitionParser: Optionally defines an ldif resource to be loaded.
ATT_PORT - Static variable in class org.springframework.security.config.ldap.LdapServerBeanDefinitionParser: Defines the port the LDAP_PROVIDER server should run on
ATT_ROOT_SUFFIX - Static variable in class org.springframework.security.config.ldap.LdapServerBeanDefinitionParser: sets the configuration suffix (default is "dc=springframework,dc=org").
ATT_SERVER - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
ATT_USER_SEARCH_BASE - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
ATT_USER_SEARCH_FILTER - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
attemptAuthentication(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter
attemptAuthentication(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.saml2.provider.service.web.authentication.Saml2WebSsoAuthenticationFilter
attemptAuthentication(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter: Performs actual authentication.
attemptAuthentication(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
attemptExitUser(HttpServletRequest) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter: Attempt to exit from an already switched user.
attemptSwitchUser(HttpServletRequest) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter: Attempt to switch to another user.
attribute(String, Object) - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizationContext.Builder: Sets an attribute associated to the context.
attribute(String, Object) - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizeRequest.Builder: Sets an attribute associated to the request.
attributes(Consumer<Map<String, Object>>) - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizationContext.Builder: Provides a Consumer access to the attributes associated to the context.
attributes(Consumer<Map<String, Object>>) - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizeRequest.Builder: Provides a Consumer access to the attributes associated to the request.
attributes(Consumer<Map<String, Object>>) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest.Builder: A Consumer to be provided access to the attribute(s) allowing the ability to add, replace, or remove.
attributes(Consumer<Map<String, Object>>) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.OAuth2LoginMutator: Mutate the attributes using the given Consumer
attributes(Consumer<Map<String, Object>>) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.OpaqueTokenMutator: Mutate the attributes using the given Consumer
attributes(Consumer<Map<String, Object>>) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.OAuth2LoginRequestPostProcessor: Mutate the attributes using the given Consumer
attributes(Consumer<Map<String, Object>>) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.OpaqueTokenRequestPostProcessor: Mutate the attributes using the given Consumer
attributes(Map<String, Object>) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest.Builder: Sets the attributes associated to the request.
Attributes2GrantedAuthoritiesMapper - Interface in org.springframework.security.core.authority.mapping: Interface to be implemented by classes that can map a list of security attributes (such as roles or group names) to a collection of Spring Security GrantedAuthoritys.
AUD - Static variable in class org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimNames: aud - The intended audience for the token
AUD - Static variable in class org.springframework.security.oauth2.core.oidc.IdTokenClaimNames: aud - the Audience(s) that the ID Token is intended for
AUD - Static variable in class org.springframework.security.oauth2.jwt.JwtClaimNames: aud - the Audience claim identifies the recipient(s) that the JWT is intended for
audience(Collection<String>) - Method in class org.springframework.security.oauth2.core.oidc.OidcIdToken.Builder: Use this audience in the resulting OidcIdToken
audience(Collection<String>) - Method in class org.springframework.security.oauth2.jwt.Jwt.Builder: Use this audience in the resulting Jwt
audience(List<String>) - Method in class org.springframework.security.oauth2.jwt.JwtClaimsSet.Builder: Sets the audience (aud) claim, which identifies the recipient(s) that the JWT is intended for.
AuditableAccessControlEntry - Interface in org.springframework.security.acls.model: Represents an ACE that provides auditing information.
AuditableAcl - Interface in org.springframework.security.acls.model: A mutable ACL that provides audit capabilities.
AuditLogger - Interface in org.springframework.security.acls.domain: Used by AclImpl to log audit events.
AUTH_TIME - Static variable in class org.springframework.security.oauth2.core.oidc.IdTokenClaimNames: auth_time - the time when the End-User authentication occurred
authenticate(Authentication) - Method in class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider: Deprecated.
authenticate(Authentication) - Method in class org.springframework.security.authentication.AbstractUserDetailsReactiveAuthenticationManager
authenticate(Authentication) - Method in class org.springframework.security.authentication.AnonymousAuthenticationProvider
authenticate(Authentication) - Method in interface org.springframework.security.authentication.AuthenticationManager: Attempts to authenticate the passed Authentication object, returning a fully populated Authentication object (including granted authorities) if successful.
authenticate(Authentication) - Method in interface org.springframework.security.authentication.AuthenticationProvider: Performs authentication with the same contract as AuthenticationManager.authenticate(Authentication) .
authenticate(Authentication) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
authenticate(Authentication) - Method in class org.springframework.security.authentication.DelegatingReactiveAuthenticationManager
authenticate(Authentication) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider: Attempts to login the user given the Authentication objects principal and credential
authenticate(Authentication) - Method in class org.springframework.security.authentication.ObservationAuthenticationManager
authenticate(Authentication) - Method in class org.springframework.security.authentication.ObservationReactiveAuthenticationManager
authenticate(Authentication) - Method in class org.springframework.security.authentication.ProviderManager: Attempts to authenticate the passed Authentication object.
authenticate(Authentication) - Method in interface org.springframework.security.authentication.ReactiveAuthenticationManager: Attempts to authenticate the provided Authentication
authenticate(Authentication) - Method in class org.springframework.security.authentication.ReactiveAuthenticationManagerAdapter
authenticate(Authentication) - Method in class org.springframework.security.authentication.RememberMeAuthenticationProvider
authenticate(Authentication) - Method in class org.springframework.security.authentication.TestingAuthenticationProvider
authenticate(Authentication) - Method in class org.springframework.security.config.authentication.AuthenticationManagerBeanDefinitionParser.NullAuthenticationProvider
authenticate(Authentication) - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
authenticate(Authentication) - Method in class org.springframework.security.ldap.authentication.BindAuthenticator
authenticate(Authentication) - Method in interface org.springframework.security.ldap.authentication.LdapAuthenticator: Authenticates as a user and obtains additional user information from the directory.
authenticate(Authentication) - Method in class org.springframework.security.ldap.authentication.PasswordComparisonAuthenticator
authenticate(Authentication) - Method in class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationProvider
authenticate(Authentication) - Method in class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeReactiveAuthenticationManager
authenticate(Authentication) - Method in class org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationProvider
authenticate(Authentication) - Method in class org.springframework.security.oauth2.client.authentication.OAuth2LoginReactiveAuthenticationManager
authenticate(Authentication) - Method in class org.springframework.security.oauth2.client.oidc.authentication.OidcAuthorizationCodeAuthenticationProvider
authenticate(Authentication) - Method in class org.springframework.security.oauth2.client.oidc.authentication.OidcAuthorizationCodeReactiveAuthenticationManager
authenticate(Authentication) - Method in class org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationProvider: Decode and validate the Bearer Token.
authenticate(Authentication) - Method in class org.springframework.security.oauth2.server.resource.authentication.JwtReactiveAuthenticationManager
authenticate(Authentication) - Method in class org.springframework.security.oauth2.server.resource.authentication.OpaqueTokenAuthenticationProvider: Introspect and validate the opaque Bearer Token and then delegates Authentication instantiation to OpaqueTokenAuthenticationConverter.
authenticate(Authentication) - Method in class org.springframework.security.oauth2.server.resource.authentication.OpaqueTokenReactiveAuthenticationManager: Introspect and validate the opaque Bearer Token and then delegates Authentication instantiation to ReactiveOpaqueTokenAuthenticationConverter.
authenticate(Authentication) - Method in class org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationProvider
authenticate(Authentication) - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider: Authenticate the given PreAuthenticatedAuthenticationToken.
authenticate(Authentication) - Method in class org.springframework.security.web.server.authentication.ReactivePreAuthenticatedAuthenticationManager
authenticated() - Static method in class org.springframework.security.authorization.AuthenticatedAuthorizationManager: Creates an instance of AuthenticatedAuthorizationManager.
authenticated() - Static method in class org.springframework.security.authorization.AuthenticatedReactiveAuthorizationManager: Gets an instance of AuthenticatedReactiveAuthorizationManager
authenticated() - Method in class org.springframework.security.config.annotation.rsocket.RSocketSecurity.AuthorizePayloadsSpec.Access
authenticated() - Method in class org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer.AuthorizedUrl: Specify that URLs are allowed by any authenticated user.
authenticated() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl: Deprecated.

Specify that URLs are allowed by any authenticated user.
authenticated() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint: Deprecated.

Specify that Messages are allowed by any authenticated user.
authenticated() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.AuthorizeExchangeSpec.Access: Require an authenticated user
authenticated() - Method in class org.springframework.security.messaging.access.intercept.MessageMatcherDelegatingAuthorizationManager.Builder.Constraint: Specify that Messages are allowed by any authenticated user.
authenticated() - Static method in class org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers: ResultMatcher that verifies that a specified user is authenticated.
authenticated(Object, Object, Collection<? extends GrantedAuthority>) - Static method in class org.springframework.security.authentication.UsernamePasswordAuthenticationToken: This factory method can be safely used by any code that wishes to create a authenticated UsernamePasswordAuthenticationToken.
AuthenticatedAuthorizationManager<T> - Class in org.springframework.security.authorization: An AuthorizationManager that determines if the current user is authenticated.
AuthenticatedAuthorizationManager() - Constructor for class org.springframework.security.authorization.AuthenticatedAuthorizationManager: Creates an instance that determines if the current user is authenticated, this is the same as calling AuthenticatedAuthorizationManager.authenticated() factory method.
AuthenticatedPrincipal - Interface in org.springframework.security.core: Representation of an authenticated Principal once an Authentication request has been successfully authenticated by the AuthenticationManager.authenticate(Authentication) method.
AuthenticatedPrincipalOAuth2AuthorizedClientRepository - Class in org.springframework.security.oauth2.client.web: An implementation of an OAuth2AuthorizedClientRepository that delegates to the provided OAuth2AuthorizedClientService if the current Principal is authenticated, otherwise, to the default (or provided) OAuth2AuthorizedClientRepository if the current request is unauthenticated (or anonymous).
AuthenticatedPrincipalOAuth2AuthorizedClientRepository(OAuth2AuthorizedClientService) - Constructor for class org.springframework.security.oauth2.client.web.AuthenticatedPrincipalOAuth2AuthorizedClientRepository: Constructs a AuthenticatedPrincipalOAuth2AuthorizedClientRepository using the provided parameters.
AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository - Class in org.springframework.security.oauth2.client.web.server: An implementation of an ServerOAuth2AuthorizedClientRepository that delegates to the provided ServerOAuth2AuthorizedClientRepository if the current Principal is authenticated, otherwise, to the default (or provided) ServerOAuth2AuthorizedClientRepository if the current request is unauthenticated (or anonymous).
AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository(ReactiveOAuth2AuthorizedClientService) - Constructor for class org.springframework.security.oauth2.client.web.server.AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository: Creates an instance
AuthenticatedReactiveAuthorizationManager<T> - Class in org.springframework.security.authorization: A ReactiveAuthorizationManager that determines if the current user is authenticated.
authenticatedUserDetailsService(AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken>) - Method in class org.springframework.security.config.annotation.web.configurers.JeeConfigurer: Specifies the AuthenticationUserDetailsService that is used with the PreAuthenticatedAuthenticationProvider.
AuthenticatedVoter - Class in org.springframework.security.access.vote: Deprecated.
Use AuthorityAuthorizationManager instead
AuthenticatedVoter() - Constructor for class org.springframework.security.access.vote.AuthenticatedVoter: Deprecated.
authentication(Authentication) - Static method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction: Modifies the ClientRequest.attributes() to include the Authentication used to look up and save the OAuth2AuthorizedClient.
authentication(Authentication) - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors: Establish a SecurityContext that uses the specified Authentication for the Authentication.getPrincipal() and a custom UserDetails.
Authentication - Interface in org.springframework.security.core: Represents the token for an authentication request or for an authenticated principal once the request has been processed by the AuthenticationManager.authenticate(Authentication) method.
AUTHENTICATION - Enum constant in enum class org.springframework.security.config.annotation.rsocket.PayloadInterceptorOrder: A generic placeholder for other types of authentication.
AUTHENTICATION - Enum constant in enum class org.springframework.security.config.web.server.SecurityWebFiltersOrder
AUTHENTICATION_EXCEPTION - Static variable in class org.springframework.security.web.WebAttributes: Used to cache an authentication-failure exception in the session.
AUTHENTICATION_MANAGER - Static variable in class org.springframework.security.config.BeanIds: The "global" AuthenticationManager instance, registered by the <authentication-manager> element
AUTHENTICATION_MANAGER - Static variable in class org.springframework.security.config.Elements
AUTHENTICATION_PROVIDER - Static variable in class org.springframework.security.config.Elements
AUTHENTICATION_SCHEME_BASIC - Static variable in class org.springframework.security.web.authentication.www.BasicAuthenticationConverter
AuthenticationConfiguration - Class in org.springframework.security.config.annotation.authentication.configuration: Exports the authentication Configuration
AuthenticationConfiguration() - Constructor for class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
authenticationContextClass(String) - Method in class org.springframework.security.oauth2.core.oidc.OidcIdToken.Builder: Use this authentication context class reference in the resulting OidcIdToken
authenticationConverter(OpaqueTokenAuthenticationConverter) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer.OpaqueTokenConfigurer
authenticationConverter(ReactiveOpaqueTokenAuthenticationConverter) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec.OpaqueTokenSpec
authenticationConverter(AuthenticationConverter) - Method in class org.springframework.security.config.annotation.web.configurers.saml2.Saml2LoginConfigurer: Use this AuthenticationConverter when converting incoming requests to an Authentication.
authenticationConverter(ServerAuthenticationConverter) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ClientSpec: Sets the converter to use
authenticationConverter(ServerAuthenticationConverter) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2LoginSpec: Sets the converter to use
AuthenticationConverter - Interface in org.springframework.security.web.authentication: A strategy used for converting from a HttpServletRequest to an Authentication of particular type.
AuthenticationConverterServerWebExchangeMatcher - Class in org.springframework.security.web.server.authentication: Matches if the ServerAuthenticationConverter can convert a ServerWebExchange to an Authentication.
AuthenticationConverterServerWebExchangeMatcher(ServerAuthenticationConverter) - Constructor for class org.springframework.security.web.server.authentication.AuthenticationConverterServerWebExchangeMatcher
AuthenticationCredentialsNotFoundEvent - Class in org.springframework.security.access.event: Deprecated.
Authentication is now separated from authorization. Consider AbstractAuthenticationFailureEvent instead.
AuthenticationCredentialsNotFoundEvent(Object, Collection<ConfigAttribute>, AuthenticationCredentialsNotFoundException) - Constructor for class org.springframework.security.access.event.AuthenticationCredentialsNotFoundEvent: Deprecated.

Construct the event.
AuthenticationCredentialsNotFoundException - Exception in org.springframework.security.authentication: Thrown if an authentication request is rejected because there is no Authentication object in the SecurityContext.
AuthenticationCredentialsNotFoundException(String) - Constructor for exception org.springframework.security.authentication.AuthenticationCredentialsNotFoundException: Constructs an AuthenticationCredentialsNotFoundException with the specified message.
AuthenticationCredentialsNotFoundException(String, Throwable) - Constructor for exception org.springframework.security.authentication.AuthenticationCredentialsNotFoundException: Constructs an AuthenticationCredentialsNotFoundException with the specified message and root cause.
authenticationDetailsSource - Variable in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
authenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer: Specifies a custom AuthenticationDetailsSource.
authenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.config.annotation.web.configurers.HttpBasicConfigurer: Specifies a custom AuthenticationDetailsSource to use for basic authentication.
authenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails>) - Method in class org.springframework.security.config.annotation.web.configurers.X509Configurer: Specifies the AuthenticationDetailsSource
AuthenticationDetailsSource<C,T> - Interface in org.springframework.security.authentication: Provides a Authentication.getDetails() object for a given web request.
authenticationEntryPoint(AuthenticationEntryPoint) - Method in class org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer: Sets the AuthenticationEntryPoint to be used.
authenticationEntryPoint(AuthenticationEntryPoint) - Method in class org.springframework.security.config.annotation.web.configurers.HttpBasicConfigurer: The AuthenticationEntryPoint to be populated on BasicAuthenticationFilter in the event that authentication fails.
authenticationEntryPoint(AuthenticationEntryPoint) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer
authenticationEntryPoint(ServerAuthenticationEntryPoint) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.ExceptionHandlingSpec: Configures what to do when the application request authentication
authenticationEntryPoint(ServerAuthenticationEntryPoint) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.FormLoginSpec: How to request for authentication.
authenticationEntryPoint(ServerAuthenticationEntryPoint) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HttpBasicSpec: Allows easily setting the entry point.
authenticationEntryPoint(ServerAuthenticationEntryPoint) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec: Configures the ServerAuthenticationEntryPoint to use for requests authenticating with Bearer Tokens.
AuthenticationEntryPoint - Interface in org.springframework.security.web: Used by ExceptionTranslationFilter to commence an authentication scheme.
AuthenticationEntryPointFailureHandler - Class in org.springframework.security.web.authentication: Adapts a AuthenticationEntryPoint into a AuthenticationFailureHandler
AuthenticationEntryPointFailureHandler(AuthenticationEntryPoint) - Constructor for class org.springframework.security.web.authentication.AuthenticationEntryPointFailureHandler
authenticationEventPublisher(AuthenticationEventPublisher) - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder: Sets the AuthenticationEventPublisher
AuthenticationEventPublisher - Interface in org.springframework.security.authentication
AuthenticationException - Exception in org.springframework.security.core: Abstract superclass for all exceptions related to an Authentication object being invalid for whatever reason.
AuthenticationException(String) - Constructor for exception org.springframework.security.core.AuthenticationException: Constructs an AuthenticationException with the specified message and no root cause.
AuthenticationException(String, Throwable) - Constructor for exception org.springframework.security.core.AuthenticationException: Constructs an AuthenticationException with the specified message and root cause.
AuthenticationFailureBadCredentialsEvent - Class in org.springframework.security.authentication.event: Application event which indicates authentication failure due to invalid credentials being presented.
AuthenticationFailureBadCredentialsEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureBadCredentialsEvent
AuthenticationFailureCredentialsExpiredEvent - Class in org.springframework.security.authentication.event: Application event which indicates authentication failure due to the user's credentials having expired.
AuthenticationFailureCredentialsExpiredEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureCredentialsExpiredEvent
AuthenticationFailureDisabledEvent - Class in org.springframework.security.authentication.event: Application event which indicates authentication failure due to the user's account being disabled.
AuthenticationFailureDisabledEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureDisabledEvent
AuthenticationFailureExpiredEvent - Class in org.springframework.security.authentication.event: Application event which indicates authentication failure due to the user's account having expired.
AuthenticationFailureExpiredEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureExpiredEvent
authenticationFailureHandler(ServerAuthenticationFailureHandler) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.FormLoginSpec: Configures how a failed authentication is handled.
authenticationFailureHandler(ServerAuthenticationFailureHandler) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HttpBasicSpec
authenticationFailureHandler(ServerAuthenticationFailureHandler) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2LoginSpec: The ServerAuthenticationFailureHandler used after authentication failure.
authenticationFailureHandler(ServerAuthenticationFailureHandler) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec
AuthenticationFailureHandler - Interface in org.springframework.security.web.authentication: Strategy used to handle a failed authentication attempt.
AuthenticationFailureLockedEvent - Class in org.springframework.security.authentication.event: Application event which indicates authentication failure due to the user's account having been locked.
AuthenticationFailureLockedEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureLockedEvent
AuthenticationFailureProviderNotFoundEvent - Class in org.springframework.security.authentication.event: Application event which indicates authentication failure due to there being no registered AuthenticationProvider that can process the request.
AuthenticationFailureProviderNotFoundEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureProviderNotFoundEvent
AuthenticationFailureProxyUntrustedEvent - Class in org.springframework.security.authentication.event: Application event which indicates authentication failure due to the CAS user's ticket being generated by an untrusted proxy.
AuthenticationFailureProxyUntrustedEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureProxyUntrustedEvent
AuthenticationFailureServiceExceptionEvent - Class in org.springframework.security.authentication.event: Application event which indicates authentication failure due to there being a problem internal to the AuthenticationManager.
AuthenticationFailureServiceExceptionEvent(Authentication, AuthenticationException) - Constructor for class org.springframework.security.authentication.event.AuthenticationFailureServiceExceptionEvent
authenticationFilter(AnonymousAuthenticationFilter) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer: Sets the AnonymousAuthenticationFilter used to populate an anonymous user.
authenticationFilter(AnonymousAuthenticationWebFilter) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.AnonymousSpec: Sets the AnonymousAuthenticationWebFilter used to populate an anonymous user.
AuthenticationFilter - Class in org.springframework.security.web.authentication: A Filter that performs authentication of a particular request.
AuthenticationFilter(AuthenticationManagerResolver<HttpServletRequest>, AuthenticationConverter) - Constructor for class org.springframework.security.web.authentication.AuthenticationFilter
AuthenticationFilter(AuthenticationManager, AuthenticationConverter) - Constructor for class org.springframework.security.web.authentication.AuthenticationFilter
authenticationIsRequired(String) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
authenticationManager() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration: Deprecated.

Allows providing a custom AuthenticationManager.
authenticationManager(AuthenticationManager) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Configure the default AuthenticationManager.
authenticationManager(AuthenticationManager) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer.JwtConfigurer
authenticationManager(AuthenticationManager) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer.OpaqueTokenConfigurer
authenticationManager(AuthenticationManager) - Method in class org.springframework.security.config.annotation.web.configurers.saml2.Saml2LoginConfigurer: Allows a configuration of a AuthenticationManager to be used during SAML 2 authentication.
authenticationManager(ReactiveAuthenticationManager) - Method in class org.springframework.security.config.annotation.rsocket.RSocketSecurity
authenticationManager(ReactiveAuthenticationManager) - Method in class org.springframework.security.config.annotation.rsocket.RSocketSecurity.BasicAuthenticationSpec
authenticationManager(ReactiveAuthenticationManager) - Method in class org.springframework.security.config.annotation.rsocket.RSocketSecurity.JwtSpec
authenticationManager(ReactiveAuthenticationManager) - Method in class org.springframework.security.config.annotation.rsocket.RSocketSecurity.SimpleAuthenticationSpec
authenticationManager(ReactiveAuthenticationManager) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Configure the default authentication manager.
authenticationManager(ReactiveAuthenticationManager) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.FormLoginSpec: The ReactiveAuthenticationManager used to authenticate.
authenticationManager(ReactiveAuthenticationManager) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HttpBasicSpec: The ReactiveAuthenticationManager used to authenticate.
authenticationManager(ReactiveAuthenticationManager) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ClientSpec: Configures the ReactiveAuthenticationManager to use.
authenticationManager(ReactiveAuthenticationManager) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2LoginSpec: Configures the ReactiveAuthenticationManager to use.
authenticationManager(ReactiveAuthenticationManager) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpec: Configures the ReactiveAuthenticationManager to use
authenticationManager(ReactiveAuthenticationManager) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.X509Spec
AuthenticationManager - Interface in org.springframework.security.authentication: Processes an Authentication request.
AuthenticationManagerBeanDefinitionParser - Class in org.springframework.security.config.authentication: Registers the central ProviderManager used by the namespace configuration, and allows the configuration of an alias, allowing users to reference it in their beans and clearly see where the name is coming from.
AuthenticationManagerBeanDefinitionParser() - Constructor for class org.springframework.security.config.authentication.AuthenticationManagerBeanDefinitionParser
AuthenticationManagerBeanDefinitionParser.NullAuthenticationProvider - Class in org.springframework.security.config.authentication: Provider which doesn't provide any service.
authenticationManagerBuilder(ObjectPostProcessor<Object>, ApplicationContext) - Method in class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
AuthenticationManagerBuilder - Class in org.springframework.security.config.annotation.authentication.builders: SecurityBuilder used to create an AuthenticationManager.
AuthenticationManagerBuilder(ObjectPostProcessor<Object>) - Constructor for class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder: Creates a new instance
AuthenticationManagerFactoryBean - Class in org.springframework.security.config.authentication: Factory bean for the namespace AuthenticationManager, which allows a more meaningful error message to be reported in the NoSuchBeanDefinitionException, if the user has forgotten to declare the <authentication-manager> element.
AuthenticationManagerFactoryBean() - Constructor for class org.springframework.security.config.authentication.AuthenticationManagerFactoryBean
authenticationManagerResolver(AuthenticationManagerResolver<HttpServletRequest>) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer
authenticationManagerResolver(ReactiveAuthenticationManagerResolver<ServerWebExchange>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec: Configures the ReactiveAuthenticationManagerResolver
AuthenticationManagerResolver<C> - Interface in org.springframework.security.authentication: An interface for resolving an AuthenticationManager based on the provided context
authenticationMatcher(ServerWebExchangeMatcher) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2LoginSpec: Sets the matcher used for determining if the request is an authentication request.
AuthenticationMethod - Class in org.springframework.security.oauth2.core: The authentication method used when sending bearer access tokens in resource requests to resource servers.
AuthenticationMethod(String) - Constructor for class org.springframework.security.oauth2.core.AuthenticationMethod: Constructs an AuthenticationMethod using the provided value.
authenticationMethods(List<String>) - Method in class org.springframework.security.oauth2.core.oidc.OidcIdToken.Builder: Use these authentication methods in the resulting OidcIdToken
AuthenticationObservationContext - Class in org.springframework.security.authentication: An Observation.Context used during authentications
AuthenticationObservationContext() - Constructor for class org.springframework.security.authentication.AuthenticationObservationContext
AuthenticationObservationConvention - Class in org.springframework.security.authentication: An ObservationConvention for translating authentications into KeyValues.
AuthenticationObservationConvention() - Constructor for class org.springframework.security.authentication.AuthenticationObservationConvention
AuthenticationPayloadExchangeConverter - Class in org.springframework.security.rsocket.authentication: Converts from the PayloadExchange for Authentication Extension.
AuthenticationPayloadExchangeConverter() - Constructor for class org.springframework.security.rsocket.authentication.AuthenticationPayloadExchangeConverter
AuthenticationPayloadInterceptor - Class in org.springframework.security.rsocket.authentication: Uses the provided ReactiveAuthenticationManager to authenticate a Payload.
AuthenticationPayloadInterceptor(ReactiveAuthenticationManager) - Constructor for class org.springframework.security.rsocket.authentication.AuthenticationPayloadInterceptor: Creates a new instance
AuthenticationPrincipal - Annotation Interface in org.springframework.security.core.annotation: Annotation that is used to resolve Authentication.getPrincipal() to a method argument.
AuthenticationPrincipal - Annotation Interface in org.springframework.security.web.bind.annotation: Deprecated.
Use AuthenticationPrincipal instead.
AuthenticationPrincipalArgumentResolver - Class in org.springframework.security.messaging.context: Allows resolving the Authentication.getPrincipal() using the AuthenticationPrincipal annotation.
AuthenticationPrincipalArgumentResolver - Class in org.springframework.security.messaging.handler.invocation.reactive: Allows resolving the Authentication.getPrincipal() using the AuthenticationPrincipal annotation.
AuthenticationPrincipalArgumentResolver - Class in org.springframework.security.web.bind.support: Deprecated.
Use AuthenticationPrincipalArgumentResolver instead.
AuthenticationPrincipalArgumentResolver - Class in org.springframework.security.web.method.annotation: Allows resolving the Authentication.getPrincipal() using the AuthenticationPrincipal annotation.
AuthenticationPrincipalArgumentResolver - Class in org.springframework.security.web.reactive.result.method.annotation: Resolves the Authentication
AuthenticationPrincipalArgumentResolver() - Constructor for class org.springframework.security.messaging.context.AuthenticationPrincipalArgumentResolver
AuthenticationPrincipalArgumentResolver() - Constructor for class org.springframework.security.messaging.handler.invocation.reactive.AuthenticationPrincipalArgumentResolver
AuthenticationPrincipalArgumentResolver() - Constructor for class org.springframework.security.web.bind.support.AuthenticationPrincipalArgumentResolver: Deprecated.
AuthenticationPrincipalArgumentResolver() - Constructor for class org.springframework.security.web.method.annotation.AuthenticationPrincipalArgumentResolver
AuthenticationPrincipalArgumentResolver(ReactiveAdapterRegistry) - Constructor for class org.springframework.security.web.reactive.result.method.annotation.AuthenticationPrincipalArgumentResolver
authenticationProvider(AuthenticationProvider) - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder: Add authentication based upon the custom AuthenticationProvider that is passed in.
authenticationProvider(AuthenticationProvider) - Method in interface org.springframework.security.config.annotation.authentication.ProviderManagerBuilder: Add authentication based upon the custom AuthenticationProvider that is passed in.
authenticationProvider(AuthenticationProvider) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
authenticationProvider(AuthenticationProvider) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer: Sets the AuthenticationProvider used to validate an anonymous user.
authenticationProvider(AuthenticationProvider) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder: Allows adding an additional AuthenticationProvider to be used
AuthenticationProvider - Interface in org.springframework.security.authentication: Indicates a class can process a specific Authentication implementation.
AuthenticationProviderBeanDefinitionParser - Class in org.springframework.security.config.authentication: Wraps a UserDetailsService bean with a DaoAuthenticationProvider and registers the latter with the ProviderManager.
AuthenticationProviderBeanDefinitionParser() - Constructor for class org.springframework.security.config.authentication.AuthenticationProviderBeanDefinitionParser
authenticationRequestResolver(Saml2AuthenticationRequestResolver) - Method in class org.springframework.security.config.annotation.web.configurers.saml2.Saml2LoginConfigurer: Use this Saml2AuthenticationRequestResolver for generating SAML 2.0 Authentication Requests.
authenticationRequestUri(String) - Method in class org.springframework.security.config.annotation.web.configurers.saml2.Saml2LoginConfigurer: Customize the URL that the SAML Authentication Request will be sent to.
authenticationRequestUri(String) - Method in class org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest.Builder: Sets the authenticationRequestUri, a URL that will receive the AuthNRequest message
AuthenticationServiceException - Exception in org.springframework.security.authentication: Thrown if an authentication request could not be processed due to a system problem.
AuthenticationServiceException(String) - Constructor for exception org.springframework.security.authentication.AuthenticationServiceException: Constructs an AuthenticationServiceException with the specified message.
AuthenticationServiceException(String, Throwable) - Constructor for exception org.springframework.security.authentication.AuthenticationServiceException: Constructs an AuthenticationServiceException with the specified message and root cause.
AuthenticationSuccessEvent - Class in org.springframework.security.authentication.event: Application event which indicates successful authentication.
AuthenticationSuccessEvent(Authentication) - Constructor for class org.springframework.security.authentication.event.AuthenticationSuccessEvent
authenticationSuccessHandler(AuthenticationSuccessHandler) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer: Allows control over the destination a remembered user is sent to when they are successfully authenticated.
authenticationSuccessHandler(ServerAuthenticationSuccessHandler) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.FormLoginSpec: The ServerAuthenticationSuccessHandler used after authentication success.
authenticationSuccessHandler(ServerAuthenticationSuccessHandler) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2LoginSpec: The ServerAuthenticationSuccessHandler used after authentication success.
AuthenticationSuccessHandler - Interface in org.springframework.security.web.authentication: Strategy used to handle a successful user authentication.
AuthenticationSwitchUserEvent - Class in org.springframework.security.web.authentication.switchuser: Application event which indicates that a user context switch.
AuthenticationSwitchUserEvent(Authentication, UserDetails) - Constructor for class org.springframework.security.web.authentication.switchuser.AuthenticationSwitchUserEvent: Switch user context event constructor
AuthenticationTag - Class in org.springframework.security.taglibs.authz: An Tag implementation that allows convenient access to the current Authentication object.
AuthenticationTag() - Constructor for class org.springframework.security.taglibs.authz.AuthenticationTag
AuthenticationTrustResolver - Interface in org.springframework.security.authentication: Evaluates Authentication tokens
AuthenticationTrustResolverImpl - Class in org.springframework.security.authentication: Basic implementation of AuthenticationTrustResolver.
AuthenticationTrustResolverImpl() - Constructor for class org.springframework.security.authentication.AuthenticationTrustResolverImpl
authenticationUserDetailsService(AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken>) - Method in class org.springframework.security.config.annotation.web.configurers.X509Configurer: Specifies the AuthenticationUserDetailsService to use.
AuthenticationUserDetailsService<T extends Authentication> - Interface in org.springframework.security.core.userdetails: Interface that allows for retrieving a UserDetails object based on an Authentication object.
AuthenticationWebFilter - Class in org.springframework.security.web.server.authentication: A WebFilter that performs authentication of a particular request.
AuthenticationWebFilter(ReactiveAuthenticationManager) - Constructor for class org.springframework.security.web.server.authentication.AuthenticationWebFilter: Creates an instance
AuthenticationWebFilter(ReactiveAuthenticationManagerResolver<ServerWebExchange>) - Constructor for class org.springframework.security.web.server.authentication.AuthenticationWebFilter: Creates an instance
AuthnRequestContext(HttpServletRequest, RelyingPartyRegistration, AuthnRequest) - Constructor for class org.springframework.security.saml2.provider.service.web.authentication.OpenSaml4AuthenticationRequestResolver.AuthnRequestContext
authorities() - Element in annotation interface org.springframework.security.test.context.support.WithMockUser: The authorities to use.
authorities(String...) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder: Populates the authorities.
authorities(String...) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer: Sets the Authentication.getAuthorities() for anonymous users
authorities(String...) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.AnonymousSpec: Sets the Authentication.getAuthorities() for anonymous users
authorities(String...) - Method in class org.springframework.security.core.userdetails.User.UserBuilder: Populates the authorities.
authorities(String...) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.UserExchangeMutator: Specifies the GrantedAuthoritys to use.
authorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.core.userdetails.User.UserBuilder: Populates the authorities.
authorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.UserExchangeMutator: Specifies the GrantedAuthoritys to use.
authorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.UserRequestPostProcessor: Populates the user's GrantedAuthority's.
authorities(Collection<GrantedAuthority>) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.JwtMutator: Use the provided authorities in the token
authorities(Collection<GrantedAuthority>) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.OAuth2LoginMutator: Use the provided authorities in the Authentication
authorities(Collection<GrantedAuthority>) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.OidcLoginMutator: Use the provided authorities in the Authentication
authorities(Collection<GrantedAuthority>) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.OpaqueTokenMutator: Use the provided authorities in the resulting principal
authorities(Collection<GrantedAuthority>) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.JwtRequestPostProcessor: Use the provided authorities in the token
authorities(Collection<GrantedAuthority>) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.OAuth2LoginRequestPostProcessor: Use the provided authorities in the Authentication
authorities(Collection<GrantedAuthority>) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.OidcLoginRequestPostProcessor: Use the provided authorities in the Authentication
authorities(Collection<GrantedAuthority>) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.OpaqueTokenRequestPostProcessor: Use the provided authorities in the resulting principal
authorities(List<? extends GrantedAuthority>) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder: Populates the authorities.
authorities(List<GrantedAuthority>) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer: Sets the Authentication.getAuthorities() for anonymous users
authorities(List<GrantedAuthority>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.AnonymousSpec: Sets the Authentication.getAuthorities() for anonymous users
authorities(Converter<Jwt, Collection<GrantedAuthority>>) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.JwtMutator: Provides the configured Jwt so that custom authorities can be derived from it
authorities(Converter<Jwt, Collection<GrantedAuthority>>) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.JwtRequestPostProcessor: Provides the configured Jwt so that custom authorities can be derived from it
authorities(GrantedAuthority...) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder: Populates the authorities.
authorities(GrantedAuthority...) - Method in class org.springframework.security.core.userdetails.User.UserBuilder: Populates the authorities.
authorities(GrantedAuthority...) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.JwtMutator: Use the provided authorities in the token
authorities(GrantedAuthority...) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.OAuth2LoginMutator: Use the provided authorities in the Authentication
authorities(GrantedAuthority...) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.OidcLoginMutator: Use the provided authorities in the Authentication
authorities(GrantedAuthority...) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.OpaqueTokenMutator: Use the provided authorities in the resulting principal
authorities(GrantedAuthority...) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.UserExchangeMutator: Specifies the GrantedAuthoritys to use.
authorities(GrantedAuthority...) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.JwtRequestPostProcessor: Use the provided authorities in the token
authorities(GrantedAuthority...) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.OAuth2LoginRequestPostProcessor: Use the provided authorities in the Authentication
authorities(GrantedAuthority...) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.OidcLoginRequestPostProcessor: Use the provided authorities in the Authentication
authorities(GrantedAuthority...) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.OpaqueTokenRequestPostProcessor: Use the provided authorities in the resulting principal
authorities(GrantedAuthority...) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.UserRequestPostProcessor: Populates the user's GrantedAuthority's.
authoritiesByUsernameQuery(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer: Sets the query to be used for finding a user's authorities by their username.
authoritiesMapper(GrantedAuthoritiesMapper) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer: Specifies the GrantedAuthoritiesMapper.
AuthorityAuthorizationDecision - Class in org.springframework.security.authorization: Represents an AuthorizationDecision based on a collection of authorities
AuthorityAuthorizationDecision(boolean, Collection<GrantedAuthority>) - Constructor for class org.springframework.security.authorization.AuthorityAuthorizationDecision
AuthorityAuthorizationManager<T> - Class in org.springframework.security.authorization: An AuthorizationManager that determines if the current user is authorized by evaluating if the Authentication contains a specified authority.
AuthorityGranter - Interface in org.springframework.security.authentication.jaas: The AuthorityGranter interface is used to map a given principal to role names.
authorityListToSet(Collection<? extends GrantedAuthority>) - Static method in class org.springframework.security.core.authority.AuthorityUtils: Converts an array of GrantedAuthority objects to a Set.
AuthorityReactiveAuthorizationManager<T> - Class in org.springframework.security.authorization: A ReactiveAuthorizationManager that determines if the current user is authorized by evaluating if the Authentication contains a specified authority.
AuthorityUtils - Class in org.springframework.security.core.authority: Utility method for manipulating GrantedAuthority collections etc.
AUTHORIZATION - Enum constant in enum class org.springframework.security.config.annotation.rsocket.PayloadInterceptorOrder: Where authorization is placed.
AUTHORIZATION - Enum constant in enum class org.springframework.security.config.web.server.SecurityWebFiltersOrder
AUTHORIZATION_CODE - Static variable in class org.springframework.security.oauth2.core.AuthorizationGrantType
AuthorizationChannelInterceptor - Class in org.springframework.security.messaging.access.intercept: Authorizes Message resources using the provided AuthorizationManager
AuthorizationChannelInterceptor(AuthorizationManager<Message<?>>) - Constructor for class org.springframework.security.messaging.access.intercept.AuthorizationChannelInterceptor: Creates a new instance
authorizationCode() - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClientProviderBuilder: Configures support for the authorization_code grant.
authorizationCode() - Method in class org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder: Configures support for the authorization_code grant.
authorizationCode() - Static method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest: Returns a new OAuth2AuthorizationRequest.Builder, initialized with the authorization code grant type.
authorizationCodeGrant() - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2ClientConfigurer: Returns the OAuth2ClientConfigurer>.AuthorizationCodeGrantConfigurer for configuring the OAuth 2.0 Authorization Code Grant.
authorizationCodeGrant(Customizer<OAuth2ClientConfigurer.AuthorizationCodeGrantConfigurer>) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2ClientConfigurer: Configures the OAuth 2.0 Authorization Code Grant.
authorizationCodeHash(String) - Method in class org.springframework.security.oauth2.core.oidc.OidcIdToken.Builder: Use this authorization code hash in the resulting OidcIdToken
AuthorizationCodeOAuth2AuthorizedClientProvider - Class in org.springframework.security.oauth2.client: An implementation of an OAuth2AuthorizedClientProvider for the authorization_code grant.
AuthorizationCodeOAuth2AuthorizedClientProvider() - Constructor for class org.springframework.security.oauth2.client.AuthorizationCodeOAuth2AuthorizedClientProvider
AuthorizationCodeReactiveOAuth2AuthorizedClientProvider - Class in org.springframework.security.oauth2.client: An implementation of a ReactiveOAuth2AuthorizedClientProvider for the authorization_code grant.
AuthorizationCodeReactiveOAuth2AuthorizedClientProvider() - Constructor for class org.springframework.security.oauth2.client.AuthorizationCodeReactiveOAuth2AuthorizedClientProvider
AuthorizationContext - Class in org.springframework.security.web.server.authorization
AuthorizationContext(ServerWebExchange) - Constructor for class org.springframework.security.web.server.authorization.AuthorizationContext
AuthorizationContext(ServerWebExchange, Map<String, Object>) - Constructor for class org.springframework.security.web.server.authorization.AuthorizationContext
AuthorizationDecision - Class in org.springframework.security.authorization
AuthorizationDecision(boolean) - Constructor for class org.springframework.security.authorization.AuthorizationDecision
AuthorizationDeniedEvent<T> - Class in org.springframework.security.authorization.event: An ApplicationEvent which indicates failed authorization.
AuthorizationDeniedEvent(Supplier<Authentication>, T, AuthorizationDecision) - Constructor for class org.springframework.security.authorization.event.AuthorizationDeniedEvent
authorizationEndpoint() - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer: Returns the OAuth2LoginConfigurer>.AuthorizationEndpointConfig for configuring the Authorization Server's Authorization Endpoint.
authorizationEndpoint(Customizer<OAuth2LoginConfigurer.AuthorizationEndpointConfig>) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer: Configures the Authorization Server's Authorization Endpoint.
AuthorizationEvent - Class in org.springframework.security.authorization.event: A parent class for AuthorizationGrantedEvent and AuthorizationDeniedEvent.
AuthorizationEvent(Supplier<Authentication>, Object, AuthorizationDecision) - Constructor for class org.springframework.security.authorization.event.AuthorizationEvent: Construct an AuthorizationEvent
AuthorizationEventPublisher - Interface in org.springframework.security.authorization: A contract for publishing authorization events
AuthorizationFailureEvent - Class in org.springframework.security.access.event: Deprecated.
Use AuthorizationDeniedEvent instead
AuthorizationFailureEvent(Object, Collection<ConfigAttribute>, Authentication, AccessDeniedException) - Constructor for class org.springframework.security.access.event.AuthorizationFailureEvent: Deprecated.

Construct the event.
AuthorizationFilter - Class in org.springframework.security.web.access.intercept: An authorization filter that restricts access to the URL using AuthorizationManager.
AuthorizationFilter(AuthorizationManager<HttpServletRequest>) - Constructor for class org.springframework.security.web.access.intercept.AuthorizationFilter: Creates an instance.
AuthorizationGrantedEvent<T> - Class in org.springframework.security.authorization.event: An ApplicationEvent which indicates successful authorization.
AuthorizationGrantedEvent(Supplier<Authentication>, T, AuthorizationDecision) - Constructor for class org.springframework.security.authorization.event.AuthorizationGrantedEvent
authorizationGrantType(AuthorizationGrantType) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder: Sets the authorization grant type used for the client.
AuthorizationGrantType - Class in org.springframework.security.oauth2.core: An authorization grant is a credential representing the resource owner's authorization (to access it's protected resources) to the client and used by the client to obtain an access token.
AuthorizationGrantType(String) - Constructor for class org.springframework.security.oauth2.core.AuthorizationGrantType: Constructs an AuthorizationGrantType using the provided value.
AuthorizationInterceptorsOrder - Enum Class in org.springframework.security.authorization.method: Ordering of Spring Security's authorization Advisors
AuthorizationManager<T> - Interface in org.springframework.security.authorization: An Authorization manager which can determine if an Authentication has access to a specific object.
AuthorizationManagerAfterMethodInterceptor - Class in org.springframework.security.authorization.method: A MethodInterceptor which can determine if an Authentication has access to the result of an MethodInvocation using an AuthorizationManager
AuthorizationManagerAfterMethodInterceptor(Pointcut, AuthorizationManager<MethodInvocationResult>) - Constructor for class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor: Creates an instance.
AuthorizationManagerAfterReactiveMethodInterceptor - Class in org.springframework.security.authorization.method: A MethodInterceptor which can determine if an Authentication has access to the returned object from the MethodInvocation using the configured ReactiveAuthorizationManager.
AuthorizationManagerAfterReactiveMethodInterceptor(Pointcut, ReactiveAuthorizationManager<MethodInvocationResult>) - Constructor for class org.springframework.security.authorization.method.AuthorizationManagerAfterReactiveMethodInterceptor: Creates an instance.
AuthorizationManagerBeforeMethodInterceptor - Class in org.springframework.security.authorization.method: A MethodInterceptor which uses a AuthorizationManager to determine if an Authentication may invoke the given MethodInvocation
AuthorizationManagerBeforeMethodInterceptor(Pointcut, AuthorizationManager<MethodInvocation>) - Constructor for class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor: Creates an instance.
AuthorizationManagerBeforeReactiveMethodInterceptor - Class in org.springframework.security.authorization.method: A MethodInterceptor which can determine if an Authentication has access to the MethodInvocation using the configured ReactiveAuthorizationManager.
AuthorizationManagerBeforeReactiveMethodInterceptor(Pointcut, ReactiveAuthorizationManager<MethodInvocation>) - Constructor for class org.springframework.security.authorization.method.AuthorizationManagerBeforeReactiveMethodInterceptor: Creates an instance.
AuthorizationManagers - Class in org.springframework.security.authorization: A factory class to create an AuthorizationManager instances.
AuthorizationManagerWebInvocationPrivilegeEvaluator - Class in org.springframework.security.web.access: An implementation of WebInvocationPrivilegeEvaluator which delegates the checks to an instance of AuthorizationManager
AuthorizationManagerWebInvocationPrivilegeEvaluator(AuthorizationManager<HttpServletRequest>) - Constructor for class org.springframework.security.web.access.AuthorizationManagerWebInvocationPrivilegeEvaluator
AuthorizationObservationContext<T> - Class in org.springframework.security.authorization: An Observation.Context used during authorizations
AuthorizationObservationContext(T) - Constructor for class org.springframework.security.authorization.AuthorizationObservationContext
AuthorizationObservationConvention - Class in org.springframework.security.authorization: An ObservationConvention for translating authorizations into KeyValues.
AuthorizationObservationConvention() - Constructor for class org.springframework.security.authorization.AuthorizationObservationConvention
AuthorizationPayloadInterceptor - Class in org.springframework.security.rsocket.authorization: Provides authorization of the PayloadExchange.
AuthorizationPayloadInterceptor(ReactiveAuthorizationManager<PayloadExchange>) - Constructor for class org.springframework.security.rsocket.authorization.AuthorizationPayloadInterceptor
authorizationRedirectStrategy(RedirectStrategy) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2ClientConfigurer.AuthorizationCodeGrantConfigurer: Sets the redirect strategy for Authorization Endpoint redirect URI.
authorizationRedirectStrategy(RedirectStrategy) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer.AuthorizationEndpointConfig: Sets the redirect strategy for Authorization Endpoint redirect URI.
authorizationRedirectStrategy(ServerRedirectStrategy) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ClientSpec: Sets the redirect strategy for Authorization Endpoint redirect URI.
authorizationRedirectStrategy(ServerRedirectStrategy) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2LoginSpec: Sets the redirect strategy for Authorization Endpoint redirect URI.
authorizationRequestRepository(AuthorizationRequestRepository<OAuth2AuthorizationRequest>) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2ClientConfigurer.AuthorizationCodeGrantConfigurer: Sets the repository used for storing OAuth2AuthorizationRequest's.
authorizationRequestRepository(AuthorizationRequestRepository<OAuth2AuthorizationRequest>) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer.AuthorizationEndpointConfig: Sets the repository used for storing OAuth2AuthorizationRequest's.
authorizationRequestRepository(ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ClientSpec: Sets the repository to use for storing OAuth2AuthorizationRequest's.
authorizationRequestRepository(ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2LoginSpec: Sets the repository to use for storing OAuth2AuthorizationRequest's.
AuthorizationRequestRepository<T extends OAuth2AuthorizationRequest> - Interface in org.springframework.security.oauth2.client.web: Implementations of this interface are responsible for the persistence of OAuth2AuthorizationRequest between requests.
authorizationRequestResolver(OAuth2AuthorizationRequestResolver) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2ClientConfigurer.AuthorizationCodeGrantConfigurer: Sets the resolver used for resolving OAuth2AuthorizationRequest's.
authorizationRequestResolver(OAuth2AuthorizationRequestResolver) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer.AuthorizationEndpointConfig: Sets the resolver used for resolving OAuth2AuthorizationRequest's.
authorizationRequestResolver(ServerOAuth2AuthorizationRequestResolver) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2LoginSpec: Sets the resolver used for resolving OAuth2AuthorizationRequest's.
authorizationRequestUri(String) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest.Builder: Sets the URI string representation of the OAuth 2.0 Authorization Request.
authorizationRequestUri(Function<UriBuilder, URI>) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest.Builder: A Function to be provided a UriBuilder representation of the OAuth 2.0 Authorization Request allowing for further customizations.
AuthorizationServiceException - Exception in org.springframework.security.access: Thrown if an authorization request could not be processed due to a system problem.
AuthorizationServiceException(String) - Constructor for exception org.springframework.security.access.AuthorizationServiceException: Constructs an AuthorizationServiceException with the specified message.
AuthorizationServiceException(String, Throwable) - Constructor for exception org.springframework.security.access.AuthorizationServiceException: Constructs an AuthorizationServiceException with the specified message and root cause.
authorizationUri(String) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder: Sets the uri for the authorization endpoint.
authorizationUri(String) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest.Builder: Sets the uri for the authorization endpoint.
AuthorizationWebFilter - Class in org.springframework.security.web.server.authorization
AuthorizationWebFilter(ReactiveAuthorizationManager<? super ServerWebExchange>) - Constructor for class org.springframework.security.web.server.authorization.AuthorizationWebFilter
authorize() - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag: Make an authorization decision by considering all <authorize> tag attributes.
authorize(OAuth2AuthorizationContext) - Method in class org.springframework.security.oauth2.client.AuthorizationCodeOAuth2AuthorizedClientProvider: Attempt to authorize the client in the provided context.
authorize(OAuth2AuthorizationContext) - Method in class org.springframework.security.oauth2.client.AuthorizationCodeReactiveOAuth2AuthorizedClientProvider: Attempt to authorize the client in the provided context.
authorize(OAuth2AuthorizationContext) - Method in class org.springframework.security.oauth2.client.ClientCredentialsOAuth2AuthorizedClientProvider: Attempt to authorize (or re-authorize) the client in the provided context.
authorize(OAuth2AuthorizationContext) - Method in class org.springframework.security.oauth2.client.ClientCredentialsReactiveOAuth2AuthorizedClientProvider: Attempt to authorize (or re-authorize) the client in the provided context.
authorize(OAuth2AuthorizationContext) - Method in class org.springframework.security.oauth2.client.DelegatingOAuth2AuthorizedClientProvider
authorize(OAuth2AuthorizationContext) - Method in class org.springframework.security.oauth2.client.DelegatingReactiveOAuth2AuthorizedClientProvider
authorize(OAuth2AuthorizationContext) - Method in class org.springframework.security.oauth2.client.JwtBearerOAuth2AuthorizedClientProvider: Attempt to authorize (or re-authorize) the client in the provided context.
authorize(OAuth2AuthorizationContext) - Method in class org.springframework.security.oauth2.client.JwtBearerReactiveOAuth2AuthorizedClientProvider: Attempt to authorize (or re-authorize) the client in the provided context.
authorize(OAuth2AuthorizationContext) - Method in interface org.springframework.security.oauth2.client.OAuth2AuthorizedClientProvider: Attempt to authorize (or re-authorize) the client in the provided context.
authorize(OAuth2AuthorizationContext) - Method in class org.springframework.security.oauth2.client.PasswordOAuth2AuthorizedClientProvider: Deprecated.

Attempt to authorize (or re-authorize) the client in the provided context.
authorize(OAuth2AuthorizationContext) - Method in class org.springframework.security.oauth2.client.PasswordReactiveOAuth2AuthorizedClientProvider: Deprecated.

Attempt to authorize (or re-authorize) the client in the provided context.
authorize(OAuth2AuthorizationContext) - Method in interface org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProvider: Attempt to authorize (or re-authorize) the client in the provided context.
authorize(OAuth2AuthorizationContext) - Method in class org.springframework.security.oauth2.client.RefreshTokenOAuth2AuthorizedClientProvider: Attempt to re-authorize the client in the provided context.
authorize(OAuth2AuthorizationContext) - Method in class org.springframework.security.oauth2.client.RefreshTokenReactiveOAuth2AuthorizedClientProvider: Attempt to re-authorize the client in the provided context.
authorize(OAuth2AuthorizeRequest) - Method in class org.springframework.security.oauth2.client.AuthorizedClientServiceOAuth2AuthorizedClientManager
authorize(OAuth2AuthorizeRequest) - Method in class org.springframework.security.oauth2.client.AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager
authorize(OAuth2AuthorizeRequest) - Method in interface org.springframework.security.oauth2.client.OAuth2AuthorizedClientManager: Attempt to authorize or re-authorize (if required) the client identified by the provided clientRegistrationId.
authorize(OAuth2AuthorizeRequest) - Method in interface org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientManager: Attempt to authorize or re-authorize (if required) the client identified by the provided clientRegistrationId.
authorize(OAuth2AuthorizeRequest) - Method in class org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizedClientManager
authorize(OAuth2AuthorizeRequest) - Method in class org.springframework.security.oauth2.client.web.DefaultReactiveOAuth2AuthorizedClientManager
authorizedClientParametersMapper - Variable in class org.springframework.security.oauth2.client.JdbcOAuth2AuthorizedClientService
authorizedClientParametersMapper - Variable in class org.springframework.security.oauth2.client.R2dbcReactiveOAuth2AuthorizedClientService
authorizedClientRepository(OAuth2AuthorizedClientRepository) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2ClientConfigurer: Sets the repository for authorized client(s).
authorizedClientRepository(OAuth2AuthorizedClientRepository) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer: Sets the repository for authorized client(s).
authorizedClientRepository(ServerOAuth2AuthorizedClientRepository) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ClientSpec: Configures the ReactiveClientRegistrationRepository.
authorizedClientRepository(ServerOAuth2AuthorizedClientRepository) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2LoginSpec
authorizedClientRowMapper - Variable in class org.springframework.security.oauth2.client.JdbcOAuth2AuthorizedClientService
authorizedClientRowMapper - Variable in class org.springframework.security.oauth2.client.R2dbcReactiveOAuth2AuthorizedClientService
authorizedClientService(OAuth2AuthorizedClientService) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2ClientConfigurer: Sets the service for authorized client(s).
authorizedClientService(OAuth2AuthorizedClientService) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer: Sets the service for authorized client(s).
authorizedClientService(ReactiveOAuth2AuthorizedClientService) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2LoginSpec
AuthorizedClientServiceOAuth2AuthorizedClientManager - Class in org.springframework.security.oauth2.client: An implementation of an OAuth2AuthorizedClientManager that is capable of operating outside of the context of a HttpServletRequest, e.g.
AuthorizedClientServiceOAuth2AuthorizedClientManager(ClientRegistrationRepository, OAuth2AuthorizedClientService) - Constructor for class org.springframework.security.oauth2.client.AuthorizedClientServiceOAuth2AuthorizedClientManager: Constructs an AuthorizedClientServiceOAuth2AuthorizedClientManager using the provided parameters.
AuthorizedClientServiceOAuth2AuthorizedClientManager.DefaultContextAttributesMapper - Class in org.springframework.security.oauth2.client: The default implementation of the contextAttributesMapper.
AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager - Class in org.springframework.security.oauth2.client: An implementation of a ReactiveOAuth2AuthorizedClientManager that is capable of operating outside of the context of a ServerWebExchange, e.g.
AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager(ReactiveClientRegistrationRepository, ReactiveOAuth2AuthorizedClientService) - Constructor for class org.springframework.security.oauth2.client.AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager: Constructs an AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager using the provided parameters.
AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager.DefaultContextAttributesMapper - Class in org.springframework.security.oauth2.client: The default implementation of the contextAttributesMapper.
AuthorizedEvent - Class in org.springframework.security.access.event: Deprecated.
Use AuthorizationGrantedEvent instead
AuthorizedEvent(Object, Collection<ConfigAttribute>, Authentication) - Constructor for class org.springframework.security.access.event.AuthorizedEvent: Deprecated.

Construct the event.
authorizedParty(String) - Method in class org.springframework.security.oauth2.core.oidc.OidcIdToken.Builder: Use this authorized party in the resulting OidcIdToken
authorizeExchange() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Configures authorization.
authorizeExchange(Customizer<ServerHttpSecurity.AuthorizeExchangeSpec>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Configures authorization.
AuthorizeExchangeSpec() - Constructor for class org.springframework.security.config.web.server.ServerHttpSecurity.AuthorizeExchangeSpec
authorizeHttpRequests() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Allows restricting access based upon the HttpServletRequest using RequestMatcher implementations (i.e.
authorizeHttpRequests(Customizer<AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Allows restricting access based upon the HttpServletRequest using RequestMatcher implementations (i.e.
AuthorizeHttpRequestsConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers: Adds a URL based authorization using AuthorizationManager.
AuthorizeHttpRequestsConfigurer(ApplicationContext) - Constructor for class org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer: Creates an instance.
AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry - Class in org.springframework.security.config.annotation.web.configurers: Registry for mapping a RequestMatcher to an AuthorizationManager.
AuthorizeHttpRequestsConfigurer.AuthorizedUrl - Class in org.springframework.security.config.annotation.web.configurers: An object that allows configuring the AuthorizationManager for RequestMatchers.
authorizePayload(Customizer<RSocketSecurity.AuthorizePayloadsSpec>) - Method in class org.springframework.security.config.annotation.rsocket.RSocketSecurity
AuthorizePayloadsSpec() - Constructor for class org.springframework.security.config.annotation.rsocket.RSocketSecurity.AuthorizePayloadsSpec
authorizeRequests() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Deprecated.
Use HttpSecurity.authorizeHttpRequests() instead
authorizeRequests(Customizer<ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Deprecated.
Use HttpSecurity.authorizeHttpRequests() instead
authorizeUsingAccessExpression() - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag: Make an authorization decision based on a Spring EL expression.
authorizeUsingUrlCheck() - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag: Make an authorization decision based on the URL and HTTP method attributes.
authTime(Instant) - Method in class org.springframework.security.oauth2.core.oidc.OidcIdToken.Builder: Use this authentication Instant in the resulting OidcIdToken
autoLogin(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.NullRememberMeServices
autoLogin(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices: Template implementation which locates the Spring Security cookie, decodes it into a delimited array of tokens and submits it to subclasses for processing via the processAutoLoginCookie method.
autoLogin(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.authentication.RememberMeServices: This method will be called whenever the SecurityContextHolder does not contain an Authentication object and Spring Security wishes to provide an implementation with an opportunity to authenticate the request using remember-me capabilities.
AutowiredWebSecurityConfigurersIgnoreParents - Class in org.springframework.security.config.annotation.web.configuration: A class used to get all the WebSecurityConfigurer instances from the current ApplicationContext but ignoring the parent.
awaitTermination(long, TimeUnit) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
AZP - Static variable in class org.springframework.security.oauth2.core.oidc.IdTokenClaimNames: azp - the Authorized party to which the ID Token was issued

B

BadCredentialsException - Exception in org.springframework.security.authentication: Thrown if an authentication request is rejected because the credentials are invalid.
BadCredentialsException(String) - Constructor for exception org.springframework.security.authentication.BadCredentialsException: Constructs a BadCredentialsException with the specified message.
BadCredentialsException(String, Throwable) - Constructor for exception org.springframework.security.authentication.BadCredentialsException: Constructs a BadCredentialsException with the specified message and root cause.
BadJwtException - Exception in org.springframework.security.oauth2.jwt: An exception similar to BadCredentialsException that indicates a Jwt that is invalid in some way.
BadJwtException(String) - Constructor for exception org.springframework.security.oauth2.jwt.BadJwtException
BadJwtException(String, Throwable) - Constructor for exception org.springframework.security.oauth2.jwt.BadJwtException
BadOpaqueTokenException - Exception in org.springframework.security.oauth2.server.resource.introspection: An exception similar to BadCredentialsException that indicates an opaque token that is invalid in some way.
BadOpaqueTokenException(String) - Constructor for exception org.springframework.security.oauth2.server.resource.introspection.BadOpaqueTokenException
BadOpaqueTokenException(String, Throwable) - Constructor for exception org.springframework.security.oauth2.server.resource.introspection.BadOpaqueTokenException
Base64 - Class in org.springframework.security.crypto.codec: Deprecated.
Use java.util.Base64
Base64StringKeyGenerator - Class in org.springframework.security.crypto.keygen: A StringKeyGenerator that generates base64-encoded String keys.
Base64StringKeyGenerator() - Constructor for class org.springframework.security.crypto.keygen.Base64StringKeyGenerator: Creates an instance with keyLength of 32 bytes and standard Base64 encoding.
Base64StringKeyGenerator(int) - Constructor for class org.springframework.security.crypto.keygen.Base64StringKeyGenerator: Creates an instance with the provided key length in bytes and standard Base64 encoding.
Base64StringKeyGenerator(Base64.Encoder) - Constructor for class org.springframework.security.crypto.keygen.Base64StringKeyGenerator: Creates an instance with keyLength of 32 bytes and the provided encoder.
Base64StringKeyGenerator(Base64.Encoder, int) - Constructor for class org.springframework.security.crypto.keygen.Base64StringKeyGenerator: Creates an instance with the provided key length and encoder.
BasePermission - Class in org.springframework.security.acls.domain: A set of standard permissions.
BasePermission(int) - Constructor for class org.springframework.security.acls.domain.BasePermission
BasePermission(int, char) - Constructor for class org.springframework.security.acls.domain.BasePermission
baseUri(String) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer.AuthorizationEndpointConfig: Sets the base URI used for authorization requests.
baseUri(String) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer.RedirectionEndpointConfig: Sets the URI where the authorization response will be processed.
BASIC - Static variable in class org.springframework.security.web.server.ServerHttpBasicAuthenticationConverter: Deprecated.
BASIC_AUTH - Static variable in class org.springframework.security.config.Elements
BASIC_AUTHENTICATION - Enum constant in enum class org.springframework.security.config.annotation.rsocket.PayloadInterceptorOrder: Where basic authentication is placed.
BASIC_AUTHENTICATION_MIME_TYPE - Static variable in class org.springframework.security.rsocket.metadata.UsernamePasswordMetadata: Deprecated.
Basic did not evolve into the standard. Instead use Simple Authentication MimeTypeUtils.parseMimeType(WellKnownMimeType.MESSAGE_RSOCKET_AUTHENTICATION.getString())
basicAuthentication(Customizer<RSocketSecurity.BasicAuthenticationSpec>) - Method in class org.springframework.security.config.annotation.rsocket.RSocketSecurity: Deprecated.
Use RSocketSecurity.simpleAuthentication(Customizer)
BasicAuthenticationConverter - Class in org.springframework.security.web.authentication.www: Converts from a HttpServletRequest to UsernamePasswordAuthenticationToken that can be authenticated.
BasicAuthenticationConverter() - Constructor for class org.springframework.security.web.authentication.www.BasicAuthenticationConverter
BasicAuthenticationConverter(AuthenticationDetailsSource<HttpServletRequest, ?>) - Constructor for class org.springframework.security.web.authentication.www.BasicAuthenticationConverter
BasicAuthenticationDecoder - Class in org.springframework.security.rsocket.metadata: Deprecated.
Basic Authentication did not evolve into a standard. Use Simple Authentication instead.
BasicAuthenticationDecoder() - Constructor for class org.springframework.security.rsocket.metadata.BasicAuthenticationDecoder: Deprecated.
BasicAuthenticationEncoder - Class in org.springframework.security.rsocket.metadata: Deprecated.
Basic Authentication did not evolve into a standard. use SimpleAuthenticationEncoder
BasicAuthenticationEncoder() - Constructor for class org.springframework.security.rsocket.metadata.BasicAuthenticationEncoder: Deprecated.
BasicAuthenticationEntryPoint - Class in org.springframework.security.web.authentication.www: Used by the ExceptionTranslationFilter to commence authentication via the BasicAuthenticationFilter.
BasicAuthenticationEntryPoint() - Constructor for class org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint
BasicAuthenticationFilter - Class in org.springframework.security.web.authentication.www: Processes a HTTP request's BASIC authorization headers, putting the result into the SecurityContextHolder.
BasicAuthenticationFilter(AuthenticationManager) - Constructor for class org.springframework.security.web.authentication.www.BasicAuthenticationFilter: Creates an instance which will authenticate against the supplied AuthenticationManager and which will ignore failed authentication attempts, allowing the request to proceed down the filter chain.
BasicAuthenticationFilter(AuthenticationManager, AuthenticationEntryPoint) - Constructor for class org.springframework.security.web.authentication.www.BasicAuthenticationFilter: Creates an instance which will authenticate against the supplied AuthenticationManager and use the supplied AuthenticationEntryPoint to handle authentication failures.
BasicAuthenticationPayloadExchangeConverter - Class in org.springframework.security.rsocket.authentication: Converts from the PayloadExchange to a UsernamePasswordAuthenticationToken by extracting UsernamePasswordMetadata.BASIC_AUTHENTICATION_MIME_TYPE from the metadata.
BasicAuthenticationPayloadExchangeConverter() - Constructor for class org.springframework.security.rsocket.authentication.BasicAuthenticationPayloadExchangeConverter
BasicLookupStrategy - Class in org.springframework.security.acls.jdbc: Performs lookups in a manner that is compatible with ANSI SQL.
BasicLookupStrategy(DataSource, AclCache, AclAuthorizationStrategy, AuditLogger) - Constructor for class org.springframework.security.acls.jdbc.BasicLookupStrategy: Constructor accepting mandatory arguments
BasicLookupStrategy(DataSource, AclCache, AclAuthorizationStrategy, PermissionGrantingStrategy) - Constructor for class org.springframework.security.acls.jdbc.BasicLookupStrategy: Creates a new instance
BCrypt - Class in org.springframework.security.crypto.bcrypt: BCrypt implements OpenBSD-style Blowfish password hashing using the scheme described in "A Future-Adaptable Password Scheme" by Niels Provos and David Mazieres.
BCrypt() - Constructor for class org.springframework.security.crypto.bcrypt.BCrypt
BCryptPasswordEncoder - Class in org.springframework.security.crypto.bcrypt: Implementation of PasswordEncoder that uses the BCrypt strong hashing function.
BCryptPasswordEncoder() - Constructor for class org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
BCryptPasswordEncoder(int) - Constructor for class org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
BCryptPasswordEncoder(int, SecureRandom) - Constructor for class org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
BCryptPasswordEncoder(BCryptPasswordEncoder.BCryptVersion) - Constructor for class org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
BCryptPasswordEncoder(BCryptPasswordEncoder.BCryptVersion, int) - Constructor for class org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
BCryptPasswordEncoder(BCryptPasswordEncoder.BCryptVersion, int, SecureRandom) - Constructor for class org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
BCryptPasswordEncoder(BCryptPasswordEncoder.BCryptVersion, SecureRandom) - Constructor for class org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
BCryptPasswordEncoder.BCryptVersion - Enum Class in org.springframework.security.crypto.bcrypt: Stores the default bcrypt version for use in configuration.
BeanIds - Class in org.springframework.security.config: Contains globally used default Bean IDs for beans created by the namespace support in Spring Security 2.
BeanIds() - Constructor for class org.springframework.security.config.BeanIds
BEARER - Static variable in class org.springframework.security.oauth2.core.OAuth2AccessToken.TokenType
BEARER_AUTHENTICATION_MIME_TYPE - Static variable in class org.springframework.security.rsocket.metadata.BearerTokenMetadata: Deprecated.
Basic did not evolve into the standard. Instead use Simple Authentication MimeTypeUtils.parseMimeType(WellKnownMimeType.MESSAGE_RSOCKET_AUTHENTICATION.getString())
BearerPayloadExchangeConverter - Class in org.springframework.security.rsocket.authentication: Converts from the PayloadExchange to a BearerTokenAuthenticationToken by extracting BearerTokenMetadata.BEARER_AUTHENTICATION_MIME_TYPE from the metadata.
BearerPayloadExchangeConverter() - Constructor for class org.springframework.security.rsocket.authentication.BearerPayloadExchangeConverter
bearerToken(String) - Static method in class org.springframework.security.web.http.SecurityHeaders: Sets the provided value as a Bearer token in a header with the name of HttpHeaders.AUTHORIZATION
BearerTokenAccessDeniedHandler - Class in org.springframework.security.oauth2.server.resource.web.access: Translates any AccessDeniedException into an HTTP response in accordance with RFC 6750 Section 3: The WWW-Authenticate.
BearerTokenAccessDeniedHandler() - Constructor for class org.springframework.security.oauth2.server.resource.web.access.BearerTokenAccessDeniedHandler
BearerTokenAuthentication - Class in org.springframework.security.oauth2.server.resource.authentication: An Authentication token that represents a successful authentication as obtained through a bearer token.
BearerTokenAuthentication(OAuth2AuthenticatedPrincipal, OAuth2AccessToken, Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication: Constructs a BearerTokenAuthentication with the provided arguments
BearerTokenAuthenticationEncoder - Class in org.springframework.security.rsocket.metadata: Encodes Bearer Authentication.
BearerTokenAuthenticationEncoder() - Constructor for class org.springframework.security.rsocket.metadata.BearerTokenAuthenticationEncoder
BearerTokenAuthenticationEntryPoint - Class in org.springframework.security.oauth2.server.resource.web: An AuthenticationEntryPoint implementation used to commence authentication of protected resource requests using BearerTokenAuthenticationFilter.
BearerTokenAuthenticationEntryPoint() - Constructor for class org.springframework.security.oauth2.server.resource.web.BearerTokenAuthenticationEntryPoint
BearerTokenAuthenticationFilter - Class in org.springframework.security.oauth2.server.resource.web.authentication: Authenticates requests that contain an OAuth 2.0 Bearer Token.
BearerTokenAuthenticationFilter - Class in org.springframework.security.oauth2.server.resource.web: Deprecated.
Use BearerTokenAuthenticationFilter instead
BearerTokenAuthenticationFilter(AuthenticationManager) - Constructor for class org.springframework.security.oauth2.server.resource.web.authentication.BearerTokenAuthenticationFilter: Construct a BearerTokenAuthenticationFilter using the provided parameter(s)
BearerTokenAuthenticationFilter(AuthenticationManager) - Constructor for class org.springframework.security.oauth2.server.resource.web.BearerTokenAuthenticationFilter: Deprecated.

Construct a BearerTokenAuthenticationFilter using the provided parameter(s)
BearerTokenAuthenticationFilter(AuthenticationManagerResolver<HttpServletRequest>) - Constructor for class org.springframework.security.oauth2.server.resource.web.authentication.BearerTokenAuthenticationFilter: Construct a BearerTokenAuthenticationFilter using the provided parameter(s)
BearerTokenAuthenticationFilter(AuthenticationManagerResolver<HttpServletRequest>) - Constructor for class org.springframework.security.oauth2.server.resource.web.BearerTokenAuthenticationFilter: Deprecated.

Construct a BearerTokenAuthenticationFilter using the provided parameter(s)
BearerTokenAuthenticationToken - Class in org.springframework.security.oauth2.server.resource.authentication: An Authentication that contains a Bearer Token.
BearerTokenAuthenticationToken - Class in org.springframework.security.oauth2.server.resource: Deprecated.
Please use BearerTokenAuthenticationToken
BearerTokenAuthenticationToken(String) - Constructor for class org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthenticationToken: Create a BearerTokenAuthenticationToken using the provided parameter(s)
BearerTokenAuthenticationToken(String) - Constructor for class org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken: Deprecated.

Create a BearerTokenAuthenticationToken using the provided parameter(s)
bearerTokenConverter(ServerAuthenticationConverter) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec: Configures the ServerAuthenticationConverter to use for requests authenticating with Bearer Tokens.
BearerTokenError - Class in org.springframework.security.oauth2.server.resource: A representation of a Bearer Token Error.
BearerTokenError(String, HttpStatus, String, String) - Constructor for class org.springframework.security.oauth2.server.resource.BearerTokenError: Create a BearerTokenError using the provided parameters
BearerTokenError(String, HttpStatus, String, String, String) - Constructor for class org.springframework.security.oauth2.server.resource.BearerTokenError: Create a BearerTokenError using the provided parameters
BearerTokenErrorCodes - Class in org.springframework.security.oauth2.server.resource: Standard error codes defined by the OAuth 2.0 Authorization Framework: Bearer Token Usage.
BearerTokenErrors - Class in org.springframework.security.oauth2.server.resource: A factory for creating BearerTokenError instances that correspond to the registered Bearer Token Error Codes.
BearerTokenMetadata - Class in org.springframework.security.rsocket.metadata: Represents a bearer token that has been encoded into a Payload#metadata().
BearerTokenMetadata(String) - Constructor for class org.springframework.security.rsocket.metadata.BearerTokenMetadata
bearerTokenResolver(BearerTokenResolver) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer
BearerTokenResolver - Interface in org.springframework.security.oauth2.server.resource.web: A strategy for resolving Bearer Tokens from the HttpServletRequest.
BearerTokenServerAccessDeniedHandler - Class in org.springframework.security.oauth2.server.resource.web.access.server: Translates any AccessDeniedException into an HTTP response in accordance with RFC 6750 Section 3: The WWW-Authenticate.
BearerTokenServerAccessDeniedHandler() - Constructor for class org.springframework.security.oauth2.server.resource.web.access.server.BearerTokenServerAccessDeniedHandler
BearerTokenServerAuthenticationEntryPoint - Class in org.springframework.security.oauth2.server.resource.web.server: An AuthenticationEntryPoint implementation used to commence authentication of protected resource requests using BearerTokenAuthenticationFilter.
BearerTokenServerAuthenticationEntryPoint() - Constructor for class org.springframework.security.oauth2.server.resource.web.server.BearerTokenServerAuthenticationEntryPoint
before(Authentication, MethodInvocation, PreInvocationAttribute) - Method in class org.springframework.security.access.expression.method.ExpressionBasedPreInvocationAdvice: Deprecated.
before(Authentication, MethodInvocation, PreInvocationAttribute) - Method in interface org.springframework.security.access.prepost.PreInvocationAuthorizationAdvice: Deprecated.

The "before" advice which should be executed to perform any filtering necessary and to decide whether the method call is authorised.
beforeConcurrentHandling(NativeWebRequest, Callable<T>) - Method in class org.springframework.security.web.context.request.async.SecurityContextCallableProcessingInterceptor
beforeConfigure() - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder: Invoked prior to invoking each SecurityConfigurer.configure(SecurityBuilder) method.
beforeConfigure() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
beforeHandle(Message<?>, MessageChannel, MessageHandler) - Method in class org.springframework.security.messaging.context.SecurityContextChannelInterceptor
beforeHandshake(ServerHttpRequest, ServerHttpResponse, WebSocketHandler, Map<String, Object>) - Method in class org.springframework.security.messaging.web.socket.server.CsrfTokenHandshakeInterceptor
beforeInit() - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder: Invoked prior to invoking each SecurityConfigurer.init(SecurityBuilder) method.
beforeInvocation(Object) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor: Deprecated.
beforeServerCreated(WebHttpHandlerBuilder) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.CsrfMutator
beforeServerCreated(WebHttpHandlerBuilder) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.JwtMutator
beforeServerCreated(WebHttpHandlerBuilder) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.OAuth2ClientMutator
beforeServerCreated(WebHttpHandlerBuilder) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.OAuth2LoginMutator
beforeServerCreated(WebHttpHandlerBuilder) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.OidcLoginMutator
beforeServerCreated(WebHttpHandlerBuilder) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.OpaqueTokenMutator
beforeServerCreated(WebHttpHandlerBuilder) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.UserExchangeMutator
beforeSpringSecurityFilterChain(ServletContext) - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer: Invoked before the springSecurityFilterChain is added.
beforeTestClass(TestContext) - Method in class org.springframework.security.test.context.support.ReactorContextTestExecutionListener
beforeTestExecution(TestContext) - Method in class org.springframework.security.test.context.support.ReactorContextTestExecutionListener
beforeTestExecution(TestContext) - Method in class org.springframework.security.test.context.support.WithSecurityContextTestExecutionListener: If configured before test execution sets the SecurityContext
beforeTestMethod(TestContext) - Method in class org.springframework.security.test.context.support.ReactorContextTestExecutionListener
beforeTestMethod(TestContext) - Method in class org.springframework.security.test.context.support.WithSecurityContextTestExecutionListener: Sets up the SecurityContext for each test method.
BindAuthenticator - Class in org.springframework.security.ldap.authentication: An authenticator which binds as a user.
BindAuthenticator(BaseLdapPathContextSource) - Constructor for class org.springframework.security.ldap.authentication.BindAuthenticator: Create an initialized instance using the BaseLdapPathContextSource provided.
binding(Saml2MessageBinding) - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest.Builder: Use this SAML 2.0 Message Binding By default, the asserting party's configured binding is used
binding(Saml2MessageBinding) - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponse.Builder: Use this SAML 2.0 Message Binding By default, the asserting party's configured binding is used
birthdate(String) - Method in class org.springframework.security.oauth2.core.oidc.OidcUserInfo.Builder: Use this birthdate in the resulting OidcUserInfo
BIRTHDATE - Static variable in class org.springframework.security.oauth2.core.oidc.StandardClaimNames: birthdate - the user's birth date
BouncyCastleAesCbcBytesEncryptor - Class in org.springframework.security.crypto.encrypt: An Encryptor equivalent to AesBytesEncryptor using AesBytesEncryptor.CipherAlgorithm.CBC that uses Bouncy Castle instead of JCE.
BouncyCastleAesCbcBytesEncryptor(String, CharSequence) - Constructor for class org.springframework.security.crypto.encrypt.BouncyCastleAesCbcBytesEncryptor
BouncyCastleAesCbcBytesEncryptor(String, CharSequence, BytesKeyGenerator) - Constructor for class org.springframework.security.crypto.encrypt.BouncyCastleAesCbcBytesEncryptor
BouncyCastleAesGcmBytesEncryptor - Class in org.springframework.security.crypto.encrypt: An Encryptor equivalent to AesBytesEncryptor using AesBytesEncryptor.CipherAlgorithm.GCM that uses Bouncy Castle instead of JCE.
BouncyCastleAesGcmBytesEncryptor(String, CharSequence) - Constructor for class org.springframework.security.crypto.encrypt.BouncyCastleAesGcmBytesEncryptor
BouncyCastleAesGcmBytesEncryptor(String, CharSequence, BytesKeyGenerator) - Constructor for class org.springframework.security.crypto.encrypt.BouncyCastleAesGcmBytesEncryptor
build() - Method in class org.springframework.security.config.annotation.AbstractSecurityBuilder
build() - Method in class org.springframework.security.config.annotation.rsocket.RSocketSecurity.AuthorizePayloadsSpec
build() - Method in class org.springframework.security.config.annotation.rsocket.RSocketSecurity.BasicAuthenticationSpec
build() - Method in class org.springframework.security.config.annotation.rsocket.RSocketSecurity
build() - Method in class org.springframework.security.config.annotation.rsocket.RSocketSecurity.JwtSpec
build() - Method in class org.springframework.security.config.annotation.rsocket.RSocketSecurity.SimpleAuthenticationSpec
build() - Method in interface org.springframework.security.config.annotation.SecurityBuilder: Builds the object and returns it or null.
build() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Builds the SecurityWebFilterChain
build() - Method in class org.springframework.security.core.userdetails.User.UserBuilder
build() - Method in class org.springframework.security.messaging.access.intercept.MessageMatcherDelegatingAuthorizationManager.Builder
build() - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizationContext.Builder: Builds a new OAuth2AuthorizationContext.
build() - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClientProviderBuilder.AuthorizationCodeGrantBuilder: Builds an instance of AuthorizationCodeOAuth2AuthorizedClientProvider.
build() - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClientProviderBuilder: Builds an instance of DelegatingOAuth2AuthorizedClientProvider composed of one or more OAuth2AuthorizedClientProvider(s).
build() - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClientProviderBuilder.ClientCredentialsGrantBuilder: Builds an instance of ClientCredentialsOAuth2AuthorizedClientProvider.
build() - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClientProviderBuilder.PasswordGrantBuilder: Builds an instance of PasswordOAuth2AuthorizedClientProvider.
build() - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClientProviderBuilder.RefreshTokenGrantBuilder: Builds an instance of RefreshTokenOAuth2AuthorizedClientProvider.
build() - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizeRequest.Builder: Builds a new OAuth2AuthorizeRequest.
build() - Method in class org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder.AuthorizationCodeGrantBuilder: Builds an instance of AuthorizationCodeReactiveOAuth2AuthorizedClientProvider.
build() - Method in class org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder: Builds an instance of DelegatingReactiveOAuth2AuthorizedClientProvider composed of one or more ReactiveOAuth2AuthorizedClientProvider(s).
build() - Method in class org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder.ClientCredentialsGrantBuilder: Builds an instance of ClientCredentialsReactiveOAuth2AuthorizedClientProvider.
build() - Method in class org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder.PasswordGrantBuilder: Builds an instance of PasswordReactiveOAuth2AuthorizedClientProvider.
build() - Method in class org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder.RefreshTokenGrantBuilder: Builds an instance of RefreshTokenReactiveOAuth2AuthorizedClientProvider.
build() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder: Builds a new ClientRegistration.
build() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse.Builder: Builds a new OAuth2AccessTokenResponse.
build() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest.Builder: Builds a new OAuth2AuthorizationRequest.
build() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse.Builder: Builds a new OAuth2AuthorizationResponse.
build() - Method in class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim.Builder: Builds a new DefaultAddressStandardClaim.
build() - Method in class org.springframework.security.oauth2.core.oidc.OidcIdToken.Builder: Build the OidcIdToken
build() - Method in class org.springframework.security.oauth2.core.oidc.OidcUserInfo.Builder: Build the OidcUserInfo
build() - Method in class org.springframework.security.oauth2.jwt.JwsHeader.Builder: Builds a new JwsHeader.
build() - Method in class org.springframework.security.oauth2.jwt.Jwt.Builder: Build the Jwt
build() - Method in class org.springframework.security.oauth2.jwt.JwtClaimsSet.Builder: Builds a new JwtClaimsSet.
build() - Method in class org.springframework.security.oauth2.jwt.NimbusJwtDecoder.JwkSetUriJwtDecoderBuilder: Build the configured NimbusJwtDecoder.
build() - Method in class org.springframework.security.oauth2.jwt.NimbusJwtDecoder.PublicKeyJwtDecoderBuilder: Build the configured NimbusJwtDecoder.
build() - Method in class org.springframework.security.oauth2.jwt.NimbusJwtDecoder.SecretKeyJwtDecoderBuilder: Build the configured NimbusJwtDecoder.
build() - Method in class org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder.JwkSetUriReactiveJwtDecoderBuilder: Build the configured NimbusReactiveJwtDecoder.
build() - Method in class org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder.JwkSourceReactiveJwtDecoderBuilder: Build the configured NimbusReactiveJwtDecoder.
build() - Method in class org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder.PublicKeyReactiveJwtDecoderBuilder: Build the configured NimbusReactiveJwtDecoder.
build() - Method in class org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder.SecretKeyReactiveJwtDecoderBuilder: Build the configured NimbusReactiveJwtDecoder.
build() - Method in class org.springframework.security.rsocket.authorization.PayloadExchangeMatcherReactiveAuthorizationManager.Builder
build() - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest.Builder: Build the Saml2LogoutRequest
build() - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponse.Builder: Build the Saml2LogoutResponse
build() - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutValidatorResult.Builder
build() - Method in class org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest.Builder: Constructs an immutable Saml2PostAuthenticationRequest object.
build() - Method in class org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest.Builder: Constructs an immutable Saml2RedirectAuthenticationRequest object.
build() - Method in class org.springframework.security.saml2.provider.service.registration.OpenSamlAssertingPartyDetails.Builder: Build an OpenSamlAssertingPartyDetails
build() - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails.Builder: Creates an immutable ProviderDetails object representing the configuration for an Identity Provider, IDP
build() - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.Builder: Constructs a RelyingPartyRegistration object based on the builder configurations
build() - Method in class org.springframework.security.web.access.intercept.RequestMatcherDelegatingAuthorizationManager.Builder: Creates a RequestMatcherDelegatingAuthorizationManager instance.
build() - Method in class org.springframework.security.web.authentication.RequestMatcherDelegatingAuthenticationManagerResolver.Builder: Creates a RequestMatcherDelegatingAuthenticationManagerResolver instance.
build() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
build() - Method in class org.springframework.security.web.server.authentication.ServerWebExchangeDelegatingReactiveAuthenticationManagerResolver.Builder: Creates a RequestMatcherDelegatingAuthenticationManagerResolver instance.
build() - Method in class org.springframework.security.web.server.authorization.DelegatingReactiveAuthorizationManager.Builder
build() - Method in class org.springframework.security.web.server.header.StaticServerHttpHeadersWriter.Builder
buildDetails(C) - Method in interface org.springframework.security.authentication.AuthenticationDetailsSource: Called by a class when it wishes a new authentication details instance to be created.
buildDetails(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource: Builds the authentication details object.
buildDetails(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.websphere.WebSpherePreAuthenticatedWebAuthenticationDetailsSource
buildDetails(HttpServletRequest) - Method in class org.springframework.security.web.authentication.WebAuthenticationDetailsSource
buildDn(String) - Method in class org.springframework.security.ldap.DefaultLdapUsernameToDnMapper: Assembles the Distinguished Name that should be used the given username.
buildDn(String) - Method in interface org.springframework.security.ldap.LdapUsernameToDnMapper
builder() - Static method in class org.springframework.security.core.userdetails.User: Creates a UserBuilder
builder() - Static method in class org.springframework.security.messaging.access.intercept.MessageMatcherDelegatingAuthorizationManager: Creates a builder for MessageMatcherDelegatingAuthorizationManager.
builder() - Static method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClientProviderBuilder: Returns a new OAuth2AuthorizedClientProviderBuilder for configuring the supported authorization grant(s).
builder() - Static method in class org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder: Returns a new ReactiveOAuth2AuthorizedClientProviderBuilder for configuring the supported authorization grant(s).
builder() - Static method in class org.springframework.security.oauth2.core.oidc.OidcUserInfo: Create a OidcUserInfo.Builder
builder() - Static method in class org.springframework.security.oauth2.jwt.JwtClaimsSet: Returns a new JwtClaimsSet.Builder.
builder() - Static method in class org.springframework.security.rsocket.authorization.PayloadExchangeMatcherReactiveAuthorizationManager
builder() - Static method in class org.springframework.security.web.access.intercept.RequestMatcherDelegatingAuthorizationManager: Creates a builder for RequestMatcherDelegatingAuthorizationManager.
builder() - Static method in class org.springframework.security.web.authentication.RequestMatcherDelegatingAuthenticationManagerResolver: Creates a builder for RequestMatcherDelegatingAuthorizationManager.
builder() - Static method in class org.springframework.security.web.server.authentication.ServerWebExchangeDelegatingReactiveAuthenticationManagerResolver: Creates a builder for RequestMatcherDelegatingAuthorizationManager.
builder() - Static method in class org.springframework.security.web.server.authorization.DelegatingReactiveAuthorizationManager
builder() - Static method in class org.springframework.security.web.server.header.StaticServerHttpHeadersWriter
Builder() - Constructor for class org.springframework.security.messaging.access.intercept.MessageMatcherDelegatingAuthorizationManager.Builder
Builder() - Constructor for class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim.Builder: Default constructor.
Builder() - Constructor for class org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest.Builder: Deprecated.
Use Builder(RelyingPartyRegistration) instead
Builder() - Constructor for class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails.Builder
Builder() - Constructor for class org.springframework.security.web.access.intercept.RequestMatcherDelegatingAuthorizationManager.Builder
Builder() - Constructor for class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
Builder() - Constructor for class org.springframework.security.web.server.header.StaticServerHttpHeadersWriter.Builder
Builder(Map<String, Object>) - Constructor for class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim.Builder: Constructs and initializes the address attributes using the provided addressFields.
Builder(RelyingPartyRegistration) - Constructor for class org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest.Builder: Creates a new Builder with relying party registration
Builder(HandlerMappingIntrospector) - Constructor for class org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher.Builder: Construct a new instance of this builder
buildFromMask(int) - Method in class org.springframework.security.acls.domain.DefaultPermissionFactory
buildFromMask(int) - Method in interface org.springframework.security.acls.domain.PermissionFactory: Dynamically creates a CumulativePermission or BasePermission representing the active bits in the passed mask.
buildFromName(String) - Method in class org.springframework.security.acls.domain.DefaultPermissionFactory
buildFromName(String) - Method in interface org.springframework.security.acls.domain.PermissionFactory
buildFromNames(List<String>) - Method in class org.springframework.security.acls.domain.DefaultPermissionFactory
buildFromNames(List<String>) - Method in interface org.springframework.security.acls.domain.PermissionFactory
buildFullRequestUrl(HttpServletRequest) - Static method in class org.springframework.security.web.util.UrlUtils
buildFullRequestUrl(String, String, int, String, String) - Static method in class org.springframework.security.web.util.UrlUtils: Obtains the full URL the client used to make the request.
buildGroupDn(String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager: Creates a DN from a group name.
buildHttpsRedirectUrlForRequest(HttpServletRequest) - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint: Builds a URL to redirect the supplied request to HTTPS.
buildRedirectUrlToLoginPage(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
buildRequest(ServletContext) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.FormLoginRequestBuilder
buildRequest(ServletContext) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.LogoutRequestBuilder
buildRequestUrl(HttpServletRequest) - Static method in class org.springframework.security.web.util.UrlUtils: Obtains the web application-specific fragment of the request URL.
buildRunAs(Authentication, Object, Collection<ConfigAttribute>) - Method in interface org.springframework.security.access.intercept.RunAsManager: Deprecated.

Returns a replacement Authentication object for the current secure object invocation, or null if replacement not required.
buildRunAs(Authentication, Object, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.intercept.RunAsManagerImpl: Deprecated.
BytesEncryptor - Interface in org.springframework.security.crypto.encrypt: Service interface for symmetric data encryption.
BytesKeyGenerator - Interface in org.springframework.security.crypto.keygen: A generator for unique byte array-based keys.

C

C_HASH - Static variable in class org.springframework.security.oauth2.core.oidc.IdTokenClaimNames: c_hash - the Authorization Code hash value
cache() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec: Configures cache control headers
cache(Cache) - Method in class org.springframework.security.oauth2.jwt.NimbusJwtDecoder.JwkSetUriJwtDecoderBuilder: Use the given Cache to store JWK Set.
cache(Customizer<ServerHttpSecurity.HeaderSpec.CacheSpec>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec: Configures cache control headers
CACHE - Enum constant in enum class org.springframework.security.web.header.writers.ClearSiteDataHeaderWriter.Directive
CACHE - Enum constant in enum class org.springframework.security.web.server.header.ClearSiteDataServerHttpHeadersWriter.Directive
CACHE_CONTRTOL_VALUE - Static variable in class org.springframework.security.web.server.header.CacheControlServerHttpHeadersWriter: The value for cache control value
cacheControl() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer: Allows customizing the CacheControlHeadersWriter.
cacheControl(Customizer<HeadersConfigurer.CacheControlConfig>) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer: Allows customizing the CacheControlHeadersWriter.
CacheControlHeadersWriter - Class in org.springframework.security.web.header.writers: Inserts headers to prevent caching if no cache control headers have been specified.
CacheControlHeadersWriter() - Constructor for class org.springframework.security.web.header.writers.CacheControlHeadersWriter: Creates a new instance
CacheControlServerHttpHeadersWriter - Class in org.springframework.security.web.server.header: Writes cache control related headers.
CacheControlServerHttpHeadersWriter() - Constructor for class org.springframework.security.web.server.header.CacheControlServerHttpHeadersWriter
cachePermissionsFor(Authentication, Collection<?>) - Method in interface org.springframework.security.access.PermissionCacheOptimizer: Optimises the permission cache for anticipated operation on the supplied collection of objects.
cachePermissionsFor(Authentication, Collection<?>) - Method in class org.springframework.security.acls.AclPermissionCacheOptimizer
CACHING_SUFFIX - Static variable in class org.springframework.security.config.authentication.AbstractUserDetailsServiceBeanDefinitionParser
CachingUserDetailsService - Class in org.springframework.security.authentication
CachingUserDetailsService(UserDetailsService) - Constructor for class org.springframework.security.authentication.CachingUserDetailsService
calculateLoginLifetime(HttpServletRequest, Authentication) - Method in class org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices: Calculates the validity period in seconds for a newly generated remember-me login.
calculateRedirectUrl(String, String) - Method in class org.springframework.security.web.DefaultRedirectStrategy
call() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextCallable
cancelCookie(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices: Sets a "cancel cookie" (with maxAge = 0) on the response to disable persistent logins.
canRead(Class<?>, MediaType) - Method in class org.springframework.security.saml2.provider.service.registration.OpenSamlRelyingPartyRegistrationBuilderHttpMessageConverter
canWrite(Class<?>, MediaType) - Method in class org.springframework.security.saml2.provider.service.registration.OpenSamlRelyingPartyRegistrationBuilderHttpMessageConverter
CBC - Enum constant in enum class org.springframework.security.crypto.encrypt.AesBytesEncryptor.CipherAlgorithm
chainRequestMatchers(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry: Subclasses should implement this method for returning the object that is chained to the creation of the RequestMatcher instances.
chainRequestMatchers(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity.RequestMatcherConfigurer
chainRequestMatchers(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity.IgnoredRequestConfigurer
chainRequestMatchers(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractConfigAttributeRequestMatcherRegistry: Marks the RequestMatcher's as unmapped and then calls AbstractConfigAttributeRequestMatcherRegistry.chainRequestMatchersInternal(List).
chainRequestMatchers(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry
chainRequestMatchersInternal(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractConfigAttributeRequestMatcherRegistry: Subclasses should implement this method for returning the object that is chained to the creation of the RequestMatcher instances.
chainRequestMatchersInternal(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.ChannelRequestMatcherRegistry
chainRequestMatchersInternal(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry: Deprecated.
chainRequestMatchersInternal(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.StandardInterceptUrlRegistry: Deprecated.
CHANGE_AFTER_RESET - Enum constant in enum class org.springframework.security.ldap.ppolicy.PasswordPolicyErrorStatus
CHANGE_AUDITING - Static variable in interface org.springframework.security.acls.domain.AclAuthorizationStrategy
CHANGE_GENERAL - Static variable in interface org.springframework.security.acls.domain.AclAuthorizationStrategy
CHANGE_OWNERSHIP - Static variable in interface org.springframework.security.acls.domain.AclAuthorizationStrategy
changePassword(String, String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager: Changes the password for the current user.
changePassword(String, String) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
changePassword(String, String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
changePassword(String, String) - Method in interface org.springframework.security.provisioning.UserDetailsManager: Modify the current user's password.
changePasswordPage(String) - Method in class org.springframework.security.config.annotation.web.configurers.PasswordManagementConfigurer: Sets the change password page.
changePasswordPage(String) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.PasswordManagementSpec: Sets the change password page.
changeSessionId() - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.SessionFixationConfigurer: Specifies that the Servlet container-provided session fixation protection should be used.
ChangeSessionIdAuthenticationStrategy - Class in org.springframework.security.web.authentication.session: Uses HttpServletRequest.changeSessionId() to protect against session fixation attacks.
ChangeSessionIdAuthenticationStrategy() - Constructor for class org.springframework.security.web.authentication.session.ChangeSessionIdAuthenticationStrategy
ChannelAttributeFactory - Class in org.springframework.security.config.http: Used as a factory bean to create config attribute values for the requires-channel attribute.
ChannelDecisionManager - Interface in org.springframework.security.web.access.channel: Decides whether a web channel provides sufficient security.
ChannelDecisionManagerImpl - Class in org.springframework.security.web.access.channel: Implementation of ChannelDecisionManager.
ChannelDecisionManagerImpl() - Constructor for class org.springframework.security.web.access.channel.ChannelDecisionManagerImpl
ChannelEntryPoint - Interface in org.springframework.security.web.access.channel: May be used by a ChannelProcessor to launch a web channel.
ChannelProcessingFilter - Class in org.springframework.security.web.access.channel: Ensures a web request is delivered over the required channel.
ChannelProcessingFilter() - Constructor for class org.springframework.security.web.access.channel.ChannelProcessingFilter
ChannelProcessor - Interface in org.springframework.security.web.access.channel: Decides whether a web channel meets a specific security condition.
channelProcessors(List<ChannelProcessor>) - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.ChannelRequestMatcherRegistry: Sets the ChannelProcessor instances to use in ChannelDecisionManagerImpl
ChannelSecurityConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers: Adds channel security (i.e.
ChannelSecurityConfigurer(ApplicationContext) - Constructor for class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer: Creates a new instance
ChannelSecurityConfigurer.ChannelRequestMatcherRegistry - Class in org.springframework.security.config.annotation.web.configurers
ChannelSecurityConfigurer.RequiresChannelUrl - Class in org.springframework.security.config.annotation.web.configurers
ChannelSecurityInterceptor - Class in org.springframework.security.messaging.access.intercept: Deprecated.
Use AuthorizationChannelInterceptor instead
ChannelSecurityInterceptor(MessageSecurityMetadataSource) - Constructor for class org.springframework.security.messaging.access.intercept.ChannelSecurityInterceptor: Deprecated.

Creates a new instance
check(Supplier<Authentication>, HttpServletRequest) - Method in class org.springframework.security.web.access.intercept.RequestMatcherDelegatingAuthorizationManager: Delegates to a specific AuthorizationManager based on a RequestMatcher evaluation.
check(Supplier<Authentication>, MethodInvocation) - Method in class org.springframework.security.authorization.method.Jsr250AuthorizationManager: Determine if an Authentication has access to a method by evaluating the DenyAll, PermitAll, and RolesAllowed annotations that MethodInvocation specifies.
check(Supplier<Authentication>, MethodInvocation) - Method in class org.springframework.security.authorization.method.MethodExpressionAuthorizationManager: Determines the access by evaluating the provided expression.
check(Supplier<Authentication>, MethodInvocation) - Method in class org.springframework.security.authorization.method.PreAuthorizeAuthorizationManager: Determine if an Authentication has access to a method by evaluating an expression from the PreAuthorize annotation that the MethodInvocation specifies.
check(Supplier<Authentication>, MethodInvocation) - Method in class org.springframework.security.authorization.method.SecuredAuthorizationManager: Determine if an Authentication has access to a method by evaluating the Secured annotation that MethodInvocation specifies.
check(Supplier<Authentication>, Message<?>) - Method in class org.springframework.security.messaging.access.intercept.MessageMatcherDelegatingAuthorizationManager: Delegates to a specific AuthorizationManager based on a MessageMatcher evaluation.
check(Supplier<Authentication>, MethodInvocationResult) - Method in class org.springframework.security.authorization.method.PostAuthorizeAuthorizationManager: Determine if an Authentication has access to the returned object by evaluating the PostAuthorize annotation that the MethodInvocation specifies.
check(Supplier<Authentication>, RequestAuthorizationContext) - Method in class org.springframework.security.web.access.expression.WebExpressionAuthorizationManager: Determines the access by evaluating the provided expression.
check(Supplier<Authentication>, T) - Method in class org.springframework.security.authorization.AuthenticatedAuthorizationManager: Determines if the current user is authorized according to the given strategy.
check(Supplier<Authentication>, T) - Method in class org.springframework.security.authorization.AuthorityAuthorizationManager: Determines if the current user is authorized by evaluating if the Authentication contains a specified authority.
check(Supplier<Authentication>, T) - Method in interface org.springframework.security.authorization.AuthorizationManager: Determines if access is granted for a specific authentication and object.
check(Supplier<Authentication>, T) - Method in class org.springframework.security.authorization.ObservationAuthorizationManager
check(UserDetails) - Method in class org.springframework.security.authentication.AccountStatusUserDetailsChecker
check(UserDetails) - Method in interface org.springframework.security.core.userdetails.UserDetailsChecker: Examines the User
check(Mono<Authentication>, MethodInvocation) - Method in class org.springframework.security.authorization.method.PreAuthorizeReactiveAuthorizationManager: Determines if an Authentication has access to the MethodInvocation by evaluating an expression from the PreAuthorize annotation.
check(Mono<Authentication>, MethodInvocationResult) - Method in class org.springframework.security.authorization.method.PostAuthorizeReactiveAuthorizationManager: Determines if an Authentication has access to the returned object from the MethodInvocation by evaluating an expression from the PostAuthorize annotation.
check(Mono<Authentication>, PayloadExchange) - Method in class org.springframework.security.rsocket.authorization.PayloadExchangeMatcherReactiveAuthorizationManager
check(Mono<Authentication>, AuthorizationContext) - Method in class org.springframework.security.web.server.authorization.IpAddressReactiveAuthorizationManager
check(Mono<Authentication>, ServerWebExchange) - Method in class org.springframework.security.web.server.authorization.DelegatingReactiveAuthorizationManager
check(Mono<Authentication>, T) - Method in class org.springframework.security.authorization.AuthenticatedReactiveAuthorizationManager
check(Mono<Authentication>, T) - Method in class org.springframework.security.authorization.AuthorityReactiveAuthorizationManager
check(Mono<Authentication>, T) - Method in class org.springframework.security.authorization.ObservationReactiveAuthorizationManager
check(Mono<Authentication>, T) - Method in interface org.springframework.security.authorization.ReactiveAuthorizationManager: Determines if access is granted for a specific authentication and object.
checkAllowIfAllAbstainDecisions() - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager: Deprecated.
checkpw(byte[], String) - Static method in class org.springframework.security.crypto.bcrypt.BCrypt: Check that a password (as a byte array) matches a previously hashed one
checkpw(String, String) - Static method in class org.springframework.security.crypto.bcrypt.BCrypt: Check that a plaintext password matches a previously hashed one
ChildAuthenticationManagerFactoryBean(List<AuthenticationProvider>, AuthenticationManager) - Constructor for class org.springframework.security.config.http.HttpSecurityBeanDefinitionParser.ChildAuthenticationManagerFactoryBean
ChildrenExistException - Exception in org.springframework.security.acls.model: Thrown if an Acl cannot be deleted because children Acls exist.
ChildrenExistException(String) - Constructor for exception org.springframework.security.acls.model.ChildrenExistException: Constructs an ChildrenExistException with the specified message.
ChildrenExistException(String, Throwable) - Constructor for exception org.springframework.security.acls.model.ChildrenExistException: Constructs an ChildrenExistException with the specified message and root cause.
ciRegex - Enum constant in enum class org.springframework.security.config.http.MatcherType
claim(String, Object) - Method in class org.springframework.security.oauth2.core.oidc.OidcIdToken.Builder: Use this claim in the resulting OidcIdToken
claim(String, Object) - Method in class org.springframework.security.oauth2.core.oidc.OidcUserInfo.Builder: Use this claim in the resulting OidcUserInfo
claim(String, Object) - Method in class org.springframework.security.oauth2.jwt.Jwt.Builder: Use this claim in the resulting Jwt
claim(String, Object) - Method in class org.springframework.security.oauth2.jwt.JwtClaimsSet.Builder: Sets the claim.
ClaimAccessor - Interface in org.springframework.security.oauth2.core: An "accessor" for a set of claims that may be used for assertions.
ClaimConversionService - Class in org.springframework.security.oauth2.core.converter: A ConversionService configured with converters that provide type conversion for claim values.
claims(Consumer<Map<String, Object>>) - Method in class org.springframework.security.oauth2.core.oidc.OidcIdToken.Builder: Provides access to every OidcIdToken.Builder.claim(String, Object) declared so far with the possibility to add, replace, or remove.
claims(Consumer<Map<String, Object>>) - Method in class org.springframework.security.oauth2.core.oidc.OidcUserInfo.Builder: Provides access to every OidcUserInfo.Builder.claim(String, Object) declared so far with the possibility to add, replace, or remove.
claims(Consumer<Map<String, Object>>) - Method in class org.springframework.security.oauth2.jwt.Jwt.Builder: Provides access to every Jwt.Builder.claim(String, Object) declared so far with the possibility to add, replace, or remove.
claims(Consumer<Map<String, Object>>) - Method in class org.springframework.security.oauth2.jwt.JwtClaimsSet.Builder: A Consumer to be provided access to the claims allowing the ability to add, replace, or remove.
ClaimTypeConverter - Class in org.springframework.security.oauth2.core.converter: A Converter that provides type conversion for claim values.
ClaimTypeConverter(Map<String, Converter<Object, ?>>) - Constructor for class org.springframework.security.oauth2.core.converter.ClaimTypeConverter: Constructs a ClaimTypeConverter using the provided parameters.
clear() - Method in class org.springframework.security.acls.domain.CumulativePermission
clear(Permission) - Method in class org.springframework.security.acls.domain.CumulativePermission
CLEAR_SITE_DATA_HEADER - Static variable in class org.springframework.security.web.server.header.ClearSiteDataServerHttpHeadersWriter
clearAuthentication(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer: Specifies if SecurityContextLogoutHandler should clear the Authentication at the time of logout.
clearAuthenticationAttributes(HttpServletRequest) - Method in class org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler: Removes temporary authentication-related data which may have been stored in the session during the authentication process.
clearCache() - Method in class org.springframework.security.acls.domain.SpringCacheBasedAclCache
clearCache() - Method in interface org.springframework.security.acls.model.AclCache
clearContext() - Method in class org.springframework.security.core.context.ListeningSecurityContextHolderStrategy: Clears the current context.
clearContext() - Static method in class org.springframework.security.core.context.ReactiveSecurityContextHolder: Clears the Mono<SecurityContext> from Reactor Context
clearContext() - Static method in class org.springframework.security.core.context.SecurityContextHolder: Explicitly clears the context value from the current thread.
clearContext() - Method in interface org.springframework.security.core.context.SecurityContextHolderStrategy: Clears the current context.
clearContext() - Static method in class org.springframework.security.test.context.TestSecurityContextHolder: Clears the SecurityContext from TestSecurityContextHolder and SecurityContextHolder.
clearContext() - Method in class org.springframework.security.test.context.TestSecurityContextHolderStrategyAdapter
ClearSiteDataHeaderWriter - Class in org.springframework.security.web.header.writers: Provides support for Clear Site Data.
ClearSiteDataHeaderWriter(ClearSiteDataHeaderWriter.Directive...) - Constructor for class org.springframework.security.web.header.writers.ClearSiteDataHeaderWriter: Creates a new instance of ClearSiteDataHeaderWriter with given sources.
ClearSiteDataHeaderWriter.Directive - Enum Class in org.springframework.security.web.header.writers: Represents the directive values expected by the ClearSiteDataHeaderWriter.
ClearSiteDataServerHttpHeadersWriter - Class in org.springframework.security.web.server.header: Writes the Clear-Site-Data response header when the request is secure.
ClearSiteDataServerHttpHeadersWriter(ClearSiteDataServerHttpHeadersWriter.Directive...) - Constructor for class org.springframework.security.web.server.header.ClearSiteDataServerHttpHeadersWriter: Constructs a new instance using the given directives.
ClearSiteDataServerHttpHeadersWriter.Directive - Enum Class in org.springframework.security.web.server.header: Represents the directive values expected by the ClearSiteDataServerHttpHeadersWriter
CLIENT_ASSERTION - Static variable in class org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames: client_assertion - used in Access Token Request.
CLIENT_ASSERTION_TYPE - Static variable in class org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames: client_assertion_type - used in Access Token Request.
CLIENT_CREDENTIALS - Static variable in class org.springframework.security.oauth2.core.AuthorizationGrantType
CLIENT_ID - Static variable in class org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames: client_id - used in Authorization Request and Access Token Request.
CLIENT_ID - Static variable in class org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimNames: client_id - The Client identifier for the token
CLIENT_REGISTRATIONS - Static variable in class org.springframework.security.config.Elements
CLIENT_SECRET - Static variable in class org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames: client_secret - used in Access Token Request.
CLIENT_SECRET_BASIC - Static variable in class org.springframework.security.oauth2.core.ClientAuthenticationMethod
CLIENT_SECRET_JWT - Static variable in class org.springframework.security.oauth2.core.ClientAuthenticationMethod
CLIENT_SECRET_POST - Static variable in class org.springframework.security.oauth2.core.ClientAuthenticationMethod
clientAuthenticationMethod(ClientAuthenticationMethod) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder: Sets the authentication method used when authenticating the client with the authorization server.
ClientAuthenticationMethod - Class in org.springframework.security.oauth2.core: The authentication method used when authenticating the client with the authorization server.
ClientAuthenticationMethod(String) - Constructor for class org.springframework.security.oauth2.core.ClientAuthenticationMethod: Constructs a ClientAuthenticationMethod using the provided value.
ClientAuthorizationException - Exception in org.springframework.security.oauth2.client: This exception is thrown on the client side when an attempt to authenticate or authorize an OAuth 2.0 client fails.
ClientAuthorizationException(OAuth2Error, String) - Constructor for exception org.springframework.security.oauth2.client.ClientAuthorizationException: Constructs a ClientAuthorizationException using the provided parameters.
ClientAuthorizationException(OAuth2Error, String, String) - Constructor for exception org.springframework.security.oauth2.client.ClientAuthorizationException: Constructs a ClientAuthorizationException using the provided parameters.
ClientAuthorizationException(OAuth2Error, String, String, Throwable) - Constructor for exception org.springframework.security.oauth2.client.ClientAuthorizationException: Constructs a ClientAuthorizationException using the provided parameters.
ClientAuthorizationException(OAuth2Error, String, Throwable) - Constructor for exception org.springframework.security.oauth2.client.ClientAuthorizationException: Constructs a ClientAuthorizationException using the provided parameters.
ClientAuthorizationRequiredException - Exception in org.springframework.security.oauth2.client: This exception is thrown when an OAuth 2.0 Client is required to obtain authorization from the Resource Owner.
ClientAuthorizationRequiredException(String) - Constructor for exception org.springframework.security.oauth2.client.ClientAuthorizationRequiredException: Constructs a ClientAuthorizationRequiredException using the provided parameters.
clientCredentials() - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClientProviderBuilder: Configures support for the client_credentials grant.
clientCredentials() - Method in class org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder: Configures support for the client_credentials grant.
clientCredentials(Consumer<OAuth2AuthorizedClientProviderBuilder.ClientCredentialsGrantBuilder>) - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClientProviderBuilder: Configures support for the client_credentials grant.
clientCredentials(Consumer<ReactiveOAuth2AuthorizedClientProviderBuilder.ClientCredentialsGrantBuilder>) - Method in class org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder: Configures support for the client_credentials grant.
ClientCredentialsOAuth2AuthorizedClientProvider - Class in org.springframework.security.oauth2.client: An implementation of an OAuth2AuthorizedClientProvider for the client_credentials grant.
ClientCredentialsOAuth2AuthorizedClientProvider() - Constructor for class org.springframework.security.oauth2.client.ClientCredentialsOAuth2AuthorizedClientProvider
ClientCredentialsReactiveOAuth2AuthorizedClientProvider - Class in org.springframework.security.oauth2.client: An implementation of a ReactiveOAuth2AuthorizedClientProvider for the client_credentials grant.
ClientCredentialsReactiveOAuth2AuthorizedClientProvider() - Constructor for class org.springframework.security.oauth2.client.ClientCredentialsReactiveOAuth2AuthorizedClientProvider
clientId(String) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder: Sets the client identifier.
clientId(String) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest.Builder: Sets the client identifier.
clientName(String) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder: Sets the logical name of the client or registration.
clientRegistration(Consumer<ClientRegistration.Builder>) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.OAuth2ClientMutator: Use this Consumer to configure a ClientRegistration
clientRegistration(Consumer<ClientRegistration.Builder>) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.OAuth2ClientRequestPostProcessor: Use this Consumer to configure a ClientRegistration
clientRegistration(ClientRegistration) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.OAuth2ClientMutator: Use this ClientRegistration
clientRegistration(ClientRegistration) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.OAuth2LoginMutator: Use the provided ClientRegistration as the client to authorize.
clientRegistration(ClientRegistration) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.OidcLoginMutator: Use the provided ClientRegistration as the client to authorize.
clientRegistration(ClientRegistration) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.OAuth2ClientRequestPostProcessor: Use this ClientRegistration
clientRegistration(ClientRegistration) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.OAuth2LoginRequestPostProcessor: Use the provided ClientRegistration as the client to authorize.
clientRegistration(ClientRegistration) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.OidcLoginRequestPostProcessor: Use the provided ClientRegistration as the client to authorize.
ClientRegistration - Class in org.springframework.security.oauth2.client.registration: A representation of a client registration with an OAuth 2.0 or OpenID Connect 1.0 Provider.
ClientRegistration.Builder - Class in org.springframework.security.oauth2.client.registration: A builder for ClientRegistration.
ClientRegistration.ProviderDetails - Class in org.springframework.security.oauth2.client.registration: Details of the Provider.
ClientRegistration.ProviderDetails.UserInfoEndpoint - Class in org.springframework.security.oauth2.client.registration: Details of the UserInfo Endpoint.
clientRegistrationId(String) - Static method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction: Modifies the ClientRequest.attributes() to include the ClientRegistration.getRegistrationId() to be used to look up the OAuth2AuthorizedClient.
clientRegistrationId(String) - Static method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction: Modifies the ClientRequest.attributes() to include the ClientRegistration.getRegistrationId() to be used to look up the OAuth2AuthorizedClient.
clientRegistrationRepository - Variable in class org.springframework.security.oauth2.client.JdbcOAuth2AuthorizedClientService.OAuth2AuthorizedClientRowMapper
clientRegistrationRepository - Variable in class org.springframework.security.oauth2.client.R2dbcReactiveOAuth2AuthorizedClientService
clientRegistrationRepository(ClientRegistrationRepository) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2ClientConfigurer: Sets the repository of client registrations.
clientRegistrationRepository(ClientRegistrationRepository) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer: Sets the repository of client registrations.
clientRegistrationRepository(ReactiveClientRegistrationRepository) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ClientSpec: Configures the ReactiveClientRegistrationRepository.
clientRegistrationRepository(ReactiveClientRegistrationRepository) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2LoginSpec
ClientRegistrationRepository - Interface in org.springframework.security.oauth2.client.registration: A repository for OAuth 2.0 / OpenID Connect 1.0 ClientRegistration(s).
ClientRegistrations - Class in org.springframework.security.oauth2.client.registration: Allows creating a ClientRegistration.Builder from an OpenID Provider Configuration or Authorization Server Metadata based on provided issuer.
ClientRegistrationsBeanDefinitionParser - Class in org.springframework.security.config.oauth2.client
ClientRegistrationsBeanDefinitionParser() - Constructor for class org.springframework.security.config.oauth2.client.ClientRegistrationsBeanDefinitionParser
clientSecret(String) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder: Sets the client secret.
clock(Clock) - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClientProviderBuilder.ClientCredentialsGrantBuilder: Sets the Clock used in Instant.now(Clock) when checking the access token expiry.
clock(Clock) - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClientProviderBuilder.PasswordGrantBuilder: Sets the Clock used in Instant.now(Clock) when checking the access token expiry.
clock(Clock) - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClientProviderBuilder.RefreshTokenGrantBuilder: Sets the Clock used in Instant.now(Clock) when checking the access token expiry.
clock(Clock) - Method in class org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder.ClientCredentialsGrantBuilder: Sets the Clock used in Instant.now(Clock) when checking the access token expiry.
clock(Clock) - Method in class org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder.PasswordGrantBuilder: Sets the Clock used in Instant.now(Clock) when checking the access token expiry.
clock(Clock) - Method in class org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder.RefreshTokenGrantBuilder: Sets the Clock used in Instant.now(Clock) when checking the access token expiry.
clockSkew(Duration) - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClientProviderBuilder.ClientCredentialsGrantBuilder: Sets the maximum acceptable clock skew, which is used when checking the access token expiry.
clockSkew(Duration) - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClientProviderBuilder.PasswordGrantBuilder: Sets the maximum acceptable clock skew, which is used when checking the access token expiry.
clockSkew(Duration) - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClientProviderBuilder.RefreshTokenGrantBuilder: Sets the maximum acceptable clock skew, which is used when checking the access token expiry.
clockSkew(Duration) - Method in class org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder.ClientCredentialsGrantBuilder: Sets the maximum acceptable clock skew, which is used when checking the access token expiry.
clockSkew(Duration) - Method in class org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder.PasswordGrantBuilder: Sets the maximum acceptable clock skew, which is used when checking the access token expiry.
clockSkew(Duration) - Method in class org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder.RefreshTokenGrantBuilder: Sets the maximum acceptable clock skew, which is used when checking the access token expiry.
closeContext(Context) - Static method in class org.springframework.security.ldap.LdapUtils
closeEnumeration(NamingEnumeration) - Static method in class org.springframework.security.ldap.LdapUtils
code - Variable in class org.springframework.security.acls.domain.AbstractPermission
code(String) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse.Builder: Sets the authorization code.
CODE - Static variable in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponseType
CODE - Static variable in class org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames: code - used in Authorization Response and Access Token Request.
CODE_CHALLENGE - Static variable in class org.springframework.security.oauth2.core.endpoint.PkceParameterNames: code_challenge - used in Authorization Request.
CODE_CHALLENGE_METHOD - Static variable in class org.springframework.security.oauth2.core.endpoint.PkceParameterNames: code_challenge_method - used in Authorization Request.
CODE_VERIFIER - Static variable in class org.springframework.security.oauth2.core.endpoint.PkceParameterNames: code_verifier - used in Token Request.
collectionFromMetadata(InputStream) - Static method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrations: Return a Collection of RelyingPartyRegistration.Builders based off of the given SAML 2.0 Asserting Party (IDP) metadata.
collectionFromMetadataLocation(String) - Static method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrations: Return a Collection of RelyingPartyRegistration.Builders based off of the given SAML 2.0 Asserting Party (IDP) metadata location.
commaSeparatedStringToAuthorityList(String) - Static method in class org.springframework.security.core.authority.AuthorityUtils: Creates a array of GrantedAuthority objects from a comma-separated string representation (e.g.
commence(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
commence(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.access.channel.ChannelEntryPoint: Commences a secure channel.
commence(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.oauth2.server.resource.web.BearerTokenAuthenticationEntryPoint: Collect error details from the provided parameters and format according to RFC 6750, specifically error, error_description, error_uri, and scope.
commence(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint
commence(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.Http403ForbiddenEntryPoint: Always returns a 403 error code to the client.
commence(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.HttpStatusEntryPoint
commence(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint: Performs the redirect (or forward) to the login form URL.
commence(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint
commence(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
commence(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in interface org.springframework.security.web.AuthenticationEntryPoint: Commences an authentication scheme.
commence(ServerWebExchange, AuthenticationException) - Method in class org.springframework.security.oauth2.server.resource.web.server.BearerTokenServerAuthenticationEntryPoint
commence(ServerWebExchange, AuthenticationException) - Method in class org.springframework.security.web.server.authentication.HttpBasicServerAuthenticationEntryPoint
commence(ServerWebExchange, AuthenticationException) - Method in class org.springframework.security.web.server.authentication.HttpStatusServerEntryPoint
commence(ServerWebExchange, AuthenticationException) - Method in class org.springframework.security.web.server.authentication.RedirectServerAuthenticationEntryPoint
commence(ServerWebExchange, AuthenticationException) - Method in class org.springframework.security.web.server.DelegatingServerAuthenticationEntryPoint
commence(ServerWebExchange, AuthenticationException) - Method in interface org.springframework.security.web.server.ServerAuthenticationEntryPoint: Initiates the authentication flow
commit() - Method in class org.springframework.security.authentication.jaas.SecurityContextLoginModule: Authenticate the Subject (phase two) by adding the Spring Security Authentication to the Subject's principals.
CommonOAuth2Provider - Enum Class in org.springframework.security.config.oauth2.client: Common OAuth2 Providers that can be used to create builders pre-configured with sensible defaults for the HttpSecurity.oauth2Login() flow.
compare(String, String, Object) - Method in class org.springframework.security.ldap.SpringSecurityLdapTemplate: Performs an LDAP compare operation of the value of an attribute for a particular directory entry.
CompositeAccessDeniedHandler - Class in org.springframework.security.web.access
CompositeAccessDeniedHandler(Collection<AccessDeniedHandler>) - Constructor for class org.springframework.security.web.access.CompositeAccessDeniedHandler
CompositeAccessDeniedHandler(AccessDeniedHandler...) - Constructor for class org.springframework.security.web.access.CompositeAccessDeniedHandler
CompositeHeaderWriter - Class in org.springframework.security.web.header.writers: A HeaderWriter that delegates to several other HeaderWriters.
CompositeHeaderWriter(List<HeaderWriter>) - Constructor for class org.springframework.security.web.header.writers.CompositeHeaderWriter: Creates a new instance.
CompositeLogoutHandler - Class in org.springframework.security.web.authentication.logout: Performs a logout through all the LogoutHandler implementations.
CompositeLogoutHandler(List<LogoutHandler>) - Constructor for class org.springframework.security.web.authentication.logout.CompositeLogoutHandler
CompositeLogoutHandler(LogoutHandler...) - Constructor for class org.springframework.security.web.authentication.logout.CompositeLogoutHandler
CompositeRequestRejectedHandler - Class in org.springframework.security.web.firewall: A RequestRejectedHandler that delegates to several other RequestRejectedHandlers.
CompositeRequestRejectedHandler(RequestRejectedHandler...) - Constructor for class org.springframework.security.web.firewall.CompositeRequestRejectedHandler: Creates a new instance.
CompositeServerHttpHeadersWriter - Class in org.springframework.security.web.server.header: Combines multiple ServerHttpHeadersWriter instances into a single instance.
CompositeServerHttpHeadersWriter(List<ServerHttpHeadersWriter>) - Constructor for class org.springframework.security.web.server.header.CompositeServerHttpHeadersWriter
CompositeServerHttpHeadersWriter(ServerHttpHeadersWriter...) - Constructor for class org.springframework.security.web.server.header.CompositeServerHttpHeadersWriter
CompositeSessionAuthenticationStrategy - Class in org.springframework.security.web.authentication.session: A SessionAuthenticationStrategy that accepts multiple SessionAuthenticationStrategy implementations to delegate to.
CompositeSessionAuthenticationStrategy(List<SessionAuthenticationStrategy>) - Constructor for class org.springframework.security.web.authentication.session.CompositeSessionAuthenticationStrategy
concat(Saml2Error) - Method in class org.springframework.security.saml2.core.Saml2ResponseValidatorResult: Return a new Saml2ResponseValidatorResult that contains both the given Saml2Error and the errors from the result
concat(Saml2ResponseValidatorResult) - Method in class org.springframework.security.saml2.core.Saml2ResponseValidatorResult: Return a new Saml2ResponseValidatorResult that contains the errors from the given Saml2ResponseValidatorResult as well as this result.
concatenate(byte[]...) - Static method in class org.springframework.security.crypto.util.EncodingUtils: Combine the individual byte arrays into one array.
CONCURRENT_SESSIONS - Static variable in class org.springframework.security.config.Elements
ConcurrentSessionControlAuthenticationStrategy - Class in org.springframework.security.web.authentication.session: Strategy which handles concurrent session-control.
ConcurrentSessionControlAuthenticationStrategy(SessionRegistry) - Constructor for class org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy
ConcurrentSessionFilter - Class in org.springframework.security.web.session: Filter required by concurrent session handling package.
ConcurrentSessionFilter(SessionRegistry) - Constructor for class org.springframework.security.web.session.ConcurrentSessionFilter
ConcurrentSessionFilter(SessionRegistry, String) - Constructor for class org.springframework.security.web.session.ConcurrentSessionFilter: Deprecated.
use ConcurrentSessionFilter(SessionRegistry, SessionInformationExpiredStrategy) with SimpleRedirectSessionInformationExpiredStrategy instead.
ConcurrentSessionFilter(SessionRegistry, SessionInformationExpiredStrategy) - Constructor for class org.springframework.security.web.session.ConcurrentSessionFilter
ConfigAttribute - Interface in org.springframework.security.access: Stores a security system related configuration attribute.
configurationSource(CorsConfigurationSource) - Method in class org.springframework.security.config.annotation.web.configurers.CorsConfigurer
configurationSource(CorsConfigurationSource) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.CorsSpec: Configures the CorsConfigurationSource to be used
configure(B) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
configure(B) - Method in class org.springframework.security.config.annotation.authentication.configurers.userdetails.AbstractDaoAuthenticationConfigurer
configure(B) - Method in class org.springframework.security.config.annotation.authentication.configurers.userdetails.UserDetailsServiceConfigurer
configure(B) - Method in interface org.springframework.security.config.annotation.SecurityConfigurer: Configure the SecurityBuilder by setting the necessary properties on the SecurityBuilder.
configure(B) - Method in class org.springframework.security.config.annotation.SecurityConfigurerAdapter
configure(B) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
configure(B) - Method in class org.springframework.security.config.annotation.web.configurers.HttpBasicConfigurer
configure(B) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2ClientConfigurer
configure(B) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer
configure(B) - Method in class org.springframework.security.config.annotation.web.configurers.PasswordManagementConfigurer: Configure the SecurityBuilder by setting the necessary properties on the SecurityBuilder.
configure(B) - Method in class org.springframework.security.config.annotation.web.configurers.saml2.Saml2LoginConfigurer: Configure the SecurityBuilder by setting the necessary properties on the SecurityBuilder.
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractInterceptUrlConfigurer: Deprecated.
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.CorsConfigurer
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.CsrfConfigurer
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.DefaultLoginPageConfigurer
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.JeeConfigurer
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.RequestCacheConfigurer
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.saml2.Saml2LogoutConfigurer: Configure the SecurityBuilder by setting the necessary properties on the SecurityBuilder.
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.SecurityContextConfigurer
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.ServletApiConfigurer
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.X509Configurer
configure(AuthenticationManagerBuilder) - Method in class org.springframework.security.config.annotation.authentication.configuration.GlobalAuthenticationConfigurerAdapter
configure(AuthenticationManagerBuilder) - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration: Deprecated.

Sub classes can override this method to register different types of authentication.
configure(ServerHttpSecurity) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.AnonymousSpec
configure(ServerHttpSecurity) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.AuthorizeExchangeSpec
configure(ServerHttpSecurity) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.CorsSpec
configure(ServerHttpSecurity) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.CsrfSpec
configure(ServerHttpSecurity) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.FormLoginSpec
configure(ServerHttpSecurity) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec
configure(ServerHttpSecurity) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HttpBasicSpec
configure(ServerHttpSecurity) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HttpsRedirectSpec
configure(ServerHttpSecurity) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.LogoutSpec
configure(ServerHttpSecurity) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ClientSpec
configure(ServerHttpSecurity) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2LoginSpec
configure(ServerHttpSecurity) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec
configure(ServerHttpSecurity) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpec
configure(ServerHttpSecurity) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec.OpaqueTokenSpec
configure(ServerHttpSecurity) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.PasswordManagementSpec
configure(ServerHttpSecurity) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.RequestCacheSpec
configure(ServerHttpSecurity) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.X509Spec
configureClientInboundChannel(ChannelRegistration) - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer: Deprecated.
configureInbound(MessageSecurityMetadataSourceRegistry) - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer: Deprecated.
configureJaas(Resource) - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider: Hook method for configuring Jaas.
ConsensusBased - Class in org.springframework.security.access.vote: Deprecated.
Use AuthorizationManager instead
ConsensusBased(List<AccessDecisionVoter<?>>) - Constructor for class org.springframework.security.access.vote.ConsensusBased: Deprecated.
ConsoleAuditLogger - Class in org.springframework.security.acls.domain: A basic implementation of AuditLogger.
ConsoleAuditLogger() - Constructor for class org.springframework.security.acls.domain.ConsoleAuditLogger
containsContext(HttpServletRequest) - Method in class org.springframework.security.web.context.DelegatingSecurityContextRepository
containsContext(HttpServletRequest) - Method in class org.springframework.security.web.context.HttpSessionSecurityContextRepository
containsContext(HttpServletRequest) - Method in class org.springframework.security.web.context.NullSecurityContextRepository
containsContext(HttpServletRequest) - Method in class org.springframework.security.web.context.RequestAttributeSecurityContextRepository
containsContext(HttpServletRequest) - Method in interface org.springframework.security.web.context.SecurityContextRepository: Allows the repository to be queried as to whether it contains a security context for the current request.
containsMapping() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry: Deprecated.

Allows determining if a mapping was added.
CONTENT_SECURITY_POLICY - Static variable in class org.springframework.security.web.server.header.ContentSecurityPolicyServerHttpHeadersWriter
CONTENT_SECURITY_POLICY_REPORT_ONLY - Static variable in class org.springframework.security.web.server.header.ContentSecurityPolicyServerHttpHeadersWriter
contentSecurityPolicy(String) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer: Allows configuration for Content Security Policy (CSP) Level 2.
contentSecurityPolicy(String) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec: Configures Content-Security-Policy response header.
contentSecurityPolicy(Customizer<HeadersConfigurer.ContentSecurityPolicyConfig>) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer: Allows configuration for Content Security Policy (CSP) Level 2.
contentSecurityPolicy(Customizer<ServerHttpSecurity.HeaderSpec.ContentSecurityPolicySpec>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec: Configures Content-Security-Policy response header.
ContentSecurityPolicyHeaderWriter - Class in org.springframework.security.web.header.writers: Provides support for Content Security Policy (CSP) Level 2.
ContentSecurityPolicyHeaderWriter() - Constructor for class org.springframework.security.web.header.writers.ContentSecurityPolicyHeaderWriter: Creates a new instance.
ContentSecurityPolicyHeaderWriter(String) - Constructor for class org.springframework.security.web.header.writers.ContentSecurityPolicyHeaderWriter: Creates a new instance
ContentSecurityPolicyServerHttpHeadersWriter - Class in org.springframework.security.web.server.header: Writes the Contet-Security-Policy response header with configured policy directives.
ContentSecurityPolicyServerHttpHeadersWriter() - Constructor for class org.springframework.security.web.server.header.ContentSecurityPolicyServerHttpHeadersWriter
contentType(String) - Method in class org.springframework.security.oauth2.jwt.JwsHeader.Builder: Sets the content type header that declares the media type of the secured content (the payload).
contentTypeOptions() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer: Configures the XContentTypeOptionsHeaderWriter which inserts the X-Content-Type-Options:
contentTypeOptions() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec: Configures content type response headers
contentTypeOptions(Customizer<HeadersConfigurer.ContentTypeOptionsConfig>) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer: Configures the XContentTypeOptionsHeaderWriter which inserts the X-Content-Type-Options:
contentTypeOptions(Customizer<ServerHttpSecurity.HeaderSpec.ContentTypeOptionsSpec>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec: Configures content type response headers
ContentTypeOptionsServerHttpHeadersWriter - Class in org.springframework.security.web.server.header: Adds X-Content-Type-Options: nosniff
ContentTypeOptionsServerHttpHeadersWriter() - Constructor for class org.springframework.security.web.server.header.ContentTypeOptionsServerHttpHeadersWriter
CONTEXT_SOURCE - Static variable in class org.springframework.security.config.BeanIds
CONTEXT_SOURCE_SETTING_POST_PROCESSOR - Static variable in class org.springframework.security.config.BeanIds
contextSource() - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer: Allows easily configuring of a BaseLdapPathContextSource with defaults pointing to an embedded LDAP server that is created.
contextSource(BaseLdapPathContextSource) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer: Specifies the BaseLdapPathContextSource to be used.
ContextSourceSettingPostProcessor - Class in org.springframework.security.config.ldap: Checks for the presence of a ContextSource instance.
conversionServicePostProcessor() - Static method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
convert(HttpServletRequest) - Method in class org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver
convert(HttpServletRequest) - Method in class org.springframework.security.saml2.provider.service.web.Saml2AuthenticationTokenConverter
convert(HttpServletRequest) - Method in interface org.springframework.security.web.authentication.AuthenticationConverter
convert(HttpServletRequest) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationConverter
convert(String, OAuth2AuthenticatedPrincipal) - Method in interface org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenAuthenticationConverter: Converts a successful introspection result into an authentication result.
convert(String, OAuth2AuthenticatedPrincipal) - Method in interface org.springframework.security.oauth2.server.resource.introspection.ReactiveOpaqueTokenAuthenticationConverter: Converts a successful introspection result into an authentication result.
convert(Map<String, Object>) - Method in class org.springframework.security.oauth2.core.converter.ClaimTypeConverter
convert(Map<String, Object>) - Method in class org.springframework.security.oauth2.core.endpoint.DefaultMapOAuth2AccessTokenResponseConverter
convert(Map<String, Object>) - Method in class org.springframework.security.oauth2.jwt.MappedJwtClaimSetConverter
convert(OAuth2UserRequest) - Method in class org.springframework.security.oauth2.client.userinfo.OAuth2UserRequestEntityConverter: Returns the RequestEntity used for the UserInfo Request.
convert(OAuth2AccessTokenResponse) - Method in class org.springframework.security.oauth2.core.endpoint.DefaultOAuth2AccessTokenResponseMapConverter
convert(Jwt) - Method in class org.springframework.security.oauth2.server.resource.authentication.DelegatingJwtGrantedAuthoritiesConverter: Extract GrantedAuthoritys from the given Jwt.
convert(Jwt) - Method in class org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter
convert(Jwt) - Method in class org.springframework.security.oauth2.server.resource.authentication.JwtBearerTokenAuthenticationConverter
convert(Jwt) - Method in class org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuthoritiesConverter: Extract GrantedAuthoritys from the given Jwt.
convert(Jwt) - Method in class org.springframework.security.oauth2.server.resource.authentication.ReactiveJwtAuthenticationConverter
convert(Jwt) - Method in class org.springframework.security.oauth2.server.resource.authentication.ReactiveJwtAuthenticationConverterAdapter
convert(Jwt) - Method in class org.springframework.security.oauth2.server.resource.authentication.ReactiveJwtGrantedAuthoritiesConverterAdapter
convert(PayloadExchange) - Method in class org.springframework.security.rsocket.authentication.AuthenticationPayloadExchangeConverter
convert(PayloadExchange) - Method in class org.springframework.security.rsocket.authentication.BasicAuthenticationPayloadExchangeConverter
convert(PayloadExchange) - Method in class org.springframework.security.rsocket.authentication.BearerPayloadExchangeConverter
convert(PayloadExchange) - Method in interface org.springframework.security.rsocket.authentication.PayloadExchangeAuthenticationConverter
convert(ServerWebExchange) - Method in class org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizationCodeAuthenticationTokenConverter
convert(ServerWebExchange) - Method in class org.springframework.security.oauth2.server.resource.web.server.authentication.ServerBearerTokenAuthenticationConverter
convert(ServerWebExchange) - Method in interface org.springframework.security.web.server.authentication.ServerAuthenticationConverter: Converts a ServerWebExchange to an Authentication
convert(ServerWebExchange) - Method in class org.springframework.security.web.server.authentication.ServerFormLoginAuthenticationConverter
convert(ServerWebExchange) - Method in class org.springframework.security.web.server.authentication.ServerHttpBasicAuthenticationConverter
convert(ServerWebExchange) - Method in class org.springframework.security.web.server.authentication.ServerX509AuthenticationConverter
convert(OAuth2PasswordGrantRequest) - Method in class org.springframework.security.oauth2.client.endpoint.OAuth2PasswordGrantRequestEntityConverter
convert(T) - Method in class org.springframework.security.oauth2.client.endpoint.NimbusJwtClientAuthenticationParametersConverter
convertPasswordToString(Object) - Static method in class org.springframework.security.ldap.LdapUtils
CookieClearingLogoutHandler - Class in org.springframework.security.web.authentication.logout: A logout handler which clears either - A defined list of cookie names, using the context path as the cookie path OR - A given list of Cookies
CookieClearingLogoutHandler(Cookie...) - Constructor for class org.springframework.security.web.authentication.logout.CookieClearingLogoutHandler
CookieClearingLogoutHandler(String...) - Constructor for class org.springframework.security.web.authentication.logout.CookieClearingLogoutHandler
CookieCsrfTokenRepository - Class in org.springframework.security.web.csrf: A CsrfTokenRepository that persists the CSRF token in a cookie named "XSRF-TOKEN" and reads from the header "X-XSRF-TOKEN" following the conventions of AngularJS.
CookieCsrfTokenRepository() - Constructor for class org.springframework.security.web.csrf.CookieCsrfTokenRepository
CookieRequestCache - Class in org.springframework.security.web.savedrequest: An Implementation of RequestCache which saves the original request URI in a cookie.
CookieRequestCache() - Constructor for class org.springframework.security.web.savedrequest.CookieRequestCache
COOKIES - Enum constant in enum class org.springframework.security.web.header.writers.ClearSiteDataHeaderWriter.Directive
COOKIES - Enum constant in enum class org.springframework.security.web.server.header.ClearSiteDataServerHttpHeadersWriter.Directive
CookieServerCsrfTokenRepository - Class in org.springframework.security.web.server.csrf: A ServerCsrfTokenRepository that persists the CSRF token in a cookie named "XSRF-TOKEN" and reads from the header "X-XSRF-TOKEN" following the conventions of AngularJS.
CookieServerCsrfTokenRepository() - Constructor for class org.springframework.security.web.server.csrf.CookieServerCsrfTokenRepository
CookieServerRequestCache - Class in org.springframework.security.web.server.savedrequest: An implementation of ServerRequestCache that saves the requested URI in a cookie.
CookieServerRequestCache() - Constructor for class org.springframework.security.web.server.savedrequest.CookieServerRequestCache
CookieTheftException - Exception in org.springframework.security.web.authentication.rememberme
CookieTheftException(String) - Constructor for exception org.springframework.security.web.authentication.rememberme.CookieTheftException
copyToContext(UserDetails, DirContextAdapter) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
CoreJackson2Module - Class in org.springframework.security.jackson2: Jackson module for spring-security-core.
CoreJackson2Module() - Constructor for class org.springframework.security.jackson2.CoreJackson2Module
cors() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Adds a CorsFilter to be used.
cors() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Configures CORS headers.
cors(Customizer<CorsConfigurer<HttpSecurity>>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Adds a CorsFilter to be used.
cors(Customizer<ServerHttpSecurity.CorsSpec>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Configures CORS headers.
CORS - Enum constant in enum class org.springframework.security.config.web.server.SecurityWebFiltersOrder: CorsWebFilter
CORS - Static variable in class org.springframework.security.config.Elements
CorsBeanDefinitionParser - Class in org.springframework.security.config.http: Parser for the CorsFilter.
CorsBeanDefinitionParser() - Constructor for class org.springframework.security.config.http.CorsBeanDefinitionParser
CorsConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers: Adds CorsFilter to the Spring Security filter chain.
CorsConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.CorsConfigurer: Creates a new instance
country(String) - Method in class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim.Builder: Sets the country.
create - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
create(Object, String, Object...) - Static method in class org.springframework.security.util.MethodInvocationUtils: Generates a MethodInvocation for specified methodName on the passed object, using the args to locate the method.
create(Runnable, SecurityContext) - Static method in class org.springframework.security.concurrent.DelegatingSecurityContextRunnable: Factory method for creating a DelegatingSecurityContextRunnable.
create(Callable<V>, SecurityContext) - Static method in class org.springframework.security.concurrent.DelegatingSecurityContextCallable: Creates a DelegatingSecurityContextCallable and with the given Callable and SecurityContext, but if the securityContext is null will defaults to the current SecurityContext on the SecurityContextHolder
CREATE - Static variable in class org.springframework.security.acls.domain.BasePermission
CREATE_TABLE_SQL - Static variable in class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl: Default SQL for creating the database table to store the tokens
createAcl(ObjectIdentity) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
createAcl(ObjectIdentity) - Method in interface org.springframework.security.acls.model.MutableAclService: Creates an empty Acl object in the database.
createAuthentication(HttpServletRequest) - Method in class org.springframework.security.web.authentication.AnonymousAuthenticationFilter
createAuthentication(ServerWebExchange) - Method in class org.springframework.security.web.server.authentication.AnonymousAuthenticationWebFilter
createAuthenticationManager() - Method in class org.springframework.security.config.ldap.AbstractLdapAuthenticationManagerFactory: Returns the configured AuthenticationManager that can be used to perform LDAP authentication.
createAuthority(Object) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsMapper: Creates a GrantedAuthority from a role attribute.
createAuthorityList(String...) - Static method in class org.springframework.security.core.authority.AuthorityUtils: Converts authorities into a List of GrantedAuthority objects.
createChannelAttributes(String) - Static method in class org.springframework.security.config.http.ChannelAttributeFactory
createCipher() - Method in enum class org.springframework.security.crypto.encrypt.AesBytesEncryptor.CipherAlgorithm
createCurrentUser(Authentication) - Method in class org.springframework.security.acls.domain.AclAuthorizationStrategyImpl: Creates a principal-like sid from the authentication information.
createDecoder(C) - Method in interface org.springframework.security.oauth2.jwt.JwtDecoderFactory: Creates a JwtDecoder using the supplied "contextual" type.
createDecoder(C) - Method in interface org.springframework.security.oauth2.jwt.ReactiveJwtDecoderFactory: Creates a ReactiveJwtDecoder using the supplied "contextual" type.
createDecoder(ClientRegistration) - Method in class org.springframework.security.oauth2.client.oidc.authentication.OidcIdTokenDecoderFactory
createDecoder(ClientRegistration) - Method in class org.springframework.security.oauth2.client.oidc.authentication.ReactiveOidcIdTokenDecoderFactory
createDefault() - Static method in class org.springframework.security.oauth2.jwt.JwtValidators: Create a Jwt Validator that contains all standard validators.
createDefaultAssertionValidator() - Static method in class org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationProvider: Construct a default strategy for validating each SAML 2.0 Assertion and associated Authentication token
createDefaultAssertionValidator(Converter<OpenSaml4AuthenticationProvider.AssertionToken, ValidationContext>) - Static method in class org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationProvider: Deprecated.
Use OpenSaml4AuthenticationProvider.createDefaultAssertionValidatorWithParameters(java.util.function.Consumer<java.util.Map<java.lang.String, java.lang.Object>>) instead
createDefaultAssertionValidatorWithParameters(Consumer<Map<String, Object>>) - Static method in class org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationProvider: Construct a default strategy for validating each SAML 2.0 Assertion and associated Authentication token
createDefaultClaimTypeConverters() - Static method in class org.springframework.security.oauth2.client.oidc.authentication.OidcIdTokenDecoderFactory: Returns the default Converter's used for type conversion of claim values for an OidcIdToken.
createDefaultClaimTypeConverters() - Static method in class org.springframework.security.oauth2.client.oidc.authentication.ReactiveOidcIdTokenDecoderFactory: Returns the default Converter's used for type conversion of claim values for an OidcIdToken.
createDefaultClaimTypeConverters() - Static method in class org.springframework.security.oauth2.client.oidc.userinfo.OidcReactiveOAuth2UserService: Returns the default Converter's used for type conversion of claim values for an OidcUserInfo.
createDefaultClaimTypeConverters() - Static method in class org.springframework.security.oauth2.client.oidc.userinfo.OidcUserService: Returns the default Converter's used for type conversion of claim values for an OidcUserInfo.
createDefaultLdapAuthenticator() - Method in class org.springframework.security.config.ldap.AbstractLdapAuthenticationManagerFactory: Allows subclasses to supply the default AbstractLdapAuthenticator.
createDefaultLdapAuthenticator() - Method in class org.springframework.security.config.ldap.LdapBindAuthenticationManagerFactory
createDefaultLdapAuthenticator() - Method in class org.springframework.security.config.ldap.LdapPasswordComparisonAuthenticationManagerFactory
createDefaultResponseAuthenticationConverter() - Static method in class org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationProvider: Construct a default strategy for converting a SAML 2.0 Response and Authentication token into a Saml2Authentication
createDefaultResponseValidator() - Static method in class org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationProvider: Construct a default strategy for validating the SAML 2.0 Response
createDefaultWithIssuer(String) - Static method in class org.springframework.security.oauth2.jwt.JwtValidators: Create a Jwt Validator that contains all standard validators when an issuer is known.
createDelegatingPasswordEncoder() - Static method in class org.springframework.security.crypto.factory.PasswordEncoderFactories: Creates a DelegatingPasswordEncoder with default mappings.
createELContext(HttpServletRequest) - Method in class org.springframework.security.web.util.matcher.ELRequestMatcher: Subclasses can override this methode if they want to use a different EL root context
createEmptyContext() - Method in class org.springframework.security.core.context.ListeningSecurityContextHolderStrategy: Creates a new, empty context implementation, for use by SecurityContextRepository implementations, when creating a new context for the first time.
createEmptyContext() - Static method in class org.springframework.security.core.context.SecurityContextHolder: Delegates the creation of a new, empty context to the configured strategy.
createEmptyContext() - Method in interface org.springframework.security.core.context.SecurityContextHolderStrategy: Creates a new, empty context implementation, for use by SecurityContextRepository implementations, when creating a new context for the first time.
createEmptyContext() - Method in class org.springframework.security.test.context.TestSecurityContextHolderStrategyAdapter
createEntries(MutableAcl) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService: Creates a new row in acl_entry for every ACE defined in the passed MutableAcl object.
createEvaluationContext(Supplier<Authentication>, MethodInvocation) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
createEvaluationContext(Supplier<Authentication>, Message<T>) - Method in class org.springframework.security.messaging.access.expression.DefaultMessageSecurityExpressionHandler
createEvaluationContext(Supplier<Authentication>, MessageAuthorizationContext<?>) - Method in class org.springframework.security.messaging.access.expression.MessageAuthorizationContextSecurityExpressionHandler
createEvaluationContext(Supplier<Authentication>, RequestAuthorizationContext) - Method in class org.springframework.security.web.access.expression.DefaultHttpSecurityExpressionHandler
createEvaluationContext(Supplier<Authentication>, T) - Method in interface org.springframework.security.access.expression.SecurityExpressionHandler: Provides an evaluation context in which to evaluate security expressions for the invocation type.
createEvaluationContext(Authentication, MessageAuthorizationContext<?>) - Method in class org.springframework.security.messaging.access.expression.MessageAuthorizationContextSecurityExpressionHandler
createEvaluationContext(Authentication, T) - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler: Invokes the internal template methods to create StandardEvaluationContext and SecurityExpressionRoot objects.
createEvaluationContext(Authentication, T) - Method in interface org.springframework.security.access.expression.SecurityExpressionHandler: Provides an evaluation context in which to evaluate security expressions for the invocation type.
createEvaluationContextInternal(Authentication, MethodInvocation) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler: Uses a MethodSecurityEvaluationContext as the EvaluationContext implementation.
createEvaluationContextInternal(Authentication, T) - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler: Override to create a custom instance of StandardEvaluationContext.
createExpressionEvaluationContext(SecurityExpressionHandler<FilterInvocation>) - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag: Allows the EvaluationContext to be customized for variable lookup etc.
createExpressionEvaluationContext(SecurityExpressionHandler<FilterInvocation>) - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
createExpressionHandler() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration: Deprecated.

Provide a MethodSecurityExpressionHandler that is registered with the ExpressionBasedPreInvocationAdvice.
createExpressionMessageMetadataSource(LinkedHashMap<MessageMatcher<?>, String>) - Static method in class org.springframework.security.messaging.access.expression.ExpressionBasedMessageSecurityMetadataSourceFactory: Deprecated.

Create a MessageSecurityMetadataSource that uses MessageMatcher mapped to Spring Expressions.
createExpressionMessageMetadataSource(LinkedHashMap<MessageMatcher<?>, String>, SecurityExpressionHandler<Message<Object>>) - Static method in class org.springframework.security.messaging.access.expression.ExpressionBasedMessageSecurityMetadataSourceFactory: Deprecated.

Create a MessageSecurityMetadataSource that uses MessageMatcher mapped to Spring Expressions.
createFromClass(Class<?>, String) - Static method in class org.springframework.security.util.MethodInvocationUtils: Generates a MethodInvocation for the specified methodName on the passed class.
createFromClass(Object, Class<?>, String, Class<?>[], Object[]) - Static method in class org.springframework.security.util.MethodInvocationUtils: Generates a MethodInvocation for specified methodName on the passed class, using the args to locate the method.
createGroup(String, List<GrantedAuthority>) - Method in interface org.springframework.security.provisioning.GroupManager: Creates a new group with the specified list of authorities.
createGroup(String, List<GrantedAuthority>) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
createList(String...) - Static method in class org.springframework.security.access.SecurityConfig
createListFromCommaDelimitedString(String) - Static method in class org.springframework.security.access.SecurityConfig
createLoginContext(CallbackHandler) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider: Creates the LoginContext to be used for authentication.
createLoginContext(CallbackHandler) - Method in class org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider: Creates a LoginContext using the Configuration that was specified in DefaultJaasAuthenticationProvider.setConfiguration(Configuration).
createLoginContext(CallbackHandler) - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
createLoginProcessingUrlMatcher(String) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer: Create the RequestMatcher given a loginProcessingUrl
createLoginProcessingUrlMatcher(String) - Method in class org.springframework.security.config.annotation.web.configurers.FormLoginConfigurer
createLoginProcessingUrlMatcher(String) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer
createLoginProcessingUrlMatcher(String) - Method in class org.springframework.security.config.annotation.web.configurers.saml2.Saml2LoginConfigurer
createMatcher(ParserContext, String, String) - Method in enum class org.springframework.security.config.http.MatcherType
createMatcher(ParserContext, String, String, String) - Method in enum class org.springframework.security.config.http.MatcherType
createMessageMatcher(String, PathMatcher) - Static method in class org.springframework.security.messaging.util.matcher.SimpDestinationMessageMatcher: Creates a new instance with the specified pattern, SimpMessageType.MESSAGE, and PathMatcher.
createMetadataSource() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry: Deprecated.

Allows subclasses to create creating a MessageSecurityMetadataSource.
createMvcMatchers(HttpMethod, String...) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry: Creates MvcRequestMatcher instances for the method and patterns passed in
createNewAuthentication(Authentication, String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
createNewToken(PersistentRememberMeToken) - Method in class org.springframework.security.web.authentication.rememberme.InMemoryTokenRepositoryImpl
createNewToken(PersistentRememberMeToken) - Method in class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl
createNewToken(PersistentRememberMeToken) - Method in interface org.springframework.security.web.authentication.rememberme.PersistentTokenRepository
createObjectIdentity(Serializable, String) - Method in class org.springframework.security.acls.domain.ObjectIdentityRetrievalStrategyImpl
createObjectIdentity(Serializable, String) - Method in interface org.springframework.security.acls.model.ObjectIdentityGenerator
createObjectIdentity(ObjectIdentity, Sid) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService: Creates an entry in the acl_object_identity table for the passed ObjectIdentity.
createOrRetrieveClassPrimaryKey(String, boolean, Class) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService: Retrieves the primary key from acl_class, creating a new row if needed and the allowCreate property is true.
createOrRetrieveSidPrimaryKey(String, boolean, boolean) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService: Retrieves the primary key from acl_sid, creating a new row if needed and the allowCreate property is true.
createOrRetrieveSidPrimaryKey(Sid, boolean) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService: Retrieves the primary key from acl_sid, creating a new row if needed and the allowCreate property is true.
createParameters(JwtBearerGrantRequest) - Method in class org.springframework.security.oauth2.client.endpoint.JwtBearerGrantRequestEntityConverter
createParameters(OAuth2AuthorizationCodeGrantRequest) - Method in class org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequestEntityConverter
createParameters(OAuth2ClientCredentialsGrantRequest) - Method in class org.springframework.security.oauth2.client.endpoint.OAuth2ClientCredentialsGrantRequestEntityConverter
createParameters(OAuth2PasswordGrantRequest) - Method in class org.springframework.security.oauth2.client.endpoint.OAuth2PasswordGrantRequestEntityConverter
createParameters(OAuth2RefreshTokenGrantRequest) - Method in class org.springframework.security.oauth2.client.endpoint.OAuth2RefreshTokenGrantRequestEntityConverter
createPasswordEncoderBeanDefinition(String, boolean) - Static method in class org.springframework.security.config.authentication.PasswordEncoderParser
createPostInvocationAttribute(String, String) - Method in class org.springframework.security.access.expression.method.ExpressionBasedAnnotationAttributeFactory: Deprecated.
createPostInvocationAttribute(String, String) - Method in interface org.springframework.security.access.prepost.PrePostInvocationAttributeFactory: Deprecated.
createPreInvocationAttribute(String, String, String) - Method in class org.springframework.security.access.expression.method.ExpressionBasedAnnotationAttributeFactory: Deprecated.
createPreInvocationAttribute(String, String, String) - Method in interface org.springframework.security.access.prepost.PrePostInvocationAttributeFactory: Deprecated.
createSecurityContext(A) - Method in interface org.springframework.security.test.context.support.WithSecurityContextFactory: Create a SecurityContext given an Annotation.
createSecurityExpressionRoot(Authentication, MethodInvocation) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler: Creates the root object for expression evaluation.
createSecurityExpressionRoot(Authentication, Message<T>) - Method in class org.springframework.security.messaging.access.expression.DefaultMessageSecurityExpressionHandler
createSecurityExpressionRoot(Authentication, RequestAuthorizationContext) - Method in class org.springframework.security.web.access.expression.DefaultHttpSecurityExpressionHandler
createSecurityExpressionRoot(Authentication, FilterInvocation) - Method in class org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler
createSecurityExpressionRoot(Authentication, T) - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler: Implement in order to create a root object of the correct type for the supported invocation type.
createSid(boolean, String) - Method in class org.springframework.security.acls.jdbc.BasicLookupStrategy: Creates a particular implementation of Sid depending on the arguments.
createSubscribeMatcher(String, PathMatcher) - Static method in class org.springframework.security.messaging.util.matcher.SimpDestinationMessageMatcher: Creates a new instance with the specified pattern, SimpMessageType.SUBSCRIBE, and PathMatcher.
createSuccessAuthentication(Object, Authentication, UserDetails) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider: Creates a successful Authentication object.
createSuccessAuthentication(Object, Authentication, UserDetails) - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
createSuccessfulAuthentication(HttpServletRequest, UserDetails) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices: Creates the final Authentication object returned from the autoLogin method.
createSuccessfulAuthentication(UsernamePasswordAuthenticationToken, UserDetails) - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider: Creates the final Authentication object which will be returned from the authenticate method.
createTarget() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
createTarget() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
createTarget() - Method in class org.springframework.security.ldap.userdetails.Person.Essence
createUser(UserDetails) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
createUser(UserDetails) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
createUser(UserDetails) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
createUser(UserDetails) - Method in interface org.springframework.security.provisioning.UserDetailsManager: Create a new user with the supplied details.
createUserDetails() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
createUserDetails() - Method in class org.springframework.security.ldap.userdetails.Person.Essence
createUserDetails(String, UserDetails, List<GrantedAuthority>) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl: Can be overridden to customize the creation of the final UserDetailsObject which is returned by the loadUserByUsername method.
createUserDetails(Authentication, Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesUserDetailsService: Creates the final UserDetails object.
CredentialsContainer - Interface in org.springframework.security.core: Indicates that the implementing object contains sensitive data, which can be erased using the eraseCredentials method.
credentialsExpired(boolean) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder: Defines if the credentials are expired or not.
credentialsExpired(boolean) - Method in class org.springframework.security.core.userdetails.User.UserBuilder: Defines if the credentials are expired or not.
credentialsExpired(boolean) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.UserExchangeMutator
CredentialsExpiredException - Exception in org.springframework.security.authentication: Thrown if an authentication request is rejected because the account's credentials have expired.
CredentialsExpiredException(String) - Constructor for exception org.springframework.security.authentication.CredentialsExpiredException: Constructs a CredentialsExpiredException with the specified message.
CredentialsExpiredException(String, Throwable) - Constructor for exception org.springframework.security.authentication.CredentialsExpiredException: Constructs a CredentialsExpiredException with the specified message and root cause.
CRIT - Static variable in class org.springframework.security.oauth2.jwt.JoseHeaderNames: crit - the critical header indicates that extensions to the JWS/JWE/JWA specifications are being used that MUST be understood and processed
criticalHeader(String, Object) - Method in class org.springframework.security.oauth2.jwt.JwsHeader.Builder: Sets the critical header that indicates which extensions to the JWS/JWE/JWA specifications are being used that MUST be understood and processed.
CROSS_ORIGIN - Enum constant in enum class org.springframework.security.web.header.writers.CrossOriginResourcePolicyHeaderWriter.CrossOriginResourcePolicy
CROSS_ORIGIN - Enum constant in enum class org.springframework.security.web.server.header.CrossOriginResourcePolicyServerHttpHeadersWriter.CrossOriginResourcePolicy
crossOriginEmbedderPolicy() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer: Allows configuration for Cross-Origin-Embedder-Policy header.
crossOriginEmbedderPolicy() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec: Configures the Cross-Origin-Embedder-Policy header.
crossOriginEmbedderPolicy(Customizer<HeadersConfigurer.CrossOriginEmbedderPolicyConfig>) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer: Allows configuration for Cross-Origin-Embedder-Policy header.
crossOriginEmbedderPolicy(Customizer<ServerHttpSecurity.HeaderSpec.CrossOriginEmbedderPolicySpec>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec: Configures the Cross-Origin-Embedder-Policy header.
CrossOriginEmbedderPolicyConfig() - Constructor for class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.CrossOriginEmbedderPolicyConfig
CrossOriginEmbedderPolicyHeaderWriter - Class in org.springframework.security.web.header.writers: Inserts Cross-Origin-Embedder-Policy header.
CrossOriginEmbedderPolicyHeaderWriter() - Constructor for class org.springframework.security.web.header.writers.CrossOriginEmbedderPolicyHeaderWriter
CrossOriginEmbedderPolicyHeaderWriter.CrossOriginEmbedderPolicy - Enum Class in org.springframework.security.web.header.writers
CrossOriginEmbedderPolicyServerHttpHeadersWriter - Class in org.springframework.security.web.server.header: Inserts Cross-Origin-Embedder-Policy headers.
CrossOriginEmbedderPolicyServerHttpHeadersWriter() - Constructor for class org.springframework.security.web.server.header.CrossOriginEmbedderPolicyServerHttpHeadersWriter
CrossOriginEmbedderPolicyServerHttpHeadersWriter.CrossOriginEmbedderPolicy - Enum Class in org.springframework.security.web.server.header
crossOriginOpenerPolicy() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer: Allows configuration for Cross-Origin-Opener-Policy header.
crossOriginOpenerPolicy() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec: Configures the Cross-Origin-Opener-Policy header.
crossOriginOpenerPolicy(Customizer<HeadersConfigurer.CrossOriginOpenerPolicyConfig>) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer: Allows configuration for Cross-Origin-Opener-Policy header.
crossOriginOpenerPolicy(Customizer<ServerHttpSecurity.HeaderSpec.CrossOriginOpenerPolicySpec>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec: Configures the Cross-Origin-Opener-Policy header.
CrossOriginOpenerPolicyConfig() - Constructor for class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.CrossOriginOpenerPolicyConfig
CrossOriginOpenerPolicyHeaderWriter - Class in org.springframework.security.web.header.writers: Inserts the Cross-Origin-Opener-Policy header
CrossOriginOpenerPolicyHeaderWriter() - Constructor for class org.springframework.security.web.header.writers.CrossOriginOpenerPolicyHeaderWriter
CrossOriginOpenerPolicyHeaderWriter.CrossOriginOpenerPolicy - Enum Class in org.springframework.security.web.header.writers
CrossOriginOpenerPolicyServerHttpHeadersWriter - Class in org.springframework.security.web.server.header: Inserts Cross-Origin-Opener-Policy header.
CrossOriginOpenerPolicyServerHttpHeadersWriter() - Constructor for class org.springframework.security.web.server.header.CrossOriginOpenerPolicyServerHttpHeadersWriter
CrossOriginOpenerPolicyServerHttpHeadersWriter.CrossOriginOpenerPolicy - Enum Class in org.springframework.security.web.server.header
crossOriginResourcePolicy() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer: Allows configuration for Cross-Origin-Resource-Policy header.
crossOriginResourcePolicy() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec: Configures the Cross-Origin-Resource-Policy header.
crossOriginResourcePolicy(Customizer<HeadersConfigurer.CrossOriginResourcePolicyConfig>) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer: Allows configuration for Cross-Origin-Resource-Policy header.
crossOriginResourcePolicy(Customizer<ServerHttpSecurity.HeaderSpec.CrossOriginResourcePolicySpec>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec: Configures the Cross-Origin-Resource-Policy header.
CrossOriginResourcePolicyConfig() - Constructor for class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.CrossOriginResourcePolicyConfig
CrossOriginResourcePolicyHeaderWriter - Class in org.springframework.security.web.header.writers: Inserts Cross-Origin-Resource-Policy header
CrossOriginResourcePolicyHeaderWriter() - Constructor for class org.springframework.security.web.header.writers.CrossOriginResourcePolicyHeaderWriter
CrossOriginResourcePolicyHeaderWriter.CrossOriginResourcePolicy - Enum Class in org.springframework.security.web.header.writers
CrossOriginResourcePolicyServerHttpHeadersWriter - Class in org.springframework.security.web.server.header: Inserts Cross-Origin-Resource-Policy headers.
CrossOriginResourcePolicyServerHttpHeadersWriter() - Constructor for class org.springframework.security.web.server.header.CrossOriginResourcePolicyServerHttpHeadersWriter
CrossOriginResourcePolicyServerHttpHeadersWriter.CrossOriginResourcePolicy - Enum Class in org.springframework.security.web.server.header
csrf() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Enables CSRF protection.
csrf() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Configures CSRF Protection which is enabled by default.
csrf() - Static method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers
csrf() - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors: Creates a RequestPostProcessor that will automatically populate a valid CsrfToken in the request.
csrf(Customizer<CsrfConfigurer<HttpSecurity>>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Enables CSRF protection.
csrf(Customizer<ServerHttpSecurity.CsrfSpec>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Configures CSRF Protection which is enabled by default.
CSRF - Enum constant in enum class org.springframework.security.config.web.server.SecurityWebFiltersOrder: CsrfWebFilter
CSRF - Static variable in class org.springframework.security.config.Elements
CsrfAuthenticationStrategy - Class in org.springframework.security.web.csrf: CsrfAuthenticationStrategy is in charge of removing the CsrfToken upon authenticating.
CsrfAuthenticationStrategy(CsrfTokenRepository) - Constructor for class org.springframework.security.web.csrf.CsrfAuthenticationStrategy: Creates a new instance
CsrfBeanDefinitionParser - Class in org.springframework.security.config.http: Parser for the CsrfFilter.
CsrfBeanDefinitionParser() - Constructor for class org.springframework.security.config.http.CsrfBeanDefinitionParser
csrfChannelInterceptor() - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer: Deprecated.
CsrfChannelInterceptor - Class in org.springframework.security.messaging.web.csrf: ChannelInterceptor that validates that a valid CSRF is included in the header of any SimpMessageType.CONNECT message.
CsrfChannelInterceptor() - Constructor for class org.springframework.security.messaging.web.csrf.CsrfChannelInterceptor
CsrfConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers: Adds CSRF protection for the methods as specified by CsrfConfigurer.requireCsrfProtectionMatcher(RequestMatcher).
CsrfConfigurer(ApplicationContext) - Constructor for class org.springframework.security.config.annotation.web.configurers.CsrfConfigurer: Creates a new instance
CsrfException - Exception in org.springframework.security.web.csrf: Thrown when an invalid or missing CsrfToken is found in the HttpServletRequest
CsrfException - Exception in org.springframework.security.web.server.csrf: Thrown when an invalid or missing CsrfToken is found in the HttpServletRequest
CsrfException(String) - Constructor for exception org.springframework.security.web.csrf.CsrfException
CsrfException(String) - Constructor for exception org.springframework.security.web.server.csrf.CsrfException
CsrfFilter - Class in org.springframework.security.web.csrf: Applies CSRF protection using a synchronizer token pattern.
CsrfFilter(CsrfTokenRepository) - Constructor for class org.springframework.security.web.csrf.CsrfFilter: Creates a new instance.
CsrfInputTag - Class in org.springframework.security.taglibs.csrf: A JSP tag that prints out a hidden form field for the CSRF token.
CsrfInputTag() - Constructor for class org.springframework.security.taglibs.csrf.CsrfInputTag
CsrfLogoutHandler - Class in org.springframework.security.web.csrf: CsrfLogoutHandler is in charge of removing the CsrfToken upon logout.
CsrfLogoutHandler(CsrfTokenRepository) - Constructor for class org.springframework.security.web.csrf.CsrfLogoutHandler: Creates a new instance
CsrfMetaTagsTag - Class in org.springframework.security.taglibs.csrf: A JSP tag that prints out a meta tags holding the CSRF form field name and token value for use in JavaScrip code.
CsrfMetaTagsTag() - Constructor for class org.springframework.security.taglibs.csrf.CsrfMetaTagsTag
CsrfRequestDataValueProcessor - Class in org.springframework.security.web.reactive.result.view
CsrfRequestDataValueProcessor - Class in org.springframework.security.web.servlet.support.csrf: Integration with Spring Web MVC that automatically adds the CsrfToken into forms with hidden inputs when using Spring tag libraries.
CsrfRequestDataValueProcessor() - Constructor for class org.springframework.security.web.reactive.result.view.CsrfRequestDataValueProcessor
CsrfRequestDataValueProcessor() - Constructor for class org.springframework.security.web.servlet.support.csrf.CsrfRequestDataValueProcessor
CsrfServerLogoutHandler - Class in org.springframework.security.web.server.csrf: CsrfServerLogoutHandler is in charge of removing the CsrfToken upon logout.
CsrfServerLogoutHandler(ServerCsrfTokenRepository) - Constructor for class org.springframework.security.web.server.csrf.CsrfServerLogoutHandler: Creates a new instance
CsrfToken - Interface in org.springframework.security.web.csrf: Provides the information about an expected CSRF token.
CsrfToken - Interface in org.springframework.security.web.server.csrf
CsrfTokenArgumentResolver - Class in org.springframework.security.web.method.annotation: Allows resolving the current CsrfToken.
CsrfTokenArgumentResolver() - Constructor for class org.springframework.security.web.method.annotation.CsrfTokenArgumentResolver
CsrfTokenHandshakeInterceptor - Class in org.springframework.security.messaging.web.socket.server: Loads a CsrfToken from the HttpServletRequest and HttpServletResponse to populate the WebSocket attributes.
CsrfTokenHandshakeInterceptor() - Constructor for class org.springframework.security.messaging.web.socket.server.CsrfTokenHandshakeInterceptor
csrfTokenRepository(CsrfTokenRepository) - Method in class org.springframework.security.config.annotation.web.configurers.CsrfConfigurer: Specify the CsrfTokenRepository to use.
csrfTokenRepository(ServerCsrfTokenRepository) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.CsrfSpec: Configures the ServerCsrfTokenRepository used to persist the CSRF Token.
CsrfTokenRepository - Interface in org.springframework.security.web.csrf: An API to allow changing the method in which the expected CsrfToken is associated to the HttpServletRequest.
CsrfTokenRequestAttributeHandler - Class in org.springframework.security.web.csrf: An implementation of the CsrfTokenRequestHandler interface that is capable of making the CsrfToken available as a request attribute and resolving the token value as either a header or parameter value of the request.
CsrfTokenRequestAttributeHandler() - Constructor for class org.springframework.security.web.csrf.CsrfTokenRequestAttributeHandler
csrfTokenRequestHandler(CsrfTokenRequestHandler) - Method in class org.springframework.security.config.annotation.web.configurers.CsrfConfigurer: Specify a CsrfTokenRequestHandler to use for making the CsrfToken available as a request attribute.
csrfTokenRequestHandler(ServerCsrfTokenRequestHandler) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.CsrfSpec: Specifies a ServerCsrfTokenRequestHandler that is used to make the CsrfToken available as an exchange attribute.
CsrfTokenRequestHandler - Interface in org.springframework.security.web.csrf: A callback interface that is used to make the CsrfToken created by the CsrfTokenRepository available as a request attribute.
CsrfTokenRequestResolver - Interface in org.springframework.security.web.csrf: Implementations of this interface are capable of resolving the token value of a CsrfToken from the provided HttpServletRequest.
CsrfWebFilter - Class in org.springframework.security.web.server.csrf: Applies CSRF protection using a synchronizer token pattern.
CsrfWebFilter() - Constructor for class org.springframework.security.web.server.csrf.CsrfWebFilter
CTY - Static variable in class org.springframework.security.oauth2.jwt.JoseHeaderNames: cty - the content type header is used by JWS/JWE applications to declare the media type of the secured content (the payload)
CumulativePermission - Class in org.springframework.security.acls.domain: Represents a Permission that is constructed at runtime from other permissions.
CumulativePermission() - Constructor for class org.springframework.security.acls.domain.CumulativePermission
currentDate - Static variable in class org.springframework.security.web.savedrequest.FastHttpDateFormat: Current formatted date.
currentDateGenerated - Static variable in class org.springframework.security.web.savedrequest.FastHttpDateFormat: Instant on which the currentDate object was generated.
CurrentSecurityContext - Annotation Interface in org.springframework.security.core.annotation: Annotation that is used to resolve the SecurityContext as a method argument.
CurrentSecurityContextArgumentResolver - Class in org.springframework.security.messaging.handler.invocation.reactive: Allows resolving the Authentication.getPrincipal() using the CurrentSecurityContext annotation.
CurrentSecurityContextArgumentResolver - Class in org.springframework.security.web.method.annotation: Allows resolving the SecurityContext using the CurrentSecurityContext annotation.
CurrentSecurityContextArgumentResolver - Class in org.springframework.security.web.reactive.result.method.annotation: Resolves the SecurityContext
CurrentSecurityContextArgumentResolver() - Constructor for class org.springframework.security.messaging.handler.invocation.reactive.CurrentSecurityContextArgumentResolver
CurrentSecurityContextArgumentResolver() - Constructor for class org.springframework.security.web.method.annotation.CurrentSecurityContextArgumentResolver
CurrentSecurityContextArgumentResolver(ReactiveAdapterRegistry) - Constructor for class org.springframework.security.web.reactive.result.method.annotation.CurrentSecurityContextArgumentResolver
CUSTOM_FILTER - Static variable in class org.springframework.security.config.Elements
customize(WebSecurity) - Method in interface org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer: Performs the customizations on WebSecurity.
customize(T) - Method in interface org.springframework.security.config.Customizer: Performs the customizations on the input argument.
customizeClientInboundChannel(ChannelRegistration) - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer: Deprecated.

Allows subclasses to customize the configuration of the ChannelRegistration .
Customizer<T> - Interface in org.springframework.security.config: Callback interface that accepts a single input argument and returns no result.
customMethodSecurityMetadataSource() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration: Deprecated.

Provides a custom MethodSecurityMetadataSource that is registered with the GlobalMethodSecurityConfiguration.methodSecurityMetadataSource().
CycleInRoleHierarchyException - Exception in org.springframework.security.access.hierarchicalroles: Exception that is thrown because of a cycle in the role hierarchy definition
CycleInRoleHierarchyException() - Constructor for exception org.springframework.security.access.hierarchicalroles.CycleInRoleHierarchyException

D

DaoAuthenticationConfigurer,U extends UserDetailsService> - Class in org.springframework.security.config.annotation.authentication.configurers.userdetails: Allows configuring a DaoAuthenticationProvider
DaoAuthenticationConfigurer(U) - Constructor for class org.springframework.security.config.annotation.authentication.configurers.userdetails.DaoAuthenticationConfigurer: Creates a new instance
DaoAuthenticationProvider - Class in org.springframework.security.authentication.dao: An AuthenticationProvider implementation that retrieves user details from a UserDetailsService.
DaoAuthenticationProvider() - Constructor for class org.springframework.security.authentication.dao.DaoAuthenticationProvider
DaoAuthenticationProvider(PasswordEncoder) - Constructor for class org.springframework.security.authentication.dao.DaoAuthenticationProvider: Creates a new instance using the provided PasswordEncoder
databaseClient - Variable in class org.springframework.security.oauth2.client.R2dbcReactiveOAuth2AuthorizedClientService
dataSource(DataSource) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer: Populates the DataSource to be used.
debug() - Element in annotation interface org.springframework.security.config.annotation.web.configuration.EnableWebSecurity: Controls debugging support for Spring Security.
debug(boolean) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity: Controls debugging support for Spring Security.
DEBUG - Static variable in class org.springframework.security.config.Elements
DEBUG_FILTER - Static variable in class org.springframework.security.config.BeanIds
DebugBeanDefinitionParser - Class in org.springframework.security.config
DebugBeanDefinitionParser() - Constructor for class org.springframework.security.config.DebugBeanDefinitionParser
DebugFilter - Class in org.springframework.security.web.debug: Spring Security debugging filter.
DebugFilter(FilterChainProxy) - Constructor for class org.springframework.security.web.debug.DebugFilter
decide(Authentication, Object, Collection<ConfigAttribute>) - Method in interface org.springframework.security.access.AccessDecisionManager: Deprecated.

Resolves an access control decision for the passed parameters.
decide(Authentication, Object, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.vote.AffirmativeBased: Deprecated.

This concrete implementation simply polls all configured AccessDecisionVoters and grants access if any AccessDecisionVoter voted affirmatively.
decide(Authentication, Object, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.vote.ConsensusBased: Deprecated.

This concrete implementation simply polls all configured AccessDecisionVoters and upon completion determines the consensus of granted against denied responses.
decide(Authentication, Object, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.vote.UnanimousBased: Deprecated.

This concrete implementation polls all configured AccessDecisionVoters for each ConfigAttribute and grants access if only grant (or abstain) votes were received.
decide(Authentication, Object, Collection<ConfigAttribute>, Object) - Method in interface org.springframework.security.access.AfterInvocationProvider: Deprecated.
decide(Authentication, Object, Collection<ConfigAttribute>, Object) - Method in interface org.springframework.security.access.intercept.AfterInvocationManager: Deprecated.

Given the details of a secure object invocation including its returned Object, make an access control decision or optionally modify the returned Object.
decide(Authentication, Object, Collection<ConfigAttribute>, Object) - Method in class org.springframework.security.access.intercept.AfterInvocationProviderManager: Deprecated.
decide(Authentication, Object, Collection<ConfigAttribute>, Object) - Method in class org.springframework.security.access.prepost.PostInvocationAdviceProvider: Deprecated.
decide(Authentication, Object, Collection<ConfigAttribute>, Object) - Method in class org.springframework.security.acls.afterinvocation.AclEntryAfterInvocationCollectionFilteringProvider
decide(Authentication, Object, Collection<ConfigAttribute>, Object) - Method in class org.springframework.security.acls.afterinvocation.AclEntryAfterInvocationProvider
decide(FilterInvocation, Collection<ConfigAttribute>) - Method in interface org.springframework.security.web.access.channel.ChannelDecisionManager: Decided whether the presented FilterInvocation provides the appropriate level of channel security based on the requested list of ConfigAttributes.
decide(FilterInvocation, Collection<ConfigAttribute>) - Method in class org.springframework.security.web.access.channel.ChannelDecisionManagerImpl
decide(FilterInvocation, Collection<ConfigAttribute>) - Method in interface org.springframework.security.web.access.channel.ChannelProcessor: Decided whether the presented FilterInvocation provides the appropriate level of channel security based on the requested list of ConfigAttributes.
decide(FilterInvocation, Collection<ConfigAttribute>) - Method in class org.springframework.security.web.access.channel.InsecureChannelProcessor
decide(FilterInvocation, Collection<ConfigAttribute>) - Method in class org.springframework.security.web.access.channel.SecureChannelProcessor
decode(byte[]) - Static method in class org.springframework.security.crypto.codec.Base64: Deprecated.
decode(byte[]) - Static method in class org.springframework.security.crypto.codec.Utf8: Decode the bytes in UTF-8 form into a String.
decode(CharSequence) - Static method in class org.springframework.security.crypto.codec.Hex
decode(String) - Method in interface org.springframework.security.oauth2.jwt.JwtDecoder: Decodes the JWT from it's compact claims representation format and returns a Jwt.
decode(String) - Method in class org.springframework.security.oauth2.jwt.NimbusJwtDecoder: Decode and validate the JWT from its compact claims representation format
decode(String) - Method in class org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder
decode(String) - Method in interface org.springframework.security.oauth2.jwt.ReactiveJwtDecoder: Decodes the JWT from it's compact claims representation format and returns a Jwt.
decode(String) - Method in class org.springframework.security.oauth2.jwt.SupplierJwtDecoder: Decodes the JWT from it's compact claims representation format and returns a Jwt.
decode(String) - Method in class org.springframework.security.oauth2.jwt.SupplierReactiveJwtDecoder: Decodes the JWT from it's compact claims representation format and returns a Jwt.
decode(Publisher<DataBuffer>, ResolvableType, MimeType, Map<String, Object>) - Method in class org.springframework.security.rsocket.metadata.BasicAuthenticationDecoder: Deprecated.
DECODE - Static variable in class org.springframework.security.crypto.codec.Base64: Deprecated.

Specify decoding in first bit.
decodeCookie(String) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices: Decodes the cookie and splits it into a set of token strings using the ":" delimiter.
decoder(JwtDecoder) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer.JwtConfigurer
decodeToMono(Publisher<DataBuffer>, ResolvableType, MimeType, Map<String, Object>) - Method in class org.springframework.security.rsocket.metadata.BasicAuthenticationDecoder: Deprecated.
decorate(FilterChain) - Method in interface org.springframework.security.web.FilterChainProxy.FilterChainDecorator: Provide a new FilterChain that accounts for needed security considerations when there are no security filters.
decorate(FilterChain) - Method in class org.springframework.security.web.FilterChainProxy.VirtualFilterChainDecorator: Provide a new FilterChain that accounts for needed security considerations when there are no security filters.
decorate(FilterChain) - Method in class org.springframework.security.web.ObservationFilterChainDecorator
decorate(FilterChain, List<Filter>) - Method in interface org.springframework.security.web.FilterChainProxy.FilterChainDecorator: Provide a new FilterChain that accounts for the provided filters as well as teh original filter chain.
decorate(FilterChain, List<Filter>) - Method in class org.springframework.security.web.FilterChainProxy.VirtualFilterChainDecorator: Provide a new FilterChain that accounts for the provided filters as well as teh original filter chain.
decorate(FilterChain, List<Filter>) - Method in class org.springframework.security.web.ObservationFilterChainDecorator
decorate(WebFilterChain) - Method in class org.springframework.security.web.server.ObservationWebFilterChainDecorator
decorate(WebFilterChain) - Method in class org.springframework.security.web.server.WebFilterChainProxy.DefaultWebFilterChainDecorator: Provide a new FilterChain that accounts for needed security considerations when there are no security filters.
decorate(WebFilterChain) - Method in interface org.springframework.security.web.server.WebFilterChainProxy.WebFilterChainDecorator: Provide a new FilterChain that accounts for needed security considerations when there are no security filters.
decorate(WebFilterChain, List<WebFilter>) - Method in class org.springframework.security.web.server.ObservationWebFilterChainDecorator
decorate(WebFilterChain, List<WebFilter>) - Method in class org.springframework.security.web.server.WebFilterChainProxy.DefaultWebFilterChainDecorator: Provide a new FilterChain that accounts for the provided filters as well as teh original filter chain.
decorate(WebFilterChain, List<WebFilter>) - Method in interface org.springframework.security.web.server.WebFilterChainProxy.WebFilterChainDecorator: Provide a new FilterChain that accounts for the provided filters as well as teh original filter chain.
decorate(Node, BeanDefinitionHolder, ParserContext) - Method in class org.springframework.security.config.http.FilterChainMapBeanDefinitionDecorator
decorate(Node, BeanDefinitionHolder, ParserContext) - Method in class org.springframework.security.config.method.InterceptMethodsBeanDefinitionDecorator
decorate(Node, BeanDefinitionHolder, ParserContext) - Method in class org.springframework.security.config.SecurityNamespaceHandler
decrypt(byte[]) - Method in class org.springframework.security.crypto.encrypt.AesBytesEncryptor
decrypt(byte[]) - Method in class org.springframework.security.crypto.encrypt.BouncyCastleAesCbcBytesEncryptor
decrypt(byte[]) - Method in class org.springframework.security.crypto.encrypt.BouncyCastleAesGcmBytesEncryptor
decrypt(byte[]) - Method in interface org.springframework.security.crypto.encrypt.BytesEncryptor: Decrypt the byte array.
decrypt(String) - Method in interface org.springframework.security.crypto.encrypt.TextEncryptor: Decrypt the encrypted text string.
decryption(PrivateKey, X509Certificate) - Static method in class org.springframework.security.saml2.core.Saml2X509Credential: Create a Saml2X509Credential that can be used for decryption.
DECRYPTION - Enum constant in enum class org.springframework.security.saml2.core.Saml2X509Credential.Saml2X509CredentialType
DECRYPTION_ERROR - Static variable in class org.springframework.security.saml2.core.Saml2ErrorCodes: The system failed to decrypt an assertion or a name identifier.
decryptionX509Credentials(Consumer<Collection<Saml2X509Credential>>) - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.Builder: Apply this Consumer to the Collection of Saml2X509Credentials for the purposes of modifying the Collection
DEF_AUTHORITIES_BY_USERNAME_QUERY - Static variable in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
DEF_CHANGE_PASSWORD_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
DEF_CREATE_USER_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
DEF_DELETE_GROUP_AUTHORITIES_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
DEF_DELETE_GROUP_AUTHORITY_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
DEF_DELETE_GROUP_MEMBER_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
DEF_DELETE_GROUP_MEMBERS_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
DEF_DELETE_GROUP_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
DEF_DELETE_USER_AUTHORITIES_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
DEF_DELETE_USER_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
DEF_FIND_GROUP_ID_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
DEF_FIND_GROUPS_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
DEF_FIND_USERS_IN_GROUP_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
DEF_GROUP_AUTHORITIES_BY_USERNAME_QUERY - Static variable in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
DEF_GROUP_AUTHORITIES_QUERY_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
DEF_GROUP_SEARCH_BASE - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
DEF_GROUP_SEARCH_FILTER - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
DEF_INSERT_AUTHORITY_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
DEF_INSERT_GROUP_AUTHORITY_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
DEF_INSERT_GROUP_MEMBER_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
DEF_INSERT_GROUP_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
DEF_INSERT_TOKEN_SQL - Static variable in class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl: The default SQL used by createNewToken
DEF_REMOVE_USER_TOKENS_SQL - Static variable in class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl: The default SQL used by removeUserTokens
DEF_RENAME_GROUP_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
DEF_TOKEN_BY_SERIES_SQL - Static variable in class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl: The default SQL used by the getTokenBySeries query
DEF_UPDATE_TOKEN_SQL - Static variable in class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl: The default SQL used by updateToken
DEF_UPDATE_USER_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
DEF_USER_EXISTS_SQL - Static variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
DEF_USER_SEARCH_BASE - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
DEF_USERS_BY_USERNAME_QUERY - Static variable in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
DEFAULT_ACL_CLASS_ID_SELECT_CLAUSE - Static variable in class org.springframework.security.acls.jdbc.BasicLookupStrategy
DEFAULT_AUTHENTICATION_REQUEST_URI - Static variable in interface org.springframework.security.saml2.provider.service.web.authentication.Saml2AuthenticationRequestResolver
DEFAULT_AUTHORIZATION_REQUEST_BASE_URI - Static variable in class org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter: The default base URI used for authorization requests.
DEFAULT_AUTHORIZATION_REQUEST_PATTERN - Static variable in class org.springframework.security.oauth2.client.web.server.DefaultServerOAuth2AuthorizationRequestResolver: The default pattern used to resolve the ClientRegistration.getRegistrationId()
DEFAULT_CSRF_ATTR_NAME - Static variable in class org.springframework.security.web.reactive.result.view.CsrfRequestDataValueProcessor: The default request attribute to look for a CsrfToken.
DEFAULT_CSRF_MATCHER - Static variable in class org.springframework.security.web.csrf.CsrfFilter: The default RequestMatcher that indicates if CSRF protection is required or not.
DEFAULT_CSRF_MATCHER - Static variable in class org.springframework.security.web.server.csrf.CsrfWebFilter
DEFAULT_EXTRACTOR - Static variable in class org.springframework.security.web.util.ThrowableAnalyzer: Default extractor for Throwable instances.
DEFAULT_FILTER_NAME - Static variable in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
DEFAULT_FILTER_PROCESSES_URI - Static variable in class org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter: The default URI where this Filter processes authentication requests.
DEFAULT_FILTER_PROCESSES_URI - Static variable in class org.springframework.security.saml2.provider.service.web.authentication.Saml2WebSsoAuthenticationFilter
DEFAULT_LOGIN_PAGE_URL - Static variable in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
DEFAULT_LOGOUT_SUCCESS_URL - Static variable in class org.springframework.security.web.server.authentication.logout.RedirectServerLogoutSuccessHandler
DEFAULT_METADATA_FILE_NAME - Static variable in class org.springframework.security.saml2.provider.service.web.Saml2MetadataFilter
DEFAULT_ORDER_BY_CLAUSE - Static variable in class org.springframework.security.acls.jdbc.BasicLookupStrategy
DEFAULT_PARAMETER - Static variable in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
DEFAULT_REGISTRATION_ID_URI_VARIABLE_NAME - Static variable in class org.springframework.security.oauth2.client.web.server.DefaultServerOAuth2AuthorizationRequestResolver: The name of the path variable that contains the ClientRegistration.getRegistrationId()
DEFAULT_REMOVE_AUTHORIZED_CLIENT_ERROR_CODES - Static variable in class org.springframework.security.oauth2.client.RemoveAuthorizedClientOAuth2AuthorizationFailureHandler: The default OAuth 2.0 error codes that will trigger removal of an OAuth2AuthorizedClient.
DEFAULT_REMOVE_AUTHORIZED_CLIENT_ERROR_CODES - Static variable in class org.springframework.security.oauth2.client.RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler: The default OAuth 2.0 error codes that will trigger removal of the authorized client.
DEFAULT_REQUEST_ATTR_NAME - Static variable in class org.springframework.security.web.context.RequestAttributeSecurityContextRepository: The default request attribute name to use.
DEFAULT_SELECT_CLAUSE - Static variable in class org.springframework.security.acls.jdbc.BasicLookupStrategy
DEFAULT_SERIES_LENGTH - Static variable in class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices
DEFAULT_SPRING_SECURITY_CONTEXT_ATTR_NAME - Static variable in class org.springframework.security.web.server.context.WebSessionServerSecurityContextRepository: The default session attribute name to save and load the SecurityContext
DEFAULT_TOKEN_LENGTH - Static variable in class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices
DEFAULT_USER_SCHEMA_DDL_LOCATION - Static variable in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
defaultAccessDeniedHandlerFor(AccessDeniedHandler, RequestMatcher) - Method in class org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer: Sets a default AccessDeniedHandler to be used which prefers being invoked for the provided RequestMatcher.
DefaultAddressStandardClaim - Class in org.springframework.security.oauth2.core.oidc: The default implementation of an Address Claim.
DefaultAddressStandardClaim.Builder - Class in org.springframework.security.oauth2.core.oidc: A builder for DefaultAddressStandardClaim.
defaultAuthenticationEntryPointFor(AuthenticationEntryPoint, RequestMatcher) - Method in class org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer: Sets a default AuthenticationEntryPoint to be used which prefers being invoked for the provided RequestMatcher.
DefaultAuthenticationEventPublisher - Class in org.springframework.security.authentication: The default strategy for publishing authentication events.
DefaultAuthenticationEventPublisher() - Constructor for class org.springframework.security.authentication.DefaultAuthenticationEventPublisher
DefaultAuthenticationEventPublisher(ApplicationEventPublisher) - Constructor for class org.springframework.security.authentication.DefaultAuthenticationEventPublisher
DefaultAuthorizationCodeTokenResponseClient - Class in org.springframework.security.oauth2.client.endpoint: The default implementation of an OAuth2AccessTokenResponseClient for the authorization_code grant.
DefaultAuthorizationCodeTokenResponseClient() - Constructor for class org.springframework.security.oauth2.client.endpoint.DefaultAuthorizationCodeTokenResponseClient
DefaultBearerTokenResolver - Class in org.springframework.security.oauth2.server.resource.web: The default BearerTokenResolver implementation based on RFC 6750.
DefaultBearerTokenResolver() - Constructor for class org.springframework.security.oauth2.server.resource.web.DefaultBearerTokenResolver
DefaultClientCredentialsTokenResponseClient - Class in org.springframework.security.oauth2.client.endpoint: The default implementation of an OAuth2AccessTokenResponseClient for the client_credentials grant.
DefaultClientCredentialsTokenResponseClient() - Constructor for class org.springframework.security.oauth2.client.endpoint.DefaultClientCredentialsTokenResponseClient
DefaultContextAttributesMapper() - Constructor for class org.springframework.security.oauth2.client.AuthorizedClientServiceOAuth2AuthorizedClientManager.DefaultContextAttributesMapper
DefaultContextAttributesMapper() - Constructor for class org.springframework.security.oauth2.client.AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager.DefaultContextAttributesMapper
DefaultContextAttributesMapper() - Constructor for class org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizedClientManager.DefaultContextAttributesMapper
DefaultContextAttributesMapper() - Constructor for class org.springframework.security.oauth2.client.web.DefaultReactiveOAuth2AuthorizedClientManager.DefaultContextAttributesMapper
DefaultCsrfToken - Class in org.springframework.security.web.csrf: A CSRF token that is used to protect against CSRF attacks.
DefaultCsrfToken - Class in org.springframework.security.web.server.csrf: A CSRF token that is used to protect against CSRF attacks.
DefaultCsrfToken(String, String, String) - Constructor for class org.springframework.security.web.csrf.DefaultCsrfToken: Creates a new instance
DefaultCsrfToken(String, String, String) - Constructor for class org.springframework.security.web.server.csrf.DefaultCsrfToken: Creates a new instance
DefaultFilterChainValidator - Class in org.springframework.security.config.http
DefaultFilterChainValidator() - Constructor for class org.springframework.security.config.http.DefaultFilterChainValidator
DefaultFilterInvocationSecurityMetadataSource - Class in org.springframework.security.web.access.intercept: Default implementation of FilterInvocationDefinitionSource.
DefaultFilterInvocationSecurityMetadataSource(LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>) - Constructor for class org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource: Sets the internal request map from the supplied map.
DefaultHttpFirewall - Class in org.springframework.security.web.firewall: User's should consider using StrictHttpFirewall because rather than trying to sanitize a malicious URL it rejects the malicious URL providing better security guarantees.
DefaultHttpFirewall() - Constructor for class org.springframework.security.web.firewall.DefaultHttpFirewall
DefaultHttpSecurityExpressionHandler - Class in org.springframework.security.web.access.expression: A SecurityExpressionHandler that uses a RequestAuthorizationContext to create a WebSecurityExpressionRoot.
DefaultHttpSecurityExpressionHandler() - Constructor for class org.springframework.security.web.access.expression.DefaultHttpSecurityExpressionHandler
defaultIvGenerator() - Method in enum class org.springframework.security.crypto.encrypt.AesBytesEncryptor.CipherAlgorithm
DefaultJaasAuthenticationProvider - Class in org.springframework.security.authentication.jaas: Creates a LoginContext using the Configuration provided to it.
DefaultJaasAuthenticationProvider() - Constructor for class org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider
DefaultJwtBearerTokenResponseClient - Class in org.springframework.security.oauth2.client.endpoint: The default implementation of an OAuth2AccessTokenResponseClient for the jwt-bearer grant.
DefaultJwtBearerTokenResponseClient() - Constructor for class org.springframework.security.oauth2.client.endpoint.DefaultJwtBearerTokenResponseClient
DefaultLdapAuthoritiesPopulator - Class in org.springframework.security.ldap.userdetails: The default strategy for obtaining user role information from the directory.
DefaultLdapAuthoritiesPopulator(ContextSource, String) - Constructor for class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator: Constructor for group search scenarios.
DefaultLdapUsernameToDnMapper - Class in org.springframework.security.ldap: This implementation appends a name component to the userDnBase context using the usernameAttributeName property.
DefaultLdapUsernameToDnMapper(String, String) - Constructor for class org.springframework.security.ldap.DefaultLdapUsernameToDnMapper
DefaultLoginExceptionResolver - Class in org.springframework.security.authentication.jaas: This LoginExceptionResolver simply wraps the LoginException with an AuthenticationServiceException.
DefaultLoginExceptionResolver() - Constructor for class org.springframework.security.authentication.jaas.DefaultLoginExceptionResolver
DefaultLoginPageConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers: Adds a Filter that will generate a login page if one is not specified otherwise when using EnableWebSecurity.
DefaultLoginPageConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.DefaultLoginPageConfigurer
DefaultLoginPageGeneratingFilter - Class in org.springframework.security.web.authentication.ui: For internal use with namespace configuration in the case where a user doesn't configure a login page.
DefaultLoginPageGeneratingFilter() - Constructor for class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
DefaultLoginPageGeneratingFilter(UsernamePasswordAuthenticationFilter) - Constructor for class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
DefaultLogoutPageGeneratingFilter - Class in org.springframework.security.web.authentication.ui: Generates a default log out page.
DefaultLogoutPageGeneratingFilter() - Constructor for class org.springframework.security.web.authentication.ui.DefaultLogoutPageGeneratingFilter
defaultLogoutSuccessHandlerFor(LogoutSuccessHandler, RequestMatcher) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer: Sets a default LogoutSuccessHandler to be used which prefers being invoked for the provided RequestMatcher.
DefaultMapOAuth2AccessTokenResponseConverter - Class in org.springframework.security.oauth2.core.endpoint: A Converter that converts the provided OAuth 2.0 Access Token Response parameters to an OAuth2AccessTokenResponse.
DefaultMapOAuth2AccessTokenResponseConverter() - Constructor for class org.springframework.security.oauth2.core.endpoint.DefaultMapOAuth2AccessTokenResponseConverter
DefaultMessageSecurityExpressionHandler<T> - Class in org.springframework.security.messaging.access.expression: The default implementation of SecurityExpressionHandler which uses a MessageSecurityExpressionRoot.
DefaultMessageSecurityExpressionHandler() - Constructor for class org.springframework.security.messaging.access.expression.DefaultMessageSecurityExpressionHandler
DefaultMessageSecurityMetadataSource - Class in org.springframework.security.messaging.access.intercept: Deprecated.
Use MessageMatcherDelegatingAuthorizationManager instead
DefaultMessageSecurityMetadataSource(LinkedHashMap<MessageMatcher<?>, Collection<ConfigAttribute>>) - Constructor for class org.springframework.security.messaging.access.intercept.DefaultMessageSecurityMetadataSource: Deprecated.
DefaultMethodSecurityExpressionHandler - Class in org.springframework.security.access.expression.method: The standard implementation of MethodSecurityExpressionHandler.
DefaultMethodSecurityExpressionHandler() - Constructor for class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
DefaultOAuth2AccessTokenResponseMapConverter - Class in org.springframework.security.oauth2.core.endpoint: A Converter that converts the provided OAuth2AccessTokenResponse to a Map representation of the OAuth 2.0 Access Token Response parameters.
DefaultOAuth2AccessTokenResponseMapConverter() - Constructor for class org.springframework.security.oauth2.core.endpoint.DefaultOAuth2AccessTokenResponseMapConverter
DefaultOAuth2AuthenticatedPrincipal - Class in org.springframework.security.oauth2.core: A domain object that wraps the attributes of an OAuth 2.0 token.
DefaultOAuth2AuthenticatedPrincipal(String, Map<String, Object>, Collection<GrantedAuthority>) - Constructor for class org.springframework.security.oauth2.core.DefaultOAuth2AuthenticatedPrincipal: Constructs an DefaultOAuth2AuthenticatedPrincipal using the provided parameters.
DefaultOAuth2AuthenticatedPrincipal(Map<String, Object>, Collection<GrantedAuthority>) - Constructor for class org.springframework.security.oauth2.core.DefaultOAuth2AuthenticatedPrincipal: Constructs an DefaultOAuth2AuthenticatedPrincipal using the provided parameters.
DefaultOAuth2AuthorizationRequestResolver - Class in org.springframework.security.oauth2.client.web: An implementation of an OAuth2AuthorizationRequestResolver that attempts to resolve an OAuth2AuthorizationRequest from the provided HttpServletRequest using the default request URI pattern /oauth2/authorization/{registrationId}.
DefaultOAuth2AuthorizationRequestResolver(ClientRegistrationRepository, String) - Constructor for class org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizationRequestResolver: Constructs a DefaultOAuth2AuthorizationRequestResolver using the provided parameters.
DefaultOAuth2AuthorizedClientManager - Class in org.springframework.security.oauth2.client.web: The default implementation of an OAuth2AuthorizedClientManager for use within the context of a HttpServletRequest.
DefaultOAuth2AuthorizedClientManager(ClientRegistrationRepository, OAuth2AuthorizedClientRepository) - Constructor for class org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizedClientManager: Constructs a DefaultOAuth2AuthorizedClientManager using the provided parameters.
DefaultOAuth2AuthorizedClientManager.DefaultContextAttributesMapper - Class in org.springframework.security.oauth2.client.web: The default implementation of the contextAttributesMapper.
DefaultOAuth2User - Class in org.springframework.security.oauth2.core.user: The default implementation of an OAuth2User.
DefaultOAuth2User(Collection<? extends GrantedAuthority>, Map<String, Object>, String) - Constructor for class org.springframework.security.oauth2.core.user.DefaultOAuth2User: Constructs a DefaultOAuth2User using the provided parameters.
DefaultOAuth2UserService - Class in org.springframework.security.oauth2.client.userinfo: An implementation of an OAuth2UserService that supports standard OAuth 2.0 Provider's.
DefaultOAuth2UserService() - Constructor for class org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService
DefaultOidcUser - Class in org.springframework.security.oauth2.core.oidc.user: The default implementation of an OidcUser.
DefaultOidcUser(Collection<? extends GrantedAuthority>, OidcIdToken) - Constructor for class org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser: Constructs a DefaultOidcUser using the provided parameters.
DefaultOidcUser(Collection<? extends GrantedAuthority>, OidcIdToken, String) - Constructor for class org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser: Constructs a DefaultOidcUser using the provided parameters.
DefaultOidcUser(Collection<? extends GrantedAuthority>, OidcIdToken, OidcUserInfo) - Constructor for class org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser: Constructs a DefaultOidcUser using the provided parameters.
DefaultOidcUser(Collection<? extends GrantedAuthority>, OidcIdToken, OidcUserInfo, String) - Constructor for class org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser: Constructs a DefaultOidcUser using the provided parameters.
DefaultPasswordTokenResponseClient - Class in org.springframework.security.oauth2.client.endpoint: Deprecated.
The latest OAuth 2.0 Security Best Current Practice disallows the use of the Resource Owner Password Credentials grant. See reference OAuth 2.0 Security Best Current Practice.
DefaultPasswordTokenResponseClient() - Constructor for class org.springframework.security.oauth2.client.endpoint.DefaultPasswordTokenResponseClient: Deprecated.
DefaultPayloadExchange - Class in org.springframework.security.rsocket.core: Default implementation of PayloadExchange
DefaultPayloadExchange(PayloadExchangeType, Payload, MimeType, MimeType) - Constructor for class org.springframework.security.rsocket.core.DefaultPayloadExchange
DefaultPermissionFactory - Class in org.springframework.security.acls.domain: Default implementation of PermissionFactory.
DefaultPermissionFactory() - Constructor for class org.springframework.security.acls.domain.DefaultPermissionFactory: Registers the Permission fields from the BasePermission class.
DefaultPermissionFactory(Class<? extends Permission>) - Constructor for class org.springframework.security.acls.domain.DefaultPermissionFactory: Registers the Permission fields from the supplied class.
DefaultPermissionFactory(Map<String, ? extends Permission>) - Constructor for class org.springframework.security.acls.domain.DefaultPermissionFactory: Registers a map of named Permission instances.
DefaultPermissionGrantingStrategy - Class in org.springframework.security.acls.domain
DefaultPermissionGrantingStrategy(AuditLogger) - Constructor for class org.springframework.security.acls.domain.DefaultPermissionGrantingStrategy: Creates an instance with the logger which will be used to record granting and denial of requested permissions.
DefaultReactiveOAuth2AuthorizedClientManager - Class in org.springframework.security.oauth2.client.web: The default implementation of a ReactiveOAuth2AuthorizedClientManager for use within the context of a ServerWebExchange.
DefaultReactiveOAuth2AuthorizedClientManager(ReactiveClientRegistrationRepository, ServerOAuth2AuthorizedClientRepository) - Constructor for class org.springframework.security.oauth2.client.web.DefaultReactiveOAuth2AuthorizedClientManager: Constructs a DefaultReactiveOAuth2AuthorizedClientManager using the provided parameters.
DefaultReactiveOAuth2AuthorizedClientManager.DefaultContextAttributesMapper - Class in org.springframework.security.oauth2.client.web: The default implementation of the contextAttributesMapper.
DefaultReactiveOAuth2UserService - Class in org.springframework.security.oauth2.client.userinfo: An implementation of an ReactiveOAuth2UserService that supports standard OAuth 2.0 Provider's.
DefaultReactiveOAuth2UserService() - Constructor for class org.springframework.security.oauth2.client.userinfo.DefaultReactiveOAuth2UserService
DefaultRedirectStrategy - Class in org.springframework.security.web: Simple implementation of RedirectStrategy which is the default used throughout the framework.
DefaultRedirectStrategy() - Constructor for class org.springframework.security.web.DefaultRedirectStrategy
DefaultRefreshTokenTokenResponseClient - Class in org.springframework.security.oauth2.client.endpoint: The default implementation of an OAuth2AccessTokenResponseClient for the refresh_token grant.
DefaultRefreshTokenTokenResponseClient() - Constructor for class org.springframework.security.oauth2.client.endpoint.DefaultRefreshTokenTokenResponseClient
DefaultRelyingPartyRegistrationResolver - Class in org.springframework.security.saml2.provider.service.web: A Converter that resolves a RelyingPartyRegistration by extracting the registration id from the request, querying a RelyingPartyRegistrationRepository, and resolving any template values.
DefaultRelyingPartyRegistrationResolver(RelyingPartyRegistrationRepository) - Constructor for class org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver
defaultRequest() - Method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction: Provides defaults for the HttpServletRequest and the HttpServletResponse using RequestContextHolder.
DefaultRequestRejectedHandler - Class in org.springframework.security.web.firewall: Default implementation of RequestRejectedHandler that simply rethrows the exception.
DefaultRequestRejectedHandler() - Constructor for class org.springframework.security.web.firewall.DefaultRequestRejectedHandler
DefaultSaml2AuthenticatedPrincipal - Class in org.springframework.security.saml2.provider.service.authentication: Default implementation of a Saml2AuthenticatedPrincipal.
DefaultSaml2AuthenticatedPrincipal(String, Map<String, List<Object>>) - Constructor for class org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal
DefaultSaml2AuthenticatedPrincipal(String, Map<String, List<Object>>, List<String>) - Constructor for class org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal
DefaultSavedRequest - Class in org.springframework.security.web.savedrequest: Represents central information from a HttpServletRequest.
DefaultSavedRequest(HttpServletRequest, PortResolver) - Constructor for class org.springframework.security.web.savedrequest.DefaultSavedRequest
DefaultSavedRequest(HttpServletRequest, PortResolver, String) - Constructor for class org.springframework.security.web.savedrequest.DefaultSavedRequest
DefaultSavedRequest.Builder - Class in org.springframework.security.web.savedrequest
defaultsDisabled() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer: Clears all of the default headers from the response.
DefaultSecurityFilterChain - Class in org.springframework.security.web: Standard implementation of SecurityFilterChain.
DefaultSecurityFilterChain(RequestMatcher, Filter...) - Constructor for class org.springframework.security.web.DefaultSecurityFilterChain
DefaultSecurityFilterChain(RequestMatcher, List<Filter>) - Constructor for class org.springframework.security.web.DefaultSecurityFilterChain
DefaultSecurityParameterNameDiscoverer - Class in org.springframework.security.core.parameters: Spring Security's default ParameterNameDiscoverer which tries a number of ParameterNameDiscoverer depending on what is found on the classpath.
DefaultSecurityParameterNameDiscoverer() - Constructor for class org.springframework.security.core.parameters.DefaultSecurityParameterNameDiscoverer: Creates a new instance with only the default ParameterNameDiscoverer instances.
DefaultSecurityParameterNameDiscoverer(List<? extends ParameterNameDiscoverer>) - Constructor for class org.springframework.security.core.parameters.DefaultSecurityParameterNameDiscoverer: Creates a new instance that first tries the passed in ParameterNameDiscoverer instances.
DefaultServerOAuth2AuthorizationRequestResolver - Class in org.springframework.security.oauth2.client.web.server: The default implementation of ServerOAuth2AuthorizationRequestResolver.
DefaultServerOAuth2AuthorizationRequestResolver(ReactiveClientRegistrationRepository) - Constructor for class org.springframework.security.oauth2.client.web.server.DefaultServerOAuth2AuthorizationRequestResolver: Creates a new instance
DefaultServerOAuth2AuthorizationRequestResolver(ReactiveClientRegistrationRepository, ServerWebExchangeMatcher) - Constructor for class org.springframework.security.oauth2.client.web.server.DefaultServerOAuth2AuthorizationRequestResolver: Creates a new instance
DefaultServerRedirectStrategy - Class in org.springframework.security.web.server: The default ServerRedirectStrategy to use.
DefaultServerRedirectStrategy() - Constructor for class org.springframework.security.web.server.DefaultServerRedirectStrategy
defaultsForSpringSecurity_v4_1() - Static method in class org.springframework.security.crypto.scrypt.SCryptPasswordEncoder: Deprecated.
Use SCryptPasswordEncoder.defaultsForSpringSecurity_v5_8() instead
defaultsForSpringSecurity_v5_2() - Static method in class org.springframework.security.crypto.argon2.Argon2PasswordEncoder: Deprecated.
Use Argon2PasswordEncoder.defaultsForSpringSecurity_v5_8() instead
defaultsForSpringSecurity_v5_5() - Static method in class org.springframework.security.crypto.password.Pbkdf2PasswordEncoder: Deprecated.
Use Pbkdf2PasswordEncoder.defaultsForSpringSecurity_v5_8() instead
defaultsForSpringSecurity_v5_8() - Static method in class org.springframework.security.crypto.argon2.Argon2PasswordEncoder: Constructs an Argon2 password encoder with a salt length of 16 bytes, a hash length of 32 bytes, parallelism of 1, memory cost of 1 << 14 and 2 iterations.
defaultsForSpringSecurity_v5_8() - Static method in class org.springframework.security.crypto.password.Pbkdf2PasswordEncoder: Constructs a PBKDF2 password encoder with no additional secret value.
defaultsForSpringSecurity_v5_8() - Static method in class org.springframework.security.crypto.scrypt.SCryptPasswordEncoder: Constructs a SCrypt password encoder with cpu cost of 65,536, memory cost of 8, parallelization of 1, a key length of 32 and a salt length of 16 bytes.
DefaultSpringSecurityContextSource - Class in org.springframework.security.ldap: ContextSource implementation which uses Spring LDAP's LdapContextSource as a base class.
DefaultSpringSecurityContextSource(String) - Constructor for class org.springframework.security.ldap.DefaultSpringSecurityContextSource: Create and initialize an instance which will connect to the supplied LDAP URL.
DefaultSpringSecurityContextSource(List<String>, String) - Constructor for class org.springframework.security.ldap.DefaultSpringSecurityContextSource: Create and initialize an instance which will connect of the LDAP Spring Security Context Source.
defaultSuccessUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer: Specifies where users will be redirected after authenticating successfully if they have not visited a secured page prior to authenticating.
defaultSuccessUrl(String, boolean) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer: Specifies where users will be redirected after authenticating successfully if they have not visited a secured page prior to authenticating or alwaysUse is true.
DefaultToken - Class in org.springframework.security.core.token: The default implementation of Token.
DefaultToken(String, long, String) - Constructor for class org.springframework.security.core.token.DefaultToken
DefaultWebFilterChainDecorator() - Constructor for class org.springframework.security.web.server.WebFilterChainProxy.DefaultWebFilterChainDecorator
DefaultWebInvocationPrivilegeEvaluator - Class in org.springframework.security.web.access: Deprecated.
Use AuthorizationManagerWebInvocationPrivilegeEvaluator instead
DefaultWebInvocationPrivilegeEvaluator(AbstractSecurityInterceptor) - Constructor for class org.springframework.security.web.access.DefaultWebInvocationPrivilegeEvaluator: Deprecated.
DefaultWebSecurityExpressionHandler - Class in org.springframework.security.web.access.expression
DefaultWebSecurityExpressionHandler() - Constructor for class org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler
DeferredCsrfToken - Interface in org.springframework.security.web.csrf: An interface that allows delayed access to a CsrfToken that may be generated.
DeferredSecurityContext - Interface in org.springframework.security.core.context: An interface that allows delayed access to a SecurityContext that may be generated.
DelegateEntry(ServerWebExchangeMatcher, ServerAccessDeniedHandler) - Constructor for class org.springframework.security.web.server.authorization.ServerWebExchangeDelegatingServerAccessDeniedHandler.DelegateEntry
DelegateEntry(ServerWebExchangeMatcher, ServerAuthenticationEntryPoint) - Constructor for class org.springframework.security.web.server.DelegatingServerAuthenticationEntryPoint.DelegateEntry
DelegatingAccessDeniedHandler - Class in org.springframework.security.web.access: An AccessDeniedHandler that delegates to other AccessDeniedHandler instances based upon the type of AccessDeniedException passed into DelegatingAccessDeniedHandler.handle(HttpServletRequest, HttpServletResponse, AccessDeniedException).
DelegatingAccessDeniedHandler(LinkedHashMap<Class<? extends AccessDeniedException>, AccessDeniedHandler>, AccessDeniedHandler) - Constructor for class org.springframework.security.web.access.DelegatingAccessDeniedHandler: Creates a new instance
delegatingApplicationListener() - Static method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
DelegatingApplicationListener - Class in org.springframework.security.context: Used for delegating to a number of SmartApplicationListener instances.
DelegatingApplicationListener() - Constructor for class org.springframework.security.context.DelegatingApplicationListener
DelegatingAuthenticationEntryPoint - Class in org.springframework.security.web.authentication: An AuthenticationEntryPoint which selects a concrete AuthenticationEntryPoint based on a RequestMatcher evaluation.
DelegatingAuthenticationEntryPoint(LinkedHashMap<RequestMatcher, AuthenticationEntryPoint>) - Constructor for class org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint
DelegatingAuthenticationFailureHandler - Class in org.springframework.security.web.authentication: An AuthenticationFailureHandler that delegates to other AuthenticationFailureHandler instances based upon the type of AuthenticationException passed into DelegatingAuthenticationFailureHandler.onAuthenticationFailure(HttpServletRequest, HttpServletResponse, AuthenticationException) .
DelegatingAuthenticationFailureHandler(LinkedHashMap<Class<? extends AuthenticationException>, AuthenticationFailureHandler>, AuthenticationFailureHandler) - Constructor for class org.springframework.security.web.authentication.DelegatingAuthenticationFailureHandler: Creates a new instance
DelegatingJwtGrantedAuthoritiesConverter - Class in org.springframework.security.oauth2.server.resource.authentication: A Jwt to GrantedAuthority Converter that is a composite of converters.
DelegatingJwtGrantedAuthoritiesConverter(Collection<Converter<Jwt, Collection<GrantedAuthority>>>) - Constructor for class org.springframework.security.oauth2.server.resource.authentication.DelegatingJwtGrantedAuthoritiesConverter: Constructs a DelegatingJwtGrantedAuthoritiesConverter using the provided Collection of Converters
DelegatingJwtGrantedAuthoritiesConverter(Converter<Jwt, Collection<GrantedAuthority>>...) - Constructor for class org.springframework.security.oauth2.server.resource.authentication.DelegatingJwtGrantedAuthoritiesConverter: Constructs a DelegatingJwtGrantedAuthoritiesConverter using the provided array of Converters
DelegatingLogoutSuccessHandler - Class in org.springframework.security.web.authentication.logout: Delegates to logout handlers based on matched request matchers
DelegatingLogoutSuccessHandler(LinkedHashMap<RequestMatcher, LogoutSuccessHandler>) - Constructor for class org.springframework.security.web.authentication.logout.DelegatingLogoutSuccessHandler
DelegatingMethodSecurityMetadataSource - Class in org.springframework.security.access.method: Deprecated.
Use the use-authorization-manager attribute for <method-security> and <intercept-methods> instead or use annotation-based or AuthorizationManager-based authorization
DelegatingMethodSecurityMetadataSource(List<MethodSecurityMetadataSource>) - Constructor for class org.springframework.security.access.method.DelegatingMethodSecurityMetadataSource: Deprecated.
DelegatingOAuth2AuthorizedClientProvider - Class in org.springframework.security.oauth2.client: An implementation of an OAuth2AuthorizedClientProvider that simply delegates to it's internal List of OAuth2AuthorizedClientProvider(s).
DelegatingOAuth2AuthorizedClientProvider(List<OAuth2AuthorizedClientProvider>) - Constructor for class org.springframework.security.oauth2.client.DelegatingOAuth2AuthorizedClientProvider: Constructs a DelegatingOAuth2AuthorizedClientProvider using the provided parameters.
DelegatingOAuth2AuthorizedClientProvider(OAuth2AuthorizedClientProvider...) - Constructor for class org.springframework.security.oauth2.client.DelegatingOAuth2AuthorizedClientProvider: Constructs a DelegatingOAuth2AuthorizedClientProvider using the provided parameters.
DelegatingOAuth2TokenValidator<T extends OAuth2Token> - Class in org.springframework.security.oauth2.core: A composite validator
DelegatingOAuth2TokenValidator(Collection<OAuth2TokenValidator<T>>) - Constructor for class org.springframework.security.oauth2.core.DelegatingOAuth2TokenValidator: Constructs a DelegatingOAuth2TokenValidator using the provided validators.
DelegatingOAuth2TokenValidator(OAuth2TokenValidator<T>...) - Constructor for class org.springframework.security.oauth2.core.DelegatingOAuth2TokenValidator: Constructs a DelegatingOAuth2TokenValidator using the provided validators.
DelegatingOAuth2UserService<R extends OAuth2UserRequest,U extends OAuth2User> - Class in org.springframework.security.oauth2.client.userinfo: An implementation of an OAuth2UserService that simply delegates to it's internal List of OAuth2UserService(s).
DelegatingOAuth2UserService(List<OAuth2UserService<R, U>>) - Constructor for class org.springframework.security.oauth2.client.userinfo.DelegatingOAuth2UserService: Constructs a DelegatingOAuth2UserService using the provided parameters.
DelegatingPasswordEncoder - Class in org.springframework.security.crypto.password: A password encoder that delegates to another PasswordEncoder based upon a prefixed identifier.
DelegatingPasswordEncoder(String, Map<String, PasswordEncoder>) - Constructor for class org.springframework.security.crypto.password.DelegatingPasswordEncoder: Creates a new instance
DelegatingPasswordEncoder(String, Map<String, PasswordEncoder>, String, String) - Constructor for class org.springframework.security.crypto.password.DelegatingPasswordEncoder: Creates a new instance
DelegatingReactiveAuthenticationManager - Class in org.springframework.security.authentication: A ReactiveAuthenticationManager that delegates to other ReactiveAuthenticationManager instances using the result from the first non empty result.
DelegatingReactiveAuthenticationManager(List<ReactiveAuthenticationManager>) - Constructor for class org.springframework.security.authentication.DelegatingReactiveAuthenticationManager
DelegatingReactiveAuthenticationManager(ReactiveAuthenticationManager...) - Constructor for class org.springframework.security.authentication.DelegatingReactiveAuthenticationManager
DelegatingReactiveAuthorizationManager - Class in org.springframework.security.web.server.authorization
DelegatingReactiveAuthorizationManager.Builder - Class in org.springframework.security.web.server.authorization
DelegatingReactiveOAuth2AuthorizedClientProvider - Class in org.springframework.security.oauth2.client: An implementation of a ReactiveOAuth2AuthorizedClientProvider that simply delegates to it's internal List of ReactiveOAuth2AuthorizedClientProvider(s).
DelegatingReactiveOAuth2AuthorizedClientProvider(List<ReactiveOAuth2AuthorizedClientProvider>) - Constructor for class org.springframework.security.oauth2.client.DelegatingReactiveOAuth2AuthorizedClientProvider: Constructs a DelegatingReactiveOAuth2AuthorizedClientProvider using the provided parameters.
DelegatingReactiveOAuth2AuthorizedClientProvider(ReactiveOAuth2AuthorizedClientProvider...) - Constructor for class org.springframework.security.oauth2.client.DelegatingReactiveOAuth2AuthorizedClientProvider: Constructs a DelegatingReactiveOAuth2AuthorizedClientProvider using the provided parameters.
DelegatingRequestMatcherHeaderWriter - Class in org.springframework.security.web.header.writers: Delegates to the provided HeaderWriter when RequestMatcher.matches(HttpServletRequest) returns true.
DelegatingRequestMatcherHeaderWriter(RequestMatcher, HeaderWriter) - Constructor for class org.springframework.security.web.header.writers.DelegatingRequestMatcherHeaderWriter: Creates a new instance
DelegatingSecurityContextAsyncTaskExecutor - Class in org.springframework.security.task: An AsyncTaskExecutor which wraps each Runnable in a DelegatingSecurityContextRunnable and each Callable in a DelegatingSecurityContextCallable.
DelegatingSecurityContextAsyncTaskExecutor(AsyncTaskExecutor) - Constructor for class org.springframework.security.task.DelegatingSecurityContextAsyncTaskExecutor: Creates a new DelegatingSecurityContextAsyncTaskExecutor that uses the current SecurityContext.
DelegatingSecurityContextAsyncTaskExecutor(AsyncTaskExecutor, SecurityContext) - Constructor for class org.springframework.security.task.DelegatingSecurityContextAsyncTaskExecutor: Creates a new DelegatingSecurityContextAsyncTaskExecutor that uses the specified SecurityContext.
DelegatingSecurityContextCallable<V> - Class in org.springframework.security.concurrent: Wraps a delegate Callable with logic for setting up a SecurityContext before invoking the delegate Callable and then removing the SecurityContext after the delegate has completed.
DelegatingSecurityContextCallable(Callable<V>) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextCallable: Creates a new DelegatingSecurityContextCallable with the SecurityContext from the SecurityContextHolder.
DelegatingSecurityContextCallable(Callable<V>, SecurityContext) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextCallable: Creates a new DelegatingSecurityContextCallable with a specific SecurityContext.
DelegatingSecurityContextExecutor - Class in org.springframework.security.concurrent: An Executor which wraps each Runnable in a DelegatingSecurityContextRunnable.
DelegatingSecurityContextExecutor(Executor) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextExecutor: Creates a new DelegatingSecurityContextExecutor that uses the current SecurityContext from the SecurityContextHolder at the time the task is submitted.
DelegatingSecurityContextExecutor(Executor, SecurityContext) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextExecutor: Creates a new DelegatingSecurityContextExecutor that uses the specified SecurityContext.
DelegatingSecurityContextExecutorService - Class in org.springframework.security.concurrent: An ExecutorService which wraps each Runnable in a DelegatingSecurityContextRunnable and each Callable in a DelegatingSecurityContextCallable.
DelegatingSecurityContextExecutorService(ExecutorService) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService: Creates a new DelegatingSecurityContextExecutorService that uses the current SecurityContext from the SecurityContextHolder.
DelegatingSecurityContextExecutorService(ExecutorService, SecurityContext) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService: Creates a new DelegatingSecurityContextExecutorService that uses the specified SecurityContext.
DelegatingSecurityContextRepository - Class in org.springframework.security.web.context
DelegatingSecurityContextRepository(List<SecurityContextRepository>) - Constructor for class org.springframework.security.web.context.DelegatingSecurityContextRepository
DelegatingSecurityContextRepository(SecurityContextRepository...) - Constructor for class org.springframework.security.web.context.DelegatingSecurityContextRepository
DelegatingSecurityContextRunnable - Class in org.springframework.security.concurrent: Wraps a delegate Runnable with logic for setting up a SecurityContext before invoking the delegate Runnable and then removing the SecurityContext after the delegate has completed.
DelegatingSecurityContextRunnable(Runnable) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextRunnable: Creates a new DelegatingSecurityContextRunnable with the SecurityContext from the SecurityContextHolder.
DelegatingSecurityContextRunnable(Runnable, SecurityContext) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextRunnable: Creates a new DelegatingSecurityContextRunnable with a specific SecurityContext.
DelegatingSecurityContextScheduledExecutorService - Class in org.springframework.security.concurrent: An ScheduledExecutorService which wraps each Runnable in a DelegatingSecurityContextRunnable and each Callable in a DelegatingSecurityContextCallable.
DelegatingSecurityContextScheduledExecutorService(ScheduledExecutorService) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextScheduledExecutorService: Creates a new DelegatingSecurityContextScheduledExecutorService that uses the current SecurityContext from the SecurityContextHolder.
DelegatingSecurityContextScheduledExecutorService(ScheduledExecutorService, SecurityContext) - Constructor for class org.springframework.security.concurrent.DelegatingSecurityContextScheduledExecutorService: Creates a new DelegatingSecurityContextScheduledExecutorService that uses the specified SecurityContext.
DelegatingSecurityContextSchedulingTaskExecutor - Class in org.springframework.security.scheduling: An SchedulingTaskExecutor which wraps each Runnable in a DelegatingSecurityContextRunnable and each Callable in a DelegatingSecurityContextCallable.
DelegatingSecurityContextSchedulingTaskExecutor(SchedulingTaskExecutor) - Constructor for class org.springframework.security.scheduling.DelegatingSecurityContextSchedulingTaskExecutor: Creates a new DelegatingSecurityContextSchedulingTaskExecutor that uses the current SecurityContext.
DelegatingSecurityContextSchedulingTaskExecutor(SchedulingTaskExecutor, SecurityContext) - Constructor for class org.springframework.security.scheduling.DelegatingSecurityContextSchedulingTaskExecutor: Creates a new DelegatingSecurityContextSchedulingTaskExecutor that uses the specified SecurityContext.
DelegatingSecurityContextTaskExecutor - Class in org.springframework.security.task: An TaskExecutor which wraps each Runnable in a DelegatingSecurityContextRunnable.
DelegatingSecurityContextTaskExecutor(TaskExecutor) - Constructor for class org.springframework.security.task.DelegatingSecurityContextTaskExecutor: Creates a new DelegatingSecurityContextTaskExecutor that uses the current SecurityContext from the SecurityContextHolder.
DelegatingSecurityContextTaskExecutor(TaskExecutor, SecurityContext) - Constructor for class org.springframework.security.task.DelegatingSecurityContextTaskExecutor: Creates a new DelegatingSecurityContextTaskExecutor that uses the specified SecurityContext.
DelegatingSecurityContextTaskScheduler - Class in org.springframework.security.scheduling: An implementation of TaskScheduler invoking it whenever the trigger indicates a next execution time.
DelegatingSecurityContextTaskScheduler(TaskScheduler) - Constructor for class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler: Creates a new DelegatingSecurityContextTaskScheduler that uses the current SecurityContext from the SecurityContextHolder.
DelegatingSecurityContextTaskScheduler(TaskScheduler, SecurityContext) - Constructor for class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler: Creates a new DelegatingSecurityContextTaskScheduler that uses the specified SecurityContext.
DelegatingServerAuthenticationEntryPoint - Class in org.springframework.security.web.server: A ServerAuthenticationEntryPoint which delegates to multiple ServerAuthenticationEntryPoint based on a ServerWebExchangeMatcher
DelegatingServerAuthenticationEntryPoint(List<DelegatingServerAuthenticationEntryPoint.DelegateEntry>) - Constructor for class org.springframework.security.web.server.DelegatingServerAuthenticationEntryPoint
DelegatingServerAuthenticationEntryPoint(DelegatingServerAuthenticationEntryPoint.DelegateEntry...) - Constructor for class org.springframework.security.web.server.DelegatingServerAuthenticationEntryPoint
DelegatingServerAuthenticationEntryPoint.DelegateEntry - Class in org.springframework.security.web.server
DelegatingServerAuthenticationSuccessHandler - Class in org.springframework.security.web.server.authentication: Delegates to a collection of ServerAuthenticationSuccessHandler implementations.
DelegatingServerAuthenticationSuccessHandler(ServerAuthenticationSuccessHandler...) - Constructor for class org.springframework.security.web.server.authentication.DelegatingServerAuthenticationSuccessHandler
DelegatingServerLogoutHandler - Class in org.springframework.security.web.server.authentication.logout: Delegates to a collection of ServerLogoutHandler implementations.
DelegatingServerLogoutHandler(Collection<ServerLogoutHandler>) - Constructor for class org.springframework.security.web.server.authentication.logout.DelegatingServerLogoutHandler
DelegatingServerLogoutHandler(ServerLogoutHandler...) - Constructor for class org.springframework.security.web.server.authentication.logout.DelegatingServerLogoutHandler
delete - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
DELETE - Static variable in class org.springframework.security.acls.domain.BasePermission
deleteAce(int) - Method in class org.springframework.security.acls.domain.AclImpl
deleteAce(int) - Method in interface org.springframework.security.acls.model.MutableAcl
deleteAcl(ObjectIdentity, boolean) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
deleteAcl(ObjectIdentity, boolean) - Method in interface org.springframework.security.acls.model.MutableAclService: Removes the specified entry from the database.
deleteCookies(String...) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer: Allows specifying the names of cookies to be removed on logout success.
deleteEntries(Long) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService: Deletes all ACEs defined in the acl_entry table belonging to the presented ObjectIdentity primary key.
deleteGroup(String) - Method in interface org.springframework.security.provisioning.GroupManager: Removes a group, including all members and authorities.
deleteGroup(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
deleteObjectIdentity(Long) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService: Deletes a single row from acl_object_identity that is associated with the presented ObjectIdentity primary key.
deleteUser(String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
deleteUser(String) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
deleteUser(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
deleteUser(String) - Method in interface org.springframework.security.provisioning.UserDetailsManager: Remove the user with the given login name from the system.
delux(CharSequence, CharSequence) - Static method in class org.springframework.security.crypto.encrypt.Encryptors: Creates a text encryptor that uses "stronger" password-based encryption.
demergePatterns(String, String) - Static method in class org.springframework.security.acls.domain.AclFormattingUtils
deny() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.FrameOptionsConfig: Specify to DENY framing any content from this application.
DENY - Enum constant in enum class org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter.XFrameOptionsMode
DENY - Enum constant in enum class org.springframework.security.web.server.header.XFrameOptionsServerHttpHeadersWriter.Mode: A browser receiving content with this header field MUST NOT display this content in any frame.
DENY_ALL_ATTRIBUTE - Static variable in class org.springframework.security.access.annotation.Jsr250SecurityConfig: Deprecated.
denyAll - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot: Allows "denyAll" expression
denyAll() - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations: Always denies access
denyAll() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
denyAll() - Method in class org.springframework.security.config.annotation.rsocket.RSocketSecurity.AuthorizePayloadsSpec.Access
denyAll() - Method in class org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer.AuthorizedUrl: Specify that URLs are not allowed by anyone.
denyAll() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl: Deprecated.

Specify that URLs are not allowed by anyone.
denyAll() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint: Deprecated.

Specify that Messages are not allowed by anyone.
denyAll() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.AuthorizeExchangeSpec.Access: Deny access for everyone
denyAll() - Method in class org.springframework.security.messaging.access.intercept.MessageMatcherDelegatingAuthorizationManager.Builder.Constraint: Specify that Messages are not allowed by anyone.
DenyAllPermissionEvaluator - Class in org.springframework.security.access.expression: A null PermissionEvaluator which denies all access.
DenyAllPermissionEvaluator() - Constructor for class org.springframework.security.access.expression.DenyAllPermissionEvaluator
destroy() - Method in class org.springframework.security.config.ldap.EmbeddedLdapServerContextSourceFactoryBean
destroy() - Method in class org.springframework.security.ldap.server.ApacheDSContainer: Deprecated.
destroy() - Method in class org.springframework.security.ldap.server.UnboundIdContainer
destroy() - Method in class org.springframework.security.web.access.intercept.FilterSecurityInterceptor: Deprecated.

Not used (we rely on IoC container lifecycle services instead)
destroy() - Method in class org.springframework.security.web.debug.DebugFilter
determineCauseChain(Throwable) - Method in class org.springframework.security.web.util.ThrowableAnalyzer: Determines the cause chain of the provided Throwable.
determineExpiredUrl(HttpServletRequest, SessionInformation) - Method in class org.springframework.security.web.session.ConcurrentSessionFilter: Deprecated.
Use ConcurrentSessionFilter(SessionRegistry, SessionInformationExpiredStrategy) instead.
determineTargetUrl(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler: Builds the target URL according to the logic defined in the main class Javadoc.
determineTargetUrl(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.oauth2.client.oidc.web.logout.OidcClientInitiatedLogoutSuccessHandler
determineTargetUrl(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler: Builds the target URL according to the logic defined in the main class Javadoc
determineUrlToUseForThisRequest(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint: Allows subclasses to modify the login form URL that should be applicable for a given request.
digest() - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors: Creates a DigestRequestPostProcessor that enables easily adding digest based authentication to a request.
digest(String) - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors: Creates a DigestRequestPostProcessor that enables easily adding digest based authentication to a request.
DigestAuthenticationEntryPoint - Class in org.springframework.security.web.authentication.www: Used by the SecurityEnforcementFilter to commence authentication via the DigestAuthenticationFilter.
DigestAuthenticationEntryPoint() - Constructor for class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
DigestAuthenticationFilter - Class in org.springframework.security.web.authentication.www: Processes a HTTP request's Digest authorization headers, putting the result into the SecurityContextHolder.
DigestAuthenticationFilter() - Constructor for class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
DigestRequestPostProcessor() - Constructor for class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.DigestRequestPostProcessor
disable() - Method in class org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer: Disables the AbstractHttpConfigurer by removing it.
disable() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.CacheControlConfig: Disables Cache Control
disable() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.ContentTypeOptionsConfig: Removes the X-XSS-Protection header.
disable() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.FrameOptionsConfig: Prevents the header from being added to the response.
disable() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.HpkpConfig: Deprecated.

Prevents the header from being added to the response.
disable() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.HstsConfig: Disables Strict Transport Security
disable() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.XXssConfig: Disables X-XSS-Protection header (does not include it)
disable() - Method in class org.springframework.security.config.annotation.web.configurers.RequestCacheConfigurer
disable() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.AnonymousSpec: Disables anonymous authentication.
disable() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.CorsSpec: Disables CORS support within Spring Security.
disable() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.CsrfSpec: Disables CSRF Protection.
disable() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.FormLoginSpec: Disables HTTP Basic authentication.
disable() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.CacheSpec: Disables cache control response headers
disable() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.ContentTypeOptionsSpec: Disables the content type options response header
disable() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec: Disables http response headers
disable() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.FrameOptionsSpec: Disables frame options response header
disable() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.HstsSpec: Disables strict transport security response header
disable() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.XssProtectionSpec: Disables the x-xss-protection response header
disable() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HttpBasicSpec: Disables HTTP Basic authentication.
disable() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.LogoutSpec: Disables log out
disable() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.RequestCacheSpec: Disables the ServerHttpSecurity.RequestCacheSpec
disabled(boolean) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder: Defines if the account is disabled or not.
disabled(boolean) - Method in class org.springframework.security.core.userdetails.User.UserBuilder: Defines if the account is disabled or not.
disabled(boolean) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.UserExchangeMutator
DISABLED - Enum constant in enum class org.springframework.security.web.header.writers.XXssProtectionHeaderWriter.HeaderValue
DISABLED - Enum constant in enum class org.springframework.security.web.server.header.XXssProtectionServerHttpHeadersWriter.HeaderValue
DisabledException - Exception in org.springframework.security.authentication: Thrown if an authentication request is rejected because the account is disabled.
DisabledException(String) - Constructor for exception org.springframework.security.authentication.DisabledException: Constructs a DisabledException with the specified message.
DisabledException(String, Throwable) - Constructor for exception org.springframework.security.authentication.DisabledException: Constructs a DisabledException with the specified message and root cause.
DisableEncodeUrlFilter - Class in org.springframework.security.web.session: Disables encoding URLs using the HttpServletResponse to prevent including the session id in URLs which is not considered URL because the session id can be leaked in things like HTTP access logs.
DisableEncodeUrlFilter() - Constructor for class org.springframework.security.web.session.DisableEncodeUrlFilter
disableOnResponseCommitted() - Method in class org.springframework.security.web.util.OnCommittedResponseWrapper: Invoke this method to disable invoking OnCommittedResponseWrapper.onResponseCommitted() when the HttpServletResponse is committed.
disableSaveOnResponseCommitted() - Method in class org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper: Deprecated.

Invoke this method to disable automatic saving of the SecurityContext when the HttpServletResponse is committed.
dispatcherTypeMatchers(DispatcherType...) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry: Create a List of DispatcherTypeRequestMatcher instances that do not specify an HttpMethod.
dispatcherTypeMatchers(HttpMethod, DispatcherType...) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry: Maps a List of DispatcherTypeRequestMatcher instances.
DispatcherTypeRequestMatcher - Class in org.springframework.security.web.util.matcher: Checks the DispatcherType to decide whether to match a given request.
DispatcherTypeRequestMatcher(DispatcherType) - Constructor for class org.springframework.security.web.util.matcher.DispatcherTypeRequestMatcher: Creates an instance which matches requests with the provided DispatcherType
DispatcherTypeRequestMatcher(DispatcherType, HttpMethod) - Constructor for class org.springframework.security.web.util.matcher.DispatcherTypeRequestMatcher: Creates an instance which matches requests with the provided DispatcherType and HttpMethod
DN_KEY - Static variable in class org.springframework.security.ldap.SpringSecurityLdapTemplate: Every search results where a record is defined by a Map<String,String[]> contains at least this key - the DN of the record itself.
DO_BREAK_LINES - Static variable in class org.springframework.security.crypto.codec.Base64: Deprecated.

Do break lines when encoding.
doAfterPropertiesSet() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
doAfterPropertiesSet() - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
doAuthentication(UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
doAuthentication(UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider
doAuthentication(UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.ldap.authentication.LdapAuthenticationProvider
doBuild() - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder: Executes the build using the SecurityConfigurer's that have been applied using the following steps: Invokes AbstractConfiguredSecurityBuilder.beforeInit() for any subclass to hook into Invokes SecurityConfigurer.init(SecurityBuilder) for any SecurityConfigurer that was applied to this builder. Invokes AbstractConfiguredSecurityBuilder.beforeConfigure() for any subclass to hook into Invokes AbstractConfiguredSecurityBuilder.performBuild() which actually builds the Object
doBuild() - Method in class org.springframework.security.config.annotation.AbstractSecurityBuilder: Subclasses should implement this to perform the build.
doEndTag() - Method in class org.springframework.security.taglibs.authz.AuthenticationTag
doEndTag() - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag: Default processing of the end tag returning EVAL_PAGE.
doEndTag() - Method in class org.springframework.security.taglibs.csrf.CsrfMetaTagsTag
doesRequestMatch(HttpServletRequest, PortResolver) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest: Determines if the current request matches the DefaultSavedRequest.
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.access.channel.ChannelProcessingFilter
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.access.ExceptionTranslationFilter
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.access.intercept.AuthorizationFilter
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.access.intercept.FilterSecurityInterceptor: Deprecated.

Method that is actually called by the filter chain.
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter: Invokes the requiresAuthentication method to determine whether the request is for authentication and should be handled by this filter.
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.authentication.AnonymousAuthenticationFilter
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.authentication.logout.LogoutFilter
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter: Try to authenticate a pre-authenticated user with Spring Security if the user has not yet been authenticated.
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.context.SecurityContextHolderFilter
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.context.SecurityContextPersistenceFilter: Deprecated.
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.debug.DebugFilter
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.FilterChainProxy
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.jaasapi.JaasApiIntegrationFilter: Attempts to obtain and run as a JAAS Subject using JaasApiIntegrationFilter.obtainSubject(ServletRequest).
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.savedrequest.RequestCacheAwareFilter
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.session.ConcurrentSessionFilter
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.springframework.security.web.session.SessionManagementFilter
doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class org.springframework.security.oauth2.client.web.OAuth2AuthorizationCodeGrantFilter
doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter
doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class org.springframework.security.oauth2.server.resource.web.authentication.BearerTokenAuthenticationFilter: Extract any Bearer Token from the request and attempt an authentication.
doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutRequestFilter
doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutResponseFilter
doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class org.springframework.security.saml2.provider.service.web.Saml2MetadataFilter
doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class org.springframework.security.saml2.provider.service.web.Saml2WebSsoAuthenticationRequestFilter
doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class org.springframework.security.web.authentication.AuthenticationFilter
doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class org.springframework.security.web.authentication.ui.DefaultLogoutPageGeneratingFilter
doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter
doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class org.springframework.security.web.csrf.CsrfFilter
doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class org.springframework.security.web.header.HeaderWriterFilter
doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class org.springframework.security.web.RequestMatcherRedirectFilter
doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class org.springframework.security.web.session.DisableEncodeUrlFilter
doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class org.springframework.security.web.session.ForceEagerSessionCreationFilter
doParse(Element, ParserContext, BeanDefinitionBuilder) - Method in class org.springframework.security.config.authentication.AbstractUserDetailsServiceBeanDefinitionParser
doParse(Element, ParserContext, BeanDefinitionBuilder) - Method in class org.springframework.security.config.authentication.JdbcUserServiceBeanDefinitionParser
doParse(Element, ParserContext, BeanDefinitionBuilder) - Method in class org.springframework.security.config.authentication.UserServiceBeanDefinitionParser
doParse(Element, ParserContext, BeanDefinitionBuilder) - Method in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
doStartTag() - Method in class org.springframework.security.taglibs.authz.AccessControlListTag
doStartTag() - Method in class org.springframework.security.taglibs.authz.AuthenticationTag
doStartTag() - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag: Invokes the base class AbstractAuthorizeTag.authorize() method to decide if the body of the tag should be skipped or not.

E

Elements - Class in org.springframework.security.config: Contains all the element names used by Spring Security 3 namespace support.
Elements() - Constructor for class org.springframework.security.config.Elements
ELRequestMatcher - Class in org.springframework.security.web.util.matcher: A RequestMatcher implementation which uses a SpEL expression
ELRequestMatcher(String) - Constructor for class org.springframework.security.web.util.matcher.ELRequestMatcher
email(String) - Method in class org.springframework.security.oauth2.core.oidc.OidcUserInfo.Builder: Use this email in the resulting OidcUserInfo
EMAIL - Static variable in class org.springframework.security.oauth2.core.oidc.OidcScopes: The email scope requests access to the email and email_verified claims.
EMAIL - Static variable in class org.springframework.security.oauth2.core.oidc.StandardClaimNames: email - the user's preferred e-mail address
EMAIL_VERIFIED - Static variable in class org.springframework.security.oauth2.core.oidc.StandardClaimNames: email_verified - true if the user's e-mail address has been verified, otherwise false
emailVerified(Boolean) - Method in class org.springframework.security.oauth2.core.oidc.OidcUserInfo.Builder: Use this verified-email indicator in the resulting OidcUserInfo
EMBEDDED_APACHE_DS - Static variable in class org.springframework.security.config.BeanIds
EMBEDDED_UNBOUNDID - Static variable in class org.springframework.security.config.BeanIds
EmbeddedLdapServerContainer - Interface in org.springframework.security.ldap.server: Provides lifecycle services for an embedded LDAP server.
EmbeddedLdapServerContextSourceFactoryBean - Class in org.springframework.security.config.ldap: Creates a DefaultSpringSecurityContextSource used to perform LDAP authentication and starts and in-memory LDAP server.
EmbeddedLdapServerContextSourceFactoryBean() - Constructor for class org.springframework.security.config.ldap.EmbeddedLdapServerContextSourceFactoryBean
EMBEDDER_POLICY - Static variable in class org.springframework.security.web.server.header.CrossOriginEmbedderPolicyServerHttpHeadersWriter
ENABLED - Enum constant in enum class org.springframework.security.web.header.writers.XXssProtectionHeaderWriter.HeaderValue
ENABLED - Enum constant in enum class org.springframework.security.web.server.header.XXssProtectionServerHttpHeadersWriter.HeaderValue
ENABLED_MODE_BLOCK - Enum constant in enum class org.springframework.security.web.header.writers.XXssProtectionHeaderWriter.HeaderValue
ENABLED_MODE_BLOCK - Enum constant in enum class org.springframework.security.web.server.header.XXssProtectionServerHttpHeadersWriter.HeaderValue
enableDefaultTyping(ObjectMapper) - Static method in class org.springframework.security.jackson2.SecurityJackson2Modules
EnableGlobalAuthentication - Annotation Interface in org.springframework.security.config.annotation.authentication.configuration: The EnableGlobalAuthentication annotation signals that the annotated class can be used to configure a global instance of AuthenticationManagerBuilder.
enableGlobalAuthenticationAutowiredConfigurer(ApplicationContext) - Static method in class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
EnableGlobalMethodSecurity - Annotation Interface in org.springframework.security.config.annotation.method.configuration: Deprecated.
Use EnableMethodSecurity instead
enableHttpSessionEventPublisher() - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer: Override this if HttpSessionEventPublisher should be added as a listener.
EnableMethodSecurity - Annotation Interface in org.springframework.security.config.annotation.method.configuration: Enables Spring Security Method Security.
EnableReactiveMethodSecurity - Annotation Interface in org.springframework.security.config.annotation.method.configuration
EnableRSocketSecurity - Annotation Interface in org.springframework.security.config.annotation.rsocket: Add this annotation to a Configuration class to have Spring Security RSocketSecurity support added.
enableSessionUrlRewriting(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer: If set to true, allows HTTP sessions to be rewritten in the URLs when using HttpServletResponse.encodeRedirectURL(String) or HttpServletResponse.encodeURL(String), otherwise disallows HTTP sessions to be included in the URL.
EnableWebFluxSecurity - Annotation Interface in org.springframework.security.config.annotation.web.reactive: Add this annotation to a Configuration class to have Spring Security WebFlux support added.
EnableWebMvcSecurity - Annotation Interface in org.springframework.security.config.annotation.web.servlet.configuration: Deprecated.
Use EnableWebSecurity instead which will automatically add the Spring MVC related Security items.
EnableWebSecurity - Annotation Interface in org.springframework.security.config.annotation.web.configuration: Add this annotation to an @Configuration class to have the Spring Security configuration defined in any WebSecurityConfigurer or more likely by exposing a SecurityFilterChain bean:
EnableWebSocketSecurity - Annotation Interface in org.springframework.security.config.annotation.web.socket: Allows configuring WebSocket Authorization.
encode(byte[]) - Static method in class org.springframework.security.crypto.codec.Base64: Deprecated.
encode(byte[]) - Static method in class org.springframework.security.crypto.codec.Hex
encode(CharSequence) - Method in class org.springframework.security.crypto.argon2.Argon2PasswordEncoder
encode(CharSequence) - Method in class org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
encode(CharSequence) - Static method in class org.springframework.security.crypto.codec.Utf8: Get the bytes of the String in UTF-8 encoded form.
encode(CharSequence) - Method in class org.springframework.security.crypto.password.AbstractPasswordEncoder
encode(CharSequence) - Method in class org.springframework.security.crypto.password.DelegatingPasswordEncoder
encode(CharSequence) - Method in class org.springframework.security.crypto.password.LdapShaPasswordEncoder: Deprecated.

Calculates the hash of password (and salt bytes, if supplied) and returns a base64 encoded concatenation of the hash and salt, prefixed with {SHA} (or {SSHA} if salt was used).
encode(CharSequence) - Method in class org.springframework.security.crypto.password.Md4PasswordEncoder: Deprecated.

Encodes the rawPass using a MessageDigest.
encode(CharSequence) - Method in class org.springframework.security.crypto.password.MessageDigestPasswordEncoder: Deprecated.

Encodes the rawPass using a MessageDigest.
encode(CharSequence) - Method in class org.springframework.security.crypto.password.NoOpPasswordEncoder: Deprecated.
encode(CharSequence) - Method in interface org.springframework.security.crypto.password.PasswordEncoder: Encode the raw password.
encode(CharSequence) - Method in class org.springframework.security.crypto.password.Pbkdf2PasswordEncoder
encode(CharSequence) - Method in class org.springframework.security.crypto.password.StandardPasswordEncoder: Deprecated.
encode(CharSequence) - Method in class org.springframework.security.crypto.scrypt.SCryptPasswordEncoder
encode(CharSequence, byte[]) - Method in class org.springframework.security.crypto.password.AbstractPasswordEncoder
encode(Publisher<? extends BearerTokenMetadata>, DataBufferFactory, ResolvableType, MimeType, Map<String, Object>) - Method in class org.springframework.security.rsocket.metadata.BearerTokenAuthenticationEncoder
encode(Publisher<? extends UsernamePasswordMetadata>, DataBufferFactory, ResolvableType, MimeType, Map<String, Object>) - Method in class org.springframework.security.rsocket.metadata.BasicAuthenticationEncoder: Deprecated.
encode(Publisher<? extends UsernamePasswordMetadata>, DataBufferFactory, ResolvableType, MimeType, Map<String, Object>) - Method in class org.springframework.security.rsocket.metadata.SimpleAuthenticationEncoder
encode(JwtEncoderParameters) - Method in interface org.springframework.security.oauth2.jwt.JwtEncoder: Encode the JWT to it's compact claims representation format.
encode(JwtEncoderParameters) - Method in class org.springframework.security.oauth2.jwt.NimbusJwtEncoder
ENCODE - Static variable in class org.springframework.security.crypto.codec.Base64: Deprecated.

Specify encoding in first bit.
encodeAndConcatenate(CharSequence, byte[]) - Method in class org.springframework.security.crypto.password.AbstractPasswordEncoder
encodeCookie(String[]) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices: Inverse operation of decodeCookie.
encodeRedirectURL(String) - Method in class org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper: Deprecated.
encodeURL(String) - Method in class org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper: Deprecated.
encodeValue(BearerTokenMetadata, DataBufferFactory, ResolvableType, MimeType, Map<String, Object>) - Method in class org.springframework.security.rsocket.metadata.BearerTokenAuthenticationEncoder
encodeValue(UsernamePasswordMetadata, DataBufferFactory, ResolvableType, MimeType, Map<String, Object>) - Method in class org.springframework.security.rsocket.metadata.BasicAuthenticationEncoder: Deprecated.
encodeValue(UsernamePasswordMetadata, DataBufferFactory, ResolvableType, MimeType, Map<String, Object>) - Method in class org.springframework.security.rsocket.metadata.SimpleAuthenticationEncoder
EncodingUtils - Class in org.springframework.security.crypto.util: Static helper for encoding data.
encrypt(byte[]) - Method in class org.springframework.security.crypto.encrypt.AesBytesEncryptor
encrypt(byte[]) - Method in class org.springframework.security.crypto.encrypt.BouncyCastleAesCbcBytesEncryptor
encrypt(byte[]) - Method in class org.springframework.security.crypto.encrypt.BouncyCastleAesGcmBytesEncryptor
encrypt(byte[]) - Method in interface org.springframework.security.crypto.encrypt.BytesEncryptor: Encrypt the byte array.
encrypt(String) - Method in interface org.springframework.security.crypto.encrypt.TextEncryptor: Encrypt the raw text string.
encryption(X509Certificate) - Static method in class org.springframework.security.saml2.core.Saml2X509Credential: Create a Saml2X509Credential that can be used for encryption.
ENCRYPTION - Enum constant in enum class org.springframework.security.saml2.core.Saml2X509Credential.Saml2X509CredentialType
encryptionX509Credentials(Consumer<Collection<Saml2X509Credential>>) - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails.Builder: Apply this Consumer to the list of Saml2X509Credentials
Encryptors - Class in org.springframework.security.crypto.encrypt: Factory for commonly used encryptors.
EntityDescriptorParameters(EntityDescriptor, RelyingPartyRegistration) - Constructor for class org.springframework.security.saml2.provider.service.metadata.OpenSamlMetadataResolver.EntityDescriptorParameters
entityId(String) - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails.Builder: Set the asserting party's EntityID.
entityId(String) - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.Builder: Set the relying party's EntityID.
Enumerator<T> - Class in org.springframework.security.web.savedrequest: Adapter that wraps an Enumeration around a Java 2 collection Iterator.
Enumerator(Collection<T>) - Constructor for class org.springframework.security.web.savedrequest.Enumerator: Return an Enumeration over the values of the specified Collection.
Enumerator(Collection<T>, boolean) - Constructor for class org.springframework.security.web.savedrequest.Enumerator: Return an Enumeration over the values of the specified Collection.
Enumerator(Iterator<T>) - Constructor for class org.springframework.security.web.savedrequest.Enumerator: Return an Enumeration over the values returned by the specified Iterator.
Enumerator(Iterator<T>, boolean) - Constructor for class org.springframework.security.web.savedrequest.Enumerator: Return an Enumeration over the values returned by the specified Iterator.
Enumerator(Map<?, T>) - Constructor for class org.springframework.security.web.savedrequest.Enumerator: Return an Enumeration over the values of the specified Map.
Enumerator(Map<?, T>, boolean) - Constructor for class org.springframework.security.web.savedrequest.Enumerator: Return an Enumeration over the values of the specified Map.
equals(Object) - Method in class org.springframework.security.access.SecurityConfig
equals(Object) - Method in class org.springframework.security.acls.domain.AbstractPermission
equals(Object) - Method in class org.springframework.security.acls.domain.AccessControlEntryImpl
equals(Object) - Method in class org.springframework.security.acls.domain.AclImpl
equals(Object) - Method in class org.springframework.security.acls.domain.GrantedAuthoritySid
equals(Object) - Method in class org.springframework.security.acls.domain.ObjectIdentityImpl: Important so caching operates properly.
equals(Object) - Method in class org.springframework.security.acls.domain.PrincipalSid
equals(Object) - Method in interface org.springframework.security.acls.model.ObjectIdentity
equals(Object) - Method in interface org.springframework.security.acls.model.Sid: Refer to the java.lang.Object documentation for the interface contract.
equals(Object) - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
equals(Object) - Method in class org.springframework.security.authentication.AnonymousAuthenticationToken
equals(Object) - Method in class org.springframework.security.authentication.jaas.JaasGrantedAuthority
equals(Object) - Method in class org.springframework.security.authentication.RememberMeAuthenticationToken
equals(Object) - Method in class org.springframework.security.core.authority.SimpleGrantedAuthority
equals(Object) - Method in class org.springframework.security.core.context.SecurityContextImpl
equals(Object) - Method in class org.springframework.security.core.token.DefaultToken
equals(Object) - Method in class org.springframework.security.core.userdetails.User: Returns true if the supplied object is a User instance with the same username value.
equals(Object) - Method in class org.springframework.security.ldap.userdetails.LdapAuthority: Compares the LdapAuthority based on LdapAuthority.getAuthority() and LdapAuthority.getDn() values.
equals(Object) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
equals(Object) - Method in class org.springframework.security.messaging.util.matcher.SimpMessageTypeMatcher
equals(Object) - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClientId
equals(Object) - Method in class org.springframework.security.oauth2.core.AbstractOAuth2Token
equals(Object) - Method in class org.springframework.security.oauth2.core.AuthenticationMethod
equals(Object) - Method in class org.springframework.security.oauth2.core.AuthorizationGrantType
equals(Object) - Method in class org.springframework.security.oauth2.core.ClientAuthenticationMethod
equals(Object) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponseType
equals(Object) - Method in class org.springframework.security.oauth2.core.OAuth2AccessToken.TokenType
equals(Object) - Method in class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim
equals(Object) - Method in class org.springframework.security.oauth2.core.oidc.OidcUserInfo
equals(Object) - Method in class org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority
equals(Object) - Method in class org.springframework.security.oauth2.core.user.DefaultOAuth2User
equals(Object) - Method in class org.springframework.security.oauth2.core.user.OAuth2UserAuthority
equals(Object) - Method in class org.springframework.security.saml2.core.Saml2X509Credential
equals(Object) - Method in class org.springframework.security.util.InMemoryResource
equals(Object) - Method in class org.springframework.security.web.access.intercept.RequestKey
equals(Object) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority
equals(Object) - Method in class org.springframework.security.web.authentication.WebAuthenticationDetails
equals(Object) - Method in class org.springframework.security.web.header.Header
equals(Object) - Method in class org.springframework.security.web.server.csrf.DefaultCsrfToken
equals(Object) - Method in class org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher
equals(Object) - Method in class org.springframework.security.web.util.matcher.AntPathRequestMatcher
equals(Object) - Method in class org.springframework.security.web.util.matcher.AnyRequestMatcher
eraseCredentials() - Method in class org.springframework.security.authentication.AbstractAuthenticationToken: Checks the credentials, principal and details objects, invoking the eraseCredentials method on any which implement CredentialsContainer.
eraseCredentials() - Method in class org.springframework.security.authentication.UsernamePasswordAuthenticationToken
eraseCredentials() - Method in interface org.springframework.security.core.CredentialsContainer
eraseCredentials() - Method in class org.springframework.security.core.userdetails.User
eraseCredentials() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
eraseCredentials(boolean) - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
error(String) - Static method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse: Returns a new OAuth2AuthorizationResponse.Builder, initialized with the error code.
ERROR - Static variable in class org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames: error - used in Authorization Response and Access Token Response.
ERROR_DESCRIPTION - Static variable in class org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames: error_description - used in Authorization Response and Access Token Response.
ERROR_PARAMETER_NAME - Static variable in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
ERROR_URI - Static variable in class org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames: error_uri - used in Authorization Response and Access Token Response.
errorCode(String) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse.Builder: Sets the error code.
errorConverter - Variable in class org.springframework.security.oauth2.core.http.converter.OAuth2ErrorHttpMessageConverter
errorDescription(String) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse.Builder: Sets the error description.
errorOnInvalidType() - Element in annotation interface org.springframework.security.core.annotation.AuthenticationPrincipal: True if a ClassCastException should be thrown when the current Authentication.getPrincipal() is the incorrect type.
errorOnInvalidType() - Element in annotation interface org.springframework.security.core.annotation.CurrentSecurityContext: True if a ClassCastException should be thrown when the current SecurityContext is the incorrect type.
errorOnInvalidType() - Element in annotation interface org.springframework.security.web.bind.annotation.AuthenticationPrincipal: Deprecated.

True if a ClassCastException should be thrown when the current Authentication.getPrincipal() is the incorrect type.
errorParametersConverter - Variable in class org.springframework.security.oauth2.core.http.converter.OAuth2ErrorHttpMessageConverter
errors(Consumer<Collection<Saml2Error>>) - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutValidatorResult.Builder
errorUri(String) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse.Builder: Sets the error uri.
ES256 - Enum constant in enum class org.springframework.security.oauth2.jose.jws.SignatureAlgorithm: ECDSA using P-256 and SHA-256 (Recommended+)
ES256 - Static variable in class org.springframework.security.oauth2.jose.jws.JwsAlgorithms: ECDSA using P-256 and SHA-256 (Recommended+)
ES384 - Enum constant in enum class org.springframework.security.oauth2.jose.jws.SignatureAlgorithm: ECDSA using P-384 and SHA-384 (Optional)
ES384 - Static variable in class org.springframework.security.oauth2.jose.jws.JwsAlgorithms: ECDSA using P-384 and SHA-384 (Optional)
ES512 - Enum constant in enum class org.springframework.security.oauth2.jose.jws.SignatureAlgorithm: ECDSA using P-521 and SHA-512 (Optional)
ES512 - Static variable in class org.springframework.security.oauth2.jose.jws.JwsAlgorithms: ECDSA using P-521 and SHA-512 (Optional)
escapeEntities(String) - Static method in class org.springframework.security.web.util.TextEscapeUtils
Essence() - Constructor for class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
Essence() - Constructor for class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
Essence() - Constructor for class org.springframework.security.ldap.userdetails.Person.Essence
Essence(DirContextOperations) - Constructor for class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
Essence(DirContextOperations) - Constructor for class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
Essence(DirContextOperations) - Constructor for class org.springframework.security.ldap.userdetails.Person.Essence
Essence(InetOrgPerson) - Constructor for class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
Essence(LdapUserDetails) - Constructor for class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
Essence(Person) - Constructor for class org.springframework.security.ldap.userdetails.Person.Essence
evalOrSkip(boolean) - Static method in class org.springframework.security.taglibs.TagLibConfig: Returns EVAL_BODY_INCLUDE if the authorized flag is true or UI security has been disabled.
evaluateAsBoolean(Expression, EvaluationContext) - Static method in class org.springframework.security.access.expression.ExpressionUtils
eventPublisher - Variable in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
evictFromCache(Serializable) - Method in class org.springframework.security.acls.domain.SpringCacheBasedAclCache
evictFromCache(Serializable) - Method in interface org.springframework.security.acls.model.AclCache
evictFromCache(ObjectIdentity) - Method in class org.springframework.security.acls.domain.SpringCacheBasedAclCache
evictFromCache(ObjectIdentity) - Method in interface org.springframework.security.acls.model.AclCache
EXCEPTION_TRANSLATION - Enum constant in enum class org.springframework.security.config.web.server.SecurityWebFiltersOrder
exceptionHandling() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Allows configuring exception handling.
exceptionHandling() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Configures exception handling (i.e.
exceptionHandling(Customizer<ExceptionHandlingConfigurer<HttpSecurity>>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Allows configuring exception handling.
exceptionHandling(Customizer<ServerHttpSecurity.ExceptionHandlingSpec>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Configures exception handling (i.e.
ExceptionHandlingConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers: Adds exception handling for Spring Security related exceptions to an application.
ExceptionHandlingConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer: Creates a new instance
ExceptionMappingAuthenticationFailureHandler - Class in org.springframework.security.web.authentication: Uses the internal map of exceptions types to URLs to determine the destination on authentication failure.
ExceptionMappingAuthenticationFailureHandler() - Constructor for class org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler
ExceptionTranslationFilter - Class in org.springframework.security.web.access: Handles any AccessDeniedException and AuthenticationException thrown within the filter chain.
ExceptionTranslationFilter(AuthenticationEntryPoint) - Constructor for class org.springframework.security.web.access.ExceptionTranslationFilter
ExceptionTranslationFilter(AuthenticationEntryPoint, RequestCache) - Constructor for class org.springframework.security.web.access.ExceptionTranslationFilter
ExceptionTranslationWebFilter - Class in org.springframework.security.web.server.authorization
ExceptionTranslationWebFilter() - Constructor for class org.springframework.security.web.server.authorization.ExceptionTranslationWebFilter
ExchangeMatcherRedirectWebFilter - Class in org.springframework.security.web.server: Web filter that redirects requests that match ServerWebExchangeMatcher to the specified URL.
ExchangeMatcherRedirectWebFilter(ServerWebExchangeMatcher, String) - Constructor for class org.springframework.security.web.server.ExchangeMatcherRedirectWebFilter: Create and initialize an instance of the web filter.
execute(Runnable) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutor
execute(Runnable, long) - Method in class org.springframework.security.task.DelegatingSecurityContextAsyncTaskExecutor
EXECUTION_CONTEXTS - Enum constant in enum class org.springframework.security.web.header.writers.ClearSiteDataHeaderWriter.Directive
EXECUTION_CONTEXTS - Enum constant in enum class org.springframework.security.web.server.header.ClearSiteDataServerHttpHeadersWriter.Directive
exitSwitchUser(WebFilterExchange) - Method in class org.springframework.security.web.server.authentication.SwitchUserWebFilter: Attempt to exit from an already switched user.
EXP - Static variable in class org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimNames: exp - A timestamp indicating when the token expires
EXP - Static variable in class org.springframework.security.oauth2.core.oidc.IdTokenClaimNames: exp - the Expiration time on or after which the ID Token MUST NOT be accepted
EXP - Static variable in class org.springframework.security.oauth2.jwt.JwtClaimNames: exp - the Expiration time claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing
expiredSessionStrategy(SessionInformationExpiredStrategy) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.ConcurrencyControlConfigurer: Determines the behaviour when an expired session is detected.
expiredUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.ConcurrencyControlConfigurer: The URL to redirect to if a user tries to access a resource and their session has been expired due to too many sessions for the current user.
expireNow() - Method in class org.springframework.security.core.session.SessionInformation
EXPIRES_IN - Static variable in class org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames: expires_in - used in Authorization Response and Access Token Response.
EXPIRES_VALUE - Static variable in class org.springframework.security.web.server.header.CacheControlServerHttpHeadersWriter: The value for expires value
expiresAt(Instant) - Method in class org.springframework.security.oauth2.core.oidc.OidcIdToken.Builder: Use this expiration in the resulting OidcIdToken
expiresAt(Instant) - Method in class org.springframework.security.oauth2.jwt.Jwt.Builder: Use this expiration in the resulting Jwt
expiresAt(Instant) - Method in class org.springframework.security.oauth2.jwt.JwtClaimsSet.Builder: Sets the expiration time (exp) claim, which identifies the time on or after which the JWT MUST NOT be accepted for processing.
expiresIn(long) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse.Builder: Sets the lifetime (in seconds) of the access token.
exportTestSecurityContext() - Static method in class org.springframework.security.test.web.servlet.response.SecurityMockMvcResultHandlers: Exports the SecurityContext from TestSecurityContextHolder to SecurityContextHolder
expression() - Element in annotation interface org.springframework.security.core.annotation.AuthenticationPrincipal: If specified will use the provided SpEL expression to resolve the principal.
expression() - Element in annotation interface org.springframework.security.core.annotation.CurrentSecurityContext: If specified, will use the provided SpEL expression to resolve the security context.
EXPRESSION_HANDLER - Static variable in class org.springframework.security.config.Elements
ExpressionAttributeAuthorizationDecision - Class in org.springframework.security.authorization.method: Deprecated.
Use ExpressionAuthorizationDecision instead
ExpressionAttributeAuthorizationDecision(boolean, ExpressionAttribute) - Constructor for class org.springframework.security.authorization.method.ExpressionAttributeAuthorizationDecision: Deprecated.
ExpressionAuthorizationDecision - Class in org.springframework.security.authorization: Represents an AuthorizationDecision based on a Expression
ExpressionAuthorizationDecision(boolean, Expression) - Constructor for class org.springframework.security.authorization.ExpressionAuthorizationDecision
ExpressionBasedAnnotationAttributeFactory - Class in org.springframework.security.access.expression.method: Deprecated.
Use AuthorizationManager interceptors instead
ExpressionBasedAnnotationAttributeFactory(MethodSecurityExpressionHandler) - Constructor for class org.springframework.security.access.expression.method.ExpressionBasedAnnotationAttributeFactory: Deprecated.
ExpressionBasedFilterInvocationSecurityMetadataSource - Class in org.springframework.security.web.access.expression: Expression-based FilterInvocationSecurityMetadataSource.
ExpressionBasedFilterInvocationSecurityMetadataSource(LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>, SecurityExpressionHandler<FilterInvocation>) - Constructor for class org.springframework.security.web.access.expression.ExpressionBasedFilterInvocationSecurityMetadataSource
ExpressionBasedMessageSecurityMetadataSourceFactory - Class in org.springframework.security.messaging.access.expression: Deprecated.
Use MessageMatcherDelegatingAuthorizationManager instead
ExpressionBasedPostInvocationAdvice - Class in org.springframework.security.access.expression.method: Deprecated.
Use AuthorizationManagerAfterMethodInterceptor instead
ExpressionBasedPostInvocationAdvice(MethodSecurityExpressionHandler) - Constructor for class org.springframework.security.access.expression.method.ExpressionBasedPostInvocationAdvice: Deprecated.
ExpressionBasedPreInvocationAdvice - Class in org.springframework.security.access.expression.method: Deprecated.
Use AuthorizationManagerAfterMethodInterceptor instead
ExpressionBasedPreInvocationAdvice() - Constructor for class org.springframework.security.access.expression.method.ExpressionBasedPreInvocationAdvice: Deprecated.
expressionHandler(SecurityExpressionHandler<Message<Object>>) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry: Deprecated.

The SecurityExpressionHandler to be used.
expressionHandler(SecurityExpressionHandler<FilterInvocation>) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity: Set the SecurityExpressionHandler to be used.
expressionHandler(SecurityExpressionHandler<FilterInvocation>) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry: Deprecated.

Allows customization of the SecurityExpressionHandler to be used.
ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers: Deprecated.
Use AuthorizeHttpRequestsConfigurer instead
ExpressionUrlAuthorizationConfigurer(ApplicationContext) - Constructor for class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer: Deprecated.

Creates a new instance
ExpressionUrlAuthorizationConfigurer.AuthorizedUrl - Class in org.springframework.security.config.annotation.web.configurers: Deprecated.
ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry - Class in org.springframework.security.config.annotation.web.configurers: Deprecated.
ExpressionUtils - Class in org.springframework.security.access.expression
extractAttributes(A) - Method in interface org.springframework.security.access.annotation.AnnotationMetadataExtractor: Deprecated.
extractAttributes(HttpSession) - Method in class org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy: Called to extract the existing attributes from the session, prior to invalidating it.
extractCause(Throwable) - Method in interface org.springframework.security.web.util.ThrowableCauseExtractor: Extracts the cause from the provided Throwable.
extractControl(DirContext) - Static method in class org.springframework.security.ldap.ppolicy.PasswordPolicyControlExtractor
extractPathVariables(Message<?>) - Method in class org.springframework.security.messaging.util.matcher.SimpDestinationMessageMatcher
extractPrincipal(X509Certificate) - Method in class org.springframework.security.web.authentication.preauth.x509.SubjectDnX509PrincipalExtractor
extractPrincipal(X509Certificate) - Method in interface org.springframework.security.web.authentication.preauth.x509.X509PrincipalExtractor: Returns the principal (usually a String) for the given certificate.
extractRememberMeCookie(HttpServletRequest) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices: Locates the Spring Security remember me cookie in the request and returns its value.
extractUriTemplateVariables(HttpServletRequest) - Method in class org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher: Deprecated.
extractUriTemplateVariables(HttpServletRequest) - Method in class org.springframework.security.web.util.matcher.AntPathRequestMatcher: Deprecated.
extractUriTemplateVariables(HttpServletRequest) - Method in interface org.springframework.security.web.util.matcher.RequestVariablesExtractor: Deprecated.

Extract URL template variables from the request.

F

FACEBOOK - Enum constant in enum class org.springframework.security.config.oauth2.client.CommonOAuth2Provider
factory() - Element in annotation interface org.springframework.security.test.context.support.WithSecurityContext: The WithUserDetailsSecurityContextFactory to use to create the SecurityContext.
failure(Collection<OAuth2Error>) - Static method in class org.springframework.security.oauth2.core.OAuth2TokenValidatorResult: Construct a failure OAuth2TokenValidatorResult with the provided detail
failure(Collection<Saml2Error>) - Static method in class org.springframework.security.saml2.core.Saml2ResponseValidatorResult: Construct a failure Saml2ResponseValidatorResult with the provided detail
failure(OAuth2Error...) - Static method in class org.springframework.security.oauth2.core.OAuth2TokenValidatorResult: Construct a failure OAuth2TokenValidatorResult with the provided detail
failure(Saml2Error...) - Static method in class org.springframework.security.saml2.core.Saml2ResponseValidatorResult: Construct a failure Saml2ResponseValidatorResult with the provided detail
failureForwardUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.FormLoginConfigurer: Forward Authentication Failure Handler
failureHandler(AuthenticationFailureHandler) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer: Specifies the AuthenticationFailureHandler to use when authentication fails.
failureUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer: The URL to send users if authentication fails.
FAMILY_NAME - Static variable in class org.springframework.security.oauth2.core.oidc.StandardClaimNames: family_name - the user's surname(s) or last name(s)
familyName(String) - Method in class org.springframework.security.oauth2.core.oidc.OidcUserInfo.Builder: Use this family name in the resulting OidcUserInfo
FastHttpDateFormat - Class in org.springframework.security.web.savedrequest: Utility class to generate HTTP dates.
FEATURE_POLICY - Static variable in class org.springframework.security.web.server.header.FeaturePolicyServerHttpHeadersWriter
featurePolicy(String) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer: Deprecated.
Use HeadersConfigurer.permissionsPolicy(Customizer) instead.
featurePolicy(String) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec: Deprecated.
Use ServerHttpSecurity.HeaderSpec.permissionsPolicy(Customizer) instead.
FeaturePolicyHeaderWriter - Class in org.springframework.security.web.header.writers: Provides support for Feature Policy.
FeaturePolicyHeaderWriter(String) - Constructor for class org.springframework.security.web.header.writers.FeaturePolicyHeaderWriter: Create a new instance of FeaturePolicyHeaderWriter with supplied security policy directive(s).
FeaturePolicyServerHttpHeadersWriter - Class in org.springframework.security.web.server.header: Writes the Feature-Policy response header with configured policy directives.
FeaturePolicyServerHttpHeadersWriter() - Constructor for class org.springframework.security.web.server.header.FeaturePolicyServerHttpHeadersWriter
FieldUtils - Class in org.springframework.security.util: Offers static methods for directly manipulating fields.
filter(Object, Expression, EvaluationContext) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler: Filters the filterTarget object (which must be either a collection, array, map or stream), by evaluating the supplied expression.
filter(Object, Expression, EvaluationContext) - Method in interface org.springframework.security.access.expression.method.MethodSecurityExpressionHandler: Filters a target collection or array.
filter(ClientRequest, ExchangeFunction) - Method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction
filter(ClientRequest, ExchangeFunction) - Method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction
filter(ClientRequest, ExchangeFunction) - Method in class org.springframework.security.oauth2.server.resource.web.reactive.function.client.ServerBearerExchangeFilterFunction
filter(ClientRequest, ExchangeFunction) - Method in class org.springframework.security.oauth2.server.resource.web.reactive.function.client.ServletBearerExchangeFilterFunction
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationCodeGrantWebFilter
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationRequestRedirectWebFilter
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.web.server.authentication.AnonymousAuthenticationWebFilter
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.web.server.authentication.AuthenticationWebFilter
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.web.server.authentication.logout.LogoutWebFilter
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.web.server.authentication.SwitchUserWebFilter
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.web.server.authorization.AuthorizationWebFilter
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.web.server.authorization.ExceptionTranslationWebFilter
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.web.server.context.ReactorContextWebFilter
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.web.server.context.SecurityContextServerWebExchangeWebFilter
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.web.server.csrf.CsrfWebFilter
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.web.server.ExchangeMatcherRedirectWebFilter
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.web.server.header.HttpHeaderWriterWebFilter
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.web.server.savedrequest.ServerRequestCacheWebFilter
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.web.server.transport.HttpsRedirectWebFilter
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.web.server.ui.LoginPageGeneratingWebFilter
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.web.server.ui.LogoutPageGeneratingWebFilter
filter(ServerWebExchange, WebFilterChain) - Method in class org.springframework.security.web.server.WebFilterChainProxy
FILTER_CHAIN - Static variable in class org.springframework.security.config.Elements
FILTER_CHAIN_MAP - Static variable in class org.springframework.security.config.Elements
FILTER_CHAIN_PROXY - Static variable in class org.springframework.security.config.BeanIds
FILTER_CHAINS - Static variable in class org.springframework.security.config.BeanIds
FILTER_SECURITY_METADATA_SOURCE - Static variable in class org.springframework.security.config.Elements
FilterBasedLdapUserSearch - Class in org.springframework.security.ldap.search: LdapUserSearch implementation which uses an Ldap filter to locate the user.
FilterBasedLdapUserSearch(String, String, BaseLdapPathContextSource) - Constructor for class org.springframework.security.ldap.search.FilterBasedLdapUserSearch
FilterChainBeanDefinitionParser - Class in org.springframework.security.config.http
FilterChainBeanDefinitionParser() - Constructor for class org.springframework.security.config.http.FilterChainBeanDefinitionParser
FilterChainDecoratorFactory() - Constructor for class org.springframework.security.config.http.HttpSecurityBeanDefinitionParser.FilterChainDecoratorFactory
FilterChainMapBeanDefinitionDecorator - Class in org.springframework.security.config.http: Sets the filter chain Map for a FilterChainProxy bean declaration.
FilterChainMapBeanDefinitionDecorator() - Constructor for class org.springframework.security.config.http.FilterChainMapBeanDefinitionDecorator
FilterChainProxy - Class in org.springframework.security.web: Delegates Filter requests to a list of Spring-managed filter beans.
FilterChainProxy() - Constructor for class org.springframework.security.web.FilterChainProxy
FilterChainProxy(List<SecurityFilterChain>) - Constructor for class org.springframework.security.web.FilterChainProxy
FilterChainProxy(SecurityFilterChain) - Constructor for class org.springframework.security.web.FilterChainProxy
FilterChainProxy.FilterChainDecorator - Interface in org.springframework.security.web: A strategy for decorating the provided filter chain with one that accounts for the SecurityFilterChain for a given request.
FilterChainProxy.FilterChainValidator - Interface in org.springframework.security.web
FilterChainProxy.VirtualFilterChainDecorator - Class in org.springframework.security.web: A FilterChainProxy.FilterChainDecorator that uses the FilterChainProxy.VirtualFilterChain
FilterInvocation - Class in org.springframework.security.web: Holds objects associated with a HTTP filter.
FilterInvocation(ServletRequest, ServletResponse, FilterChain) - Constructor for class org.springframework.security.web.FilterInvocation
FilterInvocation(String, String) - Constructor for class org.springframework.security.web.FilterInvocation
FilterInvocation(String, String, String) - Constructor for class org.springframework.security.web.FilterInvocation
FilterInvocation(String, String, String, ServletContext) - Constructor for class org.springframework.security.web.FilterInvocation
FilterInvocation(String, String, String, String, String) - Constructor for class org.springframework.security.web.FilterInvocation
FilterInvocation(String, String, String, String, String, ServletContext) - Constructor for class org.springframework.security.web.FilterInvocation
FilterInvocationSecurityMetadataSource - Interface in org.springframework.security.web.access.intercept: Marker interface for SecurityMetadataSource implementations that are designed to perform lookups keyed on FilterInvocations.
FilterInvocationSecurityMetadataSourceParser - Class in org.springframework.security.config.http: Deprecated.
Use `use-authorization-manager` property instead
FilterInvocationSecurityMetadataSourceParser() - Constructor for class org.springframework.security.config.http.FilterInvocationSecurityMetadataSourceParser: Deprecated.
FilterSecurityInterceptor - Class in org.springframework.security.web.access.intercept: Deprecated.
Use AuthorizationFilter instead
FilterSecurityInterceptor() - Constructor for class org.springframework.security.web.access.intercept.FilterSecurityInterceptor: Deprecated.
filterSecurityInterceptorOncePerRequest(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractInterceptUrlConfigurer.AbstractInterceptUrlRegistry: Deprecated.

Allows setting if the FilterSecurityInterceptor should be only applied once per request (i.e.
filterTarget() - Element in annotation interface org.springframework.security.access.prepost.PreFilter
finallyInvocation(InterceptorStatusToken) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor: Deprecated.

Cleans up the work of the AbstractSecurityInterceptor after the secure object invocation has been completed.
findAllGroups() - Method in interface org.springframework.security.provisioning.GroupManager: Returns the names of all groups that this group manager controls.
findAllGroups() - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
findAttributes(Class<?>) - Method in class org.springframework.security.access.annotation.Jsr250MethodSecurityMetadataSource: Deprecated.
findAttributes(Class<?>) - Method in class org.springframework.security.access.annotation.SecuredAnnotationSecurityMetadataSource: Deprecated.
findAttributes(Class<?>) - Method in class org.springframework.security.access.method.AbstractFallbackMethodSecurityMetadataSource: Deprecated.

Obtains the security metadata registered against the specified class.
findAttributes(Class<?>) - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource: Deprecated.

Implementation does not support class-level attributes.
findAttributes(Method, Class<?>) - Method in class org.springframework.security.access.annotation.Jsr250MethodSecurityMetadataSource: Deprecated.
findAttributes(Method, Class<?>) - Method in class org.springframework.security.access.annotation.SecuredAnnotationSecurityMetadataSource: Deprecated.
findAttributes(Method, Class<?>) - Method in class org.springframework.security.access.method.AbstractFallbackMethodSecurityMetadataSource: Deprecated.

Obtains the security metadata applicable to the specified method invocation.
findAttributes(Method, Class<?>) - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource: Deprecated.

Will walk the method inheritance tree to find the most specific declaration applicable.
findByRegistrationId(String) - Method in interface org.springframework.security.oauth2.client.registration.ClientRegistrationRepository: Returns the client registration identified by the provided registrationId, or null if not found.
findByRegistrationId(String) - Method in class org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository
findByRegistrationId(String) - Method in class org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository
findByRegistrationId(String) - Method in interface org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository: Returns the client registration identified by the provided registrationId, or null if not found.
findByRegistrationId(String) - Method in class org.springframework.security.saml2.provider.service.registration.InMemoryRelyingPartyRegistrationRepository
findByRegistrationId(String) - Method in interface org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository: Returns the relying party registration identified by the provided registrationId, or null if not found.
findByUsername(String) - Method in class org.springframework.security.core.userdetails.MapReactiveUserDetailsService
findByUsername(String) - Method in interface org.springframework.security.core.userdetails.ReactiveUserDetailsService: Find the UserDetails by username.
findChildren(ObjectIdentity) - Method in class org.springframework.security.acls.jdbc.JdbcAclService
findChildren(ObjectIdentity) - Method in interface org.springframework.security.acls.model.AclService: Locates all object identities that use the specified parent.
findGroupAuthorities(String) - Method in interface org.springframework.security.provisioning.GroupManager: Obtains the list of authorities which are assigned to a group.
findGroupAuthorities(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
findRequiredWebApplicationContext(ServletContext) - Static method in class org.springframework.security.web.context.support.SecurityWebApplicationContextUtils: Find a unique WebApplicationContext for this web app: either the root web app context (preferred) or a unique WebApplicationContext among the registered ServletContext attributes (typically coming from a single DispatcherServlet in the current web application).
findUsersInGroup(String) - Method in interface org.springframework.security.provisioning.GroupManager: Locates the users who are members of a group
findUsersInGroup(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
FIRE_AND_FORGET - Enum constant in enum class org.springframework.security.rsocket.api.PayloadExchangeType: A Fire and Forget exchange.
FirewalledRequest - Class in org.springframework.security.web.firewall: Request wrapper which is returned by the HttpFirewall interface.
FirewalledRequest(HttpServletRequest) - Constructor for class org.springframework.security.web.firewall.FirewalledRequest: Constructs a request object wrapping the given request.
FIRST - Enum constant in enum class org.springframework.security.authorization.method.AuthorizationInterceptorsOrder
FIRST - Enum constant in enum class org.springframework.security.config.web.server.SecurityWebFiltersOrder
flushBuffer() - Method in class org.springframework.security.web.util.OnCommittedResponseWrapper: Makes sure OnCommittedResponseWrapper.onResponseCommitted() is invoked before calling the superclass flushBuffer()
ForceEagerSessionCreationFilter - Class in org.springframework.security.web.session: Eagerly creates HttpSession if it does not already exist.
ForceEagerSessionCreationFilter() - Constructor for class org.springframework.security.web.session.ForceEagerSessionCreationFilter
FORM - Static variable in class org.springframework.security.oauth2.core.AuthenticationMethod
FORM_LOGIN - Enum constant in enum class org.springframework.security.config.web.server.SecurityWebFiltersOrder: Instance of AuthenticationWebFilter
FORM_LOGIN - Static variable in class org.springframework.security.config.Elements
format - Static variable in class org.springframework.security.web.savedrequest.FastHttpDateFormat: HTTP date format.
formatCache - Static variable in class org.springframework.security.web.savedrequest.FastHttpDateFormat: Formatter cache.
formatDate(long, DateFormat) - Static method in class org.springframework.security.web.savedrequest.FastHttpDateFormat: Formats a specified date to HTTP format.
formats - Static variable in class org.springframework.security.web.savedrequest.FastHttpDateFormat: The set of SimpleDateFormat formats to use in getDateHeader().
formatted(String) - Method in class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim.Builder: Sets the full mailing address, formatted for display.
formLogin() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Specifies to support form based authentication.
formLogin() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Configures form based authentication.
formLogin() - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders: Creates a request (including any necessary CsrfToken) that will submit a form based login to POST "/login".
formLogin(String) - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders: Creates a request (including any necessary CsrfToken) that will submit a form based login to POST loginProcessingUrl.
formLogin(Customizer<FormLoginConfigurer<HttpSecurity>>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Specifies to support form based authentication.
formLogin(Customizer<ServerHttpSecurity.FormLoginSpec>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Configures form based authentication.
FormLoginBeanDefinitionParser - Class in org.springframework.security.config.http
FormLoginConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers: Adds form based authentication.
FormLoginConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.FormLoginConfigurer: Creates a new instance
ForwardAuthenticationFailureHandler - Class in org.springframework.security.web.authentication: Forward Authentication Failure Handler
ForwardAuthenticationFailureHandler(String) - Constructor for class org.springframework.security.web.authentication.ForwardAuthenticationFailureHandler
ForwardAuthenticationSuccessHandler - Class in org.springframework.security.web.authentication: Forward Authentication Success Handler
ForwardAuthenticationSuccessHandler(String) - Constructor for class org.springframework.security.web.authentication.ForwardAuthenticationSuccessHandler
ForwardLogoutSuccessHandler - Class in org.springframework.security.web.authentication.logout: LogoutSuccessHandler implementation that will perform a request dispatcher "forward" to the specified target URL.
ForwardLogoutSuccessHandler(String) - Constructor for class org.springframework.security.web.authentication.logout.ForwardLogoutSuccessHandler: Construct a new ForwardLogoutSuccessHandler with the given target URL.
frameOptions() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer: Allows customizing the XFrameOptionsHeaderWriter.
frameOptions() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec: Configures frame options response headers
frameOptions(Customizer<HeadersConfigurer.FrameOptionsConfig>) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer: Allows customizing the XFrameOptionsHeaderWriter.
frameOptions(Customizer<ServerHttpSecurity.HeaderSpec.FrameOptionsSpec>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec: Configures frame options response headers
from(String) - Static method in enum class org.springframework.security.oauth2.jose.jws.MacAlgorithm: Attempt to resolve the provided algorithm name to a MacAlgorithm.
from(String) - Static method in enum class org.springframework.security.oauth2.jose.jws.SignatureAlgorithm: Attempt to resolve the provided algorithm name to a SignatureAlgorithm.
from(String) - Static method in enum class org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding: Attempt to resolve the provided algorithm name to a Saml2MessageBinding.
from(String) - Static method in enum class org.springframework.security.web.header.writers.CrossOriginEmbedderPolicyHeaderWriter.CrossOriginEmbedderPolicy
from(String) - Static method in enum class org.springframework.security.web.header.writers.CrossOriginOpenerPolicyHeaderWriter.CrossOriginOpenerPolicy
from(String) - Static method in enum class org.springframework.security.web.header.writers.CrossOriginResourcePolicyHeaderWriter.CrossOriginResourcePolicy
from(String) - Static method in enum class org.springframework.security.web.header.writers.XXssProtectionHeaderWriter.HeaderValue
from(OAuth2AuthorizationRequest) - Static method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest: Returns a new OAuth2AuthorizationRequest.Builder, initialized with the values from the provided authorizationRequest.
from(JwsHeader) - Static method in class org.springframework.security.oauth2.jwt.JwsHeader: Returns a new JwsHeader.Builder, initialized with the provided headers.
from(JwsHeader, JwtClaimsSet) - Static method in class org.springframework.security.oauth2.jwt.JwtEncoderParameters: Returns a new JwtEncoderParameters, initialized with the provided JwsHeader and JwtClaimsSet.
from(JwtClaimsSet) - Static method in class org.springframework.security.oauth2.jwt.JwtClaimsSet: Returns a new JwtClaimsSet.Builder, initialized with the provided claims.
from(JwtClaimsSet) - Static method in class org.springframework.security.oauth2.jwt.JwtEncoderParameters: Returns a new JwtEncoderParameters, initialized with the provided JwtClaimsSet.
fromEmbeddedLdapServer() - Static method in class org.springframework.security.config.ldap.EmbeddedLdapServerContextSourceFactoryBean: Create an EmbeddedLdapServerContextSourceFactoryBean that will use an embedded LDAP server to perform LDAP authentication.
fromIssuerLocation(String) - Static method in class org.springframework.security.oauth2.client.registration.ClientRegistrations: Creates a ClientRegistration.Builder using the provided Issuer by querying three different discovery endpoints serially, using the values in the first successful response to initialize.
fromIssuerLocation(String) - Static method in class org.springframework.security.oauth2.jwt.JwtDecoders: Creates a JwtDecoder using the provided Issuer by querying three different discovery endpoints serially, using the values in the first successful response to initialize.
fromIssuerLocation(String) - Static method in class org.springframework.security.oauth2.jwt.ReactiveJwtDecoders: Creates a ReactiveJwtDecoder using the provided Issuer by querying three different discovery endpoints serially, using the values in the first successful response to initialize.
fromMetadata(InputStream) - Static method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrations: Return a RelyingPartyRegistration.Builder based off of the given SAML 2.0 Asserting Party (IDP) metadata.
fromMetadataLocation(String) - Static method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrations: Return a RelyingPartyRegistration.Builder based off of the given SAML 2.0 Asserting Party (IDP) metadata location.
fromOidcIssuerLocation(String) - Static method in class org.springframework.security.oauth2.client.registration.ClientRegistrations: Creates a ClientRegistration.Builder using the provided Issuer by making an OpenID Provider Configuration Request and using the values in the OpenID Provider Configuration Response to initialize the ClientRegistration.Builder.
fromOidcIssuerLocation(String) - Static method in class org.springframework.security.oauth2.jwt.JwtDecoders: Creates a JwtDecoder using the provided Issuer by making an OpenID Provider Configuration Request and using the values in the OpenID Provider Configuration Response to initialize the JwtDecoder.
fromOidcIssuerLocation(String) - Static method in class org.springframework.security.oauth2.jwt.ReactiveJwtDecoders: Creates a ReactiveJwtDecoder using the provided Issuer by making an OpenID Provider Configuration Request and using the values in the OpenID Provider Configuration Response to initialize the ReactiveJwtDecoder.
fromResource(Resource) - Static method in class org.springframework.security.config.core.userdetails.ReactiveUserDetailsServiceResourceFactoryBean: Create a ReactiveUserDetailsServiceResourceFactoryBean with a Resource that is a Properties file in the format defined in UserDetailsResourceFactoryBean.
fromResource(Resource) - Static method in class org.springframework.security.config.core.userdetails.UserDetailsResourceFactoryBean: Create a UserDetailsResourceFactoryBean with a Resource that is a Properties file in the format defined in UserDetailsResourceFactoryBean.
fromResource(Resource) - Static method in class org.springframework.security.config.provisioning.UserDetailsManagerResourceFactoryBean: Create a UserDetailsManagerResourceFactoryBean with a Resource that is a Properties file in the format defined in UserDetailsResourceFactoryBean.
fromResourceLocation(String) - Static method in class org.springframework.security.config.core.userdetails.ReactiveUserDetailsServiceResourceFactoryBean: Create a ReactiveUserDetailsServiceResourceFactoryBean with the location of a Resource that is a Properties file in the format defined in UserDetailsResourceFactoryBean.
fromResourceLocation(String) - Static method in class org.springframework.security.config.core.userdetails.UserDetailsResourceFactoryBean: Create a UserDetailsResourceFactoryBean with the location of a Resource that is a Properties file in the format defined in UserDetailsResourceFactoryBean.
fromResourceLocation(String) - Static method in class org.springframework.security.config.provisioning.UserDetailsManagerResourceFactoryBean: Create a UserDetailsManagerResourceFactoryBean with the location of a Resource that is a Properties file in the format defined in UserDetailsResourceFactoryBean.
fromString(String) - Static method in class org.springframework.security.config.core.userdetails.ReactiveUserDetailsServiceResourceFactoryBean: Create a ReactiveUserDetailsServiceResourceFactoryBean with a String that is in the format defined in UserDetailsResourceFactoryBean.
fromString(String) - Static method in class org.springframework.security.config.core.userdetails.UserDetailsResourceFactoryBean: Creates a UserDetailsResourceFactoryBean with a resource from the provided String
fromString(String) - Static method in class org.springframework.security.config.provisioning.UserDetailsManagerResourceFactoryBean: Create a UserDetailsManagerResourceFactoryBean with a String that is in the format defined in UserDetailsResourceFactoryBean.
fullyAuthenticated() - Static method in class org.springframework.security.authorization.AuthenticatedAuthorizationManager: Creates an instance of AuthenticatedAuthorizationManager that determines if the Authentication is authenticated without using remember me.
fullyAuthenticated() - Method in class org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer.AuthorizedUrl: Specify that URLs are allowed by users who have authenticated and were not "remembered".
fullyAuthenticated() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl: Deprecated.

Specify that URLs are allowed by users who have authenticated and were not "remembered".
fullyAuthenticated() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint: Deprecated.

Specify that Messages are allowed by users who have authenticated and were not "remembered".
fullyAuthenticated() - Method in class org.springframework.security.messaging.access.intercept.MessageMatcherDelegatingAuthorizationManager.Builder.Constraint: Specify that Messages are allowed by users who have authenticated and were not "remembered".

G

GCM - Enum constant in enum class org.springframework.security.crypto.encrypt.AesBytesEncryptor.CipherAlgorithm
gender(String) - Method in class org.springframework.security.oauth2.core.oidc.OidcUserInfo.Builder: Use this gender in the resulting OidcUserInfo
GENDER - Static variable in class org.springframework.security.oauth2.core.oidc.StandardClaimNames: gender - the user's gender
generateKey() - Method in class org.springframework.security.crypto.keygen.Base64StringKeyGenerator
generateKey() - Method in interface org.springframework.security.crypto.keygen.BytesKeyGenerator: Generate a new key.
generateKey() - Method in interface org.springframework.security.crypto.keygen.StringKeyGenerator
generateNewContext() - Method in class org.springframework.security.web.context.HttpSessionSecurityContextRepository: By default, calls SecurityContextHolder.createEmptyContext() to obtain a new context (there should be no context present in the holder when this method is called).
generateSeriesData() - Method in class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices
generateToken(HttpServletRequest) - Method in class org.springframework.security.web.csrf.CookieCsrfTokenRepository
generateToken(HttpServletRequest) - Method in interface org.springframework.security.web.csrf.CsrfTokenRepository: Generates a CsrfToken
generateToken(HttpServletRequest) - Method in class org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository
generateToken(HttpServletRequest) - Method in class org.springframework.security.web.csrf.LazyCsrfTokenRepository: Deprecated.

Generates a new token
generateToken(ServerWebExchange) - Method in class org.springframework.security.web.server.csrf.CookieServerCsrfTokenRepository
generateToken(ServerWebExchange) - Method in interface org.springframework.security.web.server.csrf.ServerCsrfTokenRepository: Generates a CsrfToken
generateToken(ServerWebExchange) - Method in class org.springframework.security.web.server.csrf.WebSessionServerCsrfTokenRepository
generateTokenData() - Method in class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices
gensalt() - Static method in class org.springframework.security.crypto.bcrypt.BCrypt: Generate a salt for use with the BCrypt.hashpw() method, selecting a reasonable default for the number of hashing rounds to apply
gensalt(int) - Static method in class org.springframework.security.crypto.bcrypt.BCrypt: Generate a salt for use with the BCrypt.hashpw() method
gensalt(int, SecureRandom) - Static method in class org.springframework.security.crypto.bcrypt.BCrypt: Generate a salt for use with the BCrypt.hashpw() method
gensalt(String) - Static method in class org.springframework.security.crypto.bcrypt.BCrypt
gensalt(String, int) - Static method in class org.springframework.security.crypto.bcrypt.BCrypt: Generate a salt for use with the BCrypt.hashpw() method
gensalt(String, int, SecureRandom) - Static method in class org.springframework.security.crypto.bcrypt.BCrypt: Generate a salt for use with the BCrypt.hashpw() method
get() - Method in interface org.springframework.security.web.csrf.DeferredCsrfToken: Gets the CsrfToken
get(String) - Static method in enum class org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter.ReferrerPolicy
getAccess() - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag
getAccessDecisionManager() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor: Deprecated.
getAccessDeniedException() - Method in class org.springframework.security.access.event.AuthorizationFailureEvent: Deprecated.
getAccessDeniedHandler() - Method in class org.springframework.security.web.server.authorization.ServerWebExchangeDelegatingServerAccessDeniedHandler.DelegateEntry
getAccessor() - Static method in class org.springframework.security.core.SpringSecurityMessageSource
getAccessToken() - Method in class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken: Returns the access token.
getAccessToken() - Method in class org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken: Returns the access token.
getAccessToken() - Method in class org.springframework.security.oauth2.client.endpoint.OAuth2RefreshTokenGrantRequest: Returns the access token credential granted.
getAccessToken() - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClient: Returns the access token credential granted.
getAccessToken() - Method in class org.springframework.security.oauth2.client.R2dbcReactiveOAuth2AuthorizedClientService.OAuth2AuthorizedClientHolder
getAccessToken() - Method in class org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest: Returns the access token.
getAccessToken() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse: Returns the Access Token.
getAccessTokenHash() - Method in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimAccessor: Returns the Access Token hash value (at_hash).
getAcl() - Method in class org.springframework.security.acls.domain.AccessControlEntryImpl
getAcl() - Method in interface org.springframework.security.acls.model.AccessControlEntry
getAdditionalParameters() - Method in class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken: Returns the additional parameters
getAdditionalParameters() - Method in class org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest: Returns the additional parameters that may be used in the request.
getAdditionalParameters() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse: Returns the additional parameters returned in the response.
getAdditionalParameters() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest: Returns the additional parameter(s) used in the request.
getAdditionalRoles(DirContextOperations, String) - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator: This method should be overridden if required to obtain any additional roles for the given user (on top of those obtained from the standard search implemented by this class).
getAddress() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor: Returns the user's preferred postal address (address).
getAdvice() - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityMetadataSourceAdvisor: Deprecated.
getAdvice() - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor
getAdvice() - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterReactiveMethodInterceptor
getAdvice() - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
getAdvice() - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeReactiveMethodInterceptor
getAdvice() - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationMethodInterceptor
getAdvice() - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationReactiveMethodInterceptor
getAdvice() - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationMethodInterceptor
getAdvice() - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationReactiveMethodInterceptor
getAfterInvocationManager() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor: Deprecated.
getAlgorithm() - Method in class org.springframework.security.oauth2.jwt.JwsHeader
getAllConfigAttributes() - Method in class org.springframework.security.access.annotation.Jsr250MethodSecurityMetadataSource: Deprecated.
getAllConfigAttributes() - Method in class org.springframework.security.access.annotation.SecuredAnnotationSecurityMetadataSource: Deprecated.
getAllConfigAttributes() - Method in class org.springframework.security.access.method.DelegatingMethodSecurityMetadataSource: Deprecated.
getAllConfigAttributes() - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource: Deprecated.

Obtains the configuration attributes explicitly defined against this bean.
getAllConfigAttributes() - Method in class org.springframework.security.access.prepost.PrePostAnnotationSecurityMetadataSource: Deprecated.
getAllConfigAttributes() - Method in interface org.springframework.security.access.SecurityMetadataSource: If available, returns all of the ConfigAttributes defined by the implementing class.
getAllConfigAttributes() - Method in class org.springframework.security.messaging.access.intercept.DefaultMessageSecurityMetadataSource: Deprecated.
getAllConfigAttributes() - Method in class org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource
getAllowFromValue(HttpServletRequest) - Method in class org.springframework.security.web.header.writers.frameoptions.AbstractRequestParameterAllowFromStrategy: Deprecated.
getAllowFromValue(HttpServletRequest) - Method in interface org.springframework.security.web.header.writers.frameoptions.AllowFromStrategy: Deprecated.

Gets the value for ALLOW-FROM excluding the ALLOW-FROM.
getAllowFromValue(HttpServletRequest) - Method in class org.springframework.security.web.header.writers.frameoptions.StaticAllowFromStrategy: Deprecated.
getAllowSessionCreation() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
getAllPrincipals() - Method in interface org.springframework.security.core.session.SessionRegistry: Obtains all the known principals in the SessionRegistry.
getAllPrincipals() - Method in class org.springframework.security.core.session.SessionRegistryImpl
getAllSessions(Object, boolean) - Method in interface org.springframework.security.core.session.SessionRegistry: Obtains all the known sessions for the specified principal.
getAllSessions(Object, boolean) - Method in class org.springframework.security.core.session.SessionRegistryImpl
getAppConfigurationEntry(String) - Method in class org.springframework.security.authentication.jaas.memory.InMemoryConfiguration
getApplicationContext() - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry: Gets the ApplicationContext
getApplicationEventPublisher() - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
getArguments() - Method in class org.springframework.security.access.intercept.aspectj.MethodInvocationAdapter: Deprecated.
getArguments() - Method in class org.springframework.security.util.SimpleMethodInvocation
getAssertingPartyDetails() - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration: Get the configuration details for the Asserting Party
getAssertion() - Method in class org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationProvider.AssertionToken
getAssertionConsumerServiceBinding() - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration: Get the AssertionConsumerService Binding.
getAssertionConsumerServiceLocation() - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration: Get the AssertionConsumerService Location.
getAttribute() - Method in interface org.springframework.security.access.ConfigAttribute: If the ConfigAttribute can be represented as a String and that String is sufficient in precision to be relied upon as a configuration parameter by a RunAsManager, AccessDecisionManager or AccessDecisionManager delegate, this method should return such a String.
getAttribute() - Method in class org.springframework.security.access.SecurityConfig
getAttribute(String) - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizationContext: Returns the value of an attribute associated to the context or null if not available.
getAttribute(String) - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizeRequest: Returns the value of an attribute associated to the request or null if not available.
getAttribute(String) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest: Returns the value of an attribute associated to the request.
getAttribute(String) - Method in interface org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal: Get the OAuth 2.0 token attribute by name
getAttribute(String) - Method in interface org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticatedPrincipal: Get the Saml2 token attribute by name
getAttributes() - Method in class org.springframework.security.access.intercept.InterceptorStatusToken: Deprecated.
getAttributes() - Method in class org.springframework.security.ldap.userdetails.LdapAuthority: Returns the LDAP attributes
getAttributes() - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizationContext: Returns the attributes associated to the context.
getAttributes() - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizeRequest: Returns the attributes associated to the request.
getAttributes() - Method in class org.springframework.security.oauth2.core.DefaultOAuth2AuthenticatedPrincipal: Gets the attributes of the OAuth 2.0 token in map form.
getAttributes() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest: Returns the attribute(s) associated to the request.
getAttributes() - Method in interface org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal: Get the OAuth 2.0 token attributes
getAttributes() - Method in class org.springframework.security.oauth2.core.user.DefaultOAuth2User
getAttributes() - Method in class org.springframework.security.oauth2.core.user.OAuth2UserAuthority: Returns the attributes about the user.
getAttributes() - Method in class org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionAuthenticatedPrincipal: Gets the attributes of the OAuth 2.0 Token Introspection in map form.
getAttributes() - Method in class org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal
getAttributes() - Method in interface org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticatedPrincipal: Get the Saml2 token attributes
getAttributes(Object) - Method in class org.springframework.security.access.method.AbstractMethodSecurityMetadataSource: Deprecated.
getAttributes(Object) - Method in interface org.springframework.security.access.SecurityMetadataSource: Accesses the ConfigAttributes that apply to a given secure object.
getAttributes(Object) - Method in class org.springframework.security.messaging.access.intercept.DefaultMessageSecurityMetadataSource: Deprecated.
getAttributes(Object) - Method in class org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource
getAttributes(Method, Class<?>) - Method in class org.springframework.security.access.method.AbstractFallbackMethodSecurityMetadataSource: Deprecated.
getAttributes(Method, Class<?>) - Method in class org.springframework.security.access.method.DelegatingMethodSecurityMetadataSource: Deprecated.
getAttributes(Method, Class<?>) - Method in interface org.springframework.security.access.method.MethodSecurityMetadataSource: Deprecated.
getAttributes(Method, Class<?>) - Method in class org.springframework.security.access.prepost.PrePostAnnotationSecurityMetadataSource: Deprecated.
getAttributes2grantedAuthoritiesMap() - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
getAttributeValues(String) - Method in class org.springframework.security.ldap.userdetails.LdapAuthority: Returns the values for a specific attribute
getAudience() - Method in interface org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimAccessor: Returns the intended audience (aud) for the token
getAudience() - Method in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimAccessor: Returns the Audience(s) (aud) that this ID Token is intended for.
getAudience() - Method in interface org.springframework.security.oauth2.jwt.JwtClaimAccessor: Returns the Audience (aud) claim which identifies the recipient(s) that the JWT is intended for.
getAuthenticatedAt() - Method in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimAccessor: Returns the time when the End-User authentication occurred (auth_time).
getAuthenticatedEnv(String, String) - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyAwareContextSource
getAuthentication() - Method in class org.springframework.security.access.event.AuthorizationFailureEvent: Deprecated.
getAuthentication() - Method in class org.springframework.security.access.event.AuthorizedEvent: Deprecated.
getAuthentication() - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations: Gets the Authentication used for evaluating the expressions
getAuthentication() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
getAuthentication() - Method in class org.springframework.security.authentication.event.AbstractAuthenticationEvent: Getters for the Authentication request that caused the event.
getAuthentication() - Method in class org.springframework.security.authentication.jaas.event.JaasAuthenticationEvent: Pre-casted method that returns the 'source' of the event.
getAuthentication() - Method in class org.springframework.security.authorization.AuthorizationObservationContext: Get the observed Authentication for this authorization
getAuthentication() - Method in class org.springframework.security.authorization.event.AuthorizationEvent: Get the principal requiring access
getAuthentication() - Method in interface org.springframework.security.core.context.SecurityContext: Obtains the currently authenticated principal, or an authentication request token.
getAuthentication() - Method in class org.springframework.security.core.context.SecurityContextImpl
getAuthentication() - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequestValidatorParameters: The current Authentication
getAuthentication() - Method in class org.springframework.security.saml2.provider.service.web.authentication.logout.OpenSaml4LogoutRequestResolver.LogoutRequestParameters
getAuthentication() - Method in class org.springframework.security.saml2.provider.service.web.authentication.logout.OpenSaml4LogoutResponseResolver.LogoutResponseParameters
getAuthenticationContextClass() - Method in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimAccessor: Returns the Authentication Context Class Reference (acr).
getAuthenticationConverter() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec.OpaqueTokenSpec
getAuthenticationConverter() - Method in class org.springframework.security.web.authentication.AuthenticationFilter
getAuthenticationDetailsSource() - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
getAuthenticationDetailsSource() - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
getAuthenticationDetailsSource() - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationConverter
getAuthenticationEntryPoint() - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer: Gets the Authentication Entry Point
getAuthenticationEntryPoint() - Method in class org.springframework.security.web.access.ExceptionTranslationFilter
getAuthenticationEntryPoint() - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
getAuthenticationEntryPoint() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
getAuthenticationEntryPointMatcher(B) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
getAuthenticationFilter() - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer: Gets the Authentication Filter
getAuthenticationManager() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor: Deprecated.
getAuthenticationManager() - Method in class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
getAuthenticationManager() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec.OpaqueTokenSpec
getAuthenticationManager() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
getAuthenticationManager() - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
getAuthenticationManagerClass() - Method in class org.springframework.security.authentication.AuthenticationObservationContext: Get the AuthenticationManager class that processed the authentication
getAuthenticationManagerResolver() - Method in class org.springframework.security.web.authentication.AuthenticationFilter
getAuthenticationMethod() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails.UserInfoEndpoint: Returns the authentication method for the user info endpoint.
getAuthenticationMethods() - Method in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimAccessor: Returns the Authentication Methods References (amr).
getAuthenticationRequest() - Method in class org.springframework.security.authentication.AuthenticationObservationContext: Get the Authentication request that was observed
getAuthenticationRequest() - Method in class org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken: Returns the authentication request sent to the assertion party or null if no authentication request is present
getAuthenticationRequestUri() - Method in class org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest: Returns the URI endpoint that this AuthNRequest should be sent to.
getAuthenticationResult() - Method in class org.springframework.security.authentication.AuthenticationObservationContext: Get the Authentication result that was observed
getAuthenticationTrustResolver() - Method in class org.springframework.security.web.access.ExceptionTranslationFilter
getAuthnRequest() - Method in class org.springframework.security.saml2.provider.service.web.authentication.OpenSaml4AuthenticationRequestResolver.AuthnRequestContext
getAuthorities() - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
getAuthorities() - Method in class org.springframework.security.authorization.AuthorityAuthorizationDecision
getAuthorities() - Method in interface org.springframework.security.core.Authentication: Set by an AuthenticationManager to indicate the authorities that the principal has been granted.
getAuthorities() - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
getAuthorities() - Method in class org.springframework.security.core.userdetails.User
getAuthorities() - Method in interface org.springframework.security.core.userdetails.UserDetails: Returns the authorities granted to the user.
getAuthorities() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
getAuthorities() - Method in class org.springframework.security.oauth2.core.DefaultOAuth2AuthenticatedPrincipal
getAuthorities() - Method in interface org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal: Get the Collection of GrantedAuthoritys associated with this OAuth 2.0 token
getAuthorities() - Method in class org.springframework.security.oauth2.core.user.DefaultOAuth2User
getAuthorities() - Method in class org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionAuthenticatedPrincipal: Get the Collection of GrantedAuthoritys associated with this OAuth 2.0 Token Introspection
getAuthorities() - Method in class org.springframework.security.web.authentication.AnonymousAuthenticationFilter
getAuthoritiesByUsernameQuery() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
getAuthoritiesMapper() - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer: Gets the GrantedAuthoritiesMapper and defaults to SimpleAuthorityMapper.
getAuthoritiesPopulator() - Method in class org.springframework.security.ldap.authentication.LdapAuthenticationProvider
getAuthority() - Method in class org.springframework.security.authentication.jaas.JaasGrantedAuthority
getAuthority() - Method in class org.springframework.security.core.authority.SimpleGrantedAuthority
getAuthority() - Method in interface org.springframework.security.core.GrantedAuthority: If the GrantedAuthority can be represented as a String and that String is sufficient in precision to be relied upon for an access control decision by an AccessDecisionManager (or delegate), this method should return such a String.
getAuthority() - Method in class org.springframework.security.ldap.userdetails.LdapAuthority
getAuthority() - Method in class org.springframework.security.oauth2.core.user.OAuth2UserAuthority
getAuthority() - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority
getAuthorizationCodeHash() - Method in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimAccessor: Returns the Authorization Code hash value (c_hash).
getAuthorizationDecision() - Method in class org.springframework.security.authorization.event.AuthorizationEvent: Get the response to the princpal's request
getAuthorizationExchange() - Method in class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken: Returns the authorization exchange.
getAuthorizationExchange() - Method in class org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken: Returns the authorization exchange.
getAuthorizationExchange() - Method in class org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest: Returns the authorization exchange.
getAuthorizationGrantRequest() - Method in class org.springframework.security.oauth2.client.endpoint.NimbusJwtClientAuthenticationParametersConverter.JwtClientAuthenticationContext: Returns the authorization grant request.
getAuthorizationGrantType() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration: Returns the authorization grant type used for the client.
getAuthorizationManager() - Method in class org.springframework.security.web.access.intercept.AuthorizationFilter: Gets the AuthorizationManager used by this filter
getAuthorizationRequest() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange: Returns the Authorization Request.
getAuthorizationRequestUri() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest: Returns the URI string representation of the OAuth 2.0 Authorization Request.
getAuthorizationResponse() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange: Returns the Authorization Response.
getAuthorizationUri() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails: Returns the uri for the authorization endpoint.
getAuthorizationUri() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest: Returns the uri for the authorization endpoint.
getAuthorizedClient() - Method in class org.springframework.security.oauth2.client.JdbcOAuth2AuthorizedClientService.OAuth2AuthorizedClientHolder: Returns the OAuth2AuthorizedClient.
getAuthorizedClient() - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizationContext: Returns the authorized client or null if the client registration was supplied.
getAuthorizedClient() - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizeRequest: Returns the authorized client or null if it was not provided.
getAuthorizedClientRegistrationId() - Method in class org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken: Returns the registration identifier of the Authorized Client.
getAuthorizedParty() - Method in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimAccessor: Returns the Authorized party (azp) to which the ID Token was issued.
getBeanClassName(Element) - Method in class org.springframework.security.config.authentication.AbstractUserDetailsServiceBeanDefinitionParser
getBeanClassName(Element) - Method in class org.springframework.security.config.authentication.JdbcUserServiceBeanDefinitionParser
getBeanClassName(Element) - Method in class org.springframework.security.config.authentication.UserServiceBeanDefinitionParser
getBeanClassName(Element) - Method in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
getBeanResolver() - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
getBinding() - Method in class org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest: Returns the binding this AuthNRequest will be sent and encoded with.
getBinding() - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest: Get the binding for the asserting party's SingleLogoutService
getBinding() - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponse: Get the binding for the asserting party's SingleLogoutService
getBinding() - Method in class org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest
getBinding() - Method in class org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest
getBirthdate() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor: Returns the user's birth date (birthdate).
getBuilder() - Method in class org.springframework.security.config.annotation.SecurityConfigurerAdapter: Gets the SecurityBuilder.
getBuilder(String) - Method in enum class org.springframework.security.config.oauth2.client.CommonOAuth2Provider: Create a new ClientRegistration.Builder pre-configured with provider defaults.
getBuilder(String, ClientAuthenticationMethod, String) - Method in enum class org.springframework.security.config.oauth2.client.CommonOAuth2Provider
getCarLicense() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
getCertificate() - Method in class org.springframework.security.saml2.core.Saml2X509Credential: Get the public certificate for this credential
getChain() - Method in class org.springframework.security.web.FilterInvocation
getChain() - Method in class org.springframework.security.web.server.WebFilterExchange: The filter chain
getChannelDecisionManager() - Method in class org.springframework.security.web.access.channel.ChannelProcessingFilter
getChannelProcessors() - Method in class org.springframework.security.web.access.channel.ChannelDecisionManagerImpl
getClaim(String) - Method in interface org.springframework.security.oauth2.core.ClaimAccessor: Returns the claim value as a T type.
getClaimAsBoolean(String) - Method in interface org.springframework.security.oauth2.core.ClaimAccessor: Returns the claim value as a Boolean or null if the claim does not exist.
getClaimAsInstant(String) - Method in interface org.springframework.security.oauth2.core.ClaimAccessor: Returns the claim value as an Instant or null if it does not exist.
getClaimAsMap(String) - Method in interface org.springframework.security.oauth2.core.ClaimAccessor: Returns the claim value as a Map<String, Object> or null if the claim does not exist.
getClaimAsString(String) - Method in interface org.springframework.security.oauth2.core.ClaimAccessor: Returns the claim value as a String or null if it does not exist or is equal to null.
getClaimAsStringList(String) - Method in interface org.springframework.security.oauth2.core.ClaimAccessor: Returns the claim value as a List<String> or null if the claim does not exist.
getClaimAsURL(String) - Method in interface org.springframework.security.oauth2.core.ClaimAccessor: Returns the claim value as an URL or null if it does not exist.
getClaims() - Method in class org.springframework.security.oauth2.client.endpoint.NimbusJwtClientAuthenticationParametersConverter.JwtClientAuthenticationContext: Returns the JwtClaimsSet.Builder to be used to customize claims of the JSON Web Token (JWS).
getClaims() - Method in interface org.springframework.security.oauth2.core.ClaimAccessor: Returns a set of claims that may be used for assertions.
getClaims() - Method in class org.springframework.security.oauth2.core.oidc.OidcIdToken
getClaims() - Method in class org.springframework.security.oauth2.core.oidc.OidcUserInfo
getClaims() - Method in class org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser
getClaims() - Method in interface org.springframework.security.oauth2.core.oidc.user.OidcUser: Returns the claims about the user.
getClaims() - Method in class org.springframework.security.oauth2.jwt.Jwt: Returns the JWT Claims Set.
getClaims() - Method in class org.springframework.security.oauth2.jwt.JwtClaimsSet
getClaims() - Method in class org.springframework.security.oauth2.jwt.JwtEncoderParameters: Returns the claims.
getClaims() - Method in class org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionAuthenticatedPrincipal
getClientAuthenticationMethod() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration: Returns the authentication method used when authenticating the client with the authorization server.
getClientId() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration: Returns the client identifier.
getClientId() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest: Returns the client identifier.
getClientId() - Method in interface org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimAccessor: Returns the client identifier (client_id) for the token
getClientName() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration: Returns the logical name of the client or registration.
getClientRegistration() - Method in class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken: Returns the client registration.
getClientRegistration() - Method in class org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken: Returns the client registration.
getClientRegistration() - Method in class org.springframework.security.oauth2.client.endpoint.AbstractOAuth2AuthorizationGrantRequest: Returns the client registration.
getClientRegistration() - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizationContext: Returns the client registration.
getClientRegistration() - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClient: Returns the authorized client's registration.
getClientRegistration() - Method in class org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest: Returns the client registration.
getClientRegistrationId() - Method in exception org.springframework.security.oauth2.client.ClientAuthorizationException: Returns the identifier for the client's registration.
getClientRegistrationId() - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizeRequest: Returns the identifier for the client registration.
getClientRegistrationId() - Method in class org.springframework.security.oauth2.client.R2dbcReactiveOAuth2AuthorizedClientService.OAuth2AuthorizedClientHolder
getClientSecret() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration: Returns the client secret.
getClock() - Method in class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
getCn() - Method in class org.springframework.security.ldap.userdetails.Person
getCode() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse: Returns the authorization code.
getComment() - Method in class org.springframework.security.web.savedrequest.SavedCookie
getConfigAttributes() - Method in class org.springframework.security.access.event.AuthenticationCredentialsNotFoundEvent: Deprecated.
getConfigAttributes() - Method in class org.springframework.security.access.event.AuthorizationFailureEvent: Deprecated.
getConfigAttributes() - Method in class org.springframework.security.access.event.AuthorizedEvent: Deprecated.
getConfiguration() - Method in class org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider
getConfigurationMetadata() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails: Returns a Map of the metadata describing the provider's configuration.
getConfigurer(Class<C>) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder: Gets the SecurityConfigurer by its class name or null if not found.
getConfigurer(Class<C>) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder: Gets the SecurityConfigurer by its class name or null if not found.
getConfigurers(Class<C>) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder: Gets all the SecurityConfigurer instances by its class name or an empty List if not found.
getContentType() - Method in class org.springframework.security.oauth2.jwt.JwsHeader: Returns the content type header that declares the media type of the secured content (the payload).
getContext() - Method in class org.springframework.security.core.context.ListeningSecurityContextHolderStrategy: Obtains the current context.
getContext() - Static method in class org.springframework.security.core.context.ReactiveSecurityContextHolder: Gets the Mono<SecurityContext> from Reactor Context
getContext() - Static method in class org.springframework.security.core.context.SecurityContextHolder: Obtain the current SecurityContext.
getContext() - Method in interface org.springframework.security.core.context.SecurityContextHolderStrategy: Obtains the current context.
getContext() - Static method in class org.springframework.security.test.context.TestSecurityContextHolder: Gets the SecurityContext from TestSecurityContextHolder.
getContext() - Method in class org.springframework.security.test.context.TestSecurityContextHolderStrategyAdapter
getContext(PageContext) - Method in class org.springframework.security.taglibs.authz.AccessControlListTag: Allows test cases to override where application context obtained from.
getContext(String, String) - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyAwareContextSource
getContextHolderStrategy() - Static method in class org.springframework.security.core.context.SecurityContextHolder: Allows retrieval of the context strategy.
getContextPath() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
getContextSource() - Method in class org.springframework.security.config.ldap.AbstractLdapAuthenticationManagerFactory: Gets the BaseLdapPathContextSource used to perform LDAP authentication.
getContextSource() - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticator
getContextSource() - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
getContextualName(AuthenticationObservationContext) - Method in class org.springframework.security.authentication.AuthenticationObservationConvention
getContextualName(AuthorizationObservationContext<?>) - Method in class org.springframework.security.authorization.AuthorizationObservationConvention
getControlInstance(Control) - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyControlFactory: Creates an instance of PasswordPolicyResponseControl if the passed control is a response control of this type.
getCookie() - Method in class org.springframework.security.web.savedrequest.SavedCookie
getCookieName() - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
getCookiePath() - Method in class org.springframework.security.web.csrf.CookieCsrfTokenRepository: Get the path that the CSRF cookie will be set to.
getCookies() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
getCookies() - Method in interface org.springframework.security.web.savedrequest.SavedRequest
getCookies() - Method in class org.springframework.security.web.savedrequest.SimpleSavedRequest
getCountry() - Method in interface org.springframework.security.oauth2.core.oidc.AddressStandardClaim: Returns the country.
getCountry() - Method in class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim
getCredentials() - Method in class org.springframework.security.access.intercept.RunAsUserToken: Deprecated.
getCredentials() - Method in class org.springframework.security.authentication.AnonymousAuthenticationToken: Always returns an empty String
getCredentials() - Method in class org.springframework.security.authentication.RememberMeAuthenticationToken: Always returns an empty String
getCredentials() - Method in class org.springframework.security.authentication.TestingAuthenticationToken
getCredentials() - Method in class org.springframework.security.authentication.UsernamePasswordAuthenticationToken
getCredentials() - Method in interface org.springframework.security.core.Authentication: The credentials that prove the principal is correct.
getCredentials() - Method in class org.springframework.security.ldap.authentication.SpringSecurityAuthenticationSource
getCredentials() - Method in class org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken
getCredentials() - Method in class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken
getCredentials() - Method in class org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken
getCredentials() - Method in class org.springframework.security.oauth2.server.resource.authentication.AbstractOAuth2TokenAuthenticationToken
getCredentials() - Method in class org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthenticationToken
getCredentials() - Method in class org.springframework.security.saml2.provider.service.authentication.Saml2Authentication
getCredentials() - Method in class org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken: Returns the decoded and inflated SAML 2.0 Response XML object as a string
getCredentials() - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken: Get the credentials
getCredentialsCharset() - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationConverter
getCredentialsCharset(HttpServletRequest) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationConverter
getCredentialsCharset(HttpServletRequest) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
getCredentialsNotFoundException() - Method in class org.springframework.security.access.event.AuthenticationCredentialsNotFoundEvent: Deprecated.
getCredentialTypes() - Method in class org.springframework.security.saml2.core.Saml2X509Credential: List all this credential's intended usages
getCritical() - Method in class org.springframework.security.oauth2.jwt.JwsHeader: Returns the critical headers that indicates which extensions to the JWS/JWE/JWA specifications are being used that MUST be understood and processed.
getCsrfTokenRepository(HttpServletRequest) - Static method in class org.springframework.security.test.web.support.WebTestUtils: Gets the CsrfTokenRepository for the specified HttpServletRequest.
getCsrfTokenRequestHandler(HttpServletRequest) - Static method in class org.springframework.security.test.web.support.WebTestUtils: Gets the CsrfTokenRequestHandler for the specified HttpServletRequest.
getCurrentDate() - Static method in class org.springframework.security.web.savedrequest.FastHttpDateFormat: Gets the current date in HTTP format.
getDatabasePopulator() - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
getDataCode() - Method in exception org.springframework.security.ldap.authentication.ad.ActiveDirectoryAuthenticationException
getDataMimeType() - Method in interface org.springframework.security.rsocket.api.PayloadExchange
getDataMimeType() - Method in class org.springframework.security.rsocket.core.DefaultPayloadExchange
getDate() - Method in class org.springframework.security.web.authentication.rememberme.PersistentRememberMeToken
getDecision() - Method in class org.springframework.security.authorization.AuthorizationObservationContext: Get the observed AuthorizationDecision
getDecisionVoters() - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager: Deprecated.
getDecodedUrlBlacklist() - Method in class org.springframework.security.web.firewall.StrictHttpFirewall: Provides the existing decoded url blocklist which can add/remove entries from
getDecodedUrlBlocklist() - Method in class org.springframework.security.web.firewall.StrictHttpFirewall: Provides the existing decoded url blocklist which can add/remove entries from
getDecryptionX509Credentials() - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration: Get the Collection of decryption Saml2X509Credentials associated with this relying party
getDefaultMessage() - Method in enum class org.springframework.security.ldap.ppolicy.PasswordPolicyErrorStatus
getDefaultRolePrefix() - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
getDefaultTargetUrl() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler: Supplies the default target Url that will be used if no saved request is found or the alwaysUseDefaultTargetUrl property is set to true.
getDefaultUserDetailsService() - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder: Gets the default UserDetailsService for the AuthenticationManagerBuilder.
getDeferredContext() - Method in class org.springframework.security.core.context.ListeningSecurityContextHolderStrategy: Obtains a Supplier that returns the current context.
getDeferredContext() - Static method in class org.springframework.security.core.context.SecurityContextHolder: Obtains a Supplier that returns the current context.
getDeferredContext() - Method in interface org.springframework.security.core.context.SecurityContextHolderStrategy: Obtains a Supplier that returns the current context.
getDelegateExecutor() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutor
getDepartmentNumber() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
getDescription() - Method in class org.springframework.security.ldap.userdetails.Person
getDescription() - Method in class org.springframework.security.oauth2.core.OAuth2Error: Returns the error description.
getDescription() - Method in class org.springframework.security.saml2.core.Saml2Error: Returns the error description.
getDescription() - Method in class org.springframework.security.util.InMemoryResource
getDestinationIndicator() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
getDetails() - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
getDetails() - Method in interface org.springframework.security.core.Authentication: Stores additional details about the authentication request.
getDigestAlgorithm() - Method in enum class org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices.RememberMeTokenAlgorithm
getDispatcherWebApplicationContextSuffix() - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer: Return the <servlet-name> to use the DispatcherServlet's WebApplicationContext to find the DelegatingFilterProxy or null to use the parent ApplicationContext.
getDisplayName() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
getDn() - Method in class org.springframework.security.ldap.userdetails.LdapAuthority: Returns the DN for this LDAP authority
getDn() - Method in interface org.springframework.security.ldap.userdetails.LdapUserDetails: The DN of the entry for this user's account.
getDn() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
getDomain() - Method in class org.springframework.security.web.savedrequest.SavedCookie
getDomainObject() - Method in class org.springframework.security.taglibs.authz.AccessControlListTag
getDomainObjectInstance(MethodInvocation) - Method in class org.springframework.security.access.vote.AbstractAclVoter: Deprecated.
getEmail() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor: Returns the user's preferred e-mail address (email).
getEmailVerified() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor: Returns true if the user's e-mail address has been verified (email_verified), otherwise false.
getEmployeeNumber() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
getEnableAuthorities() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
getEnableGroups() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
getEncodedUrlBlacklist() - Method in class org.springframework.security.web.firewall.StrictHttpFirewall: Deprecated.
Use StrictHttpFirewall.getEncodedUrlBlocklist() instead
getEncodedUrlBlocklist() - Method in class org.springframework.security.web.firewall.StrictHttpFirewall: Provides the existing encoded url blocklist which can add/remove entries from
getEncodedValue() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyControl: Retrieves the ASN.1 BER encoded value of the LDAP control.
getEncodedValue() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyResponseControl: Returns the unchanged value of the response control.
getEncryptionX509Credentials() - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails: Get all encryption Saml2X509Credentials associated with this asserting party
getEntityDescriptor() - Method in class org.springframework.security.saml2.provider.service.metadata.OpenSamlMetadataResolver.EntityDescriptorParameters
getEntityDescriptor() - Method in class org.springframework.security.saml2.provider.service.registration.OpenSamlAssertingPartyDetails: Get the EntityDescriptor that underlies this RelyingPartyRegistration.AssertingPartyDetails
getEntityId() - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails: Get the asserting party's EntityID.
getEntityId() - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration: Get the relying party's EntityID.
getEntries() - Method in class org.springframework.security.acls.domain.AclImpl
getEntries() - Method in interface org.springframework.security.acls.model.Acl: Returns all of the entries represented by the present Acl.
getEntry() - Method in class org.springframework.security.rsocket.util.matcher.PayloadExchangeMatcherEntry
getEntry() - Method in class org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcherEntry
getEntry() - Method in class org.springframework.security.web.util.matcher.RequestMatcherEntry
getEntryPoint() - Method in class org.springframework.security.web.access.channel.InsecureChannelProcessor
getEntryPoint() - Method in class org.springframework.security.web.access.channel.SecureChannelProcessor
getEntryPoint() - Method in class org.springframework.security.web.server.DelegatingServerAuthenticationEntryPoint.DelegateEntry
getError() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse: Returns the OAuth 2.0 Error if the Authorization Request failed, otherwise null.
getError() - Method in exception org.springframework.security.oauth2.core.OAuth2AuthenticationException: Returns the OAuth 2.0 Error.
getError() - Method in exception org.springframework.security.oauth2.core.OAuth2AuthorizationException: Returns the OAuth 2.0 Error.
getErrorCode() - Method in enum class org.springframework.security.ldap.ppolicy.PasswordPolicyErrorStatus
getErrorCode() - Method in class org.springframework.security.oauth2.core.OAuth2Error: Returns the error code.
getErrorCode() - Method in class org.springframework.security.saml2.core.Saml2Error: Returns the error code.
getErrors() - Method in class org.springframework.security.oauth2.core.OAuth2TokenValidatorResult: Return error details regarding the validation attempt
getErrors() - Method in exception org.springframework.security.oauth2.jwt.JwtValidationException: Return the list of OAuth2Errors associated with this exception
getErrors() - Method in class org.springframework.security.saml2.core.Saml2ResponseValidatorResult: Return error details regarding the validation attempt
getErrors() - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutValidatorResult: Return error details regarding the validation attempt
getErrorStatus() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyResponseControl
getException() - Method in class org.springframework.security.authentication.event.AbstractAuthenticationFailureEvent
getException() - Method in class org.springframework.security.authentication.jaas.event.JaasAuthenticationFailedEvent
getExchange() - Method in class org.springframework.security.rsocket.util.matcher.PayloadExchangeAuthorizationContext
getExchange() - Method in class org.springframework.security.web.server.authorization.AuthorizationContext
getExchange() - Method in class org.springframework.security.web.server.WebFilterExchange: Get the exchange
getExpiresAt() - Method in class org.springframework.security.oauth2.core.AbstractOAuth2Token: Returns the expiration time on or after which the token MUST NOT be accepted.
getExpiresAt() - Method in interface org.springframework.security.oauth2.core.OAuth2Token: Returns the expiration time on or after which the token MUST NOT be accepted.
getExpiresAt() - Method in interface org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimAccessor: Returns a timestamp (exp) indicating when the token expires
getExpiresAt() - Method in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimAccessor: Returns the Expiration time (exp) on or after which the ID Token MUST NOT be accepted.
getExpiresAt() - Method in interface org.springframework.security.oauth2.jwt.JwtClaimAccessor: Returns the Expiration time (exp) claim which identifies the expiration time on or after which the JWT MUST NOT be accepted for processing.
getExpression() - Method in class org.springframework.security.authorization.ExpressionAuthorizationDecision
getExpressionAttribute() - Method in class org.springframework.security.authorization.method.ExpressionAttributeAuthorizationDecision: Deprecated.
getExpressionHandler() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration: Deprecated.

Gets the MethodSecurityExpressionHandler or creates it using GlobalMethodSecurityConfiguration.expressionHandler.
getExpressionHandler() - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity: Gets the SecurityExpressionHandler to be used.
getExpressionParser() - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
getExpressionParser() - Method in interface org.springframework.security.access.expression.SecurityExpressionHandler
getExpressionParser() - Method in class org.springframework.security.messaging.access.expression.MessageAuthorizationContextSecurityExpressionHandler
getExtendedInformation() - Method in class org.springframework.security.core.token.DefaultToken
getExtendedInformation() - Method in interface org.springframework.security.core.token.Token: Obtains the extended information associated within the token, which was presented when the token was first created.
getExtensionId() - Method in class org.springframework.security.data.repository.query.SecurityEvaluationContextExtension
getExtraHiddenFields(HttpServletRequest) - Method in class org.springframework.security.web.servlet.support.csrf.CsrfRequestDataValueProcessor
getExtraHiddenFields(ServerWebExchange) - Method in class org.springframework.security.web.reactive.result.view.CsrfRequestDataValueProcessor
getFailureHandler() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
getFailureHandler() - Method in class org.springframework.security.web.authentication.AuthenticationFilter
getFailureUrl() - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer: Gets the URL to send users to if authentication fails
getFamilyName() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor: Returns the user's surname(s) or last name(s) (family_name).
getField(Class<?>, String) - Static method in class org.springframework.security.util.FieldUtils: Attempts to locate the specified field on the class.
getFieldValue(Object, String) - Static method in class org.springframework.security.util.FieldUtils: Returns the value of a (nested) field on a bean.
getFilterChainProxy() - Method in class org.springframework.security.web.debug.DebugFilter
getFilterChains() - Method in class org.springframework.security.web.FilterChainProxy
getFilterObject() - Method in interface org.springframework.security.access.expression.method.MethodSecurityExpressionOperations
getFilters() - Method in class org.springframework.security.web.DefaultSecurityFilterChain
getFilters() - Method in interface org.springframework.security.web.SecurityFilterChain
getFilters(String) - Method in class org.springframework.security.web.FilterChainProxy: Convenience method, mainly for testing.
getFirewalledRequest(HttpServletRequest) - Method in class org.springframework.security.web.firewall.DefaultHttpFirewall
getFirewalledRequest(HttpServletRequest) - Method in interface org.springframework.security.web.firewall.HttpFirewall: Provides the request object which will be passed through the filter chain.
getFirewalledRequest(HttpServletRequest) - Method in class org.springframework.security.web.firewall.StrictHttpFirewall
getFirewalledResponse(HttpServletResponse) - Method in class org.springframework.security.web.firewall.DefaultHttpFirewall
getFirewalledResponse(HttpServletResponse) - Method in interface org.springframework.security.web.firewall.HttpFirewall: Provides the response which will be passed through the filter chain.
getFirewalledResponse(HttpServletResponse) - Method in class org.springframework.security.web.firewall.StrictHttpFirewall
getFirstAttribute(String) - Method in interface org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticatedPrincipal: Get the first value of Saml2 token attribute by name
getFirstAttributeValue(String) - Method in class org.springframework.security.ldap.userdetails.LdapAuthority: Returns the first attribute value for a specified attribute
getFirstThrowableOfType(Class<? extends Throwable>, Throwable[]) - Method in class org.springframework.security.web.util.ThrowableAnalyzer: Returns the first throwable from the passed in array that is assignable to the provided type.
getFormatted() - Method in interface org.springframework.security.oauth2.core.oidc.AddressStandardClaim: Returns the full mailing address, formatted for display.
getFormatted() - Method in class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim
getFromCache(Serializable) - Method in class org.springframework.security.acls.domain.SpringCacheBasedAclCache
getFromCache(Serializable) - Method in interface org.springframework.security.acls.model.AclCache
getFromCache(ObjectIdentity) - Method in class org.springframework.security.acls.domain.SpringCacheBasedAclCache
getFromCache(ObjectIdentity) - Method in interface org.springframework.security.acls.model.AclCache
getFullDn(DistinguishedName, Context) - Static method in class org.springframework.security.ldap.LdapUtils: Gets the full dn of a name by prepending the name of the context it is relative to.
getFullName() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor: Returns the user's full name (name) in displayable form.
getFullRequestUrl() - Method in class org.springframework.security.web.FilterInvocation: Indicates the URL that the user agent used for this request.
getGender() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor: Returns the user's gender (gender).
getGeneratedBy() - Method in class org.springframework.security.authentication.event.InteractiveAuthenticationSuccessEvent: Getter for the Class that generated this event.
getGivenName() - Method in class org.springframework.security.ldap.userdetails.Person
getGivenName() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor: Returns the user's given name(s) or first name(s) (given_name).
getGraceLoginsRemaining() - Method in interface org.springframework.security.ldap.ppolicy.PasswordPolicyData
getGraceLoginsRemaining() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyResponseControl: Returns the graceLoginsRemaining.
getGraceLoginsRemaining() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
getGrantedAuthorities() - Method in interface org.springframework.security.core.authority.GrantedAuthoritiesContainer
getGrantedAuthorities() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
getGrantedAuthorities() - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails
getGrantedAuthorities(Collection<String>) - Method in interface org.springframework.security.core.authority.mapping.Attributes2GrantedAuthoritiesMapper: Implementations of this method should map the given collection of attributes to a collection of Spring Security GrantedAuthorities.
getGrantedAuthorities(Collection<String>) - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper: Map the given array of attributes to Spring Security GrantedAuthorities.
getGrantedAuthorities(Collection<String>) - Method in class org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper: Map the given list of string attributes one-to-one to Spring Security GrantedAuthorities.
getGrantedAuthorities(DirContextOperations, String) - Method in class org.springframework.security.ldap.authentication.NullLdapAuthoritiesPopulator
getGrantedAuthorities(DirContextOperations, String) - Method in class org.springframework.security.ldap.authentication.UserDetailsServiceLdapAuthoritiesPopulator
getGrantedAuthorities(DirContextOperations, String) - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator: Obtains the authorities for the user who's directory entry is represented by the supplied LdapUserDetails object.
getGrantedAuthorities(DirContextOperations, String) - Method in interface org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator: Get the list of authorities for the user.
getGrantedAuthority() - Method in class org.springframework.security.acls.domain.GrantedAuthoritySid
getGrantType() - Method in class org.springframework.security.oauth2.client.endpoint.AbstractOAuth2AuthorizationGrantRequest: Returns the authorization grant type.
getGrantType() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest: Returns the grant type.
getGroupMembershipRoles(String, String) - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
getGroupMembershipRoles(String, String) - Method in class org.springframework.security.ldap.userdetails.NestedLdapAuthoritiesPopulator
getGroupRoleAttribute() - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator: Returns the attribute name of the LDAP attribute that will be mapped to the role name Method available so that classes extending this can override
getGroupSearchBase() - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
getGroupSearchFilter() - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator: Returns the search filter configured for this populator Method available so that classes extending this can override
getHasPermission() - Method in class org.springframework.security.taglibs.authz.AccessControlListTag
getHeader(String) - Method in class org.springframework.security.oauth2.jwt.JwsHeader: Returns the header value.
getHeaderName() - Method in interface org.springframework.security.web.csrf.CsrfToken: Gets the HTTP header that the CSRF is populated on the response and can be placed on requests instead of the parameter.
getHeaderName() - Method in class org.springframework.security.web.csrf.DefaultCsrfToken
getHeaderName() - Method in interface org.springframework.security.web.server.csrf.CsrfToken: Gets the HTTP header that the CSRF is populated on the response and can be placed on requests instead of the parameter.
getHeaderName() - Method in class org.springframework.security.web.server.csrf.DefaultCsrfToken
getHeaderNames() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
getHeaderNames() - Method in interface org.springframework.security.web.savedrequest.SavedRequest
getHeaderNames() - Method in class org.springframework.security.web.savedrequest.SimpleSavedRequest
getHeaders() - Method in class org.springframework.security.oauth2.client.endpoint.NimbusJwtClientAuthenticationParametersConverter.JwtClientAuthenticationContext: Returns the JwsHeader.Builder to be used to customize headers of the JSON Web Token (JWS).
getHeaders() - Method in class org.springframework.security.oauth2.jwt.JwsHeader.Builder
getHeaders() - Method in class org.springframework.security.oauth2.jwt.JwsHeader: Returns the headers.
getHeaders() - Method in class org.springframework.security.oauth2.jwt.Jwt: Returns the JOSE header(s).
getHeaderValue() - Method in enum class org.springframework.security.web.header.writers.ClearSiteDataHeaderWriter.Directive
getHeaderValue() - Method in enum class org.springframework.security.web.server.header.ClearSiteDataServerHttpHeadersWriter.Directive
getHeaderValues(String) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
getHeaderValues(String) - Method in interface org.springframework.security.web.savedrequest.SavedRequest
getHeaderValues(String) - Method in class org.springframework.security.web.savedrequest.SimpleSavedRequest
getHighCardinalityKeyValues(AuthorizationObservationContext<?>) - Method in class org.springframework.security.authorization.AuthorizationObservationConvention
getHomePhone() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
getHomePostalAddress() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
getHttpRequest() - Method in class org.springframework.security.web.FilterInvocation
getHttpResponse() - Method in class org.springframework.security.web.FilterInvocation
getHttpStatus() - Method in class org.springframework.security.oauth2.server.resource.BearerTokenError: Return the HTTP status.
getId() - Method in class org.springframework.security.acls.domain.AccessControlEntryImpl
getId() - Method in class org.springframework.security.acls.domain.AclImpl
getId() - Method in interface org.springframework.security.acls.model.AccessControlEntry: Obtains an identifier that represents this ACE.
getId() - Method in interface org.springframework.security.acls.model.MutableAcl: Obtains an identifier that represents this MutableAcl.
getId() - Method in class org.springframework.security.core.session.SessionDestroyedEvent
getId() - Method in interface org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimAccessor: Returns the identifier (jti) for the token
getId() - Method in interface org.springframework.security.oauth2.jwt.JwtClaimAccessor: Returns the JWT ID (jti) claim which provides a unique identifier for the JWT.
getId() - Method in class org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest: The unique identifier for this Authentication Request
getId() - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest: The unique identifier for this Logout Request
getId() - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
getId() - Method in class org.springframework.security.web.session.HttpSessionDestroyedEvent
getID() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyControl: Returns the OID of the Password Policy Control ("1.3.6.1.4.1.42.2.27.8.5.1").
getIdentifier() - Method in class org.springframework.security.acls.domain.ObjectIdentityImpl
getIdentifier() - Method in interface org.springframework.security.acls.model.ObjectIdentity: Obtains the actual identifier.
getIdToken() - Method in class org.springframework.security.oauth2.client.oidc.userinfo.OidcUserRequest: Returns the ID Token containing claims about the user.
getIdToken() - Method in class org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser
getIdToken() - Method in interface org.springframework.security.oauth2.core.oidc.user.OidcUser: Returns the ID Token containing claims about the user.
getIdToken() - Method in class org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority: Returns the ID Token containing claims about the user.
getInitializeCount() - Static method in class org.springframework.security.core.context.SecurityContextHolder: Primarily for troubleshooting purposes, this method shows how many times the class has re-initialized its SecurityContextHolderStrategy.
getInitials() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
getInputStream() - Method in class org.springframework.security.util.InMemoryResource
getInsecureKeyword() - Method in class org.springframework.security.web.access.channel.InsecureChannelProcessor
getInstance() - Static method in class org.springframework.security.crypto.password.NoOpPasswordEncoder: Deprecated.

Get the singleton NoOpPasswordEncoder.
getInstance() - Static method in class org.springframework.security.web.server.context.NoOpServerSecurityContextRepository
getInstance() - Static method in class org.springframework.security.web.server.savedrequest.NoOpServerRequestCache
getInternalMethod() - Method in class org.springframework.security.acls.AclEntryVoter: Optionally specifies a method of the domain object that will be used to obtain a contained domain object.
getIntrospector() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec.OpaqueTokenSpec
getIssuedAt() - Method in class org.springframework.security.oauth2.core.AbstractOAuth2Token: Returns the time at which the token was issued.
getIssuedAt() - Method in interface org.springframework.security.oauth2.core.OAuth2Token: Returns the time at which the token was issued.
getIssuedAt() - Method in interface org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimAccessor: Returns a timestamp (iat) indicating when the token was issued
getIssuedAt() - Method in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimAccessor: Returns the time at which the ID Token was issued (iat).
getIssuedAt() - Method in interface org.springframework.security.oauth2.jwt.JwtClaimAccessor: Returns the Issued at (iat) claim which identifies the time at which the JWT was issued.
getIssuer() - Method in interface org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimAccessor: Returns the issuer (iss) of the token
getIssuer() - Method in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimAccessor: Returns the Issuer identifier (iss).
getIssuer() - Method in interface org.springframework.security.oauth2.jwt.JwtClaimAccessor: Returns the Issuer (iss) claim which identifies the principal that issued the JWT.
getIssuerUri() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails: Returns the issuer identifier uri for the OpenID Connect 1.0 provider or the OAuth 2.0 Authorization Server.
getJwk() - Method in class org.springframework.security.oauth2.jwt.JwsHeader: Returns the JSON Web Key which is the public key that corresponds to the key used to digitally sign the JWS or encrypt the JWE.
getJwkSetUri() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails: Returns the uri for the JSON Web Key (JWK) Set endpoint.
getJwkSetUrl() - Method in class org.springframework.security.oauth2.jwt.JwsHeader: Returns the JWK Set URL that refers to the resource of a set of JSON-encoded public keys, one of which corresponds to the key used to digitally sign the JWS or encrypt the JWE.
getJwsHeader() - Method in class org.springframework.security.oauth2.jwt.JwtEncoderParameters: Returns the JWS headers.
getJwt() - Method in class org.springframework.security.oauth2.client.endpoint.JwtBearerGrantRequest: Returns the JWT assertion.
getJwtAuthenticationConverter() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpec
getJwtDecoder() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpec
getKey() - Method in class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider: Deprecated.
getKey() - Method in class org.springframework.security.access.intercept.RunAsManagerImpl: Deprecated.
getKey() - Method in class org.springframework.security.authentication.AnonymousAuthenticationProvider
getKey() - Method in class org.springframework.security.authentication.RememberMeAuthenticationProvider
getKey() - Method in class org.springframework.security.core.token.DefaultToken
getKey() - Method in interface org.springframework.security.core.token.Token: Obtains the randomised, secure key assigned to this token.
getKey() - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
getKey() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
getKeyCreationTime() - Method in class org.springframework.security.core.token.DefaultToken
getKeyCreationTime() - Method in interface org.springframework.security.core.token.Token: The time the token key was initially created is available from this method.
getKeyHash() - Method in class org.springframework.security.access.intercept.RunAsUserToken: Deprecated.
getKeyHash() - Method in class org.springframework.security.authentication.AnonymousAuthenticationToken
getKeyHash() - Method in class org.springframework.security.authentication.RememberMeAuthenticationToken
getKeyId() - Method in class org.springframework.security.oauth2.jwt.JwsHeader: Returns the key ID that is a hint indicating which key was used to secure the JWS or JWE.
getKeyLength() - Method in interface org.springframework.security.crypto.keygen.BytesKeyGenerator: Get the length, in bytes, of keys created by this generator.
getLastRequest() - Method in class org.springframework.security.core.session.SessionInformation
getLdapTemplate() - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator: Returns the current LDAP template.
getLocale() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor: Returns the user's locale (locale).
getLocales() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
getLocales() - Method in interface org.springframework.security.web.savedrequest.SavedRequest
getLocales() - Method in class org.springframework.security.web.savedrequest.SimpleSavedRequest
getLocality() - Method in interface org.springframework.security.oauth2.core.oidc.AddressStandardClaim: Returns the city or locality.
getLocality() - Method in class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim
getLocalPort() - Method in class org.springframework.security.ldap.server.ApacheDSContainer: Deprecated.

Returns the port that is resolved by TcpTransport.
getLocation() - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest: Get the location of the asserting party's SingleLogoutService
getLoginConfig() - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
getLoginContext() - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationToken
getLoginFormUrl() - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
getLoginPage() - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer: Gets the login page
getLoginPageUrl() - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
getLoginProcessingUrl() - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer: Gets the URL to submit an authentication request to (i.e.
getLogoutHandlers() - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer: Gets the LogoutHandler instances that will be used.
getLogoutRequest() - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequestValidatorParameters: The SAML 2.0 Logout Request sent by the asserting party
getLogoutRequest() - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponseValidatorParameters: The SAML 2.0 Logout Request sent by this application
getLogoutRequest() - Method in class org.springframework.security.saml2.provider.service.web.authentication.logout.OpenSaml4LogoutRequestResolver.LogoutRequestParameters
getLogoutResponse() - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponseValidatorParameters: The SAML 2.0 Logout Response received from the asserting party
getLogoutResponse() - Method in class org.springframework.security.saml2.provider.service.web.authentication.logout.OpenSaml4LogoutResponseResolver.LogoutResponseParameters
getLogoutSuccessHandler() - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer: Gets the LogoutSuccessHandler if not null, otherwise creates a new SimpleUrlLogoutSuccessHandler using the LogoutConfigurer.logoutSuccessUrl(String).
getLowCardinalityKeyValues(AuthenticationObservationContext) - Method in class org.springframework.security.authentication.AuthenticationObservationConvention
getLowCardinalityKeyValues(AuthorizationObservationContext<?>) - Method in class org.springframework.security.authorization.AuthorizationObservationConvention
getMail() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
getMappableAttributes() - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
getMappableAttributes() - Method in interface org.springframework.security.core.authority.mapping.MappableAttributesRetriever: Implementations of this method should return a set of all string attributes which can be mapped to GrantedAuthoritys.
getMappableAttributes() - Method in class org.springframework.security.core.authority.mapping.SimpleMappableAttributesRetriever
getMappableAttributes() - Method in class org.springframework.security.web.authentication.preauth.j2ee.WebXmlMappableAttributesRetriever
getMappedPort(Integer) - Method in class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
getMappedPort(Integer) - Method in class org.springframework.security.web.access.channel.RetryWithHttpEntryPoint
getMappedPort(Integer) - Method in class org.springframework.security.web.access.channel.RetryWithHttpsEntryPoint
getMask() - Method in class org.springframework.security.acls.domain.AbstractPermission
getMask() - Method in interface org.springframework.security.acls.model.Permission: Returns the bits that represents the permission.
getMatcher() - Method in class org.springframework.security.rsocket.util.matcher.PayloadExchangeMatcherEntry
getMatcher() - Method in class org.springframework.security.web.server.authorization.ServerWebExchangeDelegatingServerAccessDeniedHandler.DelegateEntry
getMatcher() - Method in class org.springframework.security.web.server.DelegatingServerAuthenticationEntryPoint.DelegateEntry
getMatcher() - Method in class org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcherEntry
getMatchers() - Method in class org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer.AuthorizedUrl
getMatchers() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl: Deprecated.
getMatchers() - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.AuthorizedUrl: Deprecated.
getMatchingRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.CookieRequestCache
getMatchingRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.HttpSessionRequestCache
getMatchingRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.NullRequestCache
getMatchingRequest(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.savedrequest.RequestCache: Returns a wrapper around the saved request, if it matches the current request.
getMaxAge() - Method in class org.springframework.security.web.savedrequest.SavedCookie
getMaximumSessionsForThisUser(Authentication) - Method in class org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy: Method intended for use by subclasses to override the maximum number of sessions that are permitted for a particular authentication.
getMessage() - Method in class org.springframework.security.messaging.access.intercept.MessageAuthorizationContext: Returns the HttpServletRequest.
getMessageMatchers() - Method in class org.springframework.security.messaging.util.matcher.AbstractMessageMatcherComposite
getMessages() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
getMessageTypeMatcher() - Method in class org.springframework.security.messaging.util.matcher.SimpDestinationMessageMatcher
getMetadataMimeType() - Method in interface org.springframework.security.rsocket.api.PayloadExchange
getMetadataMimeType() - Method in class org.springframework.security.rsocket.core.DefaultPayloadExchange
getMethod() - Method in class org.springframework.security.access.intercept.aspectj.MethodInvocationAdapter: Deprecated.
getMethod() - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag
getMethod() - Method in class org.springframework.security.util.SimpleMethodInvocation
getMethod() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
getMethod() - Method in interface org.springframework.security.web.savedrequest.SavedRequest
getMethod() - Method in class org.springframework.security.web.savedrequest.SimpleSavedRequest
getMethodInvocation() - Method in class org.springframework.security.authorization.method.MethodInvocationResult: Return the already-invoked MethodInvocation
getMethodMapSize() - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource: Deprecated.
getMethodSecurityMetadataSources() - Method in class org.springframework.security.access.method.DelegatingMethodSecurityMetadataSource: Deprecated.
getMiddleName() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor: Returns the user's middle name(s) (middle_name).
getMobile() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
getModules(ClassLoader) - Static method in class org.springframework.security.jackson2.SecurityJackson2Modules
getName() - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
getName() - Method in class org.springframework.security.authentication.AuthenticationObservationConvention
getName() - Method in class org.springframework.security.authorization.AuthorizationObservationConvention
getName() - Method in interface org.springframework.security.core.AuthenticatedPrincipal: Returns the name of the authenticated Principal.
getName() - Method in class org.springframework.security.oauth2.core.DefaultOAuth2AuthenticatedPrincipal
getName() - Method in class org.springframework.security.oauth2.core.user.DefaultOAuth2User
getName() - Method in interface org.springframework.security.oauth2.jose.JwaAlgorithm: Returns the algorithm name.
getName() - Method in enum class org.springframework.security.oauth2.jose.jws.MacAlgorithm: Returns the algorithm name.
getName() - Method in enum class org.springframework.security.oauth2.jose.jws.SignatureAlgorithm: Returns the algorithm name.
getName() - Method in class org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken: The principal name which is, by default, the Jwt's subject
getName() - Method in class org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionAuthenticatedPrincipal
getName() - Method in class org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal
getName() - Method in class org.springframework.security.web.header.Header: Gets the name of the header.
getName() - Method in class org.springframework.security.web.savedrequest.SavedCookie
getNameIdFormat() - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration: Get the NameID format.
getNewContext() - Method in class org.springframework.security.core.context.SecurityContextChangedEvent: Get the SecurityContext set on the SecurityContextHolder as of this event
getNewSessionId() - Method in class org.springframework.security.core.session.SessionIdChangedEvent: Returns the new session ID.
getNewSessionId() - Method in class org.springframework.security.web.authentication.session.SessionFixationProtectionEvent: Getter for the session ID after it was changed.
getNewSessionId() - Method in class org.springframework.security.web.session.HttpSessionIdChangedEvent
getNickName() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor: Returns the user's nick name (nickname) that may or may not be the same as the (given_name).
getNonce() - Method in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimAccessor: Returns a String value (nonce) used to associate a Client session with an ID Token, and to mitigate replay attacks.
getNonceValiditySeconds() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
getNotBefore() - Method in interface org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimAccessor: Returns a timestamp (nbf) indicating when the token is not to be used before
getNotBefore() - Method in interface org.springframework.security.oauth2.jwt.JwtClaimAccessor: Returns the Not Before (nbf) claim which identifies the time before which the JWT MUST NOT be accepted for processing.
getO() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
getObject() - Method in class org.springframework.security.authorization.AuthorizationObservationContext: Get the object for which access was requested
getObject() - Method in class org.springframework.security.authorization.event.AuthorizationDeniedEvent: Get the object to which access was requested
getObject() - Method in class org.springframework.security.authorization.event.AuthorizationEvent: Get the object to which access was requested
getObject() - Method in class org.springframework.security.authorization.event.AuthorizationGrantedEvent: Get the object to which access was requested
getObject() - Method in class org.springframework.security.config.annotation.AbstractSecurityBuilder: Gets the object that was built.
getObject() - Method in class org.springframework.security.config.authentication.AuthenticationManagerFactoryBean
getObject() - Method in class org.springframework.security.config.core.userdetails.ReactiveUserDetailsServiceResourceFactoryBean
getObject() - Method in class org.springframework.security.config.core.userdetails.UserDetailsMapFactoryBean
getObject() - Method in class org.springframework.security.config.core.userdetails.UserDetailsResourceFactoryBean
getObject() - Method in class org.springframework.security.config.http.HttpSecurityBeanDefinitionParser.ChildAuthenticationManagerFactoryBean
getObject() - Method in class org.springframework.security.config.http.HttpSecurityBeanDefinitionParser.FilterChainDecoratorFactory
getObject() - Method in class org.springframework.security.config.ldap.EmbeddedLdapServerContextSourceFactoryBean
getObject() - Method in class org.springframework.security.config.method.MethodSecurityBeanDefinitionParser.Jsr250AuthorizationMethodInterceptor
getObject() - Method in class org.springframework.security.config.method.MethodSecurityBeanDefinitionParser.MethodSecurityExpressionHandlerBean
getObject() - Method in class org.springframework.security.config.method.MethodSecurityBeanDefinitionParser.PostAuthorizeAuthorizationMethodInterceptor
getObject() - Method in class org.springframework.security.config.method.MethodSecurityBeanDefinitionParser.PreAuthorizeAuthorizationMethodInterceptor
getObject() - Method in class org.springframework.security.config.method.MethodSecurityBeanDefinitionParser.SecuredAuthorizationMethodInterceptor
getObject() - Method in class org.springframework.security.config.provisioning.UserDetailsManagerResourceFactoryBean
getObject() - Method in class org.springframework.security.core.token.SecureRandomFactoryBean
getObjectIdentity() - Method in class org.springframework.security.acls.domain.AclImpl
getObjectIdentity() - Method in interface org.springframework.security.acls.model.Acl: Obtains the domain object this Acl provides entries for.
getObjectIdentity(Object) - Method in class org.springframework.security.acls.domain.ObjectIdentityRetrievalStrategyImpl
getObjectIdentity(Object) - Method in interface org.springframework.security.acls.model.ObjectIdentityRetrievalStrategy
getObjectType() - Method in class org.springframework.security.config.authentication.AuthenticationManagerFactoryBean
getObjectType() - Method in class org.springframework.security.config.core.userdetails.ReactiveUserDetailsServiceResourceFactoryBean
getObjectType() - Method in class org.springframework.security.config.core.userdetails.UserDetailsMapFactoryBean
getObjectType() - Method in class org.springframework.security.config.core.userdetails.UserDetailsResourceFactoryBean
getObjectType() - Method in class org.springframework.security.config.http.HttpSecurityBeanDefinitionParser.ChildAuthenticationManagerFactoryBean
getObjectType() - Method in class org.springframework.security.config.http.HttpSecurityBeanDefinitionParser.FilterChainDecoratorFactory
getObjectType() - Method in class org.springframework.security.config.ldap.EmbeddedLdapServerContextSourceFactoryBean
getObjectType() - Method in class org.springframework.security.config.method.MethodSecurityBeanDefinitionParser.Jsr250AuthorizationMethodInterceptor
getObjectType() - Method in class org.springframework.security.config.method.MethodSecurityBeanDefinitionParser.MethodSecurityExpressionHandlerBean
getObjectType() - Method in class org.springframework.security.config.method.MethodSecurityBeanDefinitionParser.PostAuthorizeAuthorizationMethodInterceptor
getObjectType() - Method in class org.springframework.security.config.method.MethodSecurityBeanDefinitionParser.PreAuthorizeAuthorizationMethodInterceptor
getObjectType() - Method in class org.springframework.security.config.method.MethodSecurityBeanDefinitionParser.SecuredAuthorizationMethodInterceptor
getObjectType() - Method in class org.springframework.security.config.provisioning.UserDetailsManagerResourceFactoryBean
getObjectType() - Method in class org.springframework.security.core.token.SecureRandomFactoryBean
getOldContext() - Method in class org.springframework.security.core.context.SecurityContextChangedEvent: Get the SecurityContext set on the SecurityContextHolder immediately previous to this event
getOldSessionId() - Method in class org.springframework.security.core.session.SessionIdChangedEvent: Returns the old session ID.
getOldSessionId() - Method in class org.springframework.security.web.authentication.session.SessionFixationProtectionEvent: Getter for the session ID before it was changed.
getOldSessionId() - Method in class org.springframework.security.web.session.HttpSessionIdChangedEvent
getOrBuild() - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder: Similar to AbstractSecurityBuilder.build() and AbstractSecurityBuilder.getObject() but checks the state to determine if AbstractSecurityBuilder.build() needs to be called first.
getOrder() - Method in enum class org.springframework.security.authorization.method.AuthorizationInterceptorsOrder
getOrder() - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor
getOrder() - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterReactiveMethodInterceptor
getOrder() - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
getOrder() - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeReactiveMethodInterceptor
getOrder() - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationMethodInterceptor
getOrder() - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationReactiveMethodInterceptor
getOrder() - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationMethodInterceptor
getOrder() - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationReactiveMethodInterceptor
getOrder() - Method in enum class org.springframework.security.config.annotation.rsocket.PayloadInterceptorOrder
getOrder() - Method in class org.springframework.security.config.ldap.ContextSourceSettingPostProcessor
getOrder() - Method in enum class org.springframework.security.config.web.server.SecurityWebFiltersOrder
getOrder() - Method in class org.springframework.security.rsocket.authentication.AnonymousPayloadInterceptor
getOrder() - Method in class org.springframework.security.rsocket.authentication.AuthenticationPayloadInterceptor
getOrder() - Method in class org.springframework.security.rsocket.authorization.AuthorizationPayloadInterceptor
getOrder() - Method in class org.springframework.security.test.context.support.ReactorContextTestExecutionListener: Returns 11000.
getOrder() - Method in class org.springframework.security.test.context.support.WithSecurityContextTestExecutionListener: Returns 10000.
getOrder() - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider
getOrder() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
getOriginalAuthentication() - Method in class org.springframework.security.access.intercept.RunAsUserToken: Deprecated.
getOu() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
getOutputStream() - Method in class org.springframework.security.web.util.OnCommittedResponseWrapper: Makes sure OnCommittedResponseWrapper.onResponseCommitted() is invoked before calling the calling getOutputStream().close() or getOutputStream().flush()
getOwner() - Method in class org.springframework.security.acls.domain.AclImpl
getOwner() - Method in interface org.springframework.security.acls.model.Acl: Determines the owner of the Acl.
getParameter() - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
getParameter(String) - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest: Get the name parameters, a short-hand for getParameters().get(name) Useful when specifying additional query parameters for the Logout Request
getParameter(String) - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponse: Get the name parameter, a short-hand for getParameters().get(name) Useful when specifying additional query parameters for the Logout Response
getParameterMap() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
getParameterMap() - Method in interface org.springframework.security.web.savedrequest.SavedRequest
getParameterMap() - Method in class org.springframework.security.web.savedrequest.SimpleSavedRequest
getParameterName() - Method in interface org.springframework.security.web.csrf.CsrfToken: Gets the HTTP parameter name that should contain the token.
getParameterName() - Method in class org.springframework.security.web.csrf.DefaultCsrfToken
getParameterName() - Method in interface org.springframework.security.web.server.csrf.CsrfToken: Gets the HTTP parameter name that should contain the token.
getParameterName() - Method in class org.springframework.security.web.server.csrf.DefaultCsrfToken
getParameterNameDiscoverer() - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
getParameterNames() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
getParameterNames(Constructor<?>) - Method in class org.springframework.security.core.parameters.AnnotationParameterNameDiscoverer
getParameterNames(Method) - Method in class org.springframework.security.core.parameters.AnnotationParameterNameDiscoverer
getParameters() - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest: Get all parameters Useful when specifying additional query parameters for the Logout Request
getParameters() - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponse: Get all parameters Useful when specifying additional query parameters for the Logout Response
getParameterSpec(byte[]) - Method in enum class org.springframework.security.crypto.encrypt.AesBytesEncryptor.CipherAlgorithm
getParametersQuery() - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest: Get an encoded query string of all parameters.
getParametersQuery() - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponse: Get an encoded query string of all parameters.
getParameterValues(String) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
getParameterValues(String) - Method in interface org.springframework.security.web.savedrequest.SavedRequest
getParameterValues(String) - Method in class org.springframework.security.web.savedrequest.SimpleSavedRequest
getParent() - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
getParentAcl() - Method in class org.springframework.security.acls.domain.AclImpl
getParentAcl() - Method in interface org.springframework.security.acls.model.Acl: A domain object may have a parent for the purpose of ACL inheritance.
getPassword() - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
getPassword() - Method in class org.springframework.security.core.userdetails.User
getPassword() - Method in interface org.springframework.security.core.userdetails.UserDetails: Returns the password used to authenticate the user.
getPassword() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
getPassword() - Method in class org.springframework.security.oauth2.client.endpoint.OAuth2PasswordGrantRequest: Deprecated.

Returns the resource owner's password.
getPassword() - Method in class org.springframework.security.rsocket.metadata.UsernamePasswordMetadata
getPasswordEncoder() - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
getPasswordEncoder() - Method in class org.springframework.security.config.authentication.PasswordEncoderParser
getPasswordParameter() - Method in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
getPath() - Method in class org.springframework.security.web.savedrequest.SavedCookie
getPathInfo() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
getPathPatternParser() - Method in class org.springframework.security.config.web.server.AbstractServerWebExchangeMatcherRegistry
getPathPatternParser() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.AuthorizeExchangeSpec
getPattern() - Method in class org.springframework.security.acls.domain.AbstractPermission
getPattern() - Method in class org.springframework.security.acls.domain.CumulativePermission
getPattern() - Method in interface org.springframework.security.acls.model.Permission: Returns a 32-character long bit pattern String representing this permission.
getPattern() - Method in class org.springframework.security.web.util.matcher.AntPathRequestMatcher
getPayload() - Method in interface org.springframework.security.rsocket.api.PayloadExchange
getPayload() - Method in class org.springframework.security.rsocket.core.DefaultPayloadExchange
getPermission() - Method in class org.springframework.security.acls.domain.AccessControlEntryImpl
getPermission() - Method in interface org.springframework.security.acls.model.AccessControlEntry
getPermissionEvaluator() - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
getPhoneNumber() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor: Returns the user's preferred phone number (phone_number).
getPhoneNumberVerified() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor: Returns true if the user's phone number has been verified (phone_number_verified), otherwise false.
getPicture() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor: Returns the URL of the user's profile picture (picture).
getPointcut() - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityMetadataSourceAdvisor: Deprecated.
getPointcut() - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor
getPointcut() - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterReactiveMethodInterceptor
getPointcut() - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
getPointcut() - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeReactiveMethodInterceptor
getPointcut() - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationMethodInterceptor
getPointcut() - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationReactiveMethodInterceptor
getPointcut() - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationMethodInterceptor
getPointcut() - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationReactiveMethodInterceptor
getPolicy() - Method in enum class org.springframework.security.web.header.writers.CrossOriginEmbedderPolicyHeaderWriter.CrossOriginEmbedderPolicy
getPolicy() - Method in enum class org.springframework.security.web.header.writers.CrossOriginOpenerPolicyHeaderWriter.CrossOriginOpenerPolicy
getPolicy() - Method in enum class org.springframework.security.web.header.writers.CrossOriginResourcePolicyHeaderWriter.CrossOriginResourcePolicy
getPolicy() - Method in enum class org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter.ReferrerPolicy
getPolicy() - Method in enum class org.springframework.security.web.server.header.CrossOriginEmbedderPolicyServerHttpHeadersWriter.CrossOriginEmbedderPolicy
getPolicy() - Method in enum class org.springframework.security.web.server.header.CrossOriginOpenerPolicyServerHttpHeadersWriter.CrossOriginOpenerPolicy
getPolicy() - Method in enum class org.springframework.security.web.server.header.CrossOriginResourcePolicyServerHttpHeadersWriter.CrossOriginResourcePolicy
getPolicy() - Method in enum class org.springframework.security.web.server.header.ReferrerPolicyServerHttpHeadersWriter.ReferrerPolicy
getPort() - Method in class org.springframework.security.ldap.server.ApacheDSContainer: Deprecated.
getPort() - Method in interface org.springframework.security.ldap.server.EmbeddedLdapServerContainer: Returns the embedded LDAP server port.
getPort() - Method in class org.springframework.security.ldap.server.UnboundIdContainer
getPortMapper() - Method in class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
getPortMapper() - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
getPortMapper() - Method in class org.springframework.security.web.PortResolverImpl
getPortResolver() - Method in class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
getPortResolver() - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
getPostalAddress() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
getPostalCode() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
getPostalCode() - Method in interface org.springframework.security.oauth2.core.oidc.AddressStandardClaim: Returns the zip code or postal code.
getPostalCode() - Method in class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim
getPostAuthenticationChecks() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
getPreAuthenticatedCredentials(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter: Override to extract the credentials (if applicable) from the current request.
getPreAuthenticatedCredentials(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.j2ee.J2eePreAuthenticatedProcessingFilter: For J2EE container-based authentication there is no generic way to retrieve the credentials, as such this method returns a fixed dummy value.
getPreAuthenticatedCredentials(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.RequestAttributeAuthenticationFilter: Credentials aren't usually applicable, but if a credentialsEnvironmentVariable is set, this will be read and used as the credentials value.
getPreAuthenticatedCredentials(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter: Credentials aren't usually applicable, but if a credentialsRequestHeader is set, this will be read and used as the credentials value.
getPreAuthenticatedCredentials(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.websphere.WebSpherePreAuthenticatedProcessingFilter: For J2EE container-based authentication there is no generic way to retrieve the credentials, as such this method returns a fixed dummy value.
getPreAuthenticatedCredentials(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.x509.X509AuthenticationFilter
getPreAuthenticatedPrincipal(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter: Override to extract the principal information from the current request
getPreAuthenticatedPrincipal(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.j2ee.J2eePreAuthenticatedProcessingFilter: Return the J2EE user name.
getPreAuthenticatedPrincipal(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.RequestAttributeAuthenticationFilter: Read and returns the variable named by principalEnvironmentVariable from the request.
getPreAuthenticatedPrincipal(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter: Read and returns the header named by principalRequestHeader from the request.
getPreAuthenticatedPrincipal(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.websphere.WebSpherePreAuthenticatedProcessingFilter: Return the WebSphere user name.
getPreAuthenticatedPrincipal(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.x509.X509AuthenticationFilter
getPreAuthenticationChecks() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
getPreferredUsername() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor: Returns the preferred username (preferred_username) that the user wishes to be referred to.
getPrincipal() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot: Convenience method to access Authentication.getPrincipal() from SecurityExpressionRoot.getAuthentication()
getPrincipal() - Method in class org.springframework.security.access.intercept.RunAsUserToken: Deprecated.
getPrincipal() - Method in class org.springframework.security.acls.domain.PrincipalSid
getPrincipal() - Method in class org.springframework.security.authentication.AnonymousAuthenticationToken
getPrincipal() - Method in class org.springframework.security.authentication.jaas.JaasGrantedAuthority
getPrincipal() - Method in class org.springframework.security.authentication.RememberMeAuthenticationToken
getPrincipal() - Method in class org.springframework.security.authentication.TestingAuthenticationToken
getPrincipal() - Method in class org.springframework.security.authentication.UsernamePasswordAuthenticationToken
getPrincipal() - Method in interface org.springframework.security.core.Authentication: The identity of the principal being authenticated.
getPrincipal() - Method in class org.springframework.security.core.session.SessionInformation
getPrincipal() - Method in class org.springframework.security.ldap.authentication.SpringSecurityAuthenticationSource: Get the principals of the logged in user, in this case the distinguished name.
getPrincipal() - Method in class org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken
getPrincipal() - Method in class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken
getPrincipal() - Method in class org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken
getPrincipal() - Method in class org.springframework.security.oauth2.client.JdbcOAuth2AuthorizedClientService.OAuth2AuthorizedClientHolder: Returns the End-User Authentication (Resource Owner).
getPrincipal() - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizationContext: Returns the Principal (to be) associated to the authorized client.
getPrincipal() - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizeRequest: Returns the Principal (to be) associated to the authorized client.
getPrincipal() - Method in class org.springframework.security.oauth2.server.resource.authentication.AbstractOAuth2TokenAuthenticationToken
getPrincipal() - Method in class org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthenticationToken
getPrincipal() - Method in class org.springframework.security.saml2.provider.service.authentication.Saml2Authentication
getPrincipal() - Method in class org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken: Always returns null.
getPrincipal() - Method in class org.springframework.security.web.authentication.AnonymousAuthenticationFilter
getPrincipal() - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken: Get the principal
getPrincipal() - Method in class org.springframework.security.web.server.context.SecurityContextServerWebExchange
getPrincipalName() - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClient: Returns the End-User's Principal name.
getPrincipalName() - Method in class org.springframework.security.oauth2.client.R2dbcReactiveOAuth2AuthorizedClientService.OAuth2AuthorizedClientHolder
getPrivateKey() - Method in class org.springframework.security.saml2.core.Saml2X509Credential: Get the private key for this credential
getPrivilegeEvaluator() - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity: Gets the WebInvocationPrivilegeEvaluator to be used.
getProcessConfigAttribute() - Method in class org.springframework.security.acls.AclEntryVoter
getProcessDomainObjectClass() - Method in class org.springframework.security.access.vote.AbstractAclVoter: Deprecated.
getProcessDomainObjectClass() - Method in class org.springframework.security.acls.afterinvocation.AbstractAclProvider
getProfile() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor: Returns the URL of the user's profile page (profile).
getProtectedFieldValue(String, Object) - Static method in class org.springframework.security.util.FieldUtils
getProviderDetails() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration: Returns the details of the provider.
getProviders() - Method in class org.springframework.security.access.intercept.AfterInvocationProviderManager: Deprecated.
getProviders() - Method in class org.springframework.security.authentication.ProviderManager
getQueryString() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
getReachableGrantedAuthorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.access.hierarchicalroles.NullRoleHierarchy
getReachableGrantedAuthorities(Collection<? extends GrantedAuthority>) - Method in interface org.springframework.security.access.hierarchicalroles.RoleHierarchy: Returns an array of all reachable authorities.
getReachableGrantedAuthorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl
getRealmName() - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint
getRealmName() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
getRedirectStrategy() - Method in class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
getRedirectStrategy() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
getRedirectStrategy() - Method in class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
getRedirectUri() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration: Returns the uri (or uri template) for the redirection endpoint.
getRedirectUri() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest: Returns the uri for the redirection endpoint.
getRedirectUri() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse: Returns the uri where the response was redirected to.
getRedirectUri(ServerWebExchange) - Method in class org.springframework.security.web.server.savedrequest.CookieServerRequestCache
getRedirectUri(ServerWebExchange) - Method in class org.springframework.security.web.server.savedrequest.NoOpServerRequestCache
getRedirectUri(ServerWebExchange) - Method in interface org.springframework.security.web.server.savedrequest.ServerRequestCache: Get the URI that can be redirected to trigger the saved request to be used
getRedirectUri(ServerWebExchange) - Method in class org.springframework.security.web.server.savedrequest.WebSessionServerRequestCache
getRedirectUrl() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest: Indicates the URL that the user agent used for this request.
getRedirectUrl() - Method in interface org.springframework.security.web.savedrequest.SavedRequest
getRedirectUrl() - Method in class org.springframework.security.web.savedrequest.SimpleSavedRequest
getRefreshToken() - Method in class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken: Returns the refresh token.
getRefreshToken() - Method in class org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken: Returns the refresh token.
getRefreshToken() - Method in class org.springframework.security.oauth2.client.endpoint.OAuth2RefreshTokenGrantRequest: Returns the refresh token credential granted.
getRefreshToken() - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClient: Returns the refresh token credential granted.
getRefreshToken() - Method in class org.springframework.security.oauth2.client.R2dbcReactiveOAuth2AuthorizedClientService.OAuth2AuthorizedClientHolder
getRefreshToken() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse: Returns the Refresh Token.
getRegion() - Method in interface org.springframework.security.oauth2.core.oidc.AddressStandardClaim: Returns the state, province, prefecture, or region.
getRegion() - Method in class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim
getRegistrationId() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration: Returns the identifier for the registration.
getRegistrationId() - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration: Get the unique registration id for this RP/AP pair
getRegistry() - Method in class org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer: The AuthorizeHttpRequestsConfigurer<H extends HttpSecurityBuilder<H>>.AuthorizationManagerRequestMatcherRegistry is what users will interact with after applying the AuthorizeHttpRequestsConfigurer.
getRegistry() - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer
getRegistry() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer: Deprecated.
getRegistry() - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer: Deprecated.

The StandardInterceptUrlRegistry is what users will interact with after applying the UrlAuthorizationConfigurer.
getRelativeName(String, Context) - Static method in class org.springframework.security.ldap.LdapUtils: Obtains the part of a DN relative to a supplied base context.
getRelayState() - Method in class org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest: Returns the RelayState value, if present in the parameters
getRelayState() - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest: The relay state associated with this Logout Request
getRelayState() - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponse: The relay state associated with this Logout Request
getRelyingPartyRegistration() - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequestValidatorParameters: The RelyingPartyRegistration representing this relying party
getRelyingPartyRegistration() - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponseValidatorParameters: The RelyingPartyRegistration representing this relying party
getRelyingPartyRegistration() - Method in class org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken: Get the resolved RelyingPartyRegistration associated with the request
getRelyingPartyRegistration() - Method in class org.springframework.security.saml2.provider.service.metadata.OpenSamlMetadataResolver.EntityDescriptorParameters
getRelyingPartyRegistration() - Method in class org.springframework.security.saml2.provider.service.web.authentication.logout.OpenSaml4LogoutRequestResolver.LogoutRequestParameters
getRelyingPartyRegistration() - Method in class org.springframework.security.saml2.provider.service.web.authentication.logout.OpenSaml4LogoutResponseResolver.LogoutResponseParameters
getRelyingPartyRegistration() - Method in class org.springframework.security.saml2.provider.service.web.authentication.OpenSaml4AuthenticationRequestResolver.AuthnRequestContext
getRelyingPartyRegistrationId() - Method in class org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest: The identifier for the RelyingPartyRegistration associated with this request
getRelyingPartyRegistrationId() - Method in class org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal
getRelyingPartyRegistrationId() - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest: The identifier for the RelyingPartyRegistration associated with this Logout Request
getRelyingPartyRegistrationId() - Method in interface org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticatedPrincipal: Get the RelyingPartyRegistration identifier
getRememberMeServices() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
getRememberMeServices() - Method in class org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter
getRemoteAddress() - Method in class org.springframework.security.web.authentication.WebAuthenticationDetails: Indicates the TCP/IP address the authentication request was received from.
getRemoteUser() - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestWrapper: Returns the principal's name, as obtained from the SecurityContextHolder.
getRequest() - Method in class org.springframework.security.saml2.provider.service.web.authentication.logout.OpenSaml4LogoutRequestResolver.LogoutRequestParameters
getRequest() - Method in class org.springframework.security.saml2.provider.service.web.authentication.logout.OpenSaml4LogoutResponseResolver.LogoutResponseParameters
getRequest() - Method in class org.springframework.security.saml2.provider.service.web.authentication.OpenSaml4AuthenticationRequestResolver.AuthnRequestContext
getRequest() - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag: This method allows subclasses to provide a way to access the ServletRequest according to the rendering technology.
getRequest() - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
getRequest() - Method in class org.springframework.security.web.access.intercept.RequestAuthorizationContext: Returns the HttpServletRequest.
getRequest() - Method in class org.springframework.security.web.context.HttpRequestResponseHolder: Deprecated.
getRequest() - Method in class org.springframework.security.web.FilterInvocation
getRequest() - Method in class org.springframework.security.web.session.SessionInformationExpiredEvent
getRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.CookieRequestCache
getRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.HttpSessionRequestCache
getRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.NullRequestCache
getRequest(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.savedrequest.RequestCache: Returns the saved request, leaving it cached.
getRequestMatcher() - Method in class org.springframework.security.web.authentication.AuthenticationFilter
getRequestMatcher() - Method in class org.springframework.security.web.DefaultSecurityFilterChain
getRequestMatcher() - Method in class org.springframework.security.web.util.matcher.RequestMatcherEntry
getRequestURI() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
getRequestUrl() - Method in class org.springframework.security.web.FilterInvocation: Obtains the web application-specific fragment of the URL.
getRequestURL() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
getResponse() - Method in class org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationProvider.ResponseToken
getResponse() - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag: This method allows subclasses to provide a way to access the ServletResponse according to the rendering technology.
getResponse() - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
getResponse() - Method in class org.springframework.security.web.context.HttpRequestResponseHolder: Deprecated.
getResponse() - Method in class org.springframework.security.web.FilterInvocation
getResponse() - Method in class org.springframework.security.web.session.SessionInformationExpiredEvent
getResponseLocation() - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponse: Get the response location of the asserting party's SingleLogoutService
getResponseType() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest: Returns the response type.
getResult() - Method in class org.springframework.security.authorization.method.MethodInvocationResult: Return the result of the already-invoked MethodInvocation
getReturnObject() - Method in interface org.springframework.security.access.expression.method.MethodSecurityExpressionOperations
getRoleHierarchy() - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
getRolePrefix() - Method in class org.springframework.security.access.intercept.RunAsManagerImpl: Deprecated.
getRolePrefix() - Method in class org.springframework.security.access.vote.RoleVoter: Deprecated.
getRolePrefix() - Method in class org.springframework.security.config.core.GrantedAuthorityDefaults: The default prefix used with role based authorization.
getRolePrefix() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
getRolePrefix() - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator: Returns the role prefix used by this populator Method available so that classes extending this can override
getRoomNumber() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
getRootObject() - Method in class org.springframework.security.data.repository.query.SecurityEvaluationContextExtension
getRunAsManager() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor: Deprecated.
getSaml2Error() - Method in exception org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationException: Get the associated Saml2Error
getSaml2Response() - Method in class org.springframework.security.saml2.provider.service.authentication.Saml2Authentication: Returns the SAML response object, as decoded XML.
getSaml2Response() - Method in class org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken: Returns inflated and decoded XML representation of the SAML 2 Response
getSamlRequest() - Method in class org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest: Returns the AuthNRequest XML value to be sent.
getSamlRequest() - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest: Get the signed and serialized <saml2:LogoutRequest> payload
getSamlResponse() - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponse: Get the signed and serialized <saml2:LogoutResponse> payload
getScheme() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
getScope() - Method in class org.springframework.security.oauth2.server.resource.BearerTokenError: Return the scope.
getScopes() - Method in class org.springframework.security.oauth2.client.endpoint.OAuth2RefreshTokenGrantRequest: Returns the scope(s) to request.
getScopes() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration: Returns the scope(s) used for the client.
getScopes() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest: Returns the scope(s).
getScopes() - Method in class org.springframework.security.oauth2.core.OAuth2AccessToken: Returns the scope(s) associated to the token.
getScopes() - Method in interface org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimAccessor: Returns the scopes (scope) associated with the token
getSecuredUiPrefix() - Static method in class org.springframework.security.taglibs.TagLibConfig
getSecuredUiSuffix() - Static method in class org.springframework.security.taglibs.TagLibConfig
getSecureKeyword() - Method in class org.springframework.security.web.access.channel.SecureChannelProcessor
getSecureObject() - Method in class org.springframework.security.access.intercept.InterceptorStatusToken: Deprecated.
getSecureObjectClass() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor: Deprecated.

Indicates the type of secure objects the subclass will be presenting to the abstract parent for processing.
getSecureObjectClass() - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor: Deprecated.
getSecureObjectClass() - Method in class org.springframework.security.messaging.access.intercept.ChannelSecurityInterceptor: Deprecated.
getSecureObjectClass() - Method in class org.springframework.security.web.access.intercept.FilterSecurityInterceptor: Deprecated.
getSecurityContext() - Method in class org.springframework.security.access.intercept.InterceptorStatusToken: Deprecated.
getSecurityContextHolderStrategy() - Method in class org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer
getSecurityContextRepository(HttpServletRequest) - Static method in class org.springframework.security.test.web.support.WebTestUtils: Gets the SecurityContextRepository for the specified HttpServletRequest.
getSecurityContexts() - Method in class org.springframework.security.core.session.SessionDestroyedEvent: Provides the SecurityContext instances which were associated with the destroyed session.
getSecurityContexts() - Method in class org.springframework.security.web.session.HttpSessionDestroyedEvent
getSecurityDispatcherTypes() - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer: Get the DispatcherType for the springSecurityFilterChain.
getSecurityMetadataSource() - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor: Deprecated.
getSecurityMetadataSource() - Method in class org.springframework.security.web.access.channel.ChannelProcessingFilter
getSecurityMetadataSource() - Method in class org.springframework.security.web.access.intercept.FilterSecurityInterceptor: Deprecated.
getSeries() - Method in class org.springframework.security.web.authentication.rememberme.PersistentRememberMeToken
getServerName() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
getServerPort() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
getServerPort(ServletRequest) - Method in interface org.springframework.security.web.PortResolver: Indicates the port the ServletRequest was received on.
getServerPort(ServletRequest) - Method in class org.springframework.security.web.PortResolverImpl
getService() - Method in class org.springframework.security.ldap.server.ApacheDSContainer: Deprecated.
getServletContext() - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag: This method allows subclasses to provide a way to access the ServletContext according to the rendering technology.
getServletContext() - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
getServletPath() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
getServletPath() - Method in class org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher
getSession() - Method in class org.springframework.security.web.session.HttpSessionCreatedEvent
getSession() - Method in class org.springframework.security.web.session.HttpSessionDestroyedEvent
getSessionId() - Method in class org.springframework.security.core.session.SessionInformation
getSessionId() - Method in class org.springframework.security.web.authentication.WebAuthenticationDetails: Indicates the HttpSession id the authentication request was received from.
getSessionIndexes() - Method in class org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal
getSessionIndexes() - Method in interface org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticatedPrincipal
getSessionInformation() - Method in class org.springframework.security.web.session.SessionInformationExpiredEvent
getSessionInformation(String) - Method in interface org.springframework.security.core.session.SessionRegistry: Obtains the session information for the specified sessionId.
getSessionInformation(String) - Method in class org.springframework.security.core.session.SessionRegistryImpl
getSessionTrackingModes() - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer: Determines how a session should be tracked.
getSharedInstance() - Static method in class org.springframework.security.oauth2.core.converter.ClaimConversionService: Returns a shared instance of ClaimConversionService.
getSharedObject(Class<C>) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder: Gets a shared Object.
getSharedObject(Class<C>) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder: Gets a shared Object.
getSharedObjects() - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder: Gets the shared objects
getSid() - Method in class org.springframework.security.acls.domain.AccessControlEntryImpl
getSid() - Method in interface org.springframework.security.acls.model.AccessControlEntry
getSids(Authentication) - Method in class org.springframework.security.acls.domain.SidRetrievalStrategyImpl
getSids(Authentication) - Method in interface org.springframework.security.acls.model.SidRetrievalStrategy
getSigAlg() - Method in class org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest: Returns the SigAlg value for Saml2MessageBinding.REDIRECT requests
getSignature() - Method in class org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest: Returns the Signature value for Saml2MessageBinding.REDIRECT requests
getSigningAlgorithms() - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails: Get the list of org.opensaml.saml.ext.saml2alg.SigningMethod Algorithms for this asserting party, in preference order.
getSigningX509Credentials() - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration: Get the Collection of signing Saml2X509Credentials associated with this relying party
getSingleLogoutServiceBinding() - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails: Get the SingleLogoutService Binding
getSingleLogoutServiceBinding() - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration: Get the SingleLogoutService Binding
getSingleLogoutServiceBindings() - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration: Get the SingleLogoutService Binding
getSingleLogoutServiceLocation() - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails: Get the SingleLogoutService Location
getSingleLogoutServiceLocation() - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration: Get the SingleLogoutService Location
getSingleLogoutServiceResponseLocation() - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails: Get the SingleLogoutService Response Location
getSingleLogoutServiceResponseLocation() - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration: Get the SingleLogoutService Response Location
getSingleSignOnServiceBinding() - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails: Get the SingleSignOnService Binding.
getSingleSignOnServiceLocation() - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails: Get the SingleSignOnService Location.
getSn() - Method in class org.springframework.security.ldap.userdetails.Person
getSource() - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority: Returns the original user associated with a successful user switch.
getSource(Element, ParserContext) - Method in class org.springframework.security.config.http.CorsBeanDefinitionParser
getState() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest: Returns the state.
getState() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse: Returns the state.
getStaticPart() - Method in class org.springframework.security.access.intercept.aspectj.MethodInvocationAdapter: Deprecated.
getStaticPart() - Method in class org.springframework.security.util.SimpleMethodInvocation
getStatus() - Method in exception org.springframework.security.ldap.ppolicy.PasswordPolicyException
getStreet() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
getStreetAddress() - Method in interface org.springframework.security.oauth2.core.oidc.AddressStandardClaim: Returns the full street address, which may include house number, street name, P.O.
getStreetAddress() - Method in class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim
getStringSeparator() - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
getSubject() - Method in interface org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimAccessor: Returns usually a machine-readable identifier (sub) of the resource owner who authorized the token
getSubject() - Method in interface org.springframework.security.oauth2.core.oidc.IdTokenClaimAccessor: Returns the Subject identifier (sub).
getSubject() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor: Returns the Subject identifier (sub).
getSubject() - Method in interface org.springframework.security.oauth2.jwt.JwtClaimAccessor: Returns the Subject (sub) claim which identifies the principal that is the subject of the JWT.
getSuccessHandler() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
getSuccessHandler() - Method in class org.springframework.security.web.authentication.AuthenticationFilter
getSupportedMediaTypes() - Method in class org.springframework.security.saml2.provider.service.registration.OpenSamlRelyingPartyRegistrationBuilderHttpMessageConverter
getTargetUrlParameter() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
getTargetUser() - Method in class org.springframework.security.web.authentication.switchuser.AuthenticationSwitchUserEvent
getTelephoneNumber() - Method in class org.springframework.security.ldap.userdetails.Person
getThis() - Method in interface org.springframework.security.access.expression.method.MethodSecurityExpressionOperations
getThis() - Method in class org.springframework.security.access.intercept.aspectj.MethodInvocationAdapter: Deprecated.
getThis() - Method in class org.springframework.security.oauth2.jwt.JwsHeader.Builder
getThis() - Method in class org.springframework.security.util.SimpleMethodInvocation
getTimeBeforeExpiration() - Method in interface org.springframework.security.ldap.ppolicy.PasswordPolicyData
getTimeBeforeExpiration() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyResponseControl: Returns the timeBeforeExpiration.
getTimeBeforeExpiration() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
getTitle() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
getToken() - Method in class org.springframework.security.oauth2.server.resource.authentication.AbstractOAuth2TokenAuthenticationToken: Get the token bound to this Authentication.
getToken() - Method in class org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthenticationToken: Get the Bearer Token
getToken() - Method in class org.springframework.security.rsocket.metadata.BearerTokenMetadata
getToken() - Method in class org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationProvider.AssertionToken
getToken() - Method in class org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationProvider.ResponseToken
getToken() - Method in interface org.springframework.security.web.csrf.CsrfToken: Gets the token value.
getToken() - Method in class org.springframework.security.web.csrf.DefaultCsrfToken
getToken() - Method in interface org.springframework.security.web.server.csrf.CsrfToken: Gets the token value.
getToken() - Method in class org.springframework.security.web.server.csrf.DefaultCsrfToken
getTokenAttributes() - Method in class org.springframework.security.oauth2.server.resource.authentication.AbstractOAuth2TokenAuthenticationToken: Returns the attributes of the access token.
getTokenAttributes() - Method in class org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication
getTokenAttributes() - Method in class org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken
getTokenForSeries(String) - Method in class org.springframework.security.web.authentication.rememberme.InMemoryTokenRepositoryImpl
getTokenForSeries(String) - Method in class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl: Loads the token data for the supplied series identifier.
getTokenForSeries(String) - Method in interface org.springframework.security.web.authentication.rememberme.PersistentTokenRepository
getTokenResponse(JwtBearerGrantRequest) - Method in class org.springframework.security.oauth2.client.endpoint.DefaultJwtBearerTokenResponseClient
getTokenResponse(OAuth2AuthorizationCodeGrantRequest) - Method in class org.springframework.security.oauth2.client.endpoint.DefaultAuthorizationCodeTokenResponseClient
getTokenResponse(OAuth2ClientCredentialsGrantRequest) - Method in class org.springframework.security.oauth2.client.endpoint.DefaultClientCredentialsTokenResponseClient
getTokenResponse(OAuth2PasswordGrantRequest) - Method in class org.springframework.security.oauth2.client.endpoint.DefaultPasswordTokenResponseClient: Deprecated.
getTokenResponse(OAuth2RefreshTokenGrantRequest) - Method in class org.springframework.security.oauth2.client.endpoint.DefaultRefreshTokenTokenResponseClient
getTokenResponse(T) - Method in class org.springframework.security.oauth2.client.endpoint.AbstractWebClientReactiveOAuth2AccessTokenResponseClient
getTokenResponse(T) - Method in interface org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient: Exchanges the authorization grant credential, provided in the authorization grant request, for an access token credential at the Authorization Server's Token Endpoint.
getTokenResponse(T) - Method in interface org.springframework.security.oauth2.client.endpoint.ReactiveOAuth2AccessTokenResponseClient: Exchanges the authorization grant credential, provided in the authorization grant request, for an access token credential at the Authorization Server's Token Endpoint.
getTokenType() - Method in class org.springframework.security.oauth2.core.OAuth2AccessToken: Returns the token type.
getTokenType() - Method in interface org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimAccessor: Returns the type of the token (token_type), for example bearer.
getTokenUri() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails: Returns the uri for the token endpoint.
getTokenValiditySeconds() - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
getTokenValue() - Method in class org.springframework.security.oauth2.core.AbstractOAuth2Token: Returns the token value.
getTokenValue() - Method in interface org.springframework.security.oauth2.core.OAuth2Token: Returns the token value.
getTokenValue() - Method in class org.springframework.security.web.authentication.rememberme.PersistentRememberMeToken
getTranslatedPortMappings() - Method in class org.springframework.security.web.PortMapperImpl: Returns the translated (Integer -> Integer) version of the original port mapping specified via setHttpsPortMapping()
getTrustResolver() - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
getType() - Method in class org.springframework.security.acls.domain.ObjectIdentityImpl
getType() - Method in interface org.springframework.security.acls.model.ObjectIdentity: Obtains the "type" metadata for the domain object.
getType() - Method in class org.springframework.security.oauth2.jwt.JwsHeader: Returns the type header that declares the media type of the JWS/JWE.
getType() - Method in interface org.springframework.security.rsocket.api.PayloadExchange
getType() - Method in class org.springframework.security.rsocket.core.DefaultPayloadExchange
getUid() - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
getUpdatedAt() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor: Returns the time the user's information was last updated (updated_at).
getUri() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails.UserInfoEndpoint: Returns the uri for the user info endpoint.
getUri() - Method in class org.springframework.security.oauth2.core.OAuth2Error: Returns the error uri.
getUrl() - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag
getUrl() - Method in class org.springframework.security.web.util.RedirectUrlBuilder
getUrn() - Method in enum class org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding: Returns the URN value from the SAML 2 specification for this binding.
getUserAttributes() - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticator
getUserCache() - Method in class org.springframework.security.authentication.CachingUserDetailsService
getUserCache() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
getUserCache() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
getUserDetailsContextMapper() - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider: Provides access to the injected UserDetailsContextMapper strategy for use by subclasses.
getUserDetailsService() - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
getUserDetailsService() - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
getUserDetailsService() - Method in class org.springframework.security.config.annotation.authentication.configurers.userdetails.AbstractDaoAuthenticationConfigurer: Gets the UserDetailsService that is used with the DaoAuthenticationProvider
getUserDetailsService() - Method in class org.springframework.security.config.annotation.authentication.configurers.userdetails.UserDetailsAwareConfigurer: Gets the UserDetailsService or null if it is not available
getUserDetailsService() - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
getUserDetailsService() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
getUserDns(String) - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticator: Builds list of possible DNs for the user, worked out from the userDnPatterns property.
getUserFromCache(String) - Method in class org.springframework.security.core.userdetails.cache.NullUserCache
getUserFromCache(String) - Method in class org.springframework.security.core.userdetails.cache.SpringCacheBasedUserCache
getUserFromCache(String) - Method in interface org.springframework.security.core.userdetails.UserCache: Obtains a UserDetails from the cache.
getUserInfo() - Method in class org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser
getUserInfo() - Method in interface org.springframework.security.oauth2.core.oidc.user.OidcUser: Returns the UserInfo containing claims about the user.
getUserInfo() - Method in class org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority: Returns the UserInfo containing claims about the user, may be null.
getUserInfoEndpoint() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails: Returns the details of the UserInfo Endpoint.
getUsername() - Method in class org.springframework.security.core.userdetails.User
getUsername() - Method in interface org.springframework.security.core.userdetails.UserDetails: Returns the username used to authenticate the user.
getUsername() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
getUsername() - Method in class org.springframework.security.oauth2.client.endpoint.OAuth2PasswordGrantRequest: Deprecated.

Returns the resource owner's username.
getUsername() - Method in interface org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimAccessor: Returns a human-readable identifier (username) for the resource owner that authorized the token
getUsername() - Method in class org.springframework.security.rsocket.metadata.UsernamePasswordMetadata
getUsername() - Method in class org.springframework.security.web.authentication.rememberme.PersistentRememberMeToken
getUsername(ServerWebExchange) - Method in class org.springframework.security.web.server.authentication.SwitchUserWebFilter: Returns the name of the target user.
getUserNameAttributeName() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails.UserInfoEndpoint: Returns the attribute name used to access the user's name from the user info response.
getUsernameParameter() - Method in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
getUserPrincipal() - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestWrapper: Returns the Authentication (which is a subclass of Principal), or null if unavailable.
getUserRoles(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource: Obtains the list of user roles based on the current user's JEE roles.
getUsersByUsernameQuery() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
getUserSearch() - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticator
getValue() - Method in class org.springframework.security.oauth2.core.AuthenticationMethod: Returns the value of the authentication method type.
getValue() - Method in class org.springframework.security.oauth2.core.AuthorizationGrantType: Returns the value of the authorization grant type.
getValue() - Method in class org.springframework.security.oauth2.core.ClientAuthenticationMethod: Returns the value of the client authentication method.
getValue() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponseType: Returns the value of the authorization response type.
getValue() - Method in class org.springframework.security.oauth2.core.OAuth2AccessToken.TokenType: Returns the value of the token type.
getValue() - Method in class org.springframework.security.web.savedrequest.SavedCookie
getValues() - Method in class org.springframework.security.web.header.Header: Gets the values of the header.
getVar() - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
getVariables() - Method in class org.springframework.security.messaging.access.intercept.MessageAuthorizationContext: Returns the extracted variable values where the key is the variable name and the value is the variable value.
getVariables() - Method in class org.springframework.security.rsocket.util.matcher.PayloadExchangeAuthorizationContext
getVariables() - Method in class org.springframework.security.rsocket.util.matcher.PayloadExchangeMatcher.MatchResult: Gets potential variables and their values
getVariables() - Method in class org.springframework.security.web.access.intercept.RequestAuthorizationContext: Returns the extracted variable values where the key is the variable name and the value is the variable value.
getVariables() - Method in class org.springframework.security.web.server.authorization.AuthorizationContext
getVariables() - Method in class org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher.MatchResult: Gets potential variables and their values
getVariables() - Method in class org.springframework.security.web.util.matcher.RequestMatcher.MatchResult: Returns the extracted variable values where the key is the variable name and the value is the variable value
getVerificationX509Credentials() - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails: Get all verification Saml2X509Credentials associated with this asserting party
getVersion() - Static method in class org.springframework.security.core.SpringSecurityCoreVersion
getVersion() - Method in enum class org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder.BCryptVersion
getVersion() - Method in class org.springframework.security.web.savedrequest.SavedCookie
getWantAuthnRequestsSigned() - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails: Get the WantAuthnRequestsSigned setting, indicating the asserting party's preference that relying parties should sign the AuthnRequest before sending.
getWebFilters() - Method in class org.springframework.security.web.server.MatcherSecurityWebFilterChain
getWebFilters() - Method in interface org.springframework.security.web.server.SecurityWebFilterChain: The WebFilter to use
getWebSecurityConfigurers() - Method in class org.springframework.security.config.annotation.web.configuration.AutowiredWebSecurityConfigurersIgnoreParents
getWebsite() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor: Returns the URL of the user's web page or blog (website).
getWriter() - Method in class org.springframework.security.web.util.OnCommittedResponseWrapper: Makes sure OnCommittedResponseWrapper.onResponseCommitted() is invoked before calling the getWriter().close() or getWriter().flush()
getX509CertificateChain() - Method in class org.springframework.security.oauth2.jwt.JwsHeader: Returns the X.509 certificate chain that contains the X.509 public key certificate or certificate chain corresponding to the key used to digitally sign the JWS or encrypt the JWE.
getX509SHA1Thumbprint() - Method in class org.springframework.security.oauth2.jwt.JwsHeader: Returns the X.509 certificate SHA-1 thumbprint that is a base64url-encoded SHA-1 thumbprint (a.k.a.
getX509SHA256Thumbprint() - Method in class org.springframework.security.oauth2.jwt.JwsHeader: Returns the X.509 certificate SHA-256 thumbprint that is a base64url-encoded SHA-256 thumbprint (a.k.a.
getX509Url() - Method in class org.springframework.security.oauth2.jwt.JwsHeader: Returns the X.509 URL that refers to the resource for the X.509 public key certificate or certificate chain corresponding to the key used to digitally sign the JWS or encrypt the JWE.
getZoneInfo() - Method in interface org.springframework.security.oauth2.core.oidc.StandardClaimAccessor: Returns the user's time zone (zoneinfo).
GITHUB - Enum constant in enum class org.springframework.security.config.oauth2.client.CommonOAuth2Provider
GIVEN_NAME - Static variable in class org.springframework.security.oauth2.core.oidc.StandardClaimNames: given_name - the user's given name(s) or first name(s)
givenName(String) - Method in class org.springframework.security.oauth2.core.oidc.OidcUserInfo.Builder: Use this given name in the resulting OidcUserInfo
GLOBAL_METHOD_SECURITY - Static variable in class org.springframework.security.config.Elements
GlobalAuthenticationConfigurerAdapter - Class in org.springframework.security.config.annotation.authentication.configuration: A SecurityConfigurer that can be exposed as a bean to configure the global AuthenticationManagerBuilder.
GlobalAuthenticationConfigurerAdapter() - Constructor for class org.springframework.security.config.annotation.authentication.configuration.GlobalAuthenticationConfigurerAdapter
GlobalMethodSecurityBeanDefinitionParser - Class in org.springframework.security.config.method: Deprecated.
Use MethodSecurityBeanDefinitionParser instead
GlobalMethodSecurityBeanDefinitionParser() - Constructor for class org.springframework.security.config.method.GlobalMethodSecurityBeanDefinitionParser: Deprecated.
GlobalMethodSecurityConfiguration - Class in org.springframework.security.config.annotation.method.configuration: Deprecated.
Use PrePostMethodSecurityConfiguration, SecuredMethodSecurityConfiguration, or Jsr250MethodSecurityConfiguration instead
GlobalMethodSecurityConfiguration() - Constructor for class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration: Deprecated.
gmtZone - Static variable in class org.springframework.security.web.savedrequest.FastHttpDateFormat: GMT time zone - all HTTP dates are on GMT
GOOGLE - Enum constant in enum class org.springframework.security.config.oauth2.client.CommonOAuth2Provider
grant(Principal) - Method in interface org.springframework.security.authentication.jaas.AuthorityGranter: The grant method is called for each principal returned from the LoginContext subject.
GRANT_TYPE - Static variable in class org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames: grant_type - used in Access Token Request.
GrantedAuthoritiesContainer - Interface in org.springframework.security.core.authority: Indicates that a object stores GrantedAuthority objects.
GrantedAuthoritiesMapper - Interface in org.springframework.security.core.authority.mapping: Mapping interface which can be injected into the authentication layer to convert the authorities loaded from storage into those which will be used in the Authentication object.
GrantedAuthority - Interface in org.springframework.security.core: Represents an authority granted to an Authentication object.
GrantedAuthorityDefaults - Class in org.springframework.security.config.core: Allows providing defaults for GrantedAuthority
GrantedAuthorityDefaults(String) - Constructor for class org.springframework.security.config.core.GrantedAuthorityDefaults
GrantedAuthoritySid - Class in org.springframework.security.acls.domain: Represents a GrantedAuthority as a Sid.
GrantedAuthoritySid(String) - Constructor for class org.springframework.security.acls.domain.GrantedAuthoritySid
GrantedAuthoritySid(GrantedAuthority) - Constructor for class org.springframework.security.acls.domain.GrantedAuthoritySid
groupAuthoritiesByUsername(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer: An SQL statement to query user's group authorities given a username.
GroupManager - Interface in org.springframework.security.provisioning: Allows management of groups of authorities and their members.
groupRoleAttribute(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer: Specifies the attribute name which contains the role name.
groupSearchBase(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer: The search base for group membership searches.
groupSearchFilter(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer: The LDAP filter to search for groups.
groupSearchSubtree(boolean) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer: If set to true, a subtree scope search will be performed for group membership.

H

handle(HttpServletRequest, HttpServletResponse, Supplier<CsrfToken>) - Method in class org.springframework.security.web.csrf.CsrfTokenRequestAttributeHandler
handle(HttpServletRequest, HttpServletResponse, Supplier<CsrfToken>) - Method in interface org.springframework.security.web.csrf.CsrfTokenRequestHandler: Handles a request using a CsrfToken.
handle(HttpServletRequest, HttpServletResponse, Supplier<CsrfToken>) - Method in class org.springframework.security.web.csrf.XorCsrfTokenRequestAttributeHandler
handle(HttpServletRequest, HttpServletResponse, AccessDeniedException) - Method in class org.springframework.security.oauth2.server.resource.web.access.BearerTokenAccessDeniedHandler: Collect error details from the provided parameters and format according to RFC 6750, specifically error, error_description, error_uri, and scope.
handle(HttpServletRequest, HttpServletResponse, AccessDeniedException) - Method in interface org.springframework.security.web.access.AccessDeniedHandler: Handles an access denied failure.
handle(HttpServletRequest, HttpServletResponse, AccessDeniedException) - Method in class org.springframework.security.web.access.AccessDeniedHandlerImpl
handle(HttpServletRequest, HttpServletResponse, AccessDeniedException) - Method in class org.springframework.security.web.access.CompositeAccessDeniedHandler
handle(HttpServletRequest, HttpServletResponse, AccessDeniedException) - Method in class org.springframework.security.web.access.DelegatingAccessDeniedHandler
handle(HttpServletRequest, HttpServletResponse, AccessDeniedException) - Method in class org.springframework.security.web.access.ObservationMarkingAccessDeniedHandler
handle(HttpServletRequest, HttpServletResponse, AccessDeniedException) - Method in class org.springframework.security.web.access.RequestMatcherDelegatingAccessDeniedHandler
handle(HttpServletRequest, HttpServletResponse, AccessDeniedException) - Method in class org.springframework.security.web.session.InvalidSessionAccessDeniedHandler
handle(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler: Invokes the configured RedirectStrategy with the URL returned by the determineTargetUrl method.
handle(HttpServletRequest, HttpServletResponse, RequestRejectedException) - Method in class org.springframework.security.web.firewall.CompositeRequestRejectedHandler
handle(HttpServletRequest, HttpServletResponse, RequestRejectedException) - Method in class org.springframework.security.web.firewall.DefaultRequestRejectedHandler
handle(HttpServletRequest, HttpServletResponse, RequestRejectedException) - Method in class org.springframework.security.web.firewall.HttpStatusRequestRejectedHandler
handle(HttpServletRequest, HttpServletResponse, RequestRejectedException) - Method in class org.springframework.security.web.firewall.ObservationMarkingRequestRejectedHandler
handle(HttpServletRequest, HttpServletResponse, RequestRejectedException) - Method in interface org.springframework.security.web.firewall.RequestRejectedHandler: Handles an request rejected failure.
handle(Callback, Authentication) - Method in interface org.springframework.security.authentication.jaas.JaasAuthenticationCallbackHandler: Handle the Callback.
handle(Callback, Authentication) - Method in class org.springframework.security.authentication.jaas.JaasNameCallbackHandler: If the callback passed to the 'handle' method is an instance of NameCallback, the JaasNameCallbackHandler will call, callback.setName(authentication.getPrincipal().toString()).
handle(Callback, Authentication) - Method in class org.springframework.security.authentication.jaas.JaasPasswordCallbackHandler: If the callback passed to the 'handle' method is an instance of PasswordCallback, the JaasPasswordCallbackHandler will call, callback.setPassword(authentication.getCredentials().toString()).
handle(ServerWebExchange, AccessDeniedException) - Method in class org.springframework.security.oauth2.server.resource.web.access.server.BearerTokenServerAccessDeniedHandler
handle(ServerWebExchange, AccessDeniedException) - Method in class org.springframework.security.web.server.authorization.HttpStatusServerAccessDeniedHandler
handle(ServerWebExchange, AccessDeniedException) - Method in interface org.springframework.security.web.server.authorization.ServerAccessDeniedHandler
handle(ServerWebExchange, AccessDeniedException) - Method in class org.springframework.security.web.server.authorization.ServerWebExchangeDelegatingServerAccessDeniedHandler
handle(ServerWebExchange, Mono<CsrfToken>) - Method in class org.springframework.security.web.server.csrf.ServerCsrfTokenRequestAttributeHandler
handle(ServerWebExchange, Mono<CsrfToken>) - Method in interface org.springframework.security.web.server.csrf.ServerCsrfTokenRequestHandler: Handles a request using a CsrfToken.
handle(ServerWebExchange, Mono<CsrfToken>) - Method in class org.springframework.security.web.server.csrf.XorServerCsrfTokenRequestAttributeHandler
handleBindException(String, String, Throwable) - Method in class org.springframework.security.ldap.authentication.BindAuthenticator: Allows subclasses to inspect the exception thrown by an attempt to bind with a particular DN.
handleError(ClientHttpResponse) - Method in class org.springframework.security.oauth2.client.http.OAuth2ErrorResponseErrorHandler
handleLogout(SessionDestroyedEvent) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider: Handles the logout by getting the security contexts for the destroyed session and invoking LoginContext.logout() for any which contain a JaasAuthenticationToken.
handleToken(CsrfToken) - Method in class org.springframework.security.taglibs.csrf.CsrfInputTag
handleToken(CsrfToken) - Method in class org.springframework.security.taglibs.csrf.CsrfMetaTagsTag
hasAnyAuthority(String...) - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations: Determines if the SecurityExpressionOperations.getAuthentication() has any of the specified authorities within Authentication.getAuthorities().
hasAnyAuthority(String...) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
hasAnyAuthority(String...) - Static method in class org.springframework.security.authorization.AuthorityAuthorizationManager: Creates an instance of AuthorityAuthorizationManager with the provided authorities.
hasAnyAuthority(String...) - Static method in class org.springframework.security.authorization.AuthorityReactiveAuthorizationManager: Creates an instance of AuthorityReactiveAuthorizationManager with the provided authorities.
hasAnyAuthority(String...) - Method in class org.springframework.security.config.annotation.rsocket.RSocketSecurity.AuthorizePayloadsSpec.Access
hasAnyAuthority(String...) - Method in class org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer.AuthorizedUrl: Specifies that a user requires one of many authorities.
hasAnyAuthority(String...) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl: Deprecated.

Specify that URLs requires any of a number authorities.
hasAnyAuthority(String...) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.AuthorizedUrl: Deprecated.

Specifies that a user requires one of many authorities
hasAnyAuthority(String...) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint: Deprecated.

Specify that Message instances requires any of a number authorities.
hasAnyAuthority(String...) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.AuthorizeExchangeSpec.Access: Require any authority
hasAnyAuthority(String...) - Method in class org.springframework.security.messaging.access.intercept.MessageMatcherDelegatingAuthorizationManager.Builder.Constraint: Specify that Message instances requires any of a number authorities.
hasAnyRole(String...) - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations: Determines if the SecurityExpressionOperations.getAuthentication() has any of the specified authorities within Authentication.getAuthorities().
hasAnyRole(String...) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
hasAnyRole(String...) - Static method in class org.springframework.security.authorization.AuthorityAuthorizationManager: Creates an instance of AuthorityAuthorizationManager with the provided authorities.
hasAnyRole(String...) - Static method in class org.springframework.security.authorization.AuthorityReactiveAuthorizationManager: Creates an instance of AuthorityReactiveAuthorizationManager with the provided authorities.
hasAnyRole(String...) - Method in class org.springframework.security.config.annotation.rsocket.RSocketSecurity.AuthorizePayloadsSpec.Access
hasAnyRole(String...) - Method in class org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer.AuthorizedUrl: Specifies that a user requires one of many roles.
hasAnyRole(String...) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl: Deprecated.

Shortcut for specifying URLs require any of a number of roles.
hasAnyRole(String...) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.AuthorizedUrl: Deprecated.

Specifies that a user requires one of many roles.
hasAnyRole(String...) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint: Deprecated.

Shortcut for specifying Message instances require any of a number of roles.
hasAnyRole(String...) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.AuthorizeExchangeSpec.Access: Require any specific role.
hasAnyRole(String...) - Method in class org.springframework.security.messaging.access.intercept.MessageMatcherDelegatingAuthorizationManager.Builder.Constraint: Shortcut for specifying Message instances require any of a number of roles.
hasAnyRole(String, String[]) - Static method in class org.springframework.security.authorization.AuthorityAuthorizationManager: Creates an instance of AuthorityAuthorizationManager with the provided authorities.
hasAuthority(String) - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations: Determines if the SecurityExpressionOperations.getAuthentication() has a particular authority within Authentication.getAuthorities().
hasAuthority(String) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
hasAuthority(String) - Static method in class org.springframework.security.authorization.AuthorityAuthorizationManager: Creates an instance of AuthorityAuthorizationManager with the provided authority.
hasAuthority(String) - Static method in class org.springframework.security.authorization.AuthorityReactiveAuthorizationManager: Creates an instance of AuthorityReactiveAuthorizationManager with the provided authority.
hasAuthority(String) - Method in class org.springframework.security.config.annotation.rsocket.RSocketSecurity.AuthorizePayloadsSpec.Access
hasAuthority(String) - Method in class org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer.AuthorizedUrl: Specifies a user requires an authority.
hasAuthority(String) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl: Deprecated.

Specify that URLs require a particular authority.
hasAuthority(String) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.AuthorizedUrl: Deprecated.

Specifies a user requires an authority.
hasAuthority(String) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint: Deprecated.

Specify that Message instances require a particular authority.
hasAuthority(String) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.AuthorizeExchangeSpec.Access: Require a specific authority.
hasAuthority(String) - Method in class org.springframework.security.messaging.access.intercept.MessageMatcherDelegatingAuthorizationManager.Builder.Constraint: Specify that Message instances require a particular authority.
hasClaim(String) - Method in interface org.springframework.security.oauth2.core.ClaimAccessor: Returns true if the claim exists in ClaimAccessor.getClaims(), otherwise false.
hasError() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyResponseControl: Checks whether an error is present.
hasError(ClientHttpResponse) - Method in class org.springframework.security.oauth2.client.http.OAuth2ErrorResponseErrorHandler
hasErrors() - Method in class org.springframework.security.oauth2.core.OAuth2TokenValidatorResult: Say whether this result indicates success
hasErrors() - Method in class org.springframework.security.saml2.core.Saml2ResponseValidatorResult: Say whether this result indicates success
hasErrors() - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutValidatorResult: Say whether this result indicates success
hashCode() - Method in class org.springframework.security.access.SecurityConfig
hashCode() - Method in class org.springframework.security.acls.domain.AbstractPermission
hashCode() - Method in class org.springframework.security.acls.domain.AccessControlEntryImpl
hashCode() - Method in class org.springframework.security.acls.domain.AclImpl
hashCode() - Method in class org.springframework.security.acls.domain.GrantedAuthoritySid
hashCode() - Method in class org.springframework.security.acls.domain.ObjectIdentityImpl: Important so caching operates properly.
hashCode() - Method in class org.springframework.security.acls.domain.PrincipalSid
hashCode() - Method in interface org.springframework.security.acls.model.ObjectIdentity
hashCode() - Method in interface org.springframework.security.acls.model.Sid: Refer to the java.lang.Object documentation for the interface contract.
hashCode() - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
hashCode() - Method in class org.springframework.security.authentication.AnonymousAuthenticationToken
hashCode() - Method in class org.springframework.security.authentication.jaas.JaasGrantedAuthority
hashCode() - Method in class org.springframework.security.authentication.RememberMeAuthenticationToken
hashCode() - Method in class org.springframework.security.core.authority.SimpleGrantedAuthority
hashCode() - Method in class org.springframework.security.core.context.SecurityContextImpl
hashCode() - Method in class org.springframework.security.core.token.DefaultToken
hashCode() - Method in class org.springframework.security.core.userdetails.User: Returns the hashcode of the username.
hashCode() - Method in class org.springframework.security.ldap.userdetails.LdapAuthority
hashCode() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
hashCode() - Method in class org.springframework.security.messaging.util.matcher.SimpMessageTypeMatcher
hashCode() - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClientId
hashCode() - Method in class org.springframework.security.oauth2.core.AbstractOAuth2Token
hashCode() - Method in class org.springframework.security.oauth2.core.AuthenticationMethod
hashCode() - Method in class org.springframework.security.oauth2.core.AuthorizationGrantType
hashCode() - Method in class org.springframework.security.oauth2.core.ClientAuthenticationMethod
hashCode() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponseType
hashCode() - Method in class org.springframework.security.oauth2.core.OAuth2AccessToken.TokenType
hashCode() - Method in class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim
hashCode() - Method in class org.springframework.security.oauth2.core.oidc.OidcUserInfo
hashCode() - Method in class org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority
hashCode() - Method in class org.springframework.security.oauth2.core.user.DefaultOAuth2User
hashCode() - Method in class org.springframework.security.oauth2.core.user.OAuth2UserAuthority
hashCode() - Method in class org.springframework.security.saml2.core.Saml2X509Credential
hashCode() - Method in class org.springframework.security.util.InMemoryResource
hashCode() - Method in class org.springframework.security.web.access.intercept.RequestKey
hashCode() - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority
hashCode() - Method in class org.springframework.security.web.authentication.WebAuthenticationDetails
hashCode() - Method in class org.springframework.security.web.header.Header
hashCode() - Method in class org.springframework.security.web.server.csrf.DefaultCsrfToken
hashCode() - Method in class org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher
hashCode() - Method in class org.springframework.security.web.util.matcher.AntPathRequestMatcher
hashCode() - Method in class org.springframework.security.web.util.matcher.AnyRequestMatcher
hashpw(byte[], String) - Static method in class org.springframework.security.crypto.bcrypt.BCrypt: Hash a password using the OpenBSD bcrypt scheme
hashpw(String, String) - Static method in class org.springframework.security.crypto.bcrypt.BCrypt: Hash a password using the OpenBSD bcrypt scheme
hasIpAddress(String) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl: Deprecated.

Specify that URLs requires a specific IP Address or subnet.
hasIpAddress(String) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.AuthorizeExchangeSpec.Access: Require a specific IP address or range using an IP/Netmask (e.g.
hasIpAddress(String) - Method in class org.springframework.security.web.access.expression.WebSecurityExpressionRoot: Takes a specific IP address or a range using the IP/Netmask (e.g.
hasIpAddress(String) - Static method in class org.springframework.security.web.server.authorization.IpAddressReactiveAuthorizationManager: Creates an instance of IpAddressReactiveAuthorizationManager with the provided IP address.
hasMoreElements() - Method in class org.springframework.security.web.savedrequest.Enumerator: Tests if this enumeration contains more elements.
hasPermission(Object, Object) - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations: Determines if the SecurityExpressionOperations.getAuthentication() has permission to access the target given the permission
hasPermission(Object, Object) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
hasPermission(Object, String, Object) - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations: Determines if the SecurityExpressionOperations.getAuthentication() has permission to access the domain object with a given id, type, and permission.
hasPermission(Object, String, Object) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
hasPermission(Authentication, Serializable, String, Object) - Method in class org.springframework.security.access.expression.DenyAllPermissionEvaluator
hasPermission(Authentication, Serializable, String, Object) - Method in interface org.springframework.security.access.PermissionEvaluator: Alternative method for evaluating a permission where only the identifier of the target object is available, rather than the target instance itself.
hasPermission(Authentication, Serializable, String, Object) - Method in class org.springframework.security.acls.AclPermissionEvaluator
hasPermission(Authentication, Object) - Method in class org.springframework.security.acls.afterinvocation.AbstractAclProvider
hasPermission(Authentication, Object, Object) - Method in class org.springframework.security.access.expression.DenyAllPermissionEvaluator
hasPermission(Authentication, Object, Object) - Method in interface org.springframework.security.access.PermissionEvaluator
hasPermission(Authentication, Object, Object) - Method in class org.springframework.security.acls.AclPermissionEvaluator: Determines whether the user has the given permission(s) on the domain object using the ACL configuration.
hasRole(String) - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations: Determines if the SecurityExpressionOperations.getAuthentication() has a particular authority within Authentication.getAuthorities().
hasRole(String) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
hasRole(String) - Static method in class org.springframework.security.authorization.AuthorityAuthorizationManager: Creates an instance of AuthorityAuthorizationManager with the provided authority.
hasRole(String) - Static method in class org.springframework.security.authorization.AuthorityReactiveAuthorizationManager: Creates an instance of AuthorityReactiveAuthorizationManager with the provided authority.
hasRole(String) - Method in class org.springframework.security.config.annotation.rsocket.RSocketSecurity.AuthorizePayloadsSpec.Access
hasRole(String) - Method in class org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer.AuthorizedUrl: Specifies a user requires a role.
hasRole(String) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl: Deprecated.

Shortcut for specifying URLs require a particular role.
hasRole(String) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.AuthorizedUrl: Deprecated.

Specifies a user requires a role.
hasRole(String) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint: Deprecated.

Shortcut for specifying Message instances require a particular role.
hasRole(String) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.AuthorizeExchangeSpec.Access: Require a specific role.
hasRole(String) - Method in class org.springframework.security.messaging.access.intercept.MessageMatcherDelegatingAuthorizationManager.Builder.Constraint: Shortcut for specifying Message instances require a particular role.
hasWarning() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyResponseControl: Checks whether a warning is present.
header(String, Object) - Method in class org.springframework.security.oauth2.jwt.JwsHeader.Builder: Sets the header.
header(String, Object) - Method in class org.springframework.security.oauth2.jwt.Jwt.Builder: Use this header in the resulting Jwt
header(String, String...) - Method in class org.springframework.security.web.server.header.StaticServerHttpHeadersWriter.Builder
Header - Class in org.springframework.security.web.header: Represents a Header to be added to the HttpServletResponse
Header(String, String...) - Constructor for class org.springframework.security.web.header.Header: Creates a new instance
HEADER - Static variable in class org.springframework.security.oauth2.core.AuthenticationMethod
HeaderBearerTokenResolver - Class in org.springframework.security.oauth2.server.resource.web: Generic resolver extracting pre-authenticated JWT identity from a custom header.
HeaderBearerTokenResolver(String) - Constructor for class org.springframework.security.oauth2.server.resource.web.HeaderBearerTokenResolver
headers() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Adds the Security headers to the response.
headers() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Configures HTTP Response Headers.
headers(Consumer<Map<String, Object>>) - Method in class org.springframework.security.oauth2.jwt.JwsHeader.Builder: A Consumer to be provided access to the headers allowing the ability to add, replace, or remove.
headers(Consumer<Map<String, Object>>) - Method in class org.springframework.security.oauth2.jwt.Jwt.Builder: Provides access to every Jwt.Builder.header(String, Object) declared so far with the possibility to add, replace, or remove.
headers(Customizer<HeadersConfigurer<HttpSecurity>>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Adds the Security headers to the response.
headers(Customizer<ServerHttpSecurity.HeaderSpec>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Configures HTTP Response Headers.
HEADERS - Static variable in class org.springframework.security.config.Elements
HeadersBeanDefinitionParser - Class in org.springframework.security.config.http: Parser for the HeadersFilter.
HeadersBeanDefinitionParser() - Constructor for class org.springframework.security.config.http.HeadersBeanDefinitionParser
HeadersConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers: Adds the Security HTTP headers to the response.
HeadersConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer: Creates a new instance
HeadersConfigurer.CacheControlConfig - Class in org.springframework.security.config.annotation.web.configurers
HeadersConfigurer.ContentSecurityPolicyConfig - Class in org.springframework.security.config.annotation.web.configurers
HeadersConfigurer.ContentTypeOptionsConfig - Class in org.springframework.security.config.annotation.web.configurers
HeadersConfigurer.CrossOriginEmbedderPolicyConfig - Class in org.springframework.security.config.annotation.web.configurers
HeadersConfigurer.CrossOriginOpenerPolicyConfig - Class in org.springframework.security.config.annotation.web.configurers
HeadersConfigurer.CrossOriginResourcePolicyConfig - Class in org.springframework.security.config.annotation.web.configurers
HeadersConfigurer.FeaturePolicyConfig - Class in org.springframework.security.config.annotation.web.configurers
HeadersConfigurer.FrameOptionsConfig - Class in org.springframework.security.config.annotation.web.configurers
HeadersConfigurer.HpkpConfig - Class in org.springframework.security.config.annotation.web.configurers: Deprecated.
see Certificate and Public Key Pinning for more context
HeadersConfigurer.HstsConfig - Class in org.springframework.security.config.annotation.web.configurers
HeadersConfigurer.PermissionsPolicyConfig - Class in org.springframework.security.config.annotation.web.configurers
HeadersConfigurer.ReferrerPolicyConfig - Class in org.springframework.security.config.annotation.web.configurers
HeadersConfigurer.XXssConfig - Class in org.springframework.security.config.annotation.web.configurers
headerValue(XXssProtectionHeaderWriter.HeaderValue) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.XXssConfig: Sets the value of the X-XSS-PROTECTION header.
headerValue(XXssProtectionServerHttpHeadersWriter.HeaderValue) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.XssProtectionSpec: Sets the value of x-xss-protection header.
HeaderWriter - Interface in org.springframework.security.web.header: Contract for writing headers to a HttpServletResponse
HeaderWriterFilter - Class in org.springframework.security.web.header: Filter implementation to add headers to the current response.
HeaderWriterFilter(List<HeaderWriter>) - Constructor for class org.springframework.security.web.header.HeaderWriterFilter: Creates a new instance.
HeaderWriterLogoutHandler - Class in org.springframework.security.web.authentication.logout
HeaderWriterLogoutHandler(HeaderWriter) - Constructor for class org.springframework.security.web.authentication.logout.HeaderWriterLogoutHandler: Constructs a new instance using the passed HeaderWriter implementation
HeaderWriterServerLogoutHandler - Class in org.springframework.security.web.server.authentication.logout: A ServerLogoutHandler implementation which writes HTTP headers during logout.
HeaderWriterServerLogoutHandler(ServerHttpHeadersWriter) - Constructor for class org.springframework.security.web.server.authentication.logout.HeaderWriterServerLogoutHandler: Constructs a new instance using the ServerHttpHeadersWriter implementation.
Hex - Class in org.springframework.security.crypto.codec: Hex data encoder.
hideUserNotFoundExceptions - Variable in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
HpkpHeaderWriter - Class in org.springframework.security.web.header.writers: Deprecated.
see Certificate and Public Key Pinning for more context
HpkpHeaderWriter() - Constructor for class org.springframework.security.web.header.writers.HpkpHeaderWriter: Deprecated.

Creates a new instance
HpkpHeaderWriter(long) - Constructor for class org.springframework.security.web.header.writers.HpkpHeaderWriter: Deprecated.

Creates a new instance
HpkpHeaderWriter(long, boolean) - Constructor for class org.springframework.security.web.header.writers.HpkpHeaderWriter: Deprecated.

Creates a new instance
HpkpHeaderWriter(long, boolean, boolean) - Constructor for class org.springframework.security.web.header.writers.HpkpHeaderWriter: Deprecated.

Creates a new instance
HS256 - Enum constant in enum class org.springframework.security.oauth2.jose.jws.MacAlgorithm: HMAC using SHA-256 (Required)
HS256 - Static variable in class org.springframework.security.oauth2.jose.jws.JwsAlgorithms: HMAC using SHA-256 (Required)
HS384 - Enum constant in enum class org.springframework.security.oauth2.jose.jws.MacAlgorithm: HMAC using SHA-384 (Optional)
HS384 - Static variable in class org.springframework.security.oauth2.jose.jws.JwsAlgorithms: HMAC using SHA-384 (Optional)
HS512 - Enum constant in enum class org.springframework.security.oauth2.jose.jws.MacAlgorithm: HMAC using SHA-512 (Optional)
HS512 - Static variable in class org.springframework.security.oauth2.jose.jws.JwsAlgorithms: HMAC using SHA-512 (Optional)
hsts() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec: Configures the Strict Transport Security response headers
hsts(Customizer<ServerHttpSecurity.HeaderSpec.HstsSpec>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec: Configures the Strict Transport Security response headers
HstsHeaderWriter - Class in org.springframework.security.web.header.writers: Provides support for HTTP Strict Transport Security (HSTS).
HstsHeaderWriter() - Constructor for class org.springframework.security.web.header.writers.HstsHeaderWriter: Creates a new instance
HstsHeaderWriter(boolean) - Constructor for class org.springframework.security.web.header.writers.HstsHeaderWriter: Creates a new instance
HstsHeaderWriter(long) - Constructor for class org.springframework.security.web.header.writers.HstsHeaderWriter: Creates a new instance
HstsHeaderWriter(long, boolean) - Constructor for class org.springframework.security.web.header.writers.HstsHeaderWriter: Creates a new instance
HstsHeaderWriter(long, boolean, boolean) - Constructor for class org.springframework.security.web.header.writers.HstsHeaderWriter: Creates a new instance
HstsHeaderWriter(RequestMatcher, long, boolean) - Constructor for class org.springframework.security.web.header.writers.HstsHeaderWriter: Creates a new instance
HstsHeaderWriter(RequestMatcher, long, boolean, boolean) - Constructor for class org.springframework.security.web.header.writers.HstsHeaderWriter: Creates a new instance
http() - Static method in class org.springframework.security.config.web.server.ServerHttpSecurity: Creates a new instance.
http(int) - Method in class org.springframework.security.config.annotation.web.configurers.PortMapperConfigurer: Adds a port mapping
HTTP - Static variable in class org.springframework.security.config.Elements
HTTP_BASIC - Enum constant in enum class org.springframework.security.config.web.server.SecurityWebFiltersOrder: Instance of AuthenticationWebFilter
HTTP_FIREWALL - Static variable in class org.springframework.security.config.Elements
HTTP_HEADERS_WRITER - Enum constant in enum class org.springframework.security.config.web.server.SecurityWebFiltersOrder
Http403ForbiddenEntryPoint - Class in org.springframework.security.web.authentication: In the pre-authenticated authentication case (unlike CAS, for example) the user will already have been identified through some external mechanism and a secure context established by the time the security-enforcement filter is invoked.
Http403ForbiddenEntryPoint() - Constructor for class org.springframework.security.web.authentication.Http403ForbiddenEntryPoint
httpBasic() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Configures HTTP Basic authentication.
httpBasic() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Configures HTTP Basic authentication.
httpBasic(String, String) - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors: Convenience mechanism for setting the Authorization header to use HTTP Basic with the given username and password.
httpBasic(Customizer<HttpBasicConfigurer<HttpSecurity>>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Configures HTTP Basic authentication.
httpBasic(Customizer<ServerHttpSecurity.HttpBasicSpec>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Configures HTTP Basic authentication.
HttpBasicConfigurer> - Class in org.springframework.security.config.annotation.web.configurers: Adds HTTP basic based authentication.
HttpBasicConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.HttpBasicConfigurer: Creates a new instance
HttpBasicServerAuthenticationEntryPoint - Class in org.springframework.security.web.server.authentication: Prompts a user for HTTP Basic authentication.
HttpBasicServerAuthenticationEntryPoint() - Constructor for class org.springframework.security.web.server.authentication.HttpBasicServerAuthenticationEntryPoint
httpFirewall(HttpFirewall) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity: Allows customizing the HttpFirewall.
HttpFirewall - Interface in org.springframework.security.web.firewall: Interface which can be used to reject potentially dangerous requests and/or wrap them to control their behaviour.
HttpFirewallBeanDefinitionParser - Class in org.springframework.security.config.http: Injects the supplied HttpFirewall bean reference into the FilterChainProxy.
HttpFirewallBeanDefinitionParser() - Constructor for class org.springframework.security.config.http.HttpFirewallBeanDefinitionParser
HttpHeaderWriterWebFilter - Class in org.springframework.security.web.server.header: Invokes a ServerHttpHeadersWriter on ReactiveHttpOutputMessage.beforeCommit(java.util.function.Supplier).
HttpHeaderWriterWebFilter(ServerHttpHeadersWriter) - Constructor for class org.springframework.security.web.server.header.HttpHeaderWriterWebFilter
httpPublicKeyPinning() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer: Deprecated.
see Certificate and Public Key Pinning for more context
httpPublicKeyPinning(Customizer<HeadersConfigurer.HpkpConfig>) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer: Deprecated.
see Certificate and Public Key Pinning for more context
HttpRequestResponseHolder - Class in org.springframework.security.web.context: Deprecated.
Use SecurityContextRepository.loadDeferredContext(HttpServletRequest)
HttpRequestResponseHolder(HttpServletRequest, HttpServletResponse) - Constructor for class org.springframework.security.web.context.HttpRequestResponseHolder: Deprecated.
HTTPS_REDIRECT - Enum constant in enum class org.springframework.security.config.web.server.SecurityWebFiltersOrder: HttpsRedirectWebFilter
HttpSecurity - Class in org.springframework.security.config.annotation.web.builders: A HttpSecurity is similar to Spring Security's XML <http> element in the namespace configuration.
HttpSecurity(ObjectPostProcessor<Object>, AuthenticationManagerBuilder, Map<Class<?>, Object>) - Constructor for class org.springframework.security.config.annotation.web.builders.HttpSecurity: Creates a new instance
HttpSecurity.RequestMatcherConfigurer - Class in org.springframework.security.config.annotation.web.builders: Allows mapping HTTP requests that this HttpSecurity will be used for
HttpSecurityBeanDefinitionParser - Class in org.springframework.security.config.http: Sets up HTTP security: filter stack and protected URLs.
HttpSecurityBeanDefinitionParser() - Constructor for class org.springframework.security.config.http.HttpSecurityBeanDefinitionParser
HttpSecurityBeanDefinitionParser.ChildAuthenticationManagerFactoryBean - Class in org.springframework.security.config.http
HttpSecurityBeanDefinitionParser.FilterChainDecoratorFactory - Class in org.springframework.security.config.http
HttpSecurityBeanDefinitionParser.RequestRejectedHandlerPostProcessor - Class in org.springframework.security.config.http
HttpSecurityBuilder<H extends HttpSecurityBuilder<H>> - Interface in org.springframework.security.config.annotation.web
httpServletRequest(HttpServletRequest) - Static method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction: Modifies the ClientRequest.attributes() to include the HttpServletRequest used to look up and save the OAuth2AuthorizedClient.
httpServletResponse(HttpServletResponse) - Static method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction: Modifies the ClientRequest.attributes() to include the HttpServletResponse used to save the OAuth2AuthorizedClient.
HttpSessionCreatedEvent - Class in org.springframework.security.web.session: Published by the HttpSessionEventPublisher when an HttpSession is created by the container
HttpSessionCreatedEvent(HttpSession) - Constructor for class org.springframework.security.web.session.HttpSessionCreatedEvent
HttpSessionCsrfTokenRepository - Class in org.springframework.security.web.csrf: A CsrfTokenRepository that stores the CsrfToken in the HttpSession.
HttpSessionCsrfTokenRepository() - Constructor for class org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository
HttpSessionDestroyedEvent - Class in org.springframework.security.web.session: Published by the HttpSessionEventPublisher when a HttpSession is removed from the container
HttpSessionDestroyedEvent(HttpSession) - Constructor for class org.springframework.security.web.session.HttpSessionDestroyedEvent
HttpSessionEventPublisher - Class in org.springframework.security.web.session: Declared in web.xml as
HttpSessionEventPublisher() - Constructor for class org.springframework.security.web.session.HttpSessionEventPublisher
HttpSessionIdChangedEvent - Class in org.springframework.security.web.session: Published by the HttpSessionEventPublisher when an HttpSession ID is changed.
HttpSessionIdChangedEvent(HttpSession, String) - Constructor for class org.springframework.security.web.session.HttpSessionIdChangedEvent
HttpSessionLogoutRequestRepository - Class in org.springframework.security.saml2.provider.service.web.authentication.logout: An implementation of an Saml2LogoutRequestRepository that stores Saml2LogoutRequest in the HttpSession.
HttpSessionLogoutRequestRepository() - Constructor for class org.springframework.security.saml2.provider.service.web.authentication.logout.HttpSessionLogoutRequestRepository
HttpSessionOAuth2AuthorizationRequestRepository - Class in org.springframework.security.oauth2.client.web: An implementation of an AuthorizationRequestRepository that stores OAuth2AuthorizationRequest in the HttpSession.
HttpSessionOAuth2AuthorizationRequestRepository() - Constructor for class org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizationRequestRepository
HttpSessionOAuth2AuthorizedClientRepository - Class in org.springframework.security.oauth2.client.web: An implementation of an OAuth2AuthorizedClientRepository that stores OAuth2AuthorizedClient's in the HttpSession.
HttpSessionOAuth2AuthorizedClientRepository() - Constructor for class org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizedClientRepository
HttpSessionRequestCache - Class in org.springframework.security.web.savedrequest: RequestCache which stores the SavedRequest in the HttpSession.
HttpSessionRequestCache() - Constructor for class org.springframework.security.web.savedrequest.HttpSessionRequestCache
HttpSessionSaml2AuthenticationRequestRepository - Class in org.springframework.security.saml2.provider.service.web: A Saml2AuthenticationRequestRepository implementation that uses HttpSession to store and retrieve the AbstractSaml2AuthenticationRequest
HttpSessionSaml2AuthenticationRequestRepository() - Constructor for class org.springframework.security.saml2.provider.service.web.HttpSessionSaml2AuthenticationRequestRepository
HttpSessionSecurityContextRepository - Class in org.springframework.security.web.context: A SecurityContextRepository implementation which stores the security context in the HttpSession between requests.
HttpSessionSecurityContextRepository() - Constructor for class org.springframework.security.web.context.HttpSessionSecurityContextRepository
HttpsRedirectSpec() - Constructor for class org.springframework.security.config.web.server.ServerHttpSecurity.HttpsRedirectSpec
HttpsRedirectWebFilter - Class in org.springframework.security.web.server.transport: Redirects any non-HTTPS request to its HTTPS equivalent.
HttpsRedirectWebFilter() - Constructor for class org.springframework.security.web.server.transport.HttpsRedirectWebFilter
httpsRedirectWhen(Function<ServerWebExchange, Boolean>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HttpsRedirectSpec: Configures when this filter should redirect to https By default, the filter will redirect whenever an exchange's scheme is not https
httpsRedirectWhen(ServerWebExchangeMatcher...) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HttpsRedirectSpec: Configures when this filter should redirect to https By default, the filter will redirect whenever an exchange's scheme is not https
HttpStatusEntryPoint - Class in org.springframework.security.web.authentication: An AuthenticationEntryPoint that sends a generic HttpStatus as a response.
HttpStatusEntryPoint(HttpStatus) - Constructor for class org.springframework.security.web.authentication.HttpStatusEntryPoint: Creates a new instance.
HttpStatusRequestRejectedHandler - Class in org.springframework.security.web.firewall: A simple implementation of RequestRejectedHandler that sends an error with configurable status code.
HttpStatusRequestRejectedHandler() - Constructor for class org.springframework.security.web.firewall.HttpStatusRequestRejectedHandler: Constructs an instance which uses 400 as response code.
HttpStatusRequestRejectedHandler(int) - Constructor for class org.springframework.security.web.firewall.HttpStatusRequestRejectedHandler: Constructs an instance which uses a configurable http code as response.
HttpStatusReturningLogoutSuccessHandler - Class in org.springframework.security.web.authentication.logout: Implementation of the LogoutSuccessHandler.
HttpStatusReturningLogoutSuccessHandler() - Constructor for class org.springframework.security.web.authentication.logout.HttpStatusReturningLogoutSuccessHandler: Initialize the HttpStatusLogoutSuccessHandler with the default HttpStatus.OK.
HttpStatusReturningLogoutSuccessHandler(HttpStatus) - Constructor for class org.springframework.security.web.authentication.logout.HttpStatusReturningLogoutSuccessHandler: Initialize the HttpStatusLogoutSuccessHandler with a user-defined HttpStatus.
HttpStatusReturningServerLogoutSuccessHandler - Class in org.springframework.security.web.server.authentication.logout: Implementation of the ServerLogoutSuccessHandler.
HttpStatusReturningServerLogoutSuccessHandler() - Constructor for class org.springframework.security.web.server.authentication.logout.HttpStatusReturningServerLogoutSuccessHandler: Initialize the HttpStatusReturningServerLogoutSuccessHandler with the default HttpStatus.OK.
HttpStatusReturningServerLogoutSuccessHandler(HttpStatus) - Constructor for class org.springframework.security.web.server.authentication.logout.HttpStatusReturningServerLogoutSuccessHandler: Initialize the HttpStatusReturningServerLogoutSuccessHandler with a user-defined HttpStatus.
HttpStatusServerAccessDeniedHandler - Class in org.springframework.security.web.server.authorization: Sets the provided HTTP Status when access is denied.
HttpStatusServerAccessDeniedHandler(HttpStatus) - Constructor for class org.springframework.security.web.server.authorization.HttpStatusServerAccessDeniedHandler: Creates an instance with the provided status
HttpStatusServerEntryPoint - Class in org.springframework.security.web.server.authentication: A ServerAuthenticationEntryPoint that sends a generic HttpStatus as a response.
HttpStatusServerEntryPoint(HttpStatus) - Constructor for class org.springframework.security.web.server.authentication.HttpStatusServerEntryPoint
httpStrictTransportSecurity() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer: Allows customizing the HstsHeaderWriter which provides support for HTTP Strict Transport Security (HSTS).
httpStrictTransportSecurity(Customizer<HeadersConfigurer.HstsConfig>) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer: Allows customizing the HstsHeaderWriter which provides support for HTTP Strict Transport Security (HSTS).

I

IAT - Static variable in class org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimNames: iat - A timestamp indicating when the token was issued
IAT - Static variable in class org.springframework.security.oauth2.core.oidc.IdTokenClaimNames: iat - the time at which the ID Token was issued
IAT - Static variable in class org.springframework.security.oauth2.jwt.JwtClaimNames: iat - The Issued at claim identifies the time at which the JWT was issued
id - Variable in class org.springframework.security.taglibs.authz.JspAuthorizeTag
id(String) - Method in class org.springframework.security.oauth2.jwt.JwtClaimsSet.Builder: Sets the JWT ID (jti) claim, which provides a unique identifier for the JWT.
id(String) - Method in class org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest.Builder: This is the unique id used in the AbstractSaml2AuthenticationRequest.Builder.samlRequest
id(String) - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest.Builder: This is the unique id used in the Saml2LogoutRequest.Builder.samlRequest(java.lang.String)
ID_TOKEN - Static variable in class org.springframework.security.oauth2.core.oidc.endpoint.OidcParameterNames: id_token - used in the Access Token Response.
IdentityUnavailableException - Exception in org.springframework.security.acls.domain: Thrown if an ACL identity could not be extracted from an object.
IdentityUnavailableException(String) - Constructor for exception org.springframework.security.acls.domain.IdentityUnavailableException: Constructs an IdentityUnavailableException with the specified message.
IdentityUnavailableException(String, Throwable) - Constructor for exception org.springframework.security.acls.domain.IdentityUnavailableException: Constructs an IdentityUnavailableException with the specified message and root cause.
idToken(Consumer<OidcIdToken.Builder>) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.OidcLoginMutator: Use the provided OidcIdToken when constructing the authenticated user
idToken(Consumer<OidcIdToken.Builder>) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.OidcLoginRequestPostProcessor: Use the provided OidcIdToken when constructing the authenticated user
IdTokenClaimAccessor - Interface in org.springframework.security.oauth2.core.oidc: A ClaimAccessor for the "claims" that can be returned in the ID Token, which provides information about the authentication of an End-User by an Authorization Server.
IdTokenClaimNames - Class in org.springframework.security.oauth2.core.oidc: The names of the "claims" defined by the OpenID Connect Core 1.0 specification that can be returned in the ID Token.
IF_REQUIRED - Enum constant in enum class org.springframework.security.config.http.SessionCreationPolicy: Spring Security will only create an HttpSession if required
ignoring() - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity: Allows adding RequestMatcher instances that Spring Security should ignore.
ignoringRequestMatchers(String...) - Method in class org.springframework.security.config.annotation.web.configurers.CsrfConfigurer: Allows specifying HttpServletRequest that should not use CSRF Protection even if they match the CsrfConfigurer.requireCsrfProtectionMatcher(RequestMatcher).
ignoringRequestMatchers(RequestMatcher...) - Method in class org.springframework.security.config.annotation.web.configurers.CsrfConfigurer: Allows specifying HttpServletRequests that should not use CSRF Protection even if they match the CsrfConfigurer.requireCsrfProtectionMatcher(RequestMatcher).
inboundChannelSecurity(MessageSecurityMetadataSource) - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer: Deprecated.
inboundMessageSecurityMetadataSource() - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer: Deprecated.
includeSubdomains(boolean) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.HstsSpec: Configures if subdomains should be included.
includeSubDomains(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.HpkpConfig: Deprecated.

If true, the pinning policy applies to this pinned host as well as any subdomains of the host's domain name.
includeSubDomains(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.HstsConfig: If true, subdomains should be considered HSTS Hosts too.
INET_ORG_PERSON_MAPPER_CLASS - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
InetOrgPerson - Class in org.springframework.security.ldap.userdetails: UserDetails implementation whose properties are based on a subset of the LDAP schema for inetOrgPerson.
InetOrgPerson() - Constructor for class org.springframework.security.ldap.userdetails.InetOrgPerson
InetOrgPerson.Essence - Class in org.springframework.security.ldap.userdetails
InetOrgPersonContextMapper - Class in org.springframework.security.ldap.userdetails
InetOrgPersonContextMapper() - Constructor for class org.springframework.security.ldap.userdetails.InetOrgPersonContextMapper
init() - Method in class org.springframework.security.config.SecurityNamespaceHandler
init(B) - Method in interface org.springframework.security.config.annotation.SecurityConfigurer: Initialize the SecurityBuilder.
init(B) - Method in class org.springframework.security.config.annotation.SecurityConfigurerAdapter
init(B) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
init(B) - Method in class org.springframework.security.config.annotation.web.configurers.HttpBasicConfigurer
init(B) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2ClientConfigurer
init(B) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer
init(B) - Method in class org.springframework.security.config.annotation.web.configurers.saml2.Saml2LoginConfigurer: Initialize the SecurityBuilder.
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.DefaultLoginPageConfigurer
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.FormLoginConfigurer
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.JeeConfigurer: Populates a PreAuthenticatedAuthenticationProvider into HttpSecurity.authenticationProvider(org.springframework.security.authentication.AuthenticationProvider) and a Http403ForbiddenEntryPoint into HttpSecurityBuilder.setSharedObject(Class, Object)
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.PortMapperConfigurer
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.RequestCacheConfigurer
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.X509Configurer
init(FilterConfig) - Method in class org.springframework.security.web.access.intercept.FilterSecurityInterceptor: Deprecated.

Not used (we rely on IoC container lifecycle services instead)
init(FilterConfig) - Method in class org.springframework.security.web.debug.DebugFilter
init(AuthenticationManagerBuilder) - Method in class org.springframework.security.config.annotation.authentication.configuration.GlobalAuthenticationConfigurerAdapter
initDao() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
initDao() - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
initDao() - Method in class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl
initExtractorMap() - Method in class org.springframework.security.web.util.ThrowableAnalyzer: Initializes associations between Throwables and ThrowableCauseExtractors.
initialize() - Static method in class org.springframework.security.saml2.core.OpenSamlInitializationService: Ready OpenSAML for use and configure it with reasonable defaults.
initialize(Subject, CallbackHandler, Map, Map) - Method in class org.springframework.security.authentication.jaas.SecurityContextLoginModule: Initialize this LoginModule.
initializeAuthenticationProviderBeanManagerConfigurer(ApplicationContext) - Static method in class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
initializeUserDetailsBeanManagerConfigurer(ApplicationContext) - Static method in class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
initUserDetailsService() - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
initUserDetailsService() - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer: Populates the users that have been added.
initUserDetailsService() - Method in class org.springframework.security.config.annotation.authentication.configurers.userdetails.UserDetailsServiceConfigurer: Allows subclasses to initialize the UserDetailsService.
inMemoryAuthentication() - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder: Add in memory authentication to the AuthenticationManagerBuilder and return a InMemoryUserDetailsManagerConfigurer to allow customization of the in memory authentication.
InMemoryClientRegistrationRepository - Class in org.springframework.security.oauth2.client.registration: A ClientRegistrationRepository that stores ClientRegistration(s) in-memory.
InMemoryClientRegistrationRepository(List<ClientRegistration>) - Constructor for class org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository: Constructs an InMemoryClientRegistrationRepository using the provided parameters.
InMemoryClientRegistrationRepository(Map<String, ClientRegistration>) - Constructor for class org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository: Constructs an InMemoryClientRegistrationRepository using the provided Map of registration id to ClientRegistration.
InMemoryClientRegistrationRepository(ClientRegistration...) - Constructor for class org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository: Constructs an InMemoryClientRegistrationRepository using the provided parameters.
InMemoryConfiguration - Class in org.springframework.security.authentication.jaas.memory: An in memory representation of a JAAS configuration.
InMemoryConfiguration(Map<String, AppConfigurationEntry[]>) - Constructor for class org.springframework.security.authentication.jaas.memory.InMemoryConfiguration: Creates a new instance with a mapping of login context name to an array of AppConfigurationEntrys.
InMemoryConfiguration(Map<String, AppConfigurationEntry[]>, AppConfigurationEntry[]) - Constructor for class org.springframework.security.authentication.jaas.memory.InMemoryConfiguration: Creates a new instance with a mapping of login context name to an array of AppConfigurationEntrys along with a default configuration that will be used if no mapping is found for the given login context name.
InMemoryConfiguration(AppConfigurationEntry[]) - Constructor for class org.springframework.security.authentication.jaas.memory.InMemoryConfiguration: Creates a new instance with only a defaultConfiguration.
InMemoryOAuth2AuthorizedClientService - Class in org.springframework.security.oauth2.client: An OAuth2AuthorizedClientService that stores Authorized Client(s) in-memory.
InMemoryOAuth2AuthorizedClientService(ClientRegistrationRepository) - Constructor for class org.springframework.security.oauth2.client.InMemoryOAuth2AuthorizedClientService: Constructs an InMemoryOAuth2AuthorizedClientService using the provided parameters.
InMemoryOAuth2AuthorizedClientService(ClientRegistrationRepository, Map<OAuth2AuthorizedClientId, OAuth2AuthorizedClient>) - Constructor for class org.springframework.security.oauth2.client.InMemoryOAuth2AuthorizedClientService: Constructs an InMemoryOAuth2AuthorizedClientService using the provided parameters.
InMemoryReactiveClientRegistrationRepository - Class in org.springframework.security.oauth2.client.registration: A Reactive ClientRegistrationRepository that stores ClientRegistration(s) in-memory.
InMemoryReactiveClientRegistrationRepository(List<ClientRegistration>) - Constructor for class org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository: Constructs an InMemoryReactiveClientRegistrationRepository using the provided parameters.
InMemoryReactiveClientRegistrationRepository(ClientRegistration...) - Constructor for class org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository: Constructs an InMemoryReactiveClientRegistrationRepository using the provided parameters.
InMemoryReactiveOAuth2AuthorizedClientService - Class in org.springframework.security.oauth2.client: An OAuth2AuthorizedClientService that stores Authorized Client(s) in-memory.
InMemoryReactiveOAuth2AuthorizedClientService(ReactiveClientRegistrationRepository) - Constructor for class org.springframework.security.oauth2.client.InMemoryReactiveOAuth2AuthorizedClientService: Constructs an InMemoryReactiveOAuth2AuthorizedClientService using the provided parameters.
InMemoryRelyingPartyRegistrationRepository - Class in org.springframework.security.saml2.provider.service.registration
InMemoryRelyingPartyRegistrationRepository(Collection<RelyingPartyRegistration>) - Constructor for class org.springframework.security.saml2.provider.service.registration.InMemoryRelyingPartyRegistrationRepository
InMemoryRelyingPartyRegistrationRepository(RelyingPartyRegistration...) - Constructor for class org.springframework.security.saml2.provider.service.registration.InMemoryRelyingPartyRegistrationRepository
InMemoryResource - Class in org.springframework.security.util: An in memory implementation of Spring's Resource interface.
InMemoryResource(byte[]) - Constructor for class org.springframework.security.util.InMemoryResource
InMemoryResource(byte[], String) - Constructor for class org.springframework.security.util.InMemoryResource
InMemoryResource(String) - Constructor for class org.springframework.security.util.InMemoryResource
InMemoryTokenRepositoryImpl - Class in org.springframework.security.web.authentication.rememberme: Simple PersistentTokenRepository implementation backed by a Map.
InMemoryTokenRepositoryImpl() - Constructor for class org.springframework.security.web.authentication.rememberme.InMemoryTokenRepositoryImpl
InMemoryUserDetailsManager - Class in org.springframework.security.provisioning: Non-persistent implementation of UserDetailsManager which is backed by an in-memory map.
InMemoryUserDetailsManager() - Constructor for class org.springframework.security.provisioning.InMemoryUserDetailsManager
InMemoryUserDetailsManager(Collection<UserDetails>) - Constructor for class org.springframework.security.provisioning.InMemoryUserDetailsManager
InMemoryUserDetailsManager(Properties) - Constructor for class org.springframework.security.provisioning.InMemoryUserDetailsManager
InMemoryUserDetailsManager(UserDetails...) - Constructor for class org.springframework.security.provisioning.InMemoryUserDetailsManager
InMemoryUserDetailsManagerConfigurer> - Class in org.springframework.security.config.annotation.authentication.configurers.provisioning: Configures an AuthenticationManagerBuilder to have in memory authentication.
InMemoryUserDetailsManagerConfigurer() - Constructor for class org.springframework.security.config.annotation.authentication.configurers.provisioning.InMemoryUserDetailsManagerConfigurer: Creates a new instance
InsecureChannelProcessor - Class in org.springframework.security.web.access.channel: Ensures channel security is inactive by review of HttpServletRequest.isSecure() responses.
InsecureChannelProcessor() - Constructor for class org.springframework.security.web.access.channel.InsecureChannelProcessor
insertAce(int, Permission, Sid, boolean) - Method in class org.springframework.security.acls.domain.AclImpl
insertAce(int, Permission, Sid, boolean) - Method in interface org.springframework.security.acls.model.MutableAcl
insertFilters(ServletContext, Filter...) - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer: Inserts the provided Filters before existing Filters using default generated names, AbstractSecurityWebApplicationInitializer.getSecurityDispatcherTypes(), and AbstractSecurityWebApplicationInitializer.isAsyncSecuritySupported().
instance - Variable in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
INSTANCE - Static variable in class org.springframework.security.web.util.matcher.AnyRequestMatcher
INSUFFICIENT_PASSWORD_QUALITY - Enum constant in enum class org.springframework.security.ldap.ppolicy.PasswordPolicyErrorStatus
INSUFFICIENT_SCOPE - Static variable in class org.springframework.security.oauth2.core.OAuth2ErrorCodes: insufficient_scope - The request requires higher privileges than provided by the access token.
INSUFFICIENT_SCOPE - Static variable in class org.springframework.security.oauth2.server.resource.BearerTokenErrorCodes: insufficient_scope - The request requires higher privileges than provided by the access token.
InsufficientAuthenticationException - Exception in org.springframework.security.authentication: Thrown if an authentication request is rejected because the credentials are not sufficiently trusted.
InsufficientAuthenticationException(String) - Constructor for exception org.springframework.security.authentication.InsufficientAuthenticationException: Constructs an InsufficientAuthenticationException with the specified message.
InsufficientAuthenticationException(String, Throwable) - Constructor for exception org.springframework.security.authentication.InsufficientAuthenticationException: Constructs an InsufficientAuthenticationException with the specified message and root cause.
insufficientScope(String, String) - Static method in class org.springframework.security.oauth2.server.resource.BearerTokenErrors: Create a BearerTokenError caused by an invalid token
InteractiveAuthenticationSuccessEvent - Class in org.springframework.security.authentication.event: Indicates an interactive authentication was successful.
InteractiveAuthenticationSuccessEvent(Authentication, Class<?>) - Constructor for class org.springframework.security.authentication.event.InteractiveAuthenticationSuccessEvent
intercept(PayloadExchange, PayloadInterceptorChain) - Method in interface org.springframework.security.rsocket.api.PayloadInterceptor: Process the Web request and (optionally) delegate to the next PayloadInterceptor through the given PayloadInterceptorChain.
intercept(PayloadExchange, PayloadInterceptorChain) - Method in class org.springframework.security.rsocket.authentication.AnonymousPayloadInterceptor
intercept(PayloadExchange, PayloadInterceptorChain) - Method in class org.springframework.security.rsocket.authentication.AuthenticationPayloadInterceptor
intercept(PayloadExchange, PayloadInterceptorChain) - Method in class org.springframework.security.rsocket.authorization.AuthorizationPayloadInterceptor
INTERCEPT_MESSAGE - Static variable in class org.springframework.security.config.Elements
INTERCEPT_METHODS - Static variable in class org.springframework.security.config.Elements
INTERCEPT_URL - Static variable in class org.springframework.security.config.Elements
InterceptMethodsBeanDefinitionDecorator - Class in org.springframework.security.config.method
InterceptMethodsBeanDefinitionDecorator() - Constructor for class org.springframework.security.config.method.InterceptMethodsBeanDefinitionDecorator
InterceptorStatusToken - Class in org.springframework.security.access.intercept: Deprecated.
Use delegation with AuthorizationManager
InterceptorStatusToken(SecurityContext, boolean, Collection<ConfigAttribute>, Object) - Constructor for class org.springframework.security.access.intercept.InterceptorStatusToken: Deprecated.
INTERNAL_VALIDATION_ERROR - Static variable in class org.springframework.security.saml2.core.Saml2ErrorCodes: An error happened during validation.
InternalAuthenticationServiceException - Exception in org.springframework.security.authentication: Thrown if an authentication request could not be processed due to a system problem that occurred internally.
InternalAuthenticationServiceException(String) - Constructor for exception org.springframework.security.authentication.InternalAuthenticationServiceException
InternalAuthenticationServiceException(String, Throwable) - Constructor for exception org.springframework.security.authentication.InternalAuthenticationServiceException
introspect(String) - Method in class org.springframework.security.oauth2.server.resource.introspection.NimbusOpaqueTokenIntrospector
introspect(String) - Method in class org.springframework.security.oauth2.server.resource.introspection.NimbusReactiveOpaqueTokenIntrospector
introspect(String) - Method in interface org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector: Introspect and verify the given token, returning its attributes.
introspect(String) - Method in interface org.springframework.security.oauth2.server.resource.introspection.ReactiveOpaqueTokenIntrospector: Introspect and verify the given token, returning its attributes.
introspect(String) - Method in class org.springframework.security.oauth2.server.resource.introspection.SpringOpaqueTokenIntrospector
introspect(String) - Method in class org.springframework.security.oauth2.server.resource.introspection.SpringReactiveOpaqueTokenIntrospector
introspectionClientCredentials(String, String) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer.OpaqueTokenConfigurer
introspectionClientCredentials(String, String) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec.OpaqueTokenSpec: Configures the credentials for Introspection endpoint
introspectionUri(String) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer.OpaqueTokenConfigurer
introspectionUri(String) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec.OpaqueTokenSpec: Configures the URI of the Introspection endpoint
introspector(OpaqueTokenIntrospector) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer.OpaqueTokenConfigurer
introspector(ReactiveOpaqueTokenIntrospector) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec.OpaqueTokenSpec
INVALID_ASSERTION - Static variable in class org.springframework.security.saml2.core.Saml2ErrorCodes: The assertion was not valid.
INVALID_CLIENT - Static variable in class org.springframework.security.oauth2.core.OAuth2ErrorCodes: invalid_client - Client authentication failed (e.g., unknown client, no client authentication included, or unsupported authentication method).
INVALID_DESTINATION - Static variable in class org.springframework.security.saml2.core.Saml2ErrorCodes: Response destination does not match the request URL.
INVALID_GRANT - Static variable in class org.springframework.security.oauth2.core.OAuth2ErrorCodes: invalid_grant - The provided authorization grant (e.g., authorization code, resource owner credentials) or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.
INVALID_IN_RESPONSE_TO - Static variable in class org.springframework.security.saml2.core.Saml2ErrorCodes: The InResponseTo content of the response does not match the ID of the AuthNRequest.
INVALID_ISSUER - Static variable in class org.springframework.security.saml2.core.Saml2ErrorCodes: An Issuer element contained a value that didn't https://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf#page=15
INVALID_REDIRECT_URI - Static variable in class org.springframework.security.oauth2.core.OAuth2ErrorCodes: invalid_redirect_uri - The value of one or more redirection URIs is invalid.
INVALID_REQUEST - Static variable in class org.springframework.security.oauth2.core.OAuth2ErrorCodes: invalid_request - The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed.
INVALID_REQUEST - Static variable in class org.springframework.security.oauth2.server.resource.BearerTokenErrorCodes: invalid_request - The request is missing a required parameter, includes an unsupported parameter or parameter value, repeats the same parameter, uses more than one method for including an access token, or is otherwise malformed.
INVALID_REQUEST - Static variable in class org.springframework.security.saml2.core.Saml2ErrorCodes: Request is invalid in a general way.
INVALID_RESPONSE - Static variable in class org.springframework.security.saml2.core.Saml2ErrorCodes: Response is invalid in a general way.
INVALID_SCOPE - Static variable in class org.springframework.security.oauth2.core.OAuth2ErrorCodes: invalid_scope - The requested scope is invalid, unknown, malformed or exceeds the scope granted by the resource owner.
INVALID_SIGNATURE - Static variable in class org.springframework.security.saml2.core.Saml2ErrorCodes: The signature of response or assertion was invalid.
INVALID_TOKEN - Static variable in class org.springframework.security.oauth2.core.OAuth2ErrorCodes: invalid_token - The access token provided is expired, revoked, malformed, or invalid for other reasons.
INVALID_TOKEN - Static variable in class org.springframework.security.oauth2.server.resource.BearerTokenErrorCodes: invalid_token - The access token provided is expired, revoked, malformed, or invalid for other reasons.
invalidateHttpSession(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer: Configures SecurityContextLogoutHandler to invalidate the HttpSession at the time of logout.
InvalidBearerTokenException - Exception in org.springframework.security.oauth2.server.resource: An OAuth2AuthenticationException that indicates an invalid bearer token.
InvalidBearerTokenException(String) - Constructor for exception org.springframework.security.oauth2.server.resource.InvalidBearerTokenException: Construct an instance of InvalidBearerTokenException given the provided description.
InvalidBearerTokenException(String, Throwable) - Constructor for exception org.springframework.security.oauth2.server.resource.InvalidBearerTokenException: Construct an instance of InvalidBearerTokenException given the provided description and cause The description will be wrapped into an OAuth2Error instance as the error_description.
InvalidCookieException - Exception in org.springframework.security.web.authentication.rememberme: Exception thrown by a RememberMeServices implementation to indicate that a submitted cookie is of an invalid format or has expired.
InvalidCookieException(String) - Constructor for exception org.springframework.security.web.authentication.rememberme.InvalidCookieException
InvalidCsrfTokenException - Exception in org.springframework.security.web.csrf: Thrown when an expected CsrfToken exists, but it does not match the value present on the HttpServletRequest
InvalidCsrfTokenException(CsrfToken, String) - Constructor for exception org.springframework.security.web.csrf.InvalidCsrfTokenException
invalidRequest(String) - Static method in class org.springframework.security.oauth2.server.resource.BearerTokenErrors: Create a BearerTokenError caused by an invalid request
InvalidSessionAccessDeniedHandler - Class in org.springframework.security.web.session: An adapter of InvalidSessionStrategy to AccessDeniedHandler
InvalidSessionAccessDeniedHandler(InvalidSessionStrategy) - Constructor for class org.springframework.security.web.session.InvalidSessionAccessDeniedHandler: Creates a new instance
invalidSessionStrategy(InvalidSessionStrategy) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer: Setting this attribute will inject the provided invalidSessionStrategy into the SessionManagementFilter.
InvalidSessionStrategy - Interface in org.springframework.security.web.session: Determines the behaviour of the SessionManagementFilter when an invalid session Id is submitted and detected in the SessionManagementFilter.
invalidSessionUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer: Setting this attribute will inject the SessionManagementFilter with a SimpleRedirectInvalidSessionStrategy configured with the attribute value.
invalidToken(String) - Static method in class org.springframework.security.oauth2.server.resource.BearerTokenErrors: Create a BearerTokenError caused by an invalid token
INVOCATION_ATTRIBUTE_FACTORY - Static variable in class org.springframework.security.config.Elements
INVOCATION_HANDLING - Static variable in class org.springframework.security.config.Elements
INVOCATIONTARGET_EXTRACTOR - Static variable in class org.springframework.security.web.util.ThrowableAnalyzer: Default extractor for InvocationTargetException instances.
invoke(MethodInvocation) - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor: Deprecated.

This method should be used to enforce security on a MethodInvocation.
invoke(MethodInvocation) - Method in class org.springframework.security.access.prepost.PrePostAdviceReactiveMethodInterceptor: Deprecated.
invoke(MethodInvocation) - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor: Determine if an Authentication has access to the MethodInvocation using the AuthorizationManager.
invoke(MethodInvocation) - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterReactiveMethodInterceptor: Determines if an Authentication has access to the returned object from the MethodInvocation using the configured ReactiveAuthorizationManager.
invoke(MethodInvocation) - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor: Determine if an Authentication has access to the MethodInvocation using the configured AuthorizationManager.
invoke(MethodInvocation) - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeReactiveMethodInterceptor: Determines if an Authentication has access to the MethodInvocation using the configured ReactiveAuthorizationManager.
invoke(MethodInvocation) - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationMethodInterceptor: Filter a returnedObject using the PostFilter annotation that the MethodInvocation specifies.
invoke(MethodInvocation) - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationReactiveMethodInterceptor: Filters the returned object from the MethodInvocation by evaluating an expression from the PostFilter annotation.
invoke(MethodInvocation) - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationMethodInterceptor: Filter the method argument specified in the PreFilter annotation that MethodInvocation specifies.
invoke(MethodInvocation) - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationReactiveMethodInterceptor: Filters a reactive method argument by evaluating an expression from the PreFilter annotation.
invoke(JoinPoint) - Method in class org.springframework.security.access.intercept.aspectj.AspectJMethodSecurityInterceptor: Deprecated.

Method that is suitable for user with @Aspect notation.
invoke(JoinPoint, AspectJCallback) - Method in class org.springframework.security.access.intercept.aspectj.AspectJMethodSecurityInterceptor: Deprecated.

Method that is suitable for user with traditional AspectJ-code aspects.
invoke(FilterInvocation) - Method in class org.springframework.security.web.access.intercept.FilterSecurityInterceptor: Deprecated.
invokeAll(Collection) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
invokeAll(Collection, long, TimeUnit) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
invokeAny(Collection) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
invokeAny(Collection, long, TimeUnit) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
IpAddressMatcher - Class in org.springframework.security.web.util.matcher: Matches a request based on IP Address or subnet mask matching against the remote address.
IpAddressMatcher(String) - Constructor for class org.springframework.security.web.util.matcher.IpAddressMatcher: Takes a specific IP address or a range specified using the IP/Netmask (e.g.
IpAddressReactiveAuthorizationManager - Class in org.springframework.security.web.server.authorization: A ReactiveAuthorizationManager, that determines if the current request contains the specified address or range of addresses
IpAddressServerWebExchangeMatcher - Class in org.springframework.security.web.server.util.matcher: Matches a request based on IP Address or subnet mask matching against the remote address.
IpAddressServerWebExchangeMatcher(String) - Constructor for class org.springframework.security.web.server.util.matcher.IpAddressServerWebExchangeMatcher: Takes a specific IP address or a range specified using the IP/Netmask (e.g.
IS_AUTHENTICATED_ANONYMOUSLY - Static variable in class org.springframework.security.access.vote.AuthenticatedVoter: Deprecated.
IS_AUTHENTICATED_FULLY - Static variable in class org.springframework.security.access.vote.AuthenticatedVoter: Deprecated.
IS_AUTHENTICATED_REMEMBERED - Static variable in class org.springframework.security.access.vote.AuthenticatedVoter: Deprecated.
isAbsoluteUrl(String) - Static method in class org.springframework.security.web.util.UrlUtils: Decides if a URL is absolute based on whether it contains a valid scheme name, as defined in RFC 1738.
isAccountNonExpired() - Method in class org.springframework.security.core.userdetails.User
isAccountNonExpired() - Method in interface org.springframework.security.core.userdetails.UserDetails: Indicates whether the user's account has expired.
isAccountNonExpired() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
isAccountNonLocked() - Method in class org.springframework.security.core.userdetails.User
isAccountNonLocked() - Method in interface org.springframework.security.core.userdetails.UserDetails: Indicates whether the user is locked or unlocked.
isAccountNonLocked() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
isAclClassIdSupported() - Method in class org.springframework.security.acls.jdbc.JdbcAclService
isActive() - Method in interface org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimAccessor: Returns the indicator (active) whether or not the token is currently active
isAllowed(String, String, String, Authentication) - Method in class org.springframework.security.web.access.AuthorizationManagerWebInvocationPrivilegeEvaluator
isAllowed(String, String, String, Authentication) - Method in class org.springframework.security.web.access.DefaultWebInvocationPrivilegeEvaluator: Deprecated.

Determines whether the user represented by the supplied Authentication object is allowed to invoke the supplied URI, with the given .
isAllowed(String, String, String, Authentication) - Method in class org.springframework.security.web.access.RequestMatcherDelegatingWebInvocationPrivilegeEvaluator: Determines whether the user represented by the supplied Authentication object is allowed to invoke the supplied URI.
isAllowed(String, String, String, Authentication) - Method in interface org.springframework.security.web.access.WebInvocationPrivilegeEvaluator: Determines whether the user represented by the supplied Authentication object is allowed to invoke the supplied URI, with the given .
isAllowed(String, Authentication) - Method in class org.springframework.security.web.access.AuthorizationManagerWebInvocationPrivilegeEvaluator
isAllowed(String, Authentication) - Method in class org.springframework.security.web.access.DefaultWebInvocationPrivilegeEvaluator: Deprecated.

Determines whether the user represented by the supplied Authentication object is allowed to invoke the supplied URI.
isAllowed(String, Authentication) - Method in class org.springframework.security.web.access.RequestMatcherDelegatingWebInvocationPrivilegeEvaluator: Determines whether the user represented by the supplied Authentication object is allowed to invoke the supplied URI.
isAllowed(String, Authentication) - Method in interface org.springframework.security.web.access.WebInvocationPrivilegeEvaluator: Determines whether the user represented by the supplied Authentication object is allowed to invoke the supplied URI.
isAllowed(MethodInvocation, Authentication) - Method in class org.springframework.security.access.intercept.MethodInvocationPrivilegeEvaluator: Deprecated.
isAllowIfAllAbstainDecisions() - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager: Deprecated.
isAllowIfEqualGrantedDeniedDecisions() - Method in class org.springframework.security.access.vote.ConsensusBased: Deprecated.
isAllowSessionCreation() - Method in class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
isAlwaysReauthenticate() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor: Deprecated.
isAlwaysUseDefaultTargetUrl() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
isAnonymous() - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations: Determines if the SecurityExpressionOperations.getAuthentication() is anonymous
isAnonymous() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
isAnonymous(Authentication) - Method in interface org.springframework.security.authentication.AuthenticationTrustResolver: Indicates whether the passed Authentication token represents an anonymous user.
isAnonymous(Authentication) - Method in class org.springframework.security.authentication.AuthenticationTrustResolverImpl
isAsyncSecuritySupported() - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer: Determine if the springSecurityFilterChain should be marked as supporting asynch.
isAuditFailure() - Method in class org.springframework.security.acls.domain.AccessControlEntryImpl
isAuditFailure() - Method in interface org.springframework.security.acls.model.AuditableAccessControlEntry
isAuditSuccess() - Method in class org.springframework.security.acls.domain.AccessControlEntryImpl
isAuditSuccess() - Method in interface org.springframework.security.acls.model.AuditableAccessControlEntry
isAuthenticated() - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations: Determines ifthe SecurityExpressionOperations.getAuthentication() is authenticated
isAuthenticated() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
isAuthenticated() - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
isAuthenticated() - Method in interface org.springframework.security.core.Authentication: Used to indicate to AbstractSecurityInterceptor whether it should present the authentication token to the AuthenticationManager.
isAuthenticated() - Method in class org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken
isBase64(byte[]) - Static method in class org.springframework.security.crypto.codec.Base64: Deprecated.
isChangeAfterReset() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyResponseControl
isCleared() - Method in class org.springframework.security.core.context.SecurityContextChangedEvent: Say whether the event is a context-clearing event.
isConfigured() - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder: Determines if the AuthenticationManagerBuilder is configured to build a non null AuthenticationManager.
isContextHolderRefreshRequired() - Method in class org.springframework.security.access.intercept.InterceptorStatusToken: Deprecated.
isContextRelative() - Method in class org.springframework.security.web.DefaultRedirectStrategy: Returns true, if the redirection URL should be calculated minus the protocol and context path (defaults to false).
isContextSaved() - Method in class org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper: Deprecated.

Tells if the response wrapper has called saveContext() because of this wrapper.
isConvertToUpperCase() - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator: Returns true if role names are converted to uppercase Method available so that classes extending this can override
isCredentialsNonExpired() - Method in class org.springframework.security.core.userdetails.User
isCredentialsNonExpired() - Method in interface org.springframework.security.core.userdetails.UserDetails: Indicates whether the user's credentials (password) has expired.
isCredentialsNonExpired() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
isCritical() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyControl: Returns whether the control is critical for the client.
isCustomLoginPage() - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
isDecryptionCredential() - Method in class org.springframework.security.saml2.core.Saml2X509Credential: Indicate whether this credential can be used for decryption
isDisableOnResponseCommitted() - Method in class org.springframework.security.web.util.OnCommittedResponseWrapper: Returns true if OnCommittedResponseWrapper.onResponseCommitted() will be invoked when the response is committed, else false.
isEnabled() - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
isEnabled() - Method in class org.springframework.security.core.userdetails.User
isEnabled() - Method in interface org.springframework.security.core.userdetails.UserDetails: Indicates whether the user is enabled or disabled.
isEnabled() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
isEnabled() - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
isEncryptionCredential() - Method in class org.springframework.security.saml2.core.Saml2X509Credential: Indicate whether this credential can be used for encryption
isEntriesInheriting() - Method in class org.springframework.security.acls.domain.AclImpl
isEntriesInheriting() - Method in interface org.springframework.security.acls.model.Acl: Indicates whether the ACL entries from the Acl.getParentAcl() should flow down into the current Acl.
isEraseCredentialsAfterAuthentication() - Method in class org.springframework.security.authentication.ProviderManager
isExpired() - Method in class org.springframework.security.core.session.SessionInformation
isExpired() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyResponseControl
isForceHttps() - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
isForcePrincipalAsString() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
isFullyAuthenticated() - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations: Determines if the SecurityExpressionOperations.getAuthentication() authenticated without the use of remember me
isFullyAuthenticated() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
isGenerated() - Method in interface org.springframework.security.core.context.DeferredSecurityContext: Returns true if Supplier.get() refers to a generated SecurityContext or false if it already existed.
isGenerated() - Method in interface org.springframework.security.web.csrf.DeferredCsrfToken: Returns true if DeferredCsrfToken.get() refers to a generated CsrfToken or false if it already existed.
isGranted() - Method in class org.springframework.security.authorization.AuthorizationDecision
isGranted(List<Permission>, List<Sid>, boolean) - Method in class org.springframework.security.acls.domain.AclImpl: Delegates to the PermissionGrantingStrategy.
isGranted(List<Permission>, List<Sid>, boolean) - Method in interface org.springframework.security.acls.model.Acl: This is the actual authorization logic method, and must be used whenever ACL authorization decisions are required.
isGranted(AccessControlEntry, Permission) - Method in class org.springframework.security.acls.domain.DefaultPermissionGrantingStrategy: Compares an ACE Permission to the given Permission.
isGranted(Acl, List<Permission>, List<Sid>, boolean) - Method in class org.springframework.security.acls.domain.DefaultPermissionGrantingStrategy: Determines authorization.
isGranted(Acl, List<Permission>, List<Sid>, boolean) - Method in interface org.springframework.security.acls.model.PermissionGrantingStrategy: Returns true if the supplied strategy decides that the supplied Acl grants access based on the supplied list of permissions and sids.
isGranting() - Method in class org.springframework.security.acls.domain.AccessControlEntryImpl
isGranting() - Method in interface org.springframework.security.acls.model.AccessControlEntry: Indicates the permission is being granted to the relevant Sid.
isHideUserNotFoundExceptions() - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
isHtmlEscape() - Method in class org.springframework.security.taglibs.authz.AuthenticationTag: Return the HTML escaping setting for this tag, or the default setting if not overridden.
isIgnoreFailure() - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
isInvalidateHttpSession() - Method in class org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler
isLocked() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyResponseControl: Determines whether an account locked error has been returned.
isLogInteractiveAuthenticationSuccessEvents() - Method in class org.springframework.security.authentication.event.LoggerListener
isMatch() - Method in class org.springframework.security.rsocket.util.matcher.PayloadExchangeMatcher.MatchResult
isMatch() - Method in class org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher.MatchResult
isMatch() - Method in class org.springframework.security.web.util.matcher.RequestMatcher.MatchResult
isMergeEnabled() - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.FormLoginRequestBuilder
isMergeEnabled() - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.LogoutRequestBuilder
isObserveOncePerRequest() - Method in class org.springframework.security.web.access.intercept.AuthorizationFilter
isObserveOncePerRequest() - Method in class org.springframework.security.web.access.intercept.FilterSecurityInterceptor: Deprecated.

Indicates whether once-per-request handling will be observed.
isPerInstance() - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor
isPerInstance() - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterReactiveMethodInterceptor
isPerInstance() - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
isPerInstance() - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeReactiveMethodInterceptor
isPerInstance() - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationMethodInterceptor
isPerInstance() - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationReactiveMethodInterceptor
isPerInstance() - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationMethodInterceptor
isPerInstance() - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationReactiveMethodInterceptor
isRejectPublicInvocations() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor: Deprecated.
isRememberMe() - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations: Determines if the SecurityExpressionOperations.getAuthentication() was authenticated using remember me
isRememberMe() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
isRememberMe(Authentication) - Method in interface org.springframework.security.authentication.AuthenticationTrustResolver: Indicates whether the passed Authentication token represents user that has been remembered (i.e.
isRememberMe(Authentication) - Method in class org.springframework.security.authentication.AuthenticationTrustResolverImpl
isRequest() - Method in enum class org.springframework.security.rsocket.api.PayloadExchangeType: Determines if this exchange is a type of request (i.e.
isRunning() - Method in class org.springframework.security.ldap.server.ApacheDSContainer: Deprecated.
isRunning() - Method in class org.springframework.security.ldap.server.UnboundIdContainer
ISS - Static variable in class org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimNames: iss - The issuer of the token
ISS - Static variable in class org.springframework.security.oauth2.core.oidc.IdTokenClaimNames: iss - the Issuer identifier
ISS - Static variable in class org.springframework.security.oauth2.jwt.JwtClaimNames: iss - the Issuer claim identifies the principal that issued the JWT
isSecure() - Method in class org.springframework.security.web.savedrequest.SavedCookie
isShutdown() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
isSidLoaded(List<Sid>) - Method in class org.springframework.security.acls.domain.AclImpl
isSidLoaded(List<Sid>) - Method in interface org.springframework.security.acls.model.Acl: For efficiency reasons an Acl may be loaded and not contain entries for every Sid in the system.
isSigningCredential() - Method in class org.springframework.security.saml2.core.Saml2X509Credential: Indicate whether this credential can be used for signing
isSimpDestPathMatcherConfigured() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry: Deprecated.

Determines if the MessageSecurityMetadataSourceRegistry.simpDestPathMatcher(PathMatcher) has been explicitly set.
isSingleton() - Method in class org.springframework.security.config.authentication.AuthenticationManagerFactoryBean
isSingleton() - Method in class org.springframework.security.core.token.SecureRandomFactoryBean
issuedAt(Instant) - Method in class org.springframework.security.oauth2.core.oidc.OidcIdToken.Builder: Use this issued-at timestamp in the resulting OidcIdToken
issuedAt(Instant) - Method in class org.springframework.security.oauth2.jwt.Jwt.Builder: Use this issued-at timestamp in the resulting Jwt
issuedAt(Instant) - Method in class org.springframework.security.oauth2.jwt.JwtClaimsSet.Builder: Sets the issued at (iat) claim, which identifies the time at which the JWT was issued.
issuer(String) - Method in class org.springframework.security.oauth2.core.oidc.OidcIdToken.Builder: Use this issuer in the resulting OidcIdToken
issuer(String) - Method in class org.springframework.security.oauth2.jwt.Jwt.Builder: Use this issuer in the resulting Jwt
issuer(String) - Method in class org.springframework.security.oauth2.jwt.JwtClaimsSet.Builder: Sets the issuer (iss) claim, which identifies the principal that issued the JWT.
issuerUri(String) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder: Sets the issuer identifier uri for the OpenID Connect 1.0 provider or the OAuth 2.0 Authorization Server.
isTerminated() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
isTokenExpired(long) - Method in class org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices
isUiSecurityDisabled() - Static method in class org.springframework.security.taglibs.TagLibConfig
isUseForward() - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
isUseForward() - Method in class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
isUserInRole(String) - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestWrapper: Simple searches for an exactly matching GrantedAuthority.getAuthority().
isUsernameBasedPrimaryKey() - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
isUsingGraceLogins() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyResponseControl
isValid() - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
isValidateConfigAttributes() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor: Deprecated.
isValidRedirectUrl(String) - Static method in class org.springframework.security.web.util.UrlUtils: Returns true if the supplied URL starts with a "/" or is absolute.
isVerificationCredential() - Method in class org.springframework.security.saml2.core.Saml2X509Credential: Indicate whether this credential can be used for verification
iterator() - Method in class org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository: Returns an Iterator of ClientRegistration.
iterator() - Method in class org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository: Returns an Iterator of ClientRegistration.
iterator() - Method in class org.springframework.security.saml2.provider.service.registration.InMemoryRelyingPartyRegistrationRepository

J

J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource - Class in org.springframework.security.web.authentication.preauth.j2ee: Implementation of AuthenticationDetailsSource which converts the user's J2EE roles (as obtained by calling HttpServletRequest.isUserInRole(String)) into GrantedAuthoritys and stores these in the authentication details object.
J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource() - Constructor for class org.springframework.security.web.authentication.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource
j2eeMappableRoles - Variable in class org.springframework.security.web.authentication.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource: The role attributes returned by the configured MappableAttributesRetriever
j2eePreAuthenticatedProcessingFilter(J2eePreAuthenticatedProcessingFilter) - Method in class org.springframework.security.config.annotation.web.configurers.JeeConfigurer: Allows specifying the J2eePreAuthenticatedProcessingFilter to use.
J2eePreAuthenticatedProcessingFilter - Class in org.springframework.security.web.authentication.preauth.j2ee: This AbstractPreAuthenticatedProcessingFilter implementation is based on the J2EE container-based authentication mechanism.
J2eePreAuthenticatedProcessingFilter() - Constructor for class org.springframework.security.web.authentication.preauth.j2ee.J2eePreAuthenticatedProcessingFilter
j2eeUserRoles2GrantedAuthoritiesMapper - Variable in class org.springframework.security.web.authentication.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource
JaasApiIntegrationFilter - Class in org.springframework.security.web.jaasapi: A Filter which attempts to obtain a JAAS Subject and continue the FilterChain running as that Subject.
JaasApiIntegrationFilter() - Constructor for class org.springframework.security.web.jaasapi.JaasApiIntegrationFilter
JaasAuthenticationCallbackHandler - Interface in org.springframework.security.authentication.jaas: The JaasAuthenticationCallbackHandler is similar to the javax.security.auth.callback.CallbackHandler interface in that it defines a handle method.
JaasAuthenticationEvent - Class in org.springframework.security.authentication.jaas.event: Parent class for events fired by the JaasAuthenticationProvider.
JaasAuthenticationEvent(Authentication) - Constructor for class org.springframework.security.authentication.jaas.event.JaasAuthenticationEvent: The Authentication object is stored as the ApplicationEvent 'source'.
JaasAuthenticationFailedEvent - Class in org.springframework.security.authentication.jaas.event: Fired when LoginContext.login throws a LoginException, or if any other exception is thrown during that time.
JaasAuthenticationFailedEvent(Authentication, Exception) - Constructor for class org.springframework.security.authentication.jaas.event.JaasAuthenticationFailedEvent
JaasAuthenticationProvider - Class in org.springframework.security.authentication.jaas: An AuthenticationProvider implementation that retrieves user details from a JAAS login configuration.
JaasAuthenticationProvider() - Constructor for class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
JaasAuthenticationSuccessEvent - Class in org.springframework.security.authentication.jaas.event: Fired by the JaasAuthenticationProvider after successfully logging the user into the LoginContext, handling all callbacks, and calling all AuthorityGranters.
JaasAuthenticationSuccessEvent(Authentication) - Constructor for class org.springframework.security.authentication.jaas.event.JaasAuthenticationSuccessEvent
JaasAuthenticationToken - Class in org.springframework.security.authentication.jaas: UsernamePasswordAuthenticationToken extension to carry the Jaas LoginContext that the user was logged into
JaasAuthenticationToken(Object, Object, List<GrantedAuthority>, LoginContext) - Constructor for class org.springframework.security.authentication.jaas.JaasAuthenticationToken
JaasAuthenticationToken(Object, Object, LoginContext) - Constructor for class org.springframework.security.authentication.jaas.JaasAuthenticationToken
JaasGrantedAuthority - Class in org.springframework.security.authentication.jaas: GrantedAuthority which, in addition to the assigned role, holds the principal that an AuthorityGranter used as a reason to grant this authority.
JaasGrantedAuthority(String, Principal) - Constructor for class org.springframework.security.authentication.jaas.JaasGrantedAuthority
JaasNameCallbackHandler - Class in org.springframework.security.authentication.jaas: The most basic Callbacks to be handled when using a LoginContext from JAAS, are the NameCallback and PasswordCallback.
JaasNameCallbackHandler() - Constructor for class org.springframework.security.authentication.jaas.JaasNameCallbackHandler
JaasPasswordCallbackHandler - Class in org.springframework.security.authentication.jaas: The most basic Callbacks to be handled when using a LoginContext from JAAS, are the NameCallback and PasswordCallback.
JaasPasswordCallbackHandler() - Constructor for class org.springframework.security.authentication.jaas.JaasPasswordCallbackHandler
JDBC_USER_SERVICE - Static variable in class org.springframework.security.config.Elements
JdbcAclService - Class in org.springframework.security.acls.jdbc: Simple JDBC-based implementation of AclService.
JdbcAclService(DataSource, LookupStrategy) - Constructor for class org.springframework.security.acls.jdbc.JdbcAclService
JdbcAclService(JdbcOperations, LookupStrategy) - Constructor for class org.springframework.security.acls.jdbc.JdbcAclService
jdbcAuthentication() - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder: Add JDBC authentication to the AuthenticationManagerBuilder and return a JdbcUserDetailsManagerConfigurer to allow customization of the JDBC authentication.
JdbcDaoImpl - Class in org.springframework.security.core.userdetails.jdbc: UserDetailsService implementation which retrieves the user details (username, password, enabled flag, and authorities) from a database using JDBC queries.
JdbcDaoImpl() - Constructor for class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
JdbcMutableAclService - Class in org.springframework.security.acls.jdbc: Provides a base JDBC implementation of MutableAclService.
JdbcMutableAclService(DataSource, LookupStrategy, AclCache) - Constructor for class org.springframework.security.acls.jdbc.JdbcMutableAclService
JdbcOAuth2AuthorizedClientService - Class in org.springframework.security.oauth2.client: A JDBC implementation of an OAuth2AuthorizedClientService that uses a JdbcOperations for OAuth2AuthorizedClient persistence.
JdbcOAuth2AuthorizedClientService(JdbcOperations, ClientRegistrationRepository) - Constructor for class org.springframework.security.oauth2.client.JdbcOAuth2AuthorizedClientService: Constructs a JdbcOAuth2AuthorizedClientService using the provided parameters.
JdbcOAuth2AuthorizedClientService(JdbcOperations, ClientRegistrationRepository, LobHandler) - Constructor for class org.springframework.security.oauth2.client.JdbcOAuth2AuthorizedClientService: Constructs a JdbcOAuth2AuthorizedClientService using the provided parameters.
JdbcOAuth2AuthorizedClientService.OAuth2AuthorizedClientHolder - Class in org.springframework.security.oauth2.client: A holder for an OAuth2AuthorizedClient and End-User Authentication (Resource Owner).
JdbcOAuth2AuthorizedClientService.OAuth2AuthorizedClientParametersMapper - Class in org.springframework.security.oauth2.client: The default Function that maps JdbcOAuth2AuthorizedClientService.OAuth2AuthorizedClientHolder to a List of SqlParameterValue.
JdbcOAuth2AuthorizedClientService.OAuth2AuthorizedClientRowMapper - Class in org.springframework.security.oauth2.client: The default RowMapper that maps the current row in java.sql.ResultSet to OAuth2AuthorizedClient.
jdbcOperations - Variable in class org.springframework.security.acls.jdbc.JdbcAclService
jdbcOperations - Variable in class org.springframework.security.oauth2.client.JdbcOAuth2AuthorizedClientService
JdbcTokenRepositoryImpl - Class in org.springframework.security.web.authentication.rememberme: JDBC based persistent login token repository implementation.
JdbcTokenRepositoryImpl() - Constructor for class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl
JdbcUserDetailsManager - Class in org.springframework.security.provisioning: Jdbc user management service, based on the same table structure as its parent class, JdbcDaoImpl.
JdbcUserDetailsManager() - Constructor for class org.springframework.security.provisioning.JdbcUserDetailsManager
JdbcUserDetailsManager(DataSource) - Constructor for class org.springframework.security.provisioning.JdbcUserDetailsManager
JdbcUserDetailsManagerConfigurer> - Class in org.springframework.security.config.annotation.authentication.configurers.provisioning: Configures an AuthenticationManagerBuilder to have JDBC authentication.
JdbcUserDetailsManagerConfigurer() - Constructor for class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
JdbcUserDetailsManagerConfigurer(JdbcUserDetailsManager) - Constructor for class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
JdbcUserServiceBeanDefinitionParser - Class in org.springframework.security.config.authentication
JdbcUserServiceBeanDefinitionParser() - Constructor for class org.springframework.security.config.authentication.JdbcUserServiceBeanDefinitionParser
jee() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Configures container based pre authentication.
jee(Customizer<JeeConfigurer<HttpSecurity>>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Configures container based pre authentication.
JEE - Static variable in class org.springframework.security.config.Elements
JeeConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers: Adds support for J2EE pre authentication.
JeeConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.JeeConfigurer: Creates a new instance
JKU - Static variable in class org.springframework.security.oauth2.jwt.JoseHeaderNames: jku - the JWK Set URL header is a URI that refers to a resource for a set of JSON-encoded public keys, one of which corresponds to the key used to digitally sign a JWS or encrypt a JWE
JoseHeaderNames - Class in org.springframework.security.oauth2.jwt: The Registered Header Parameter Names defined by the JSON Web Token (JWT), JSON Web Signature (JWS) and JSON Web Encryption (JWE) specifications that may be contained in the JOSE Header of a JWT.
JspAuthorizeTag - Class in org.springframework.security.taglibs.authz: A JSP Tag implementation of AbstractAuthorizeTag.
JspAuthorizeTag() - Constructor for class org.springframework.security.taglibs.authz.JspAuthorizeTag
jsr250() - Static method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor: Creates an interceptor for the JSR-250 annotations
jsr250(AuthorizationManager<MethodInvocation>) - Static method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor: Creates an interceptor for the JSR-250 annotations
jsr250(Jsr250AuthorizationManager) - Static method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor: Creates an interceptor for the JSR-250 annotations
JSR250 - Enum constant in enum class org.springframework.security.authorization.method.AuthorizationInterceptorsOrder
Jsr250AuthorizationManager - Class in org.springframework.security.authorization.method: An AuthorizationManager which can determine if an Authentication may invoke the MethodInvocation by evaluating if the Authentication contains a specified authority from the JSR-250 security annotations.
Jsr250AuthorizationManager() - Constructor for class org.springframework.security.authorization.method.Jsr250AuthorizationManager
Jsr250AuthorizationMethodInterceptor() - Constructor for class org.springframework.security.config.method.MethodSecurityBeanDefinitionParser.Jsr250AuthorizationMethodInterceptor
jsr250Enabled() - Element in annotation interface org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity: Deprecated.

Determines if JSR-250 annotations should be enabled.
jsr250Enabled() - Element in annotation interface org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity: Determines if JSR-250 annotations should be enabled.
Jsr250MethodSecurityMetadataSource - Class in org.springframework.security.access.annotation: Deprecated.
Use Jsr250AuthorizationManager instead
Jsr250MethodSecurityMetadataSource() - Constructor for class org.springframework.security.access.annotation.Jsr250MethodSecurityMetadataSource: Deprecated.
Jsr250SecurityConfig - Class in org.springframework.security.access.annotation: Deprecated.
Use AuthorizationManagerBeforeMethodInterceptor.jsr250() instead
Jsr250SecurityConfig(String) - Constructor for class org.springframework.security.access.annotation.Jsr250SecurityConfig: Deprecated.
Jsr250Voter - Class in org.springframework.security.access.annotation: Deprecated.
Use Jsr250AuthorizationManager instead
Jsr250Voter() - Constructor for class org.springframework.security.access.annotation.Jsr250Voter: Deprecated.
jti(String) - Method in class org.springframework.security.oauth2.jwt.Jwt.Builder: Use this identifier in the resulting Jwt
JTI - Static variable in class org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimNames: jti - The identifier for the token
JTI - Static variable in class org.springframework.security.oauth2.jwt.JwtClaimNames: jti - The JWT ID claim provides a unique identifier for the JWT
JwaAlgorithm - Interface in org.springframework.security.oauth2.jose: Super interface for cryptographic algorithms defined by the JSON Web Algorithms (JWA) specification and used by JSON Web Signature (JWS) to digitally sign or create a MAC of the contents and JSON Web Encryption (JWE) to encrypt the contents.
jwk(Map<String, Object>) - Method in class org.springframework.security.oauth2.jwt.JwsHeader.Builder: Sets the JSON Web Key which is the public key that corresponds to the key used to digitally sign the JWS or encrypt the JWE.
JWK - Static variable in class org.springframework.security.oauth2.jwt.JoseHeaderNames: jwk - the JSON Web Key header is the public key that corresponds to the key used to digitally sign a JWS or encrypt a JWE
jwkSetUri(String) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer.JwtConfigurer
jwkSetUri(String) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpec: Configures a ReactiveJwtDecoder using JSON Web Key (JWK) URL
jwkSetUri(String) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder: Sets the uri for the JSON Web Key (JWK) Set endpoint.
jwkSetUrl(String) - Method in class org.springframework.security.oauth2.jwt.JwsHeader.Builder: Sets the JWK Set URL that refers to the resource of a set of JSON-encoded public keys, one of which corresponds to the key used to digitally sign the JWS or encrypt the JWE.
jwsAlgorithm(JwsAlgorithm) - Method in class org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder.JwkSourceReactiveJwtDecoderBuilder: Use the given signing algorithm.
jwsAlgorithm(SignatureAlgorithm) - Method in class org.springframework.security.oauth2.jwt.NimbusJwtDecoder.JwkSetUriJwtDecoderBuilder: Append the given signing algorithm to the set of algorithms to use.
jwsAlgorithm(SignatureAlgorithm) - Method in class org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder.JwkSetUriReactiveJwtDecoderBuilder: Append the given signing algorithm to the set of algorithms to use.
JwsAlgorithm - Interface in org.springframework.security.oauth2.jose.jws: Super interface for cryptographic algorithms defined by the JSON Web Algorithms (JWA) specification and used by JSON Web Signature (JWS) to digitally sign or create a MAC of the contents of the JWS Protected Header and JWS Payload.
jwsAlgorithms(Consumer<Set<SignatureAlgorithm>>) - Method in class org.springframework.security.oauth2.jwt.NimbusJwtDecoder.JwkSetUriJwtDecoderBuilder: Configure the list of algorithms to use with the given Consumer.
jwsAlgorithms(Consumer<Set<SignatureAlgorithm>>) - Method in class org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder.JwkSetUriReactiveJwtDecoderBuilder: Configure the list of algorithms to use with the given Consumer.
JwsAlgorithms - Class in org.springframework.security.oauth2.jose.jws: The cryptographic algorithms defined by the JSON Web Algorithms (JWA) specification and used by JSON Web Signature (JWS) to digitally sign or create a MAC of the contents of the JWS Protected Header and JWS Payload.
JwsHeader - Class in org.springframework.security.oauth2.jwt: The JSON Web Signature (JWS) header is a JSON object representing the header parameters of a JSON Web Token, that describe the cryptographic operations used to digitally sign or create a MAC of the contents of the JWS Protected Header and JWS Payload.
JwsHeader.Builder - Class in org.springframework.security.oauth2.jwt: A builder for JwsHeader.
jwt() - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer
jwt() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec: Enables JWT Resource Server support.
jwt() - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors: Establish a SecurityContext that has a JwtAuthenticationToken for the Authentication and a Jwt for the Authentication.getPrincipal().
jwt(Consumer<Jwt.Builder>) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.JwtMutator: Use the given Jwt.Builder Consumer to configure the underlying Jwt This method first creates a default Jwt.Builder instance with default values for the alg, sub, and scope claims.
jwt(Consumer<Jwt.Builder>) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.JwtRequestPostProcessor: Use the given Jwt.Builder Consumer to configure the underlying Jwt This method first creates a default Jwt.Builder instance with default values for the alg, sub, and scope claims.
jwt(Customizer<RSocketSecurity.JwtSpec>) - Method in class org.springframework.security.config.annotation.rsocket.RSocketSecurity
jwt(Customizer<OAuth2ResourceServerConfigurer.JwtConfigurer>) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer: Enables Jwt-encoded bearer token support.
jwt(Customizer<ServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpec>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec: Enables JWT Resource Server support.
jwt(Jwt) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.JwtMutator: Use the given Jwt
jwt(Jwt) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.JwtRequestPostProcessor: Use the given Jwt
Jwt - Class in org.springframework.security.oauth2.jwt: An implementation of an AbstractOAuth2Token representing a JSON Web Token (JWT).
Jwt(String, Instant, Instant, Map<String, Object>, Map<String, Object>) - Constructor for class org.springframework.security.oauth2.jwt.Jwt: Constructs a Jwt using the provided parameters.
JWT - Static variable in class org.springframework.security.config.Elements
JWT_AUTHENTICATION - Enum constant in enum class org.springframework.security.config.annotation.rsocket.PayloadInterceptorOrder: Where JWT based authentication is performed.
JWT_BEARER - Static variable in class org.springframework.security.oauth2.core.AuthorizationGrantType
Jwt.Builder - Class in org.springframework.security.oauth2.jwt: Helps configure a Jwt
jwtAuthenticationConverter(Converter<Jwt, ? extends AbstractAuthenticationToken>) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer.JwtConfigurer
jwtAuthenticationConverter(Converter<Jwt, ? extends Mono<? extends AbstractAuthenticationToken>>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpec: Configures the Converter to use for converting a Jwt into an AbstractAuthenticationToken.
JwtAuthenticationConverter - Class in org.springframework.security.oauth2.server.resource.authentication
JwtAuthenticationConverter() - Constructor for class org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter
JwtAuthenticationProvider - Class in org.springframework.security.oauth2.server.resource.authentication: An AuthenticationProvider implementation of the Jwt-encoded Bearer Tokens for protecting OAuth 2.0 Resource Servers.
JwtAuthenticationProvider(JwtDecoder) - Constructor for class org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationProvider
JwtAuthenticationToken - Class in org.springframework.security.oauth2.server.resource.authentication: An implementation of an AbstractOAuth2TokenAuthenticationToken representing a Jwt Authentication.
JwtAuthenticationToken(Jwt) - Constructor for class org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken: Constructs a JwtAuthenticationToken using the provided parameters.
JwtAuthenticationToken(Jwt, Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken: Constructs a JwtAuthenticationToken using the provided parameters.
JwtAuthenticationToken(Jwt, Collection<? extends GrantedAuthority>, String) - Constructor for class org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken: Constructs a JwtAuthenticationToken using the provided parameters.
JwtBearerGrantRequest - Class in org.springframework.security.oauth2.client.endpoint: A JWT Bearer Grant request that holds a Jwt assertion.
JwtBearerGrantRequest(ClientRegistration, Jwt) - Constructor for class org.springframework.security.oauth2.client.endpoint.JwtBearerGrantRequest: Constructs a JwtBearerGrantRequest using the provided parameters.
JwtBearerGrantRequestEntityConverter - Class in org.springframework.security.oauth2.client.endpoint: An implementation of an AbstractOAuth2AuthorizationGrantRequestEntityConverter that converts the provided JwtBearerGrantRequest to a RequestEntity representation of an OAuth 2.0 Access Token Request for the JWT Bearer Grant.
JwtBearerGrantRequestEntityConverter() - Constructor for class org.springframework.security.oauth2.client.endpoint.JwtBearerGrantRequestEntityConverter
JwtBearerOAuth2AuthorizedClientProvider - Class in org.springframework.security.oauth2.client: An implementation of an OAuth2AuthorizedClientProvider for the jwt-bearer grant.
JwtBearerOAuth2AuthorizedClientProvider() - Constructor for class org.springframework.security.oauth2.client.JwtBearerOAuth2AuthorizedClientProvider
JwtBearerReactiveOAuth2AuthorizedClientProvider - Class in org.springframework.security.oauth2.client: An implementation of an ReactiveOAuth2AuthorizedClientProvider for the jwt-bearer grant.
JwtBearerReactiveOAuth2AuthorizedClientProvider() - Constructor for class org.springframework.security.oauth2.client.JwtBearerReactiveOAuth2AuthorizedClientProvider
JwtBearerTokenAuthenticationConverter - Class in org.springframework.security.oauth2.server.resource.authentication: A Converter that takes a Jwt and converts it into a BearerTokenAuthentication.
JwtBearerTokenAuthenticationConverter() - Constructor for class org.springframework.security.oauth2.server.resource.authentication.JwtBearerTokenAuthenticationConverter
JwtClaimAccessor - Interface in org.springframework.security.oauth2.jwt: A ClaimAccessor for the "claims" that may be contained in the JSON object JWT Claims Set of a JSON Web Token (JWT).
JwtClaimNames - Class in org.springframework.security.oauth2.jwt: The Registered Claim Names defined by the JSON Web Token (JWT) specification that may be contained in the JSON object JWT Claims Set.
JwtClaimsSet - Class in org.springframework.security.oauth2.jwt: The JWT Claims Set is a JSON object representing the claims conveyed by a JSON Web Token.
JwtClaimsSet.Builder - Class in org.springframework.security.oauth2.jwt: A builder for JwtClaimsSet.
JwtClaimValidator<T> - Class in org.springframework.security.oauth2.jwt: Validates a claim in a Jwt against a provided Predicate
JwtClaimValidator(String, Predicate<T>) - Constructor for class org.springframework.security.oauth2.jwt.JwtClaimValidator: Constructs a JwtClaimValidator using the provided parameters
jwtDecoder(ReactiveJwtDecoder) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpec: Configures the ReactiveJwtDecoder to use
JwtDecoder - Interface in org.springframework.security.oauth2.jwt: Implementations of this interface are responsible for "decoding" a JSON Web Token (JWT) from it's compact claims representation format to a Jwt.
JwtDecoderFactory<C> - Interface in org.springframework.security.oauth2.jwt: A factory for JwtDecoder(s).
JwtDecoderInitializationException - Exception in org.springframework.security.oauth2.jwt: An exception thrown when a JwtDecoder or ReactiveJwtDecoder's lazy initialization fails.
JwtDecoderInitializationException(String, Throwable) - Constructor for exception org.springframework.security.oauth2.jwt.JwtDecoderInitializationException
JwtDecoders - Class in org.springframework.security.oauth2.jwt: Allows creating a JwtDecoder from an OpenID Provider Configuration or Authorization Server Metadata Request based on provided issuer and method invoked.
JwtEncoder - Interface in org.springframework.security.oauth2.jwt: Implementations of this interface are responsible for encoding a JSON Web Token (JWT) to it's compact claims representation format.
JwtEncoderParameters - Class in org.springframework.security.oauth2.jwt: A holder of parameters containing the JWS headers and JWT Claims Set.
JwtEncodingException - Exception in org.springframework.security.oauth2.jwt: This exception is thrown when an error occurs while attempting to encode a JSON Web Token (JWT).
JwtEncodingException(String) - Constructor for exception org.springframework.security.oauth2.jwt.JwtEncodingException: Constructs a JwtEncodingException using the provided parameters.
JwtEncodingException(String, Throwable) - Constructor for exception org.springframework.security.oauth2.jwt.JwtEncodingException: Constructs a JwtEncodingException using the provided parameters.
JwtException - Exception in org.springframework.security.oauth2.jwt: Base exception for all JSON Web Token (JWT) related errors.
JwtException(String) - Constructor for exception org.springframework.security.oauth2.jwt.JwtException: Constructs a JwtException using the provided parameters.
JwtException(String, Throwable) - Constructor for exception org.springframework.security.oauth2.jwt.JwtException: Constructs a JwtException using the provided parameters.
JwtGrantedAuthoritiesConverter - Class in org.springframework.security.oauth2.server.resource.authentication: Extracts the GrantedAuthoritys from scope attributes typically found in a Jwt.
JwtGrantedAuthoritiesConverter() - Constructor for class org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuthoritiesConverter
JwtIssuerAuthenticationManagerResolver - Class in org.springframework.security.oauth2.server.resource.authentication: An implementation of AuthenticationManagerResolver that resolves a JWT-based AuthenticationManager based on the Issuer in a signed JWT (JWS).
JwtIssuerAuthenticationManagerResolver(String...) - Constructor for class org.springframework.security.oauth2.server.resource.authentication.JwtIssuerAuthenticationManagerResolver: Construct a JwtIssuerAuthenticationManagerResolver using the provided parameters
JwtIssuerAuthenticationManagerResolver(Collection<String>) - Constructor for class org.springframework.security.oauth2.server.resource.authentication.JwtIssuerAuthenticationManagerResolver: Construct a JwtIssuerAuthenticationManagerResolver using the provided parameters
JwtIssuerAuthenticationManagerResolver(AuthenticationManagerResolver<String>) - Constructor for class org.springframework.security.oauth2.server.resource.authentication.JwtIssuerAuthenticationManagerResolver: Construct a JwtIssuerAuthenticationManagerResolver using the provided parameters Note that the AuthenticationManagerResolver provided in this constructor will need to verify that the issuer is trusted.
JwtIssuerReactiveAuthenticationManagerResolver - Class in org.springframework.security.oauth2.server.resource.authentication: An implementation of ReactiveAuthenticationManagerResolver that resolves a JWT-based ReactiveAuthenticationManager based on the Issuer in a signed JWT (JWS).
JwtIssuerReactiveAuthenticationManagerResolver(String...) - Constructor for class org.springframework.security.oauth2.server.resource.authentication.JwtIssuerReactiveAuthenticationManagerResolver: Construct a JwtIssuerReactiveAuthenticationManagerResolver using the provided parameters
JwtIssuerReactiveAuthenticationManagerResolver(Collection<String>) - Constructor for class org.springframework.security.oauth2.server.resource.authentication.JwtIssuerReactiveAuthenticationManagerResolver: Construct a JwtIssuerReactiveAuthenticationManagerResolver using the provided parameters
JwtIssuerReactiveAuthenticationManagerResolver(ReactiveAuthenticationManagerResolver<String>) - Constructor for class org.springframework.security.oauth2.server.resource.authentication.JwtIssuerReactiveAuthenticationManagerResolver: Construct a JwtIssuerReactiveAuthenticationManagerResolver using the provided parameters Note that the ReactiveAuthenticationManagerResolver provided in this constructor will need to verify that the issuer is trusted.
JwtIssuerValidator - Class in org.springframework.security.oauth2.jwt: Validates the "iss" claim in a Jwt, that is matches a configured value
JwtIssuerValidator(String) - Constructor for class org.springframework.security.oauth2.jwt.JwtIssuerValidator: Constructs a JwtIssuerValidator using the provided parameters
jwtProcessorCustomizer(Consumer<ConfigurableJWTProcessor<JWKSecurityContext>>) - Method in class org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder.JwkSetUriReactiveJwtDecoderBuilder: Use the given Consumer to customize the ConfigurableJWTProcessor before passing it to the build NimbusReactiveJwtDecoder.
jwtProcessorCustomizer(Consumer<ConfigurableJWTProcessor<JWKSecurityContext>>) - Method in class org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder.JwkSourceReactiveJwtDecoderBuilder: Use the given Consumer to customize the ConfigurableJWTProcessor before passing it to the build NimbusReactiveJwtDecoder.
jwtProcessorCustomizer(Consumer<ConfigurableJWTProcessor<SecurityContext>>) - Method in class org.springframework.security.oauth2.jwt.NimbusJwtDecoder.JwkSetUriJwtDecoderBuilder: Use the given Consumer to customize the ConfigurableJWTProcessor before passing it to the build NimbusJwtDecoder.
jwtProcessorCustomizer(Consumer<ConfigurableJWTProcessor<SecurityContext>>) - Method in class org.springframework.security.oauth2.jwt.NimbusJwtDecoder.PublicKeyJwtDecoderBuilder: Use the given Consumer to customize the ConfigurableJWTProcessor before passing it to the build NimbusJwtDecoder.
jwtProcessorCustomizer(Consumer<ConfigurableJWTProcessor<SecurityContext>>) - Method in class org.springframework.security.oauth2.jwt.NimbusJwtDecoder.SecretKeyJwtDecoderBuilder: Use the given Consumer to customize the ConfigurableJWTProcessor before passing it to the build NimbusJwtDecoder.
jwtProcessorCustomizer(Consumer<ConfigurableJWTProcessor<SecurityContext>>) - Method in class org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder.PublicKeyReactiveJwtDecoderBuilder: Use the given Consumer to customize the ConfigurableJWTProcessor before passing it to the build NimbusReactiveJwtDecoder.
jwtProcessorCustomizer(Consumer<ConfigurableJWTProcessor<SecurityContext>>) - Method in class org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder.SecretKeyReactiveJwtDecoderBuilder: Use the given Consumer to customize the ConfigurableJWTProcessor before passing it to the build NimbusReactiveJwtDecoder.
JwtReactiveAuthenticationManager - Class in org.springframework.security.oauth2.server.resource.authentication: A ReactiveAuthenticationManager for Jwt tokens.
JwtReactiveAuthenticationManager(ReactiveJwtDecoder) - Constructor for class org.springframework.security.oauth2.server.resource.authentication.JwtReactiveAuthenticationManager
JwtSpec() - Constructor for class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpec
JwtTimestampValidator - Class in org.springframework.security.oauth2.jwt: An implementation of OAuth2TokenValidator for verifying claims in a Jwt-based access token
JwtTimestampValidator() - Constructor for class org.springframework.security.oauth2.jwt.JwtTimestampValidator: A basic instance with no custom verification and the default max clock skew
JwtTimestampValidator(Duration) - Constructor for class org.springframework.security.oauth2.jwt.JwtTimestampValidator
JwtValidationException - Exception in org.springframework.security.oauth2.jwt: An exception that results from an unsuccessful OAuth2TokenValidatorResult
JwtValidationException(String, Collection<OAuth2Error>) - Constructor for exception org.springframework.security.oauth2.jwt.JwtValidationException: Constructs a JwtValidationException using the provided parameters While each OAuth2Error does contain an error description, this constructor can take an overarching description that encapsulates the composition of failures That said, it is appropriate to pass one of the messages from the error list in as the exception description, for example:
JwtValidators - Class in org.springframework.security.oauth2.jwt: Provides factory methods for creating OAuth2TokenValidator<Jwt>

K

key(String) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer: Sets the key to identify tokens created for anonymous authentication.
key(String) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer: Sets the key to identify tokens created for remember me authentication.
key(String) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.AnonymousSpec: Sets the key to identify tokens created for anonymous authentication.
KeyBasedPersistenceTokenService - Class in org.springframework.security.core.token: Basic implementation of TokenService that is compatible with clusters and across machine restarts, without requiring database persistence.
KeyBasedPersistenceTokenService() - Constructor for class org.springframework.security.core.token.KeyBasedPersistenceTokenService
KeyGenerators - Class in org.springframework.security.crypto.keygen: Factory for commonly used key generators.
keyId(String) - Method in class org.springframework.security.oauth2.jwt.JwsHeader.Builder: Sets the key ID that is a hint indicating which key was used to secure the JWS or JWE.
KID - Static variable in class org.springframework.security.oauth2.jwt.JoseHeaderNames: kid - the key ID header is a hint indicating which key was used to secure a JWS or JWE

L

LAST - Enum constant in enum class org.springframework.security.authorization.method.AuthorizationInterceptorsOrder
LAST - Enum constant in enum class org.springframework.security.config.web.server.SecurityWebFiltersOrder
LazyCsrfTokenRepository - Class in org.springframework.security.web.csrf: Deprecated.
Use CsrfTokenRepository.loadDeferredToken(HttpServletRequest, HttpServletResponse) which returns a DeferredCsrfToken
LazyCsrfTokenRepository(CsrfTokenRepository) - Constructor for class org.springframework.security.web.csrf.LazyCsrfTokenRepository: Deprecated.

Creates a new instance
LDAP_AUTHORITIES_POPULATOR_CLASS - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
LDAP_PASSWORD_COMPARE - Static variable in class org.springframework.security.config.Elements
LDAP_PROVIDER - Static variable in class org.springframework.security.config.Elements
LDAP_SEARCH_CLASS - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
LDAP_SERVER - Static variable in class org.springframework.security.config.Elements
LDAP_USER_MAPPER_CLASS - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
LDAP_USER_SERVICE - Static variable in class org.springframework.security.config.Elements
ldapAuthentication() - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder: Add LDAP authentication to the AuthenticationManagerBuilder and return a LdapAuthenticationProviderConfigurer to allow customization of the LDAP authentication.
LdapAuthenticationProvider - Class in org.springframework.security.ldap.authentication: An AuthenticationProvider implementation that authenticates against an LDAP server.
LdapAuthenticationProvider(LdapAuthenticator) - Constructor for class org.springframework.security.ldap.authentication.LdapAuthenticationProvider: Creates an instance with the supplied authenticator and a null authorities populator.
LdapAuthenticationProvider(LdapAuthenticator, LdapAuthoritiesPopulator) - Constructor for class org.springframework.security.ldap.authentication.LdapAuthenticationProvider: Create an instance with the supplied authenticator and authorities populator implementations.
LdapAuthenticationProviderConfigurer> - Class in org.springframework.security.config.annotation.authentication.configurers.ldap: Configures LDAP AuthenticationProvider in the ProviderManagerBuilder.
LdapAuthenticationProviderConfigurer() - Constructor for class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
LdapAuthenticationProviderConfigurer.ContextSourceBuilder - Class in org.springframework.security.config.annotation.authentication.configurers.ldap: Allows building a BaseLdapPathContextSource and optionally creating an embedded LDAP instance.
LdapAuthenticationProviderConfigurer.PasswordCompareConfigurer - Class in org.springframework.security.config.annotation.authentication.configurers.ldap: Sets up Password based comparison
LdapAuthenticator - Interface in org.springframework.security.ldap.authentication: The strategy interface for locating and authenticating an Ldap user.
ldapAuthoritiesPopulator(LdapAuthoritiesPopulator) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer: Specifies the LdapAuthoritiesPopulator.
LdapAuthoritiesPopulator - Interface in org.springframework.security.ldap.userdetails: Obtains a list of granted authorities for an Ldap user.
LdapAuthority - Class in org.springframework.security.ldap.userdetails: An authority that contains at least a DN and a role name for an LDAP entry but can also contain other desired attributes to be fetched during an LDAP authority search.
LdapAuthority(String, String) - Constructor for class org.springframework.security.ldap.userdetails.LdapAuthority: Constructs an LdapAuthority that has a role and a DN but no other attributes
LdapAuthority(String, String, Map<String, List<String>>) - Constructor for class org.springframework.security.ldap.userdetails.LdapAuthority: Constructs an LdapAuthority with the given role, DN and other LDAP attributes
LdapBindAuthenticationManagerFactory - Class in org.springframework.security.config.ldap: Creates an AuthenticationManager that can perform LDAP authentication using bind authentication.
LdapBindAuthenticationManagerFactory(BaseLdapPathContextSource) - Constructor for class org.springframework.security.config.ldap.LdapBindAuthenticationManagerFactory
LdapJackson2Module - Class in org.springframework.security.ldap.jackson2: Jackson module for spring-security-ldap.
LdapJackson2Module() - Constructor for class org.springframework.security.ldap.jackson2.LdapJackson2Module
LdapPasswordComparisonAuthenticationManagerFactory - Class in org.springframework.security.config.ldap: Creates an AuthenticationManager that can perform LDAP authentication using password comparison.
LdapPasswordComparisonAuthenticationManagerFactory(BaseLdapPathContextSource, PasswordEncoder) - Constructor for class org.springframework.security.config.ldap.LdapPasswordComparisonAuthenticationManagerFactory
LdapProviderBeanDefinitionParser - Class in org.springframework.security.config.ldap: Ldap authentication provider namespace configuration.
LdapProviderBeanDefinitionParser() - Constructor for class org.springframework.security.config.ldap.LdapProviderBeanDefinitionParser
LdapServerBeanDefinitionParser - Class in org.springframework.security.config.ldap
LdapServerBeanDefinitionParser() - Constructor for class org.springframework.security.config.ldap.LdapServerBeanDefinitionParser
LdapShaPasswordEncoder - Class in org.springframework.security.crypto.password: Deprecated.
Digest based password encoding is not considered secure. Instead use an adaptive one way function like BCryptPasswordEncoder, Pbkdf2PasswordEncoder, or SCryptPasswordEncoder. Even better use DelegatingPasswordEncoder which supports password upgrades. There are no plans to remove this support. It is deprecated to indicate that this is a legacy implementation and using it is considered insecure.
LdapShaPasswordEncoder() - Constructor for class org.springframework.security.crypto.password.LdapShaPasswordEncoder: Deprecated.
LdapShaPasswordEncoder(BytesKeyGenerator) - Constructor for class org.springframework.security.crypto.password.LdapShaPasswordEncoder: Deprecated.
LdapUserDetails - Interface in org.springframework.security.ldap.userdetails: Captures the information for a user's LDAP entry.
LdapUserDetailsImpl - Class in org.springframework.security.ldap.userdetails: A UserDetails implementation which is used internally by the Ldap services.
LdapUserDetailsImpl() - Constructor for class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
LdapUserDetailsImpl.Essence - Class in org.springframework.security.ldap.userdetails: Variation of essence pattern.
LdapUserDetailsManager - Class in org.springframework.security.ldap.userdetails: An Ldap implementation of UserDetailsManager.
LdapUserDetailsManager(ContextSource) - Constructor for class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
LdapUserDetailsMapper - Class in org.springframework.security.ldap.userdetails: The context mapper used by the LDAP authentication provider to create an LDAP user object.
LdapUserDetailsMapper() - Constructor for class org.springframework.security.ldap.userdetails.LdapUserDetailsMapper
LdapUserDetailsService - Class in org.springframework.security.ldap.userdetails: LDAP implementation of UserDetailsService based around an LdapUserSearch and an LdapAuthoritiesPopulator.
LdapUserDetailsService(LdapUserSearch) - Constructor for class org.springframework.security.ldap.userdetails.LdapUserDetailsService
LdapUserDetailsService(LdapUserSearch, LdapAuthoritiesPopulator) - Constructor for class org.springframework.security.ldap.userdetails.LdapUserDetailsService
LdapUsernameToDnMapper - Interface in org.springframework.security.ldap: Constructs an Ldap Distinguished Name from a username.
LdapUserSearch - Interface in org.springframework.security.ldap.search: Obtains a user's information from the LDAP directory given a login name.
LdapUserServiceBeanDefinitionParser - Class in org.springframework.security.config.ldap
LdapUserServiceBeanDefinitionParser() - Constructor for class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
LdapUtils - Class in org.springframework.security.ldap: LDAP Utility methods.
ldif(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.ContextSourceBuilder: Specifies an ldif to load at startup for an embedded LDAP server.
ListeningSecurityContextHolderStrategy - Class in org.springframework.security.core.context: An API for notifying when the SecurityContext changes.
ListeningSecurityContextHolderStrategy(Collection<SecurityContextChangedListener>) - Constructor for class org.springframework.security.core.context.ListeningSecurityContextHolderStrategy: Construct a ListeningSecurityContextHolderStrategy based on ThreadLocalSecurityContextHolderStrategy
ListeningSecurityContextHolderStrategy(SecurityContextChangedListener...) - Constructor for class org.springframework.security.core.context.ListeningSecurityContextHolderStrategy: Construct a ListeningSecurityContextHolderStrategy based on ThreadLocalSecurityContextHolderStrategy
ListeningSecurityContextHolderStrategy(SecurityContextHolderStrategy, Collection<SecurityContextChangedListener>) - Constructor for class org.springframework.security.core.context.ListeningSecurityContextHolderStrategy: Construct a ListeningSecurityContextHolderStrategy
ListeningSecurityContextHolderStrategy(SecurityContextHolderStrategy, SecurityContextChangedListener...) - Constructor for class org.springframework.security.core.context.ListeningSecurityContextHolderStrategy: Construct a ListeningSecurityContextHolderStrategy
load(MvcResult) - Method in class org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.AuthenticatedMatcher
load(ServerWebExchange) - Method in class org.springframework.security.web.server.context.NoOpServerSecurityContextRepository
load(ServerWebExchange) - Method in interface org.springframework.security.web.server.context.ServerSecurityContextRepository: Loads the SecurityContext associated with the ServerWebExchange
load(ServerWebExchange) - Method in class org.springframework.security.web.server.context.WebSessionServerSecurityContextRepository
loadAuthenticationRequest(HttpServletRequest) - Method in class org.springframework.security.saml2.provider.service.web.HttpSessionSaml2AuthenticationRequestRepository
loadAuthenticationRequest(HttpServletRequest) - Method in interface org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestRepository: Loads the AbstractSaml2AuthenticationRequest from the request
loadAuthorizationRequest(HttpServletRequest) - Method in interface org.springframework.security.oauth2.client.web.AuthorizationRequestRepository: Returns the OAuth2AuthorizationRequest associated to the provided HttpServletRequest or null if not available.
loadAuthorizationRequest(HttpServletRequest) - Method in class org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizationRequestRepository
loadAuthorizationRequest(ServerWebExchange) - Method in interface org.springframework.security.oauth2.client.web.server.ServerAuthorizationRequestRepository: Returns the OAuth2AuthorizationRequest associated to the provided HttpServletRequest or null if not available.
loadAuthorizationRequest(ServerWebExchange) - Method in class org.springframework.security.oauth2.client.web.server.WebSessionOAuth2ServerAuthorizationRequestRepository
loadAuthorizedClient(String, String) - Method in class org.springframework.security.oauth2.client.InMemoryOAuth2AuthorizedClientService
loadAuthorizedClient(String, String) - Method in class org.springframework.security.oauth2.client.InMemoryReactiveOAuth2AuthorizedClientService
loadAuthorizedClient(String, String) - Method in class org.springframework.security.oauth2.client.JdbcOAuth2AuthorizedClientService
loadAuthorizedClient(String, String) - Method in interface org.springframework.security.oauth2.client.OAuth2AuthorizedClientService: Returns the OAuth2AuthorizedClient associated to the provided client registration identifier and End-User's Principal name or null if not available.
loadAuthorizedClient(String, String) - Method in class org.springframework.security.oauth2.client.R2dbcReactiveOAuth2AuthorizedClientService
loadAuthorizedClient(String, String) - Method in interface org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientService: Returns the OAuth2AuthorizedClient associated to the provided client registration identifier and End-User's Principal name or null if not available.
loadAuthorizedClient(String, Authentication, HttpServletRequest) - Method in class org.springframework.security.oauth2.client.web.AuthenticatedPrincipalOAuth2AuthorizedClientRepository
loadAuthorizedClient(String, Authentication, HttpServletRequest) - Method in class org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizedClientRepository
loadAuthorizedClient(String, Authentication, HttpServletRequest) - Method in interface org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository: Returns the OAuth2AuthorizedClient associated to the provided client registration identifier and End-User Authentication (Resource Owner) or null if not available.
loadAuthorizedClient(String, Authentication, ServerWebExchange) - Method in class org.springframework.security.oauth2.client.web.server.AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository
loadAuthorizedClient(String, Authentication, ServerWebExchange) - Method in interface org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository: Returns the OAuth2AuthorizedClient associated to the provided client registration identifier and End-User Authentication (Resource Owner) or null if not available.
loadAuthorizedClient(String, Authentication, ServerWebExchange) - Method in class org.springframework.security.oauth2.client.web.server.WebSessionServerOAuth2AuthorizedClientRepository
loadContext(HttpRequestResponseHolder) - Method in class org.springframework.security.web.context.DelegatingSecurityContextRepository
loadContext(HttpRequestResponseHolder) - Method in class org.springframework.security.web.context.HttpSessionSecurityContextRepository: Gets the security context for the current request (if available) and returns it.
loadContext(HttpRequestResponseHolder) - Method in class org.springframework.security.web.context.NullSecurityContextRepository
loadContext(HttpRequestResponseHolder) - Method in class org.springframework.security.web.context.RequestAttributeSecurityContextRepository
loadContext(HttpRequestResponseHolder) - Method in interface org.springframework.security.web.context.SecurityContextRepository: Deprecated.
Use SecurityContextRepository.loadDeferredContext(HttpServletRequest) instead.
loadDeferredContext(HttpServletRequest) - Method in class org.springframework.security.web.context.DelegatingSecurityContextRepository
loadDeferredContext(HttpServletRequest) - Method in class org.springframework.security.web.context.HttpSessionSecurityContextRepository
loadDeferredContext(HttpServletRequest) - Method in class org.springframework.security.web.context.RequestAttributeSecurityContextRepository
loadDeferredContext(HttpServletRequest) - Method in interface org.springframework.security.web.context.SecurityContextRepository: Defers loading the SecurityContext using the HttpServletRequest until it is needed by the application.
loadDeferredToken(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.csrf.CsrfTokenRepository: Defers loading the CsrfToken using the HttpServletRequest and HttpServletResponse until it is needed by the application.
loadGroupAuthorities(String) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl: Loads authorities by executing the SQL from groupAuthoritiesByUsernameQuery.
loadLogoutRequest(HttpServletRequest) - Method in class org.springframework.security.saml2.provider.service.web.authentication.logout.HttpSessionLogoutRequestRepository: Returns the Saml2LogoutRequest associated to the provided HttpServletRequest or null if not available.
loadLogoutRequest(HttpServletRequest) - Method in interface org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutRequestRepository: Returns the Saml2LogoutRequest associated to the provided HttpServletRequest or null if not available.
loadToken(HttpServletRequest) - Method in class org.springframework.security.web.csrf.CookieCsrfTokenRepository
loadToken(HttpServletRequest) - Method in interface org.springframework.security.web.csrf.CsrfTokenRepository: Loads the expected CsrfToken from the HttpServletRequest
loadToken(HttpServletRequest) - Method in class org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository
loadToken(HttpServletRequest) - Method in class org.springframework.security.web.csrf.LazyCsrfTokenRepository: Deprecated.

Delegates to the injected CsrfTokenRepository
loadToken(ServerWebExchange) - Method in class org.springframework.security.web.server.csrf.CookieServerCsrfTokenRepository
loadToken(ServerWebExchange) - Method in interface org.springframework.security.web.server.csrf.ServerCsrfTokenRepository: Loads the expected CsrfToken from the ServerWebExchange
loadToken(ServerWebExchange) - Method in class org.springframework.security.web.server.csrf.WebSessionServerCsrfTokenRepository
loadUser(OidcUserRequest) - Method in class org.springframework.security.oauth2.client.oidc.userinfo.OidcReactiveOAuth2UserService
loadUser(OidcUserRequest) - Method in class org.springframework.security.oauth2.client.oidc.userinfo.OidcUserService
loadUser(OAuth2UserRequest) - Method in class org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService
loadUser(OAuth2UserRequest) - Method in class org.springframework.security.oauth2.client.userinfo.DefaultReactiveOAuth2UserService
loadUser(R) - Method in class org.springframework.security.oauth2.client.userinfo.DelegatingOAuth2UserService
loadUser(R) - Method in interface org.springframework.security.oauth2.client.userinfo.OAuth2UserService: Returns an OAuth2User after obtaining the user attributes of the End-User from the UserInfo Endpoint.
loadUser(R) - Method in interface org.springframework.security.oauth2.client.userinfo.ReactiveOAuth2UserService: Returns an OAuth2User after obtaining the user attributes of the End-User from the UserInfo Endpoint.
loadUserAuthorities(String) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl: Loads authorities by executing the SQL from authoritiesByUsernameQuery.
loadUserAuthorities(DirContextOperations, String, String) - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
loadUserAuthorities(DirContextOperations, String, String) - Method in class org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider: Creates the user authority list from the values of the memberOf attribute obtained from the user's Active Directory entry.
loadUserAuthorities(DirContextOperations, String, String) - Method in class org.springframework.security.ldap.authentication.LdapAuthenticationProvider
loadUserByUsername(String) - Method in class org.springframework.security.authentication.CachingUserDetailsService
loadUserByUsername(String) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
loadUserByUsername(String) - Method in interface org.springframework.security.core.userdetails.UserDetailsService: Locates the user based on the username.
loadUserByUsername(String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
loadUserByUsername(String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsService
loadUserByUsername(String) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
loadUserDetails(PreAuthenticatedAuthenticationToken) - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesUserDetailsService: Get a UserDetails object based on the user name contained in the given token, and the GrantedAuthorities as returned by the GrantedAuthoritiesContainer implementation as returned by the token.getDetails() method.
loadUserDetails(T) - Method in interface org.springframework.security.core.userdetails.AuthenticationUserDetailsService
loadUserDetails(T) - Method in class org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper: Get the UserDetails object from the wrapped UserDetailsService implementation
loadUsersByUsername(String) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl: Executes the SQL usersByUsernameQuery and returns a list of UserDetails objects.
loadUsersByUsername(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager: Executes the SQL usersByUsernameQuery and returns a list of UserDetails objects.
lobHandler - Variable in class org.springframework.security.oauth2.client.JdbcOAuth2AuthorizedClientService
lobHandler - Variable in class org.springframework.security.oauth2.client.JdbcOAuth2AuthorizedClientService.OAuth2AuthorizedClientRowMapper
locale(String) - Method in class org.springframework.security.oauth2.core.oidc.OidcUserInfo.Builder: Use this locale in the resulting OidcUserInfo
LOCALE - Static variable in class org.springframework.security.oauth2.core.oidc.StandardClaimNames: locale - the user's locale
locality(String) - Method in class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim.Builder: Sets the city or locality.
location(String) - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest.Builder: Use this location for the SAML 2.0 logout endpoint By default, the asserting party's endpoint is used
location(String) - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponse.Builder: Use this location for the SAML 2.0 logout endpoint By default, the asserting party's endpoint is used
LockedException - Exception in org.springframework.security.authentication: Thrown if an authentication request is rejected because the account is locked.
LockedException(String) - Constructor for exception org.springframework.security.authentication.LockedException: Constructs a LockedException with the specified message.
LockedException(String, Throwable) - Constructor for exception org.springframework.security.authentication.LockedException: Constructs a LockedException with the specified message and root cause.
log - Static variable in class org.springframework.security.acls.jdbc.JdbcAclService
log - Variable in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
log - Static variable in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider
log - Variable in class org.springframework.security.web.header.writers.frameoptions.AbstractRequestParameterAllowFromStrategy: Deprecated.

Logger for use by subclasses
logger - Variable in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
logger - Variable in class org.springframework.security.access.expression.method.ExpressionBasedPostInvocationAdvice: Deprecated.
logger - Variable in class org.springframework.security.access.intercept.AbstractSecurityInterceptor: Deprecated.
logger - Static variable in class org.springframework.security.access.intercept.AfterInvocationProviderManager: Deprecated.
logger - Static variable in class org.springframework.security.access.intercept.MethodInvocationPrivilegeEvaluator: Deprecated.
logger - Variable in class org.springframework.security.access.method.AbstractMethodSecurityMetadataSource: Deprecated.
logger - Variable in class org.springframework.security.access.prepost.PostInvocationAdviceProvider: Deprecated.
logger - Variable in class org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter: Deprecated.
logger - Variable in class org.springframework.security.access.vote.AbstractAccessDecisionManager: Deprecated.
logger - Static variable in class org.springframework.security.acls.afterinvocation.AclEntryAfterInvocationCollectionFilteringProvider
logger - Static variable in class org.springframework.security.acls.afterinvocation.AclEntryAfterInvocationProvider
logger - Variable in class org.springframework.security.authentication.AbstractUserDetailsReactiveAuthenticationManager
logger - Variable in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
logger - Variable in class org.springframework.security.config.http.FormLoginBeanDefinitionParser
logger - Variable in class org.springframework.security.core.session.SessionRegistryImpl
logger - Variable in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
logger - Variable in class org.springframework.security.ldap.DefaultSpringSecurityContextSource
logger - Variable in class org.springframework.security.messaging.util.matcher.AbstractMessageMatcherComposite
logger - Variable in class org.springframework.security.provisioning.InMemoryUserDetailsManager
logger - Variable in class org.springframework.security.provisioning.JdbcUserDetailsManager
logger - Static variable in class org.springframework.security.taglibs.authz.AccessControlListTag
logger - Static variable in class org.springframework.security.web.access.AccessDeniedHandlerImpl
logger - Variable in class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
logger - Static variable in class org.springframework.security.web.access.DefaultWebInvocationPrivilegeEvaluator: Deprecated.
logger - Variable in class org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource
logger - Variable in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
logger - Variable in class org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler
logger - Variable in class org.springframework.security.web.authentication.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource
logger - Variable in class org.springframework.security.web.authentication.preauth.j2ee.WebXmlMappableAttributesRetriever
logger - Variable in class org.springframework.security.web.authentication.preauth.x509.SubjectDnX509PrincipalExtractor
logger - Variable in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
logger - Variable in class org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler
logger - Variable in class org.springframework.security.web.authentication.session.AbstractSessionFixationProtectionStrategy
logger - Variable in class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
logger - Variable in class org.springframework.security.web.context.HttpSessionSecurityContextRepository
logger - Variable in class org.springframework.security.web.DefaultRedirectStrategy
logger - Variable in class org.springframework.security.web.savedrequest.CookieRequestCache
logger - Static variable in class org.springframework.security.web.savedrequest.DefaultSavedRequest
logger - Variable in class org.springframework.security.web.savedrequest.HttpSessionRequestCache
logger - Variable in class org.springframework.security.web.server.authentication.ServerX509AuthenticationConverter
LOGGER - Variable in class org.springframework.security.messaging.util.matcher.AbstractMessageMatcherComposite: Deprecated.
since 5.4 in favor of AbstractMessageMatcherComposite.logger
LoggerListener - Class in org.springframework.security.access.event: Deprecated.
Logging is now embedded in Spring Security components. If you need further logging, please consider using your own ApplicationListener
LoggerListener - Class in org.springframework.security.authentication.event: Outputs authentication-related application events to Commons Logging.
LoggerListener() - Constructor for class org.springframework.security.access.event.LoggerListener: Deprecated.
LoggerListener() - Constructor for class org.springframework.security.authentication.event.LoggerListener
logIfNeeded(boolean, AccessControlEntry) - Method in interface org.springframework.security.acls.domain.AuditLogger
logIfNeeded(boolean, AccessControlEntry) - Method in class org.springframework.security.acls.domain.ConsoleAuditLogger
login() - Method in class org.springframework.security.authentication.jaas.SecurityContextLoginModule: Authenticate the Subject (phase one) by extracting the Spring Security Authentication from the current SecurityContext.
LOGIN_PAGE_GENERATING - Enum constant in enum class org.springframework.security.config.web.server.SecurityWebFiltersOrder
LoginExceptionResolver - Interface in org.springframework.security.authentication.jaas: The JaasAuthenticationProvider takes an instance of LoginExceptionResolver to resolve LoginModule specific exceptions to Spring Security AuthenticationExceptions.
loginFail(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.NullRememberMeServices
loginFail(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
loginFail(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.authentication.RememberMeServices: Called whenever an interactive authentication attempt was made, but the credentials supplied by the user were missing or otherwise invalid.
loginPage(String) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer: Specifies the URL to send users to if login is required.
loginPage(String) - Method in class org.springframework.security.config.annotation.web.configurers.FormLoginConfigurer: Specifies the URL to send users to if login is required.
loginPage(String) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer
loginPage(String) - Method in class org.springframework.security.config.annotation.web.configurers.saml2.Saml2LoginConfigurer
loginPage(String) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.FormLoginSpec: Configures the log in page to redirect to, the authentication failure page, and when authentication is performed.
LoginPageGeneratingWebFilter - Class in org.springframework.security.web.server.ui: Generates a default log in page used for authenticating users.
LoginPageGeneratingWebFilter() - Constructor for class org.springframework.security.web.server.ui.LoginPageGeneratingWebFilter
loginProcessingUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer: Specifies the URL to validate the credentials.
loginProcessingUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer
loginProcessingUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.saml2.Saml2LoginConfigurer: Specifies the URL to validate the credentials.
loginProcessingUrl(String) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.FormLoginRequestBuilder: Specifies the URL to POST to.
loginProcessingUrl(String, Object...) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.FormLoginRequestBuilder: Specifies the URL to POST to.
loginSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.NullRememberMeServices
loginSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices: Called whenever an interactive authentication attempt is successful.
loginSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in interface org.springframework.security.web.authentication.RememberMeServices: Called whenever an interactive authentication attempt is successful.
LoginUrlAuthenticationEntryPoint - Class in org.springframework.security.web.authentication: Used by the ExceptionTranslationFilter to commence a form login authentication via the UsernamePasswordAuthenticationFilter.
LoginUrlAuthenticationEntryPoint(String) - Constructor for class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
logout() - Method in class org.springframework.security.authentication.jaas.SecurityContextLoginModule: Log out the Subject.
logout() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Provides logout support.
logout() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Configures log out.
logout() - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders: Creates a logout request.
logout(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.logout.CompositeLogoutHandler
logout(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.logout.CookieClearingLogoutHandler
logout(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.logout.HeaderWriterLogoutHandler
logout(HttpServletRequest, HttpServletResponse, Authentication) - Method in interface org.springframework.security.web.authentication.logout.LogoutHandler: Causes a logout to be completed.
logout(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.logout.LogoutSuccessEventPublishingLogoutHandler
logout(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler: Requires the request to be passed in.
logout(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices: Implementation of LogoutHandler.
logout(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices
logout(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.csrf.CsrfLogoutHandler: Clears the CsrfToken
logout(String) - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders: Creates a logout request (including any necessary CsrfToken) to the specified logoutUrl
logout(Customizer<LogoutConfigurer<HttpSecurity>>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Provides logout support.
logout(Customizer<ServerHttpSecurity.LogoutSpec>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Configures log out.
logout(WebFilterExchange, Authentication) - Method in class org.springframework.security.web.server.authentication.logout.DelegatingServerLogoutHandler
logout(WebFilterExchange, Authentication) - Method in class org.springframework.security.web.server.authentication.logout.HeaderWriterServerLogoutHandler
logout(WebFilterExchange, Authentication) - Method in class org.springframework.security.web.server.authentication.logout.SecurityContextServerLogoutHandler
logout(WebFilterExchange, Authentication) - Method in interface org.springframework.security.web.server.authentication.logout.ServerLogoutHandler: Invoked when log out is requested
logout(WebFilterExchange, Authentication) - Method in class org.springframework.security.web.server.authentication.logout.WebSessionServerLogoutHandler
logout(WebFilterExchange, Authentication) - Method in class org.springframework.security.web.server.csrf.CsrfServerLogoutHandler: Clears the CsrfToken
LOGOUT - Enum constant in enum class org.springframework.security.config.web.server.SecurityWebFiltersOrder
LOGOUT - Static variable in class org.springframework.security.config.Elements
LOGOUT_PAGE_GENERATING - Enum constant in enum class org.springframework.security.config.web.server.SecurityWebFiltersOrder
LogoutConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers: Adds logout support.
LogoutConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer: Creates a new instance
LogoutFilter - Class in org.springframework.security.web.authentication.logout: Logs a principal out.
LogoutFilter(String, LogoutHandler...) - Constructor for class org.springframework.security.web.authentication.logout.LogoutFilter
LogoutFilter(LogoutSuccessHandler, LogoutHandler...) - Constructor for class org.springframework.security.web.authentication.logout.LogoutFilter: Constructor which takes a LogoutSuccessHandler instance to determine the target destination after logging out.
logoutHandler(ServerLogoutHandler) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.LogoutSpec: Configures the logout handler.
LogoutHandler - Interface in org.springframework.security.web.authentication.logout: Indicates a class that is able to participate in logout handling.
LogoutPageGeneratingWebFilter - Class in org.springframework.security.web.server.ui: Generates a default log out page.
LogoutPageGeneratingWebFilter() - Constructor for class org.springframework.security.web.server.ui.LogoutPageGeneratingWebFilter
logoutRequest() - Method in class org.springframework.security.config.annotation.web.configurers.saml2.Saml2LogoutConfigurer: Get configurer for SAML 2.0 Logout Request components
logoutRequest(Customizer<Saml2LogoutConfigurer.LogoutRequestConfigurer>) - Method in class org.springframework.security.config.annotation.web.configurers.saml2.Saml2LogoutConfigurer: Configures SAML 2.0 Logout Request components
logoutRequestMatcher(RequestMatcher) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer: The RequestMatcher that triggers log out to occur.
LogoutRequestParameters(HttpServletRequest, RelyingPartyRegistration, Authentication, LogoutRequest) - Constructor for class org.springframework.security.saml2.provider.service.web.authentication.logout.OpenSaml4LogoutRequestResolver.LogoutRequestParameters
logoutRequestRepository(Saml2LogoutRequestRepository) - Method in class org.springframework.security.config.annotation.web.configurers.saml2.Saml2LogoutConfigurer.LogoutRequestConfigurer: Use this Saml2LogoutRequestRepository for storing logout requests
logoutRequestResolver(Saml2LogoutRequestResolver) - Method in class org.springframework.security.config.annotation.web.configurers.saml2.Saml2LogoutConfigurer.LogoutRequestConfigurer: Use this Saml2LogoutRequestResolver for producing a logout request to send to the asserting party
logoutRequestValidator(Saml2LogoutRequestValidator) - Method in class org.springframework.security.config.annotation.web.configurers.saml2.Saml2LogoutConfigurer.LogoutRequestConfigurer: Use this LogoutHandler for processing a logout request from the asserting party
logoutResponse() - Method in class org.springframework.security.config.annotation.web.configurers.saml2.Saml2LogoutConfigurer: Get configurer for SAML 2.0 Logout Response components
logoutResponse(Customizer<Saml2LogoutConfigurer.LogoutResponseConfigurer>) - Method in class org.springframework.security.config.annotation.web.configurers.saml2.Saml2LogoutConfigurer: Configures SAML 2.0 Logout Request components
LogoutResponseParameters(HttpServletRequest, RelyingPartyRegistration, Authentication, LogoutResponse) - Constructor for class org.springframework.security.saml2.provider.service.web.authentication.logout.OpenSaml4LogoutResponseResolver.LogoutResponseParameters
logoutResponseResolver(Saml2LogoutResponseResolver) - Method in class org.springframework.security.config.annotation.web.configurers.saml2.Saml2LogoutConfigurer.LogoutResponseConfigurer: Use this Saml2LogoutRequestResolver for producing a logout response to send to the asserting party
logoutResponseValidator(Saml2LogoutResponseValidator) - Method in class org.springframework.security.config.annotation.web.configurers.saml2.Saml2LogoutConfigurer.LogoutResponseConfigurer: Use this LogoutHandler for processing a logout response from the asserting party
LogoutSuccessEvent - Class in org.springframework.security.authentication.event: Application event which indicates successful logout
LogoutSuccessEvent(Authentication) - Constructor for class org.springframework.security.authentication.event.LogoutSuccessEvent
LogoutSuccessEventPublishingLogoutHandler - Class in org.springframework.security.web.authentication.logout: A logout handler which publishes LogoutSuccessEvent
LogoutSuccessEventPublishingLogoutHandler() - Constructor for class org.springframework.security.web.authentication.logout.LogoutSuccessEventPublishingLogoutHandler
logoutSuccessHandler(LogoutSuccessHandler) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer: Sets the LogoutSuccessHandler to use.
logoutSuccessHandler(ServerLogoutSuccessHandler) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.LogoutSpec
LogoutSuccessHandler - Interface in org.springframework.security.web.authentication.logout: Strategy that is called after a successful logout by the LogoutFilter, to handle redirection or forwarding to the appropriate destination.
logoutSuccessUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer: The URL to redirect to after logout has occurred.
logoutUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer: The URL that triggers log out to occur (default is "/logout").
logoutUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.saml2.Saml2LogoutConfigurer.LogoutRequestConfigurer: The URL by which the asserting party can send a SAML 2.0 Logout Request
logoutUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.saml2.Saml2LogoutConfigurer.LogoutResponseConfigurer: The URL by which the asserting party can send a SAML 2.0 Logout Response
logoutUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.saml2.Saml2LogoutConfigurer: The URL by which the relying or asserting party can trigger logout.
logoutUrl(String) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.LogoutSpec: Configures what URL a POST to will trigger a log out.
logoutUrl(String) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.LogoutRequestBuilder: Specifies the logout URL to POST to.
logoutUrl(String, Object...) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.LogoutRequestBuilder: Specifies the logout URL to POST to.
LogoutWebFilter - Class in org.springframework.security.web.server.authentication.logout: If the request matches, logs an authenticated user out by delegating to a ServerLogoutHandler.
LogoutWebFilter() - Constructor for class org.springframework.security.web.server.authentication.logout.LogoutWebFilter
lookupHttpPort(Integer) - Method in interface org.springframework.security.web.PortMapper: Locates the HTTP port associated with the specified HTTPS port.
lookupHttpPort(Integer) - Method in class org.springframework.security.web.PortMapperImpl
lookupHttpsPort(Integer) - Method in interface org.springframework.security.web.PortMapper: Locates the HTTPS port associated with the specified HTTP port.
lookupHttpsPort(Integer) - Method in class org.springframework.security.web.PortMapperImpl
LookupStrategy - Interface in org.springframework.security.acls.jdbc: Performs lookups for AclService.

M

macAlgorithm(MacAlgorithm) - Method in class org.springframework.security.oauth2.jwt.NimbusJwtDecoder.SecretKeyJwtDecoderBuilder: Use the given algorithm when generating the MAC.
macAlgorithm(MacAlgorithm) - Method in class org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder.SecretKeyReactiveJwtDecoderBuilder: Use the given algorithm when generating the MAC.
MacAlgorithm - Enum Class in org.springframework.security.oauth2.jose.jws: An enumeration of the cryptographic algorithms defined by the JSON Web Algorithms (JWA) specification and used by JSON Web Signature (JWS) to create a MAC of the contents of the JWS Protected Header and JWS Payload.
makeTokenSignature(long, String, String) - Method in class org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices: Calculates the digital signature to be put in the cookie.
makeTokenSignature(long, String, String, TokenBasedRememberMeServices.RememberMeTokenAlgorithm) - Method in class org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices: Calculates the digital signature to be put in the cookie.
MALFORMED_REQUEST_DATA - Static variable in class org.springframework.security.saml2.core.Saml2ErrorCodes: The serialized AuthNRequest could not be deserialized correctly.
MALFORMED_RESPONSE_DATA - Static variable in class org.springframework.security.saml2.core.Saml2ErrorCodes: The response data is malformed or incomplete.
managerDn(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.ContextSourceBuilder: Username (DN) of the "manager" user identity (i.e.
managerPassword(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.ContextSourceBuilder: The password for the manager DN.
mapAuthorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.access.hierarchicalroles.RoleHierarchyAuthoritiesMapper
mapAuthorities(Collection<? extends GrantedAuthority>) - Method in interface org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper
mapAuthorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.core.authority.mapping.NullAuthoritiesMapper
mapAuthorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.core.authority.mapping.SimpleAuthorityMapper: Creates a mapping of the supplied authorities based on the case-conversion and prefix settings.
MapBasedAttributes2GrantedAuthoritiesMapper - Class in org.springframework.security.core.authority.mapping: This class implements the Attributes2GrantedAuthoritiesMapper and MappableAttributesRetriever interfaces based on the supplied Map.
MapBasedAttributes2GrantedAuthoritiesMapper() - Constructor for class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
MapBasedMethodSecurityMetadataSource - Class in org.springframework.security.access.method: Deprecated.
Use the use-authorization-manager attribute for <method-security> and <intercept-methods> instead or use annotation-based or AuthorizationManager-based authorization
MapBasedMethodSecurityMetadataSource() - Constructor for class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource: Deprecated.
MapBasedMethodSecurityMetadataSource(Map<String, List<ConfigAttribute>>) - Constructor for class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource: Deprecated.

Creates the MapBasedMethodSecurityMetadataSource from a
MappableAttributesRetriever - Interface in org.springframework.security.core.authority.mapping: Interface to be implemented by classes that can retrieve a list of mappable security attribute strings (for example the list of all available J2EE roles in a web or EJB application).
mappableAuthorities(String...) - Method in class org.springframework.security.config.annotation.web.configurers.JeeConfigurer: Specifies roles to use map from the HttpServletRequest to the UserDetails.
mappableAuthorities(Set<String>) - Method in class org.springframework.security.config.annotation.web.configurers.JeeConfigurer: Specifies roles to use map from the HttpServletRequest to the UserDetails.
mappableRoles(String...) - Method in class org.springframework.security.config.annotation.web.configurers.JeeConfigurer: Specifies roles to use map from the HttpServletRequest to the UserDetails and automatically prefixes it with "ROLE_".
mapPassword(Object) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsMapper: Extension point to allow customized creation of the user's password from the attribute stored in the directory.
MappedJwtClaimSetConverter - Class in org.springframework.security.oauth2.jwt: Converts a JWT claim set, claim by claim.
MappedJwtClaimSetConverter(Map<String, Converter<Object, ?>>) - Constructor for class org.springframework.security.oauth2.jwt.MappedJwtClaimSetConverter: Constructs a MappedJwtClaimSetConverter with the provided arguments This will completely replace any set of default converters.
mappings(Consumer<List<RequestMatcherEntry<AuthorizationManager<RequestAuthorizationContext>>>>) - Method in class org.springframework.security.web.access.intercept.RequestMatcherDelegatingAuthorizationManager.Builder: Allows to configure the RequestMatcher to AuthorizationManager mappings.
MapReactiveUserDetailsService - Class in org.springframework.security.core.userdetails: A Map based implementation of ReactiveUserDetailsService
MapReactiveUserDetailsService(Collection<UserDetails>) - Constructor for class org.springframework.security.core.userdetails.MapReactiveUserDetailsService: Creates a new instance
MapReactiveUserDetailsService(Map<String, UserDetails>) - Constructor for class org.springframework.security.core.userdetails.MapReactiveUserDetailsService: Creates a new instance using a Map that must be non blocking.
MapReactiveUserDetailsService(UserDetails...) - Constructor for class org.springframework.security.core.userdetails.MapReactiveUserDetailsService: Creates a new instance
mapRow(ResultSet, int) - Method in class org.springframework.security.oauth2.client.JdbcOAuth2AuthorizedClientService.OAuth2AuthorizedClientRowMapper
mapsTo(int) - Method in class org.springframework.security.config.annotation.web.configurers.PortMapperConfigurer.HttpPortMapping: Maps the given HTTP port to the provided HTTPS port and vice versa.
mapUserFromContext(DirContextOperations, String, Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.ldap.userdetails.InetOrgPersonContextMapper
mapUserFromContext(DirContextOperations, String, Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsMapper
mapUserFromContext(DirContextOperations, String, Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.ldap.userdetails.PersonContextMapper
mapUserFromContext(DirContextOperations, String, Collection<? extends GrantedAuthority>) - Method in interface org.springframework.security.ldap.userdetails.UserDetailsContextMapper: Creates a fully populated UserDetails object for use by the security framework.
mapUserToContext(UserDetails, DirContextAdapter) - Method in class org.springframework.security.ldap.userdetails.InetOrgPersonContextMapper
mapUserToContext(UserDetails, DirContextAdapter) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsMapper
mapUserToContext(UserDetails, DirContextAdapter) - Method in class org.springframework.security.ldap.userdetails.PersonContextMapper
mapUserToContext(UserDetails, DirContextAdapter) - Method in interface org.springframework.security.ldap.userdetails.UserDetailsContextMapper: Reverse of the above operation.
mask - Variable in class org.springframework.security.acls.domain.AbstractPermission
match() - Static method in class org.springframework.security.rsocket.util.matcher.PayloadExchangeMatcher.MatchResult: Creates an instance of PayloadExchangeMatcher.MatchResult that is a match with no variables
match() - Static method in class org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher.MatchResult: Creates an instance of ServerWebExchangeMatcher.MatchResult that is a match with no variables
match() - Static method in class org.springframework.security.web.util.matcher.RequestMatcher.MatchResult: Creates an instance of RequestMatcher.MatchResult that is a match with no variables
match(Map<String, ? extends Object>) - Static method in class org.springframework.security.rsocket.util.matcher.PayloadExchangeMatcher.MatchResult: Creates an instance of PayloadExchangeMatcher.MatchResult that is a match with the specified variables
match(Map<String, Object>) - Static method in class org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher.MatchResult: Creates an instance of ServerWebExchangeMatcher.MatchResult that is a match with the specified variables
match(Map<String, String>) - Static method in class org.springframework.security.web.util.matcher.RequestMatcher.MatchResult: Creates an instance of RequestMatcher.MatchResult that is a match with the specified variables
match(MvcResult) - Method in class org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.AuthenticatedMatcher
matcher(HttpServletRequest) - Method in class org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher
matcher(HttpServletRequest) - Method in class org.springframework.security.web.util.matcher.AntPathRequestMatcher
matcher(HttpServletRequest) - Method in interface org.springframework.security.web.util.matcher.RequestMatcher: Returns a MatchResult for this RequestMatcher The default implementation returns Collections.emptyMap() when RequestMatcher.MatchResult.getVariables() is invoked.
matcher(PayloadExchangeMatcher) - Method in class org.springframework.security.config.annotation.rsocket.RSocketSecurity.AuthorizePayloadsSpec
matchers - Variable in class org.springframework.security.config.annotation.web.builders.HttpSecurity.RequestMatcherConfigurer
matchers(MessageMatcher<?>...) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry: Deprecated.

Maps a List of MessageMatcher instances to a security expression.
matchers(MessageMatcher<?>...) - Method in class org.springframework.security.messaging.access.intercept.MessageMatcherDelegatingAuthorizationManager.Builder: Maps a List of MessageMatcher instances to a security expression.
matchers(ServerWebExchangeMatcher...) - Method in class org.springframework.security.config.web.server.AbstractServerWebExchangeMatcherRegistry: Associates a list of ServerWebExchangeMatcher instances
matchers(ServerWebExchangeMatcher...) - Static method in class org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers: Creates a matcher that will match on any of the provided matchers
MatcherSecurityWebFilterChain - Class in org.springframework.security.web.server: A SecurityWebFilterChain that leverages a ServerWebExchangeMatcher to determine which WebFilter to execute.
MatcherSecurityWebFilterChain(ServerWebExchangeMatcher, List<WebFilter>) - Constructor for class org.springframework.security.web.server.MatcherSecurityWebFilterChain
MatcherType - Enum Class in org.springframework.security.config.http: Defines the RequestMatcher types supported by the namespace.
matches(byte[], byte[]) - Static method in class org.springframework.security.crypto.password.AbstractPasswordEncoder: Constant time comparison to prevent against timing attacks.
matches(HttpServletRequest) - Method in class org.springframework.security.web.DefaultSecurityFilterChain
matches(HttpServletRequest) - Method in interface org.springframework.security.web.SecurityFilterChain
matches(HttpServletRequest) - Method in class org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher
matches(HttpServletRequest) - Method in class org.springframework.security.web.util.matcher.AndRequestMatcher
matches(HttpServletRequest) - Method in class org.springframework.security.web.util.matcher.AntPathRequestMatcher: Returns true if the configured pattern (and HTTP-Method) match those of the supplied request.
matches(HttpServletRequest) - Method in class org.springframework.security.web.util.matcher.AnyRequestMatcher
matches(HttpServletRequest) - Method in class org.springframework.security.web.util.matcher.DispatcherTypeRequestMatcher: Performs the match against the request's method and dispatcher type.
matches(HttpServletRequest) - Method in class org.springframework.security.web.util.matcher.ELRequestMatcher
matches(HttpServletRequest) - Method in class org.springframework.security.web.util.matcher.IpAddressMatcher
matches(HttpServletRequest) - Method in class org.springframework.security.web.util.matcher.MediaTypeRequestMatcher
matches(HttpServletRequest) - Method in class org.springframework.security.web.util.matcher.NegatedRequestMatcher
matches(HttpServletRequest) - Method in class org.springframework.security.web.util.matcher.OrRequestMatcher
matches(HttpServletRequest) - Method in class org.springframework.security.web.util.matcher.RegexRequestMatcher: Performs the match of the request URL (servletPath + pathInfo + queryString ) against the compiled pattern.
matches(HttpServletRequest) - Method in class org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher
matches(HttpServletRequest) - Method in interface org.springframework.security.web.util.matcher.RequestMatcher: Decides whether the rule implemented by the strategy matches the supplied request.
matches(CharSequence, String) - Method in class org.springframework.security.crypto.argon2.Argon2PasswordEncoder
matches(CharSequence, String) - Method in class org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
matches(CharSequence, String) - Method in class org.springframework.security.crypto.password.AbstractPasswordEncoder
matches(CharSequence, String) - Method in class org.springframework.security.crypto.password.DelegatingPasswordEncoder
matches(CharSequence, String) - Method in class org.springframework.security.crypto.password.LdapShaPasswordEncoder: Deprecated.

Checks the validity of an unencoded password against an encoded one in the form "{SSHA}sQuQF8vj8Eg2Y1hPdh3bkQhCKQBgjhQI".
matches(CharSequence, String) - Method in class org.springframework.security.crypto.password.Md4PasswordEncoder: Deprecated.

Takes a previously encoded password and compares it with a rawpassword after mixing in the salt and encoding that value
matches(CharSequence, String) - Method in class org.springframework.security.crypto.password.MessageDigestPasswordEncoder: Deprecated.

Takes a previously encoded password and compares it with a rawpassword after mixing in the salt and encoding that value
matches(CharSequence, String) - Method in class org.springframework.security.crypto.password.NoOpPasswordEncoder: Deprecated.
matches(CharSequence, String) - Method in interface org.springframework.security.crypto.password.PasswordEncoder: Verify the encoded password obtained from storage matches the submitted raw password after it too is encoded.
matches(CharSequence, String) - Method in class org.springframework.security.crypto.password.Pbkdf2PasswordEncoder
matches(CharSequence, String) - Method in class org.springframework.security.crypto.password.StandardPasswordEncoder: Deprecated.
matches(CharSequence, String) - Method in class org.springframework.security.crypto.scrypt.SCryptPasswordEncoder
matches(String) - Method in class org.springframework.security.web.util.matcher.IpAddressMatcher
matches(Message<?>) - Method in class org.springframework.security.messaging.util.matcher.SimpDestinationMessageMatcher
matches(Message<?>) - Method in class org.springframework.security.messaging.util.matcher.SimpMessageTypeMatcher
matches(Message<? extends T>) - Method in class org.springframework.security.messaging.util.matcher.AndMessageMatcher
matches(Message<? extends T>) - Method in interface org.springframework.security.messaging.util.matcher.MessageMatcher: Returns true if the Message matches, else false
matches(Message<? extends T>) - Method in class org.springframework.security.messaging.util.matcher.OrMessageMatcher
matches(PayloadExchange) - Method in interface org.springframework.security.rsocket.util.matcher.PayloadExchangeMatcher: Determines if a request matches or not
matches(PayloadExchange) - Method in class org.springframework.security.rsocket.util.matcher.RoutePayloadExchangeMatcher
matches(ServerWebExchange) - Method in class org.springframework.security.web.server.authentication.AuthenticationConverterServerWebExchangeMatcher
matches(ServerWebExchange) - Method in class org.springframework.security.web.server.MatcherSecurityWebFilterChain
matches(ServerWebExchange) - Method in interface org.springframework.security.web.server.SecurityWebFilterChain: Determines if this SecurityWebFilterChain matches the provided ServerWebExchange
matches(ServerWebExchange) - Method in class org.springframework.security.web.server.util.matcher.AndServerWebExchangeMatcher
matches(ServerWebExchange) - Method in class org.springframework.security.web.server.util.matcher.IpAddressServerWebExchangeMatcher
matches(ServerWebExchange) - Method in class org.springframework.security.web.server.util.matcher.MediaTypeServerWebExchangeMatcher
matches(ServerWebExchange) - Method in class org.springframework.security.web.server.util.matcher.NegatedServerWebExchangeMatcher
matches(ServerWebExchange) - Method in class org.springframework.security.web.server.util.matcher.OrServerWebExchangeMatcher
matches(ServerWebExchange) - Method in class org.springframework.security.web.server.util.matcher.PathPatternParserServerWebExchangeMatcher
matches(ServerWebExchange) - Method in interface org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher: Determines if a request matches or not
maxAge(Duration) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.HstsSpec: Configures the max age.
maxAgeInSeconds(long) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.HpkpConfig: Deprecated.

Sets the value (in seconds) for the max-age directive of the Public-Key-Pins header.
maxAgeInSeconds(long) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.HstsConfig: Sets the value (in seconds) for the max-age directive of the Strict-Transport-Security header.
maximumSessions(int) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.ConcurrencyControlConfigurer: Controls the maximum number of sessions for a user.
maximumSessions(int) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer: Controls the maximum number of sessions for a user.
maxSessionsPreventsLogin(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.ConcurrencyControlConfigurer: If true, prevents a user from authenticating when the SessionManagementConfigurer.ConcurrencyControlConfigurer.maximumSessions(int) has been reached.
Md4PasswordEncoder - Class in org.springframework.security.crypto.password: Deprecated.
Digest based password encoding is not considered secure. Instead use an adaptive one way function like BCryptPasswordEncoder, Pbkdf2PasswordEncoder, or SCryptPasswordEncoder. Even better use DelegatingPasswordEncoder which supports password upgrades. There are no plans to remove this support. It is deprecated to indicate that this is a legacy implementation and using it is considered insecure.
Md4PasswordEncoder() - Constructor for class org.springframework.security.crypto.password.Md4PasswordEncoder: Deprecated.
MD5 - Enum constant in enum class org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices.RememberMeTokenAlgorithm
MediaTypeRequestMatcher - Class in org.springframework.security.web.util.matcher: Allows matching HttpServletRequest based upon the MediaType's resolved from a ContentNegotiationStrategy.
MediaTypeRequestMatcher(Collection<MediaType>) - Constructor for class org.springframework.security.web.util.matcher.MediaTypeRequestMatcher: Creates an instance
MediaTypeRequestMatcher(MediaType...) - Constructor for class org.springframework.security.web.util.matcher.MediaTypeRequestMatcher: Creates an instance
MediaTypeRequestMatcher(ContentNegotiationStrategy, Collection<MediaType>) - Constructor for class org.springframework.security.web.util.matcher.MediaTypeRequestMatcher: Creates an instance
MediaTypeRequestMatcher(ContentNegotiationStrategy, MediaType...) - Constructor for class org.springframework.security.web.util.matcher.MediaTypeRequestMatcher: Creates an instance
MediaTypeServerWebExchangeMatcher - Class in org.springframework.security.web.server.util.matcher: Matches based upon the accept headers.
MediaTypeServerWebExchangeMatcher(Collection<MediaType>) - Constructor for class org.springframework.security.web.server.util.matcher.MediaTypeServerWebExchangeMatcher: Creates a new instance
MediaTypeServerWebExchangeMatcher(MediaType...) - Constructor for class org.springframework.security.web.server.util.matcher.MediaTypeServerWebExchangeMatcher: Creates a new instance
merge(Object) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.FormLoginRequestBuilder
merge(Object) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.LogoutRequestBuilder
mergePatterns(String, String) - Static method in class org.springframework.security.acls.domain.AclFormattingUtils
message - Variable in class org.springframework.security.messaging.access.expression.MessageSecurityExpressionRoot
MessageAuthorizationContext<T> - Class in org.springframework.security.messaging.access.intercept: An Message authorization context.
MessageAuthorizationContext(Message<T>) - Constructor for class org.springframework.security.messaging.access.intercept.MessageAuthorizationContext: Creates an instance.
MessageAuthorizationContext(Message<T>, Map<String, String>) - Constructor for class org.springframework.security.messaging.access.intercept.MessageAuthorizationContext: Creates an instance.
MessageAuthorizationContextSecurityExpressionHandler - Class in org.springframework.security.messaging.access.expression: An expression handler for MessageAuthorizationContext.
MessageAuthorizationContextSecurityExpressionHandler() - Constructor for class org.springframework.security.messaging.access.expression.MessageAuthorizationContextSecurityExpressionHandler
MessageAuthorizationContextSecurityExpressionHandler(SecurityExpressionHandler<Message<?>>) - Constructor for class org.springframework.security.messaging.access.expression.MessageAuthorizationContextSecurityExpressionHandler
MessageDigestPasswordEncoder - Class in org.springframework.security.crypto.password: Deprecated.
Digest based password encoding is not considered secure. Instead use an adaptive one way function like BCryptPasswordEncoder, Pbkdf2PasswordEncoder, or SCryptPasswordEncoder. Even better use DelegatingPasswordEncoder which supports password upgrades. There are no plans to remove this support. It is deprecated to indicate that this is a legacy implementation and using it is considered insecure.
MessageDigestPasswordEncoder(String) - Constructor for class org.springframework.security.crypto.password.MessageDigestPasswordEncoder: Deprecated.

The digest algorithm to use Supports the named Message Digest Algorithms in the Java environment.
MessageExpressionVoter<T> - Class in org.springframework.security.messaging.access.expression: Deprecated.
Use MessageMatcherDelegatingAuthorizationManager instead
MessageExpressionVoter() - Constructor for class org.springframework.security.messaging.access.expression.MessageExpressionVoter: Deprecated.
MessageMatcher<T> - Interface in org.springframework.security.messaging.util.matcher: API for determining if a Message should be matched on.
MessageMatcherDelegatingAuthorizationManager - Class in org.springframework.security.messaging.access.intercept
MessageMatcherDelegatingAuthorizationManager.Builder - Class in org.springframework.security.messaging.access.intercept: A builder for MessageMatcherDelegatingAuthorizationManager.
MessageMatcherDelegatingAuthorizationManager.Builder.Constraint - Class in org.springframework.security.messaging.access.intercept: Represents the security constraint to be applied to the MessageMatcher instances.
messages - Variable in class org.springframework.security.access.intercept.AbstractSecurityInterceptor: Deprecated.
messages - Variable in class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider: Deprecated.
messages - Variable in class org.springframework.security.access.vote.AbstractAccessDecisionManager: Deprecated.
messages - Variable in class org.springframework.security.acls.afterinvocation.AclEntryAfterInvocationProvider
messages - Variable in class org.springframework.security.authentication.AbstractUserDetailsReactiveAuthenticationManager
messages - Variable in class org.springframework.security.authentication.AccountStatusUserDetailsChecker
messages - Variable in class org.springframework.security.authentication.AnonymousAuthenticationProvider
messages - Variable in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
messages - Variable in class org.springframework.security.authentication.ProviderManager
messages - Variable in class org.springframework.security.authentication.RememberMeAuthenticationProvider
messages - Variable in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
messages - Variable in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
messages - Variable in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticator
messages - Variable in class org.springframework.security.web.access.ExceptionTranslationFilter
messages - Variable in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
messages - Variable in class org.springframework.security.web.authentication.preauth.x509.SubjectDnX509PrincipalExtractor
messages - Variable in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
messages - Variable in class org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy
messages - Variable in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
messages - Variable in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
MessageSecurityExpressionRoot - Class in org.springframework.security.messaging.access.expression: The SecurityExpressionRoot used for Message expressions.
MessageSecurityExpressionRoot(Supplier<Authentication>, Message<?>) - Constructor for class org.springframework.security.messaging.access.expression.MessageSecurityExpressionRoot: Creates an instance for the given Supplier of the Authentication and Message.
MessageSecurityExpressionRoot(Authentication, Message<?>) - Constructor for class org.springframework.security.messaging.access.expression.MessageSecurityExpressionRoot
MessageSecurityMetadataSource - Interface in org.springframework.security.messaging.access.intercept: Deprecated.
Use MessageMatcherDelegatingAuthorizationManager instead
MessageSecurityMetadataSourceRegistry - Class in org.springframework.security.config.annotation.web.messaging: Deprecated.
Use MessageMatcherDelegatingAuthorizationManager instead
MessageSecurityMetadataSourceRegistry() - Constructor for class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry: Deprecated.
MessageSecurityMetadataSourceRegistry.Constraint - Class in org.springframework.security.config.annotation.web.messaging: Deprecated.

Represents the security constraint to be applied to the MessageMatcher instances.
METADATA_PUSH - Enum constant in enum class org.springframework.security.rsocket.api.PayloadExchangeType: A Metadata Push exchange.
METHOD_ACCESS_MANAGER - Static variable in class org.springframework.security.config.BeanIds
METHOD_SECURITY - Static variable in class org.springframework.security.config.Elements
METHOD_SECURITY_METADATA_SOURCE - Static variable in class org.springframework.security.config.Elements
METHOD_SECURITY_METADATA_SOURCE_ADVISOR - Static variable in class org.springframework.security.config.BeanIds
MethodExpressionAuthorizationManager - Class in org.springframework.security.authorization.method: An expression-based AuthorizationManager that determines the access by evaluating the provided expression against the MethodInvocation.
MethodExpressionAuthorizationManager(String) - Constructor for class org.springframework.security.authorization.method.MethodExpressionAuthorizationManager: Creates an instance.
MethodInvocationAdapter - Class in org.springframework.security.access.intercept.aspectj: Deprecated.
This class will be removed from the public API. See `JoinPointMethodInvocation` in `spring-security-aspects` for its replacement
MethodInvocationPrivilegeEvaluator - Class in org.springframework.security.access.intercept: Deprecated.
Use AuthorizationManager instead
MethodInvocationPrivilegeEvaluator() - Constructor for class org.springframework.security.access.intercept.MethodInvocationPrivilegeEvaluator: Deprecated.
MethodInvocationResult - Class in org.springframework.security.authorization.method: A context object that contains a MethodInvocation and the result of that MethodInvocation.
MethodInvocationResult(MethodInvocation, Object) - Constructor for class org.springframework.security.authorization.method.MethodInvocationResult: Construct a MethodInvocationResult with the provided parameters
MethodInvocationUtils - Class in org.springframework.security.util: Static utility methods for creating MethodInvocations usable within Spring Security.
methodMap - Variable in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource: Deprecated.

Map from RegisteredMethod to ConfigAttribute list
MethodSecurityBeanDefinitionParser - Class in org.springframework.security.config.method: Processes the top-level "method-security" element.
MethodSecurityBeanDefinitionParser() - Constructor for class org.springframework.security.config.method.MethodSecurityBeanDefinitionParser
MethodSecurityBeanDefinitionParser.Jsr250AuthorizationMethodInterceptor - Class in org.springframework.security.config.method
MethodSecurityBeanDefinitionParser.MethodSecurityExpressionHandlerBean - Class in org.springframework.security.config.method
MethodSecurityBeanDefinitionParser.PostAuthorizeAuthorizationMethodInterceptor - Class in org.springframework.security.config.method
MethodSecurityBeanDefinitionParser.PreAuthorizeAuthorizationMethodInterceptor - Class in org.springframework.security.config.method
MethodSecurityBeanDefinitionParser.SecuredAuthorizationMethodInterceptor - Class in org.springframework.security.config.method
MethodSecurityExpressionHandler - Interface in org.springframework.security.access.expression.method: Extended expression-handler facade which adds methods which are specific to securing method invocations.
MethodSecurityExpressionHandlerBean() - Constructor for class org.springframework.security.config.method.MethodSecurityBeanDefinitionParser.MethodSecurityExpressionHandlerBean
MethodSecurityExpressionOperations - Interface in org.springframework.security.access.expression.method: Interface which must be implemented if you want to use filtering in method security expressions.
methodSecurityInterceptor(MethodSecurityMetadataSource) - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration: Deprecated.

Creates the default MethodInterceptor which is a MethodSecurityInterceptor using the following methods to construct it.
MethodSecurityInterceptor - Class in org.springframework.security.access.intercept.aopalliance: Deprecated.
Please use AuthorizationManagerBeforeMethodInterceptor and AuthorizationManagerAfterMethodInterceptor instead
MethodSecurityInterceptor() - Constructor for class org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor: Deprecated.
methodSecurityMetadataSource() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration: Deprecated.

Provides the default MethodSecurityMetadataSource that will be used.
MethodSecurityMetadataSource - Interface in org.springframework.security.access.method: Deprecated.
Use the use-authorization-manager attribute for <method-security> and <intercept-methods> instead or use annotation-based or AuthorizationManager-based authorization
MethodSecurityMetadataSourceAdvisor - Class in org.springframework.security.access.intercept.aopalliance: Deprecated.
Use EnableMethodSecurity or publish interceptors directly
MethodSecurityMetadataSourceAdvisor(String, MethodSecurityMetadataSource, String) - Constructor for class org.springframework.security.access.intercept.aopalliance.MethodSecurityMetadataSourceAdvisor: Deprecated.

Alternative constructor for situations where we want the advisor decoupled from the advice.
MethodSecurityMetadataSourceBeanDefinitionParser - Class in org.springframework.security.config.method: Deprecated.
Use <intercept-methods>, <method-security>, or @EnableMethodSecurity
MethodSecurityMetadataSourceBeanDefinitionParser() - Constructor for class org.springframework.security.config.method.MethodSecurityMetadataSourceBeanDefinitionParser: Deprecated.
MIDDLE_NAME - Static variable in class org.springframework.security.oauth2.core.oidc.StandardClaimNames: middle_name - the user's middle name(s)
middleName(String) - Method in class org.springframework.security.oauth2.core.oidc.OidcUserInfo.Builder: Use this middle name in the resulting OidcUserInfo
migrateSession() - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.SessionFixationConfigurer: Specifies that a new session should be created and the session attributes from the original HttpSession should be retained.
MISSING_BEAN_ERROR_MESSAGE - Static variable in class org.springframework.security.config.authentication.AuthenticationManagerFactoryBean
MissingCsrfTokenException - Exception in org.springframework.security.web.csrf: Thrown when no expected CsrfToken is found but is required.
MissingCsrfTokenException(String) - Constructor for exception org.springframework.security.web.csrf.MissingCsrfTokenException
mockAuthentication(Authentication) - Static method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers: Updates the ServerWebExchange to use the provided Authentication as the Principal
mockJwt() - Static method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers: Updates the ServerWebExchange to establish a SecurityContext that has a JwtAuthenticationToken for the Authentication and a Jwt for the Authentication.getPrincipal().
mockOAuth2Client() - Static method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers: Updates the ServerWebExchange to establish a OAuth2AuthorizedClient in the session.
mockOAuth2Client(String) - Static method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers: Updates the ServerWebExchange to establish a OAuth2AuthorizedClient in the session.
mockOAuth2Login() - Static method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers: Updates the ServerWebExchange to establish a SecurityContext that has a OAuth2AuthenticationToken for the Authentication.
mockOidcLogin() - Static method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers: Updates the ServerWebExchange to establish a SecurityContext that has a OAuth2AuthenticationToken for the Authentication.
mockOpaqueToken() - Static method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers: Updates the ServerWebExchange to establish a SecurityContext that has a BearerTokenAuthentication for the Authentication and an OAuth2AuthenticatedPrincipal for the Authentication.getPrincipal().
mockUser() - Static method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers: Updates the ServerWebExchange to use a UserDetails to create a UsernamePasswordAuthenticationToken as the Principal.
mockUser(String) - Static method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers: Updates the ServerWebExchange to use a UserDetails to create a UsernamePasswordAuthenticationToken as the Principal.
mockUser(UserDetails) - Static method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers: Updates the ServerWebExchange to use the provided UserDetails to create a UsernamePasswordAuthenticationToken as the Principal
mode() - Element in annotation interface org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity: Deprecated.

Indicate how security advice should be applied.
mode() - Element in annotation interface org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity: Indicate how security advice should be applied.
mode() - Element in annotation interface org.springframework.security.config.annotation.method.configuration.EnableReactiveMethodSecurity: Indicate how security advice should be applied.
mode(XFrameOptionsServerHttpHeadersWriter.Mode) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.FrameOptionsSpec: The mode to configure.
MODE_GLOBAL - Static variable in class org.springframework.security.core.context.SecurityContextHolder
MODE_INHERITABLETHREADLOCAL - Static variable in class org.springframework.security.core.context.SecurityContextHolder
MODE_THREADLOCAL - Static variable in class org.springframework.security.core.context.SecurityContextHolder
modifyGrantedAuthorities(UserDetails, Authentication, Collection<? extends GrantedAuthority>) - Method in interface org.springframework.security.web.authentication.switchuser.SwitchUserAuthorityChanger: Allow subclasses to add or remove authorities that will be granted when in switch user mode.
MUST_SUPPLY_OLD_PASSWORD - Enum constant in enum class org.springframework.security.ldap.ppolicy.PasswordPolicyErrorStatus
MutableAcl - Interface in org.springframework.security.acls.model: A mutable Acl.
MutableAclService - Interface in org.springframework.security.acls.model: Provides support for creating and storing Acl instances.
mvc - Enum constant in enum class org.springframework.security.config.http.MatcherType
MvcRequestMatcher - Class in org.springframework.security.web.servlet.util.matcher: A RequestMatcher that uses Spring MVC's HandlerMappingIntrospector to match the path and extract variables.
MvcRequestMatcher(HandlerMappingIntrospector, String) - Constructor for class org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher
MvcRequestMatcher.Builder - Class in org.springframework.security.web.servlet.util.matcher: A builder for MvcRequestMatcher

N

name(String) - Method in class org.springframework.security.oauth2.core.oidc.OidcUserInfo.Builder: Use this name in the resulting OidcUserInfo
NAME - Static variable in class org.springframework.security.oauth2.core.oidc.StandardClaimNames: name - the user's full name
nameIdFormat(String) - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.Builder: Set the NameID format
NBF - Static variable in class org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimNames: nbf - A timestamp indicating when the token is not to be used before
NBF - Static variable in class org.springframework.security.oauth2.jwt.JwtClaimNames: nbf - the Not Before claim identifies the time before which the JWT MUST NOT be accepted for processing
NegatedRequestMatcher - Class in org.springframework.security.web.util.matcher: A RequestMatcher that will negate the RequestMatcher passed in.
NegatedRequestMatcher(RequestMatcher) - Constructor for class org.springframework.security.web.util.matcher.NegatedRequestMatcher: Creates a new instance
NegatedServerWebExchangeMatcher - Class in org.springframework.security.web.server.util.matcher: Negates the provided matcher.
NegatedServerWebExchangeMatcher(ServerWebExchangeMatcher) - Constructor for class org.springframework.security.web.server.util.matcher.NegatedServerWebExchangeMatcher
NestedLdapAuthoritiesPopulator - Class in org.springframework.security.ldap.userdetails: A LDAP authority populator that can recursively search static nested groups.
NestedLdapAuthoritiesPopulator(ContextSource, String) - Constructor for class org.springframework.security.ldap.userdetails.NestedLdapAuthoritiesPopulator: Constructor for group search scenarios.
NEVER - Enum constant in enum class org.springframework.security.config.http.SessionCreationPolicy: Spring Security will never create an HttpSession, but will use the HttpSession if it already exists
newSession() - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.SessionFixationConfigurer: Specifies that a new session should be created, but the session attributes from the original HttpSession should not be retained.
next(PayloadExchange) - Method in interface org.springframework.security.rsocket.api.PayloadInterceptorChain: Process the payload exchange.
nextElement() - Method in class org.springframework.security.web.savedrequest.Enumerator: Returns the next element of this enumeration if this enumeration has at least one more element to provide.
nickname(String) - Method in class org.springframework.security.oauth2.core.oidc.OidcUserInfo.Builder: Use this nickname in the resulting OidcUserInfo
NICKNAME - Static variable in class org.springframework.security.oauth2.core.oidc.StandardClaimNames: nickname - the user's nick name that may or may not be the same as the given_name
NimbusJwtClientAuthenticationParametersConverter<T extends AbstractOAuth2AuthorizationGrantRequest> - Class in org.springframework.security.oauth2.client.endpoint: A Converter that customizes the OAuth 2.0 Access Token Request parameters by adding a signed JSON Web Token (JWS) to be used for client authentication at the Authorization Server's Token Endpoint.
NimbusJwtClientAuthenticationParametersConverter(Function<ClientRegistration, JWK>) - Constructor for class org.springframework.security.oauth2.client.endpoint.NimbusJwtClientAuthenticationParametersConverter: Constructs a NimbusJwtClientAuthenticationParametersConverter using the provided parameters.
NimbusJwtClientAuthenticationParametersConverter.JwtClientAuthenticationContext<T extends AbstractOAuth2AuthorizationGrantRequest> - Class in org.springframework.security.oauth2.client.endpoint: A context that holds client authentication-specific state and is used by NimbusJwtClientAuthenticationParametersConverter when attempting to customize the JSON Web Token (JWS) client assertion.
NimbusJwtDecoder - Class in org.springframework.security.oauth2.jwt: A low-level Nimbus implementation of JwtDecoder which takes a raw Nimbus configuration.
NimbusJwtDecoder(JWTProcessor<SecurityContext>) - Constructor for class org.springframework.security.oauth2.jwt.NimbusJwtDecoder: Configures a NimbusJwtDecoder with the given parameters
NimbusJwtDecoder.JwkSetUriJwtDecoderBuilder - Class in org.springframework.security.oauth2.jwt: A builder for creating NimbusJwtDecoder instances based on a JWK Set uri.
NimbusJwtDecoder.PublicKeyJwtDecoderBuilder - Class in org.springframework.security.oauth2.jwt: A builder for creating NimbusJwtDecoder instances based on a public key.
NimbusJwtDecoder.SecretKeyJwtDecoderBuilder - Class in org.springframework.security.oauth2.jwt: A builder for creating NimbusJwtDecoder instances based on a SecretKey.
NimbusJwtEncoder - Class in org.springframework.security.oauth2.jwt: An implementation of a JwtEncoder that encodes a JSON Web Token (JWT) using the JSON Web Signature (JWS) Compact Serialization format.
NimbusJwtEncoder(JWKSource<SecurityContext>) - Constructor for class org.springframework.security.oauth2.jwt.NimbusJwtEncoder: Constructs a NimbusJwtEncoder using the provided parameters.
NimbusOpaqueTokenIntrospector - Class in org.springframework.security.oauth2.server.resource.introspection: A Nimbus implementation of OpaqueTokenIntrospector that verifies and introspects a token using the configured OAuth 2.0 Introspection Endpoint.
NimbusOpaqueTokenIntrospector(String, String, String) - Constructor for class org.springframework.security.oauth2.server.resource.introspection.NimbusOpaqueTokenIntrospector: Creates a OpaqueTokenAuthenticationProvider with the provided parameters
NimbusOpaqueTokenIntrospector(String, RestOperations) - Constructor for class org.springframework.security.oauth2.server.resource.introspection.NimbusOpaqueTokenIntrospector: Creates a OpaqueTokenAuthenticationProvider with the provided parameters The given RestOperations should perform its own client authentication against the introspection endpoint.
NimbusReactiveJwtDecoder - Class in org.springframework.security.oauth2.jwt: An implementation of a ReactiveJwtDecoder that "decodes" a JSON Web Token (JWT) and additionally verifies it's digital signature if the JWT is a JSON Web Signature (JWS).
NimbusReactiveJwtDecoder(String) - Constructor for class org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder: Constructs a NimbusReactiveJwtDecoder using the provided parameters.
NimbusReactiveJwtDecoder(RSAPublicKey) - Constructor for class org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder: Constructs a NimbusReactiveJwtDecoder using the provided parameters.
NimbusReactiveJwtDecoder(Converter<JWT, Mono<JWTClaimsSet>>) - Constructor for class org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder: Constructs a NimbusReactiveJwtDecoder using the provided parameters.
NimbusReactiveJwtDecoder.JwkSetUriReactiveJwtDecoderBuilder - Class in org.springframework.security.oauth2.jwt: A builder for creating NimbusReactiveJwtDecoder instances based on a JWK Set uri.
NimbusReactiveJwtDecoder.JwkSourceReactiveJwtDecoderBuilder - Class in org.springframework.security.oauth2.jwt: A builder for creating NimbusReactiveJwtDecoder instances.
NimbusReactiveJwtDecoder.PublicKeyReactiveJwtDecoderBuilder - Class in org.springframework.security.oauth2.jwt: A builder for creating NimbusReactiveJwtDecoder instances based on a public key.
NimbusReactiveJwtDecoder.SecretKeyReactiveJwtDecoderBuilder - Class in org.springframework.security.oauth2.jwt: A builder for creating NimbusReactiveJwtDecoder instances based on a SecretKey.
NimbusReactiveOpaqueTokenIntrospector - Class in org.springframework.security.oauth2.server.resource.introspection: A Nimbus implementation of ReactiveOpaqueTokenIntrospector that verifies and introspects a token using the configured OAuth 2.0 Introspection Endpoint.
NimbusReactiveOpaqueTokenIntrospector(String, String, String) - Constructor for class org.springframework.security.oauth2.server.resource.introspection.NimbusReactiveOpaqueTokenIntrospector: Creates a OpaqueTokenReactiveAuthenticationManager with the provided parameters
NimbusReactiveOpaqueTokenIntrospector(String, WebClient) - Constructor for class org.springframework.security.oauth2.server.resource.introspection.NimbusReactiveOpaqueTokenIntrospector: Creates a OpaqueTokenReactiveAuthenticationManager with the provided parameters
NO_ATTRS - Static variable in class org.springframework.security.ldap.SpringSecurityLdapTemplate
NO_AUTHORITIES - Static variable in class org.springframework.security.core.authority.AuthorityUtils
NO_CONTEXT - Static variable in class org.springframework.security.core.context.SecurityContextChangedEvent
NO_OPTIONS - Static variable in class org.springframework.security.crypto.codec.Base64: Deprecated.

No options specified.
NO_REFERRER - Enum constant in enum class org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter.ReferrerPolicy
NO_REFERRER - Enum constant in enum class org.springframework.security.web.server.header.ReferrerPolicyServerHttpHeadersWriter.ReferrerPolicy
NO_REFERRER_WHEN_DOWNGRADE - Enum constant in enum class org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter.ReferrerPolicy
NO_REFERRER_WHEN_DOWNGRADE - Enum constant in enum class org.springframework.security.web.server.header.ReferrerPolicyServerHttpHeadersWriter.ReferrerPolicy
nonce(String) - Method in class org.springframework.security.oauth2.core.oidc.OidcIdToken.Builder: Use this nonce in the resulting OidcIdToken
NONCE - Static variable in class org.springframework.security.oauth2.core.oidc.endpoint.OidcParameterNames: nonce - used in the Authentication Request.
NONCE - Static variable in class org.springframework.security.oauth2.core.oidc.IdTokenClaimNames: nonce - a String value used to associate a Client session with an ID Token, and to mitigate replay attacks.
NonceExpiredException - Exception in org.springframework.security.web.authentication.www: Thrown if an authentication request is rejected because the digest nonce has expired.
NonceExpiredException(String) - Constructor for exception org.springframework.security.web.authentication.www.NonceExpiredException: Constructs a NonceExpiredException with the specified message.
NonceExpiredException(String, Throwable) - Constructor for exception org.springframework.security.web.authentication.www.NonceExpiredException: Constructs a NonceExpiredException with the specified message and root cause.
none() - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.SessionFixationConfigurer: Specifies that no session fixation protection should be enabled.
NONE - Static variable in class org.springframework.security.oauth2.core.ClientAuthenticationMethod
NoOpPasswordEncoder - Class in org.springframework.security.crypto.password: Deprecated.
This PasswordEncoder is not secure. Instead use an adaptive one way function like BCryptPasswordEncoder, Pbkdf2PasswordEncoder, or SCryptPasswordEncoder. Even better use DelegatingPasswordEncoder which supports password upgrades. There are no plans to remove this support. It is deprecated to indicate that this is a legacy implementation and using it is considered insecure.
NoOpServerRequestCache - Class in org.springframework.security.web.server.savedrequest: An implementation of ServerRequestCache that does nothing.
NoOpServerSecurityContextRepository - Class in org.springframework.security.web.server.context: A do nothing implementation of ServerSecurityContextRepository.
noOpText() - Static method in class org.springframework.security.crypto.encrypt.Encryptors: Creates a text encryptor that performs no encryption.
NOSNIFF - Static variable in class org.springframework.security.web.server.header.ContentTypeOptionsServerHttpHeadersWriter
NOSNIFF - Static variable in class org.springframework.security.web.server.header.XContentTypeOptionsServerHttpHeadersWriter
not() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl: Deprecated.

Negates the following expression.
notBefore(Instant) - Method in class org.springframework.security.oauth2.jwt.Jwt.Builder: Use this not-before timestamp in the resulting Jwt
notBefore(Instant) - Method in class org.springframework.security.oauth2.jwt.JwtClaimsSet.Builder: Sets the not before (nbf) claim, which identifies the time before which the JWT MUST NOT be accepted for processing.
NotFoundException - Exception in org.springframework.security.acls.model: Thrown if an ACL-related object cannot be found.
NotFoundException(String) - Constructor for exception org.springframework.security.acls.model.NotFoundException: Constructs an NotFoundException with the specified message.
NotFoundException(String, Throwable) - Constructor for exception org.springframework.security.acls.model.NotFoundException: Constructs an NotFoundException with the specified message and root cause.
notMatch() - Static method in class org.springframework.security.rsocket.util.matcher.PayloadExchangeMatcher.MatchResult: Creates an instance of PayloadExchangeMatcher.MatchResult that is not a match.
notMatch() - Static method in class org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher.MatchResult: Creates an instance of ServerWebExchangeMatcher.MatchResult that is not a match.
notMatch() - Static method in class org.springframework.security.web.util.matcher.RequestMatcher.MatchResult: Creates an instance of RequestMatcher.MatchResult that is not a match.
NULL_DESTINATION_MATCHER - Static variable in class org.springframework.security.messaging.util.matcher.SimpDestinationMessageMatcher
NullAuthenticatedSessionStrategy - Class in org.springframework.security.web.authentication.session
NullAuthenticatedSessionStrategy() - Constructor for class org.springframework.security.web.authentication.session.NullAuthenticatedSessionStrategy
NullAuthenticationProvider() - Constructor for class org.springframework.security.config.authentication.AuthenticationManagerBeanDefinitionParser.NullAuthenticationProvider
NullAuthoritiesMapper - Class in org.springframework.security.core.authority.mapping
NullAuthoritiesMapper() - Constructor for class org.springframework.security.core.authority.mapping.NullAuthoritiesMapper
nullDestMatcher() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry: Deprecated.

Maps any Message that has a null SimpMessageHeaderAccessor destination header (i.e.
nullDestMatcher() - Method in class org.springframework.security.messaging.access.intercept.MessageMatcherDelegatingAuthorizationManager.Builder: Maps any Message that has a null SimpMessageHeaderAccessor destination header (i.e.
NullEventPublisher() - Constructor for class org.springframework.security.web.authentication.session.AbstractSessionFixationProtectionStrategy.NullEventPublisher
NullLdapAuthoritiesPopulator - Class in org.springframework.security.ldap.authentication
NullLdapAuthoritiesPopulator() - Constructor for class org.springframework.security.ldap.authentication.NullLdapAuthoritiesPopulator
NullRememberMeServices - Class in org.springframework.security.web.authentication: Implementation of NullRememberMeServices that does nothing.
NullRememberMeServices() - Constructor for class org.springframework.security.web.authentication.NullRememberMeServices
NullRequestCache - Class in org.springframework.security.web.savedrequest: Null implementation of RequestCache.
NullRequestCache() - Constructor for class org.springframework.security.web.savedrequest.NullRequestCache
NullRoleHierarchy - Class in org.springframework.security.access.hierarchicalroles
NullRoleHierarchy() - Constructor for class org.springframework.security.access.hierarchicalroles.NullRoleHierarchy
NullSecurityContextRepository - Class in org.springframework.security.web.context
NullSecurityContextRepository() - Constructor for class org.springframework.security.web.context.NullSecurityContextRepository
NullUserCache - Class in org.springframework.security.core.userdetails.cache: Does not perform any caching.
NullUserCache() - Constructor for class org.springframework.security.core.userdetails.cache.NullUserCache

O

OAUTH2_AUTHORIZATION_CODE - Enum constant in enum class org.springframework.security.config.web.server.SecurityWebFiltersOrder
OAUTH2_CLIENT - Static variable in class org.springframework.security.config.Elements
OAUTH2_LOGIN - Static variable in class org.springframework.security.config.Elements
OAUTH2_RESOURCE_SERVER - Static variable in class org.springframework.security.config.Elements
OAuth2AccessToken - Class in org.springframework.security.oauth2.core: An implementation of an AbstractOAuth2Token representing an OAuth 2.0 Access Token.
OAuth2AccessToken(OAuth2AccessToken.TokenType, String, Instant, Instant) - Constructor for class org.springframework.security.oauth2.core.OAuth2AccessToken: Constructs an OAuth2AccessToken using the provided parameters.
OAuth2AccessToken(OAuth2AccessToken.TokenType, String, Instant, Instant, Set<String>) - Constructor for class org.springframework.security.oauth2.core.OAuth2AccessToken: Constructs an OAuth2AccessToken using the provided parameters.
OAuth2AccessToken.TokenType - Class in org.springframework.security.oauth2.core: Access Token Types.
oauth2AccessTokenResponse() - Static method in class org.springframework.security.oauth2.core.web.reactive.function.OAuth2BodyExtractors: Extractor to decode an OAuth2AccessTokenResponse
OAuth2AccessTokenResponse - Class in org.springframework.security.oauth2.core.endpoint: A representation of an OAuth 2.0 Access Token Response.
OAuth2AccessTokenResponse.Builder - Class in org.springframework.security.oauth2.core.endpoint: A builder for OAuth2AccessTokenResponse.
OAuth2AccessTokenResponseClient<T extends AbstractOAuth2AuthorizationGrantRequest> - Interface in org.springframework.security.oauth2.client.endpoint: A strategy for "exchanging" an authorization grant credential (e.g.
OAuth2AccessTokenResponseHttpMessageConverter - Class in org.springframework.security.oauth2.core.http.converter: A HttpMessageConverter for an OAuth 2.0 Access Token Response.
OAuth2AccessTokenResponseHttpMessageConverter() - Constructor for class org.springframework.security.oauth2.core.http.converter.OAuth2AccessTokenResponseHttpMessageConverter
OAuth2AuthenticatedPrincipal - Interface in org.springframework.security.oauth2.core: An AuthenticatedPrincipal that represents the principal associated with an OAuth 2.0 token.
OAuth2AuthenticationException - Exception in org.springframework.security.oauth2.core: This exception is thrown for all OAuth 2.0 related Authentication errors.
OAuth2AuthenticationException(String) - Constructor for exception org.springframework.security.oauth2.core.OAuth2AuthenticationException: Constructs an OAuth2AuthenticationException using the provided parameters.
OAuth2AuthenticationException(OAuth2Error) - Constructor for exception org.springframework.security.oauth2.core.OAuth2AuthenticationException: Constructs an OAuth2AuthenticationException using the provided parameters.
OAuth2AuthenticationException(OAuth2Error, String) - Constructor for exception org.springframework.security.oauth2.core.OAuth2AuthenticationException: Constructs an OAuth2AuthenticationException using the provided parameters.
OAuth2AuthenticationException(OAuth2Error, String, Throwable) - Constructor for exception org.springframework.security.oauth2.core.OAuth2AuthenticationException: Constructs an OAuth2AuthenticationException using the provided parameters.
OAuth2AuthenticationException(OAuth2Error, Throwable) - Constructor for exception org.springframework.security.oauth2.core.OAuth2AuthenticationException: Constructs an OAuth2AuthenticationException using the provided parameters.
OAuth2AuthenticationToken - Class in org.springframework.security.oauth2.client.authentication: An implementation of an AbstractAuthenticationToken that represents an OAuth 2.0 Authentication.
OAuth2AuthenticationToken(OAuth2User, Collection<? extends GrantedAuthority>, String) - Constructor for class org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken: Constructs an OAuth2AuthenticationToken using the provided parameters.
OAuth2AuthorizationCodeAuthenticationProvider - Class in org.springframework.security.oauth2.client.authentication: An implementation of an AuthenticationProvider for the OAuth 2.0 Authorization Code Grant.
OAuth2AuthorizationCodeAuthenticationProvider(OAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest>) - Constructor for class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationProvider: Constructs an OAuth2AuthorizationCodeAuthenticationProvider using the provided parameters.
OAuth2AuthorizationCodeAuthenticationToken - Class in org.springframework.security.oauth2.client.authentication: An AbstractAuthenticationToken for the OAuth 2.0 Authorization Code Grant.
OAuth2AuthorizationCodeAuthenticationToken(ClientRegistration, OAuth2AuthorizationExchange) - Constructor for class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken: This constructor should be used when the Authorization Request/Response is complete.
OAuth2AuthorizationCodeAuthenticationToken(ClientRegistration, OAuth2AuthorizationExchange, OAuth2AccessToken) - Constructor for class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken: This constructor should be used when the Access Token Request/Response is complete, which indicates that the Authorization Code Grant flow has fully completed.
OAuth2AuthorizationCodeAuthenticationToken(ClientRegistration, OAuth2AuthorizationExchange, OAuth2AccessToken, OAuth2RefreshToken) - Constructor for class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken: This constructor should be used when the Access Token Request/Response is complete, which indicates that the Authorization Code Grant flow has fully completed.
OAuth2AuthorizationCodeAuthenticationToken(ClientRegistration, OAuth2AuthorizationExchange, OAuth2AccessToken, OAuth2RefreshToken, Map<String, Object>) - Constructor for class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken
OAuth2AuthorizationCodeGrantFilter - Class in org.springframework.security.oauth2.client.web: A Filter for the OAuth 2.0 Authorization Code Grant, which handles the processing of the OAuth 2.0 Authorization Response.
OAuth2AuthorizationCodeGrantFilter(ClientRegistrationRepository, OAuth2AuthorizedClientRepository, AuthenticationManager) - Constructor for class org.springframework.security.oauth2.client.web.OAuth2AuthorizationCodeGrantFilter: Constructs an OAuth2AuthorizationCodeGrantFilter using the provided parameters.
OAuth2AuthorizationCodeGrantRequest - Class in org.springframework.security.oauth2.client.endpoint: An OAuth 2.0 Authorization Code Grant request that holds an Authorization Code credential, which was granted by the Resource Owner to the Client.
OAuth2AuthorizationCodeGrantRequest(ClientRegistration, OAuth2AuthorizationExchange) - Constructor for class org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest: Constructs an OAuth2AuthorizationCodeGrantRequest using the provided parameters.
OAuth2AuthorizationCodeGrantRequestEntityConverter - Class in org.springframework.security.oauth2.client.endpoint: An implementation of an AbstractOAuth2AuthorizationGrantRequestEntityConverter that converts the provided OAuth2AuthorizationCodeGrantRequest to a RequestEntity representation of an OAuth 2.0 Access Token Request for the Authorization Code Grant.
OAuth2AuthorizationCodeGrantRequestEntityConverter() - Constructor for class org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequestEntityConverter
OAuth2AuthorizationCodeGrantWebFilter - Class in org.springframework.security.oauth2.client.web.server: A Filter for the OAuth 2.0 Authorization Code Grant, which handles the processing of the OAuth 2.0 Authorization Response.
OAuth2AuthorizationCodeGrantWebFilter(ReactiveAuthenticationManager, ReactiveClientRegistrationRepository, ServerOAuth2AuthorizedClientRepository) - Constructor for class org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationCodeGrantWebFilter
OAuth2AuthorizationCodeGrantWebFilter(ReactiveAuthenticationManager, ServerAuthenticationConverter, ServerOAuth2AuthorizedClientRepository) - Constructor for class org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationCodeGrantWebFilter
OAuth2AuthorizationCodeReactiveAuthenticationManager - Class in org.springframework.security.oauth2.client.authentication: An implementation of an AuthenticationProvider for OAuth 2.0 Login, which leverages the OAuth 2.0 Authorization Code Grant Flow.
OAuth2AuthorizationCodeReactiveAuthenticationManager(ReactiveOAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest>) - Constructor for class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeReactiveAuthenticationManager
OAuth2AuthorizationContext - Class in org.springframework.security.oauth2.client: A context that holds authorization-specific state and is used by an OAuth2AuthorizedClientProvider when attempting to authorize (or re-authorize) an OAuth 2.0 Client.
OAuth2AuthorizationContext.Builder - Class in org.springframework.security.oauth2.client: A builder for OAuth2AuthorizationContext.
OAuth2AuthorizationException - Exception in org.springframework.security.oauth2.core: Base exception for OAuth 2.0 Authorization errors.
OAuth2AuthorizationException(OAuth2Error) - Constructor for exception org.springframework.security.oauth2.core.OAuth2AuthorizationException: Constructs an OAuth2AuthorizationException using the provided parameters.
OAuth2AuthorizationException(OAuth2Error, String) - Constructor for exception org.springframework.security.oauth2.core.OAuth2AuthorizationException: Constructs an OAuth2AuthorizationException using the provided parameters.
OAuth2AuthorizationException(OAuth2Error, String, Throwable) - Constructor for exception org.springframework.security.oauth2.core.OAuth2AuthorizationException: Constructs an OAuth2AuthorizationException using the provided parameters.
OAuth2AuthorizationException(OAuth2Error, Throwable) - Constructor for exception org.springframework.security.oauth2.core.OAuth2AuthorizationException: Constructs an OAuth2AuthorizationException using the provided parameters.
OAuth2AuthorizationExchange - Class in org.springframework.security.oauth2.core.endpoint: An "exchange" of an OAuth 2.0 Authorization Request and Response for the authorization code grant type.
OAuth2AuthorizationExchange(OAuth2AuthorizationRequest, OAuth2AuthorizationResponse) - Constructor for class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange: Constructs a new OAuth2AuthorizationExchange with the provided Authorization Request and Authorization Response.
OAuth2AuthorizationFailureHandler - Interface in org.springframework.security.oauth2.client: Handles when an OAuth 2.0 Client fails to authorize (or re-authorize) via the Authorization Server or Resource Server.
OAuth2AuthorizationRequest - Class in org.springframework.security.oauth2.core.endpoint: A representation of an OAuth 2.0 Authorization Request for the authorization code grant type.
OAuth2AuthorizationRequest.Builder - Class in org.springframework.security.oauth2.core.endpoint: A builder for OAuth2AuthorizationRequest.
OAuth2AuthorizationRequestCustomizers - Class in org.springframework.security.oauth2.client.web: A factory of customizers that customize the OAuth 2.0 Authorization Request via the OAuth2AuthorizationRequest.Builder.
OAuth2AuthorizationRequestRedirectFilter - Class in org.springframework.security.oauth2.client.web: This Filter initiates the authorization code grant flow by redirecting the End-User's user-agent to the Authorization Server's Authorization Endpoint.
OAuth2AuthorizationRequestRedirectFilter(ClientRegistrationRepository) - Constructor for class org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter: Constructs an OAuth2AuthorizationRequestRedirectFilter using the provided parameters.
OAuth2AuthorizationRequestRedirectFilter(ClientRegistrationRepository, String) - Constructor for class org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter: Constructs an OAuth2AuthorizationRequestRedirectFilter using the provided parameters.
OAuth2AuthorizationRequestRedirectFilter(OAuth2AuthorizationRequestResolver) - Constructor for class org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter: Constructs an OAuth2AuthorizationRequestRedirectFilter using the provided parameters.
OAuth2AuthorizationRequestRedirectWebFilter - Class in org.springframework.security.oauth2.client.web.server: This WebFilter initiates the authorization code grant flow by redirecting the End-User's user-agent to the Authorization Server's Authorization Endpoint.
OAuth2AuthorizationRequestRedirectWebFilter(ReactiveClientRegistrationRepository) - Constructor for class org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationRequestRedirectWebFilter: Constructs an OAuth2AuthorizationRequestRedirectFilter using the provided parameters.
OAuth2AuthorizationRequestRedirectWebFilter(ServerOAuth2AuthorizationRequestResolver) - Constructor for class org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationRequestRedirectWebFilter: Constructs an OAuth2AuthorizationRequestRedirectFilter using the provided parameters.
OAuth2AuthorizationRequestResolver - Interface in org.springframework.security.oauth2.client.web: Implementations of this interface are capable of resolving an OAuth2AuthorizationRequest from the provided HttpServletRequest.
OAuth2AuthorizationResponse - Class in org.springframework.security.oauth2.core.endpoint: A representation of an OAuth 2.0 Authorization Response for the authorization code grant type.
OAuth2AuthorizationResponse.Builder - Class in org.springframework.security.oauth2.core.endpoint: A builder for OAuth2AuthorizationResponse.
OAuth2AuthorizationResponseType - Class in org.springframework.security.oauth2.core.endpoint: The response_type parameter is consumed by the authorization endpoint which is used by the authorization code grant type.
OAuth2AuthorizationResponseType(String) - Constructor for class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponseType
OAuth2AuthorizationSuccessHandler - Interface in org.springframework.security.oauth2.client: Handles when an OAuth 2.0 Client has been successfully authorized (or re-authorized) via the Authorization Server.
oauth2AuthorizedClient(OAuth2AuthorizedClient) - Static method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction: Modifies the ClientRequest.attributes() to include the OAuth2AuthorizedClient to be used for providing the Bearer Token.
oauth2AuthorizedClient(OAuth2AuthorizedClient) - Static method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction: Modifies the ClientRequest.attributes() to include the OAuth2AuthorizedClient to be used for providing the Bearer Token.
OAuth2AuthorizedClient - Class in org.springframework.security.oauth2.client: A representation of an OAuth 2.0 "Authorized Client".
OAuth2AuthorizedClient(ClientRegistration, String, OAuth2AccessToken) - Constructor for class org.springframework.security.oauth2.client.OAuth2AuthorizedClient: Constructs an OAuth2AuthorizedClient using the provided parameters.
OAuth2AuthorizedClient(ClientRegistration, String, OAuth2AccessToken, OAuth2RefreshToken) - Constructor for class org.springframework.security.oauth2.client.OAuth2AuthorizedClient: Constructs an OAuth2AuthorizedClient using the provided parameters.
OAuth2AuthorizedClientArgumentResolver - Class in org.springframework.security.oauth2.client.web.method.annotation: An implementation of a HandlerMethodArgumentResolver that is capable of resolving a method parameter to an argument value of type OAuth2AuthorizedClient.
OAuth2AuthorizedClientArgumentResolver - Class in org.springframework.security.oauth2.client.web.reactive.result.method.annotation: An implementation of a HandlerMethodArgumentResolver that is capable of resolving a method parameter to an argument value of type OAuth2AuthorizedClient.
OAuth2AuthorizedClientArgumentResolver(OAuth2AuthorizedClientManager) - Constructor for class org.springframework.security.oauth2.client.web.method.annotation.OAuth2AuthorizedClientArgumentResolver: Constructs an OAuth2AuthorizedClientArgumentResolver using the provided parameters.
OAuth2AuthorizedClientArgumentResolver(ReactiveOAuth2AuthorizedClientManager) - Constructor for class org.springframework.security.oauth2.client.web.reactive.result.method.annotation.OAuth2AuthorizedClientArgumentResolver: Constructs an OAuth2AuthorizedClientArgumentResolver using the provided parameters.
OAuth2AuthorizedClientArgumentResolver(ClientRegistrationRepository, OAuth2AuthorizedClientRepository) - Constructor for class org.springframework.security.oauth2.client.web.method.annotation.OAuth2AuthorizedClientArgumentResolver: Constructs an OAuth2AuthorizedClientArgumentResolver using the provided parameters.
OAuth2AuthorizedClientArgumentResolver(ReactiveClientRegistrationRepository, ServerOAuth2AuthorizedClientRepository) - Constructor for class org.springframework.security.oauth2.client.web.reactive.result.method.annotation.OAuth2AuthorizedClientArgumentResolver: Constructs an OAuth2AuthorizedClientArgumentResolver using the provided parameters.
OAuth2AuthorizedClientHolder(String, String, OAuth2AccessToken, OAuth2RefreshToken) - Constructor for class org.springframework.security.oauth2.client.R2dbcReactiveOAuth2AuthorizedClientService.OAuth2AuthorizedClientHolder: Constructs an OAuth2AuthorizedClientHolder using the provided parameters.
OAuth2AuthorizedClientHolder(OAuth2AuthorizedClient, Authentication) - Constructor for class org.springframework.security.oauth2.client.JdbcOAuth2AuthorizedClientService.OAuth2AuthorizedClientHolder: Constructs an OAuth2AuthorizedClientHolder using the provided parameters.
OAuth2AuthorizedClientHolder(OAuth2AuthorizedClient, Authentication) - Constructor for class org.springframework.security.oauth2.client.R2dbcReactiveOAuth2AuthorizedClientService.OAuth2AuthorizedClientHolder: Constructs an OAuth2AuthorizedClientHolder using the provided parameters.
OAuth2AuthorizedClientId - Class in org.springframework.security.oauth2.client: The identifier for OAuth2AuthorizedClient.
OAuth2AuthorizedClientId(String, String) - Constructor for class org.springframework.security.oauth2.client.OAuth2AuthorizedClientId: Constructs an OAuth2AuthorizedClientId using the provided parameters.
OAuth2AuthorizedClientManager - Interface in org.springframework.security.oauth2.client: Implementations of this interface are responsible for the overall management of Authorized Client(s).
OAuth2AuthorizedClientParametersMapper() - Constructor for class org.springframework.security.oauth2.client.JdbcOAuth2AuthorizedClientService.OAuth2AuthorizedClientParametersMapper
OAuth2AuthorizedClientParametersMapper() - Constructor for class org.springframework.security.oauth2.client.R2dbcReactiveOAuth2AuthorizedClientService.OAuth2AuthorizedClientParametersMapper
OAuth2AuthorizedClientProvider - Interface in org.springframework.security.oauth2.client: A strategy for authorizing (or re-authorizing) an OAuth 2.0 Client.
OAuth2AuthorizedClientProviderBuilder - Class in org.springframework.security.oauth2.client: A builder that builds a DelegatingOAuth2AuthorizedClientProvider composed of one or more OAuth2AuthorizedClientProvider(s) that implement specific authorization grants.
OAuth2AuthorizedClientProviderBuilder.AuthorizationCodeGrantBuilder - Class in org.springframework.security.oauth2.client: A builder for the authorization_code grant.
OAuth2AuthorizedClientProviderBuilder.ClientCredentialsGrantBuilder - Class in org.springframework.security.oauth2.client: A builder for the client_credentials grant.
OAuth2AuthorizedClientProviderBuilder.PasswordGrantBuilder - Class in org.springframework.security.oauth2.client: A builder for the password grant.
OAuth2AuthorizedClientProviderBuilder.RefreshTokenGrantBuilder - Class in org.springframework.security.oauth2.client: A builder for the refresh_token grant.
OAuth2AuthorizedClientRepository - Interface in org.springframework.security.oauth2.client.web: Implementations of this interface are responsible for the persistence of Authorized Client(s) between requests.
OAuth2AuthorizedClientRowMapper() - Constructor for class org.springframework.security.oauth2.client.R2dbcReactiveOAuth2AuthorizedClientService.OAuth2AuthorizedClientRowMapper
OAuth2AuthorizedClientRowMapper(ClientRegistrationRepository) - Constructor for class org.springframework.security.oauth2.client.JdbcOAuth2AuthorizedClientService.OAuth2AuthorizedClientRowMapper
OAuth2AuthorizedClientService - Interface in org.springframework.security.oauth2.client: Implementations of this interface are responsible for the management of Authorized Client(s), which provide the purpose of associating an Access Token credential to a Client and Resource Owner, who is the Principal that originally granted the authorization.
OAuth2AuthorizeRequest - Class in org.springframework.security.oauth2.client: Represents a request the OAuth2AuthorizedClientManager uses to authorize (or re-authorize) the client identified by the provided clientRegistrationId.
OAuth2AuthorizeRequest.Builder - Class in org.springframework.security.oauth2.client: A builder for OAuth2AuthorizeRequest.
OAuth2BodyExtractors - Class in org.springframework.security.oauth2.core.web.reactive.function: Static factory methods for OAuth2 BodyExtractor implementations.
oauth2Client() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Configures OAuth 2.0 Client support.
oauth2Client() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Configures the OAuth2 client.
oauth2Client() - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors: Establish an OAuth2AuthorizedClient in the session.
oauth2Client(String) - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors: Establish an OAuth2AuthorizedClient in the session.
oauth2Client(Customizer<OAuth2ClientConfigurer<HttpSecurity>>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Configures OAuth 2.0 Client support.
oauth2Client(Customizer<ServerHttpSecurity.OAuth2ClientSpec>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Configures the OAuth2 client.
OAuth2ClientConfigurer> - Class in org.springframework.security.config.annotation.web.configurers.oauth2.client: An AbstractHttpConfigurer for OAuth 2.0 Client support.
OAuth2ClientConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2ClientConfigurer
OAuth2ClientConfigurer.AuthorizationCodeGrantConfigurer - Class in org.springframework.security.config.annotation.web.configurers.oauth2.client: Configuration options for the OAuth 2.0 Authorization Code Grant.
OAuth2ClientCredentialsGrantRequest - Class in org.springframework.security.oauth2.client.endpoint: An OAuth 2.0 Client Credentials Grant request that holds the client's credentials in AbstractOAuth2AuthorizationGrantRequest.getClientRegistration().
OAuth2ClientCredentialsGrantRequest(ClientRegistration) - Constructor for class org.springframework.security.oauth2.client.endpoint.OAuth2ClientCredentialsGrantRequest: Constructs an OAuth2ClientCredentialsGrantRequest using the provided parameters.
OAuth2ClientCredentialsGrantRequestEntityConverter - Class in org.springframework.security.oauth2.client.endpoint: An implementation of an AbstractOAuth2AuthorizationGrantRequestEntityConverter that converts the provided OAuth2ClientCredentialsGrantRequest to a RequestEntity representation of an OAuth 2.0 Access Token Request for the Client Credentials Grant.
OAuth2ClientCredentialsGrantRequestEntityConverter() - Constructor for class org.springframework.security.oauth2.client.endpoint.OAuth2ClientCredentialsGrantRequestEntityConverter
OAuth2ClientJackson2Module - Class in org.springframework.security.oauth2.client.jackson2: Jackson Module for spring-security-oauth2-client, that registers the following mix-in annotations: OAuth2AuthorizationRequestMixin ClientRegistrationMixin OAuth2AccessTokenMixin OAuth2RefreshTokenMixin OAuth2AuthorizedClientMixin OAuth2UserAuthorityMixin DefaultOAuth2UserMixin OidcIdTokenMixin OidcUserInfoMixin OidcUserAuthorityMixin DefaultOidcUserMixin OAuth2AuthenticationTokenMixin OAuth2AuthenticationExceptionMixin OAuth2ErrorMixin If not already enabled, default typing will be automatically enabled as type info is required to properly serialize/deserialize objects.
OAuth2ClientJackson2Module() - Constructor for class org.springframework.security.oauth2.client.jackson2.OAuth2ClientJackson2Module
oauth2Configuration() - Method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction: Configures the builder with ServletOAuth2AuthorizedClientExchangeFilterFunction.defaultRequest() and adds this as a ExchangeFilterFunction
OAuth2Error - Class in org.springframework.security.oauth2.core: A representation of an OAuth 2.0 Error.
OAuth2Error(String) - Constructor for class org.springframework.security.oauth2.core.OAuth2Error: Constructs an OAuth2Error using the provided parameters.
OAuth2Error(String, String, String) - Constructor for class org.springframework.security.oauth2.core.OAuth2Error: Constructs an OAuth2Error using the provided parameters.
OAuth2ErrorCodes - Class in org.springframework.security.oauth2.core: Standard error codes defined by the OAuth 2.0 Authorization Framework.
OAuth2ErrorHttpMessageConverter - Class in org.springframework.security.oauth2.core.http.converter: A HttpMessageConverter for an OAuth 2.0 Error.
OAuth2ErrorHttpMessageConverter() - Constructor for class org.springframework.security.oauth2.core.http.converter.OAuth2ErrorHttpMessageConverter
OAuth2ErrorResponseErrorHandler - Class in org.springframework.security.oauth2.client.http: A ResponseErrorHandler that handles an OAuth 2.0 Error.
OAuth2ErrorResponseErrorHandler() - Constructor for class org.springframework.security.oauth2.client.http.OAuth2ErrorResponseErrorHandler
OAuth2IntrospectionAuthenticatedPrincipal - Class in org.springframework.security.oauth2.server.resource.introspection: A domain object that wraps the attributes of OAuth 2.0 Token Introspection.
OAuth2IntrospectionAuthenticatedPrincipal(String, Map<String, Object>, Collection<GrantedAuthority>) - Constructor for class org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionAuthenticatedPrincipal: Constructs an OAuth2IntrospectionAuthenticatedPrincipal using the provided parameters.
OAuth2IntrospectionAuthenticatedPrincipal(Map<String, Object>, Collection<GrantedAuthority>) - Constructor for class org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionAuthenticatedPrincipal: Constructs an OAuth2IntrospectionAuthenticatedPrincipal using the provided parameters.
OAuth2IntrospectionException - Exception in org.springframework.security.oauth2.server.resource.introspection: Base exception for all OAuth 2.0 Introspection related errors
OAuth2IntrospectionException(String) - Constructor for exception org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionException
OAuth2IntrospectionException(String, Throwable) - Constructor for exception org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionException
oauth2Login() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Configures authentication support using an OAuth 2.0 and/or OpenID Connect 1.0 Provider.
oauth2Login() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Configures authentication support using an OAuth 2.0 and/or OpenID Connect 1.0 Provider.
oauth2Login() - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors: Establish a SecurityContext that has a OAuth2AuthenticationToken for the Authentication, a OAuth2User as the principal, and a OAuth2AuthorizedClient in the session.
oauth2Login(Customizer<OAuth2LoginConfigurer<HttpSecurity>>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Configures authentication support using an OAuth 2.0 and/or OpenID Connect 1.0 Provider.
oauth2Login(Customizer<ServerHttpSecurity.OAuth2LoginSpec>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Configures authentication support using an OAuth 2.0 and/or OpenID Connect 1.0 Provider.
OAuth2LoginAuthenticationFilter - Class in org.springframework.security.oauth2.client.web: An implementation of an AbstractAuthenticationProcessingFilter for OAuth 2.0 Login.
OAuth2LoginAuthenticationFilter(ClientRegistrationRepository, OAuth2AuthorizedClientService) - Constructor for class org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter: Constructs an OAuth2LoginAuthenticationFilter using the provided parameters.
OAuth2LoginAuthenticationFilter(ClientRegistrationRepository, OAuth2AuthorizedClientService, String) - Constructor for class org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter: Constructs an OAuth2LoginAuthenticationFilter using the provided parameters.
OAuth2LoginAuthenticationFilter(ClientRegistrationRepository, OAuth2AuthorizedClientRepository, String) - Constructor for class org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter: Constructs an OAuth2LoginAuthenticationFilter using the provided parameters.
OAuth2LoginAuthenticationProvider - Class in org.springframework.security.oauth2.client.authentication: An implementation of an AuthenticationProvider for OAuth 2.0 Login, which leverages the OAuth 2.0 Authorization Code Grant Flow.
OAuth2LoginAuthenticationProvider(OAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest>, OAuth2UserService<OAuth2UserRequest, OAuth2User>) - Constructor for class org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationProvider: Constructs an OAuth2LoginAuthenticationProvider using the provided parameters.
OAuth2LoginAuthenticationToken - Class in org.springframework.security.oauth2.client.authentication: An AbstractAuthenticationToken for OAuth 2.0 Login, which leverages the OAuth 2.0 Authorization Code Grant Flow.
OAuth2LoginAuthenticationToken(ClientRegistration, OAuth2AuthorizationExchange) - Constructor for class org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken: This constructor should be used when the Authorization Request/Response is complete.
OAuth2LoginAuthenticationToken(ClientRegistration, OAuth2AuthorizationExchange, OAuth2User, Collection<? extends GrantedAuthority>, OAuth2AccessToken) - Constructor for class org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken: This constructor should be used when the Access Token Request/Response is complete, which indicates that the Authorization Code Grant flow has fully completed and OAuth 2.0 Login has been achieved.
OAuth2LoginAuthenticationToken(ClientRegistration, OAuth2AuthorizationExchange, OAuth2User, Collection<? extends GrantedAuthority>, OAuth2AccessToken, OAuth2RefreshToken) - Constructor for class org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken: This constructor should be used when the Access Token Request/Response is complete, which indicates that the Authorization Code Grant flow has fully completed and OAuth 2.0 Login has been achieved.
OAuth2LoginAuthenticationWebFilter - Class in org.springframework.security.oauth2.client.web.server.authentication: A specialized AuthenticationWebFilter that converts from an OAuth2LoginAuthenticationToken to an OAuth2AuthenticationToken and saves the OAuth2AuthorizedClient
OAuth2LoginAuthenticationWebFilter(ReactiveAuthenticationManager, ServerOAuth2AuthorizedClientRepository) - Constructor for class org.springframework.security.oauth2.client.web.server.authentication.OAuth2LoginAuthenticationWebFilter: Creates an instance
OAuth2LoginConfigurer> - Class in org.springframework.security.config.annotation.web.configurers.oauth2.client: An AbstractHttpConfigurer for OAuth 2.0 Login, which leverages the OAuth 2.0 Authorization Code Grant Flow.
OAuth2LoginConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer
OAuth2LoginConfigurer.AuthorizationEndpointConfig - Class in org.springframework.security.config.annotation.web.configurers.oauth2.client: Configuration options for the Authorization Server's Authorization Endpoint.
OAuth2LoginConfigurer.RedirectionEndpointConfig - Class in org.springframework.security.config.annotation.web.configurers.oauth2.client: Configuration options for the Client's Redirection Endpoint.
OAuth2LoginConfigurer.TokenEndpointConfig - Class in org.springframework.security.config.annotation.web.configurers.oauth2.client: Configuration options for the Authorization Server's Token Endpoint.
OAuth2LoginConfigurer.UserInfoEndpointConfig - Class in org.springframework.security.config.annotation.web.configurers.oauth2.client: Configuration options for the Authorization Server's UserInfo Endpoint.
OAuth2LoginReactiveAuthenticationManager - Class in org.springframework.security.oauth2.client.authentication: An implementation of an AuthenticationProvider for OAuth 2.0 Login, which leverages the OAuth 2.0 Authorization Code Grant Flow.
OAuth2LoginReactiveAuthenticationManager(ReactiveOAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest>, ReactiveOAuth2UserService<OAuth2UserRequest, OAuth2User>) - Constructor for class org.springframework.security.oauth2.client.authentication.OAuth2LoginReactiveAuthenticationManager
OAuth2ParameterNames - Class in org.springframework.security.oauth2.core.endpoint: Standard and custom (non-standard) parameter names defined in the OAuth Parameters Registry and used by the authorization endpoint, token endpoint and token revocation endpoint.
OAuth2PasswordGrantRequest - Class in org.springframework.security.oauth2.client.endpoint: Deprecated.
The latest OAuth 2.0 Security Best Current Practice disallows the use of the Resource Owner Password Credentials grant. See reference OAuth 2.0 Security Best Current Practice.
OAuth2PasswordGrantRequest(ClientRegistration, String, String) - Constructor for class org.springframework.security.oauth2.client.endpoint.OAuth2PasswordGrantRequest: Deprecated.

Constructs an OAuth2PasswordGrantRequest using the provided parameters.
OAuth2PasswordGrantRequestEntityConverter - Class in org.springframework.security.oauth2.client.endpoint: An implementation of an AbstractOAuth2AuthorizationGrantRequestEntityConverter that converts the provided OAuth2PasswordGrantRequest to a RequestEntity representation of an OAuth 2.0 Access Token Request for the Resource Owner Password Credentials Grant.
OAuth2PasswordGrantRequestEntityConverter() - Constructor for class org.springframework.security.oauth2.client.endpoint.OAuth2PasswordGrantRequestEntityConverter
OAuth2RefreshToken - Class in org.springframework.security.oauth2.core: An implementation of an AbstractOAuth2Token representing an OAuth 2.0 Refresh Token.
OAuth2RefreshToken(String, Instant) - Constructor for class org.springframework.security.oauth2.core.OAuth2RefreshToken: Constructs an OAuth2RefreshToken using the provided parameters.
OAuth2RefreshToken(String, Instant, Instant) - Constructor for class org.springframework.security.oauth2.core.OAuth2RefreshToken: Constructs an OAuth2RefreshToken using the provided parameters.
OAuth2RefreshTokenGrantRequest - Class in org.springframework.security.oauth2.client.endpoint: An OAuth 2.0 Refresh Token Grant request that holds the refresh token credential granted to the client.
OAuth2RefreshTokenGrantRequest(ClientRegistration, OAuth2AccessToken, OAuth2RefreshToken) - Constructor for class org.springframework.security.oauth2.client.endpoint.OAuth2RefreshTokenGrantRequest: Constructs an OAuth2RefreshTokenGrantRequest using the provided parameters.
OAuth2RefreshTokenGrantRequest(ClientRegistration, OAuth2AccessToken, OAuth2RefreshToken, Set<String>) - Constructor for class org.springframework.security.oauth2.client.endpoint.OAuth2RefreshTokenGrantRequest: Constructs an OAuth2RefreshTokenGrantRequest using the provided parameters.
OAuth2RefreshTokenGrantRequestEntityConverter - Class in org.springframework.security.oauth2.client.endpoint: An implementation of an AbstractOAuth2AuthorizationGrantRequestEntityConverter that converts the provided OAuth2RefreshTokenGrantRequest to a RequestEntity representation of an OAuth 2.0 Access Token Request for the Refresh Token Grant.
OAuth2RefreshTokenGrantRequestEntityConverter() - Constructor for class org.springframework.security.oauth2.client.endpoint.OAuth2RefreshTokenGrantRequestEntityConverter
oauth2ResourceServer() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Configures OAuth 2.0 Resource Server support.
oauth2ResourceServer() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Configures OAuth 2.0 Resource Server support.
oauth2ResourceServer(Customizer<OAuth2ResourceServerConfigurer<HttpSecurity>>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Configures OAuth 2.0 Resource Server support.
oauth2ResourceServer(Customizer<ServerHttpSecurity.OAuth2ResourceServerSpec>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Configures OAuth 2.0 Resource Server support.
OAuth2ResourceServerConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers.oauth2.server.resource: An AbstractHttpConfigurer for OAuth 2.0 Resource Server Support.
OAuth2ResourceServerConfigurer(ApplicationContext) - Constructor for class org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer
OAuth2ResourceServerConfigurer.JwtConfigurer - Class in org.springframework.security.config.annotation.web.configurers.oauth2.server.resource
OAuth2ResourceServerConfigurer.OpaqueTokenConfigurer - Class in org.springframework.security.config.annotation.web.configurers.oauth2.server.resource
OAuth2ResourceServerSpec() - Constructor for class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec
OAuth2Token - Interface in org.springframework.security.oauth2.core: Core interface representing an OAuth 2.0 Token.
OAuth2TokenIntrospectionClaimAccessor - Interface in org.springframework.security.oauth2.core: A ClaimAccessor for the "claims" that may be contained in the Introspection Response.
OAuth2TokenIntrospectionClaimNames - Class in org.springframework.security.oauth2.core: The names of the "Introspection Claims" defined by an Introspection Response.
OAuth2TokenValidator<T extends OAuth2Token> - Interface in org.springframework.security.oauth2.core: Implementations of this interface are responsible for "verifying" the validity and/or constraints of the attributes contained in an OAuth 2.0 Token.
OAuth2TokenValidatorResult - Class in org.springframework.security.oauth2.core: A result emitted from an OAuth2TokenValidator validation attempt
oauth2User(OAuth2User) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.OAuth2LoginMutator: Use the provided OAuth2User as the authenticated user.
oauth2User(OAuth2User) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.OAuth2LoginRequestPostProcessor: Use the provided OAuth2User as the authenticated user.
OAuth2User - Interface in org.springframework.security.oauth2.core.user: A representation of a user Principal that is registered with an OAuth 2.0 Provider.
OAuth2UserAuthority - Class in org.springframework.security.oauth2.core.user: A GrantedAuthority that may be associated to an OAuth2User.
OAuth2UserAuthority(String, Map<String, Object>) - Constructor for class org.springframework.security.oauth2.core.user.OAuth2UserAuthority: Constructs a OAuth2UserAuthority using the provided parameters.
OAuth2UserAuthority(Map<String, Object>) - Constructor for class org.springframework.security.oauth2.core.user.OAuth2UserAuthority: Constructs a OAuth2UserAuthority using the provided parameters and defaults OAuth2UserAuthority.getAuthority() to OAUTH2_USER.
OAuth2UserRequest - Class in org.springframework.security.oauth2.client.userinfo: Represents a request the OAuth2UserService uses when initiating a request to the UserInfo Endpoint.
OAuth2UserRequest(ClientRegistration, OAuth2AccessToken) - Constructor for class org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest: Constructs an OAuth2UserRequest using the provided parameters.
OAuth2UserRequest(ClientRegistration, OAuth2AccessToken, Map<String, Object>) - Constructor for class org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest: Constructs an OAuth2UserRequest using the provided parameters.
OAuth2UserRequestEntityConverter - Class in org.springframework.security.oauth2.client.userinfo: A Converter that converts the provided OAuth2UserRequest to a RequestEntity representation of a request for the UserInfo Endpoint.
OAuth2UserRequestEntityConverter() - Constructor for class org.springframework.security.oauth2.client.userinfo.OAuth2UserRequestEntityConverter
OAuth2UserService<R extends OAuth2UserRequest,U extends OAuth2User> - Interface in org.springframework.security.oauth2.client.userinfo: Implementations of this interface are responsible for obtaining the user attributes of the End-User (Resource Owner) from the UserInfo Endpoint using the Access Token granted to the Client and returning an AuthenticatedPrincipal in the form of an OAuth2User.
ObjectIdentity - Interface in org.springframework.security.acls.model: Represents the identity of an individual domain object instance.
ObjectIdentityGenerator - Interface in org.springframework.security.acls.model: Strategy which creates an ObjectIdentity from an object identifier (such as a primary key) and type information.
ObjectIdentityImpl - Class in org.springframework.security.acls.domain: Simple implementation of ObjectIdentity.
ObjectIdentityImpl(Class<?>, Serializable) - Constructor for class org.springframework.security.acls.domain.ObjectIdentityImpl: Constructor which uses the name of the supplied class as the type property.
ObjectIdentityImpl(Object) - Constructor for class org.springframework.security.acls.domain.ObjectIdentityImpl: Creates the ObjectIdentityImpl based on the passed object instance.
ObjectIdentityImpl(String, Serializable) - Constructor for class org.springframework.security.acls.domain.ObjectIdentityImpl
objectIdentityRetrievalStrategy - Variable in class org.springframework.security.acls.afterinvocation.AbstractAclProvider
ObjectIdentityRetrievalStrategy - Interface in org.springframework.security.acls.model: Strategy interface that provides the ability to determine which ObjectIdentity will be returned for a particular domain object
ObjectIdentityRetrievalStrategyImpl - Class in org.springframework.security.acls.domain: Basic implementation of ObjectIdentityRetrievalStrategy and ObjectIdentityGenerator that uses the constructors of ObjectIdentityImpl to create the ObjectIdentity.
ObjectIdentityRetrievalStrategyImpl() - Constructor for class org.springframework.security.acls.domain.ObjectIdentityRetrievalStrategyImpl
objectPostProcessor(AutowireCapableBeanFactory) - Method in class org.springframework.security.config.annotation.configuration.ObjectPostProcessorConfiguration
objectPostProcessor(ObjectPostProcessor<Object>) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder: Specifies the ObjectPostProcessor to use.
ObjectPostProcessor<T> - Interface in org.springframework.security.config.annotation: Allows initialization of Objects.
ObjectPostProcessorConfiguration - Class in org.springframework.security.config.annotation.configuration: Spring Configuration that exports the default ObjectPostProcessor.
ObjectPostProcessorConfiguration() - Constructor for class org.springframework.security.config.annotation.configuration.ObjectPostProcessorConfiguration
ObservationAuthenticationManager - Class in org.springframework.security.authentication: An AuthenticationManager that observes the authentication
ObservationAuthenticationManager(ObservationRegistry, AuthenticationManager) - Constructor for class org.springframework.security.authentication.ObservationAuthenticationManager
ObservationAuthorizationManager<T> - Class in org.springframework.security.authorization: An AuthorizationManager that observes the authorization
ObservationAuthorizationManager(ObservationRegistry, AuthorizationManager<T>) - Constructor for class org.springframework.security.authorization.ObservationAuthorizationManager
ObservationFilterChainDecorator - Class in org.springframework.security.web: A FilterChainProxy.FilterChainDecorator that wraps the chain in before and after observations
ObservationFilterChainDecorator(ObservationRegistry) - Constructor for class org.springframework.security.web.ObservationFilterChainDecorator
ObservationMarkingAccessDeniedHandler - Class in org.springframework.security.web.access
ObservationMarkingAccessDeniedHandler(ObservationRegistry) - Constructor for class org.springframework.security.web.access.ObservationMarkingAccessDeniedHandler
ObservationMarkingRequestRejectedHandler - Class in org.springframework.security.web.firewall
ObservationMarkingRequestRejectedHandler(ObservationRegistry) - Constructor for class org.springframework.security.web.firewall.ObservationMarkingRequestRejectedHandler
ObservationReactiveAuthenticationManager - Class in org.springframework.security.authentication: An ReactiveAuthenticationManager that observes the authentication
ObservationReactiveAuthenticationManager(ObservationRegistry, ReactiveAuthenticationManager) - Constructor for class org.springframework.security.authentication.ObservationReactiveAuthenticationManager
ObservationReactiveAuthorizationManager<T> - Class in org.springframework.security.authorization: An ReactiveAuthorizationManager that observes the authentication
ObservationReactiveAuthorizationManager(ObservationRegistry, ReactiveAuthorizationManager<T>) - Constructor for class org.springframework.security.authorization.ObservationReactiveAuthorizationManager
ObservationSecurityContextChangedListener - Class in org.springframework.security.core.context: A SecurityContextChangedListener that adds events to an existing Observation If no Observation is present when an event is fired, then the event is unrecorded.
ObservationSecurityContextChangedListener(ObservationRegistry) - Constructor for class org.springframework.security.core.context.ObservationSecurityContextChangedListener: Create a ObservationSecurityContextChangedListener
ObservationWebFilterChainDecorator - Class in org.springframework.security.web.server: A WebFilterChainProxy.WebFilterChainDecorator that wraps the chain in before and after observations
ObservationWebFilterChainDecorator(ObservationRegistry) - Constructor for class org.springframework.security.web.server.ObservationWebFilterChainDecorator
obtainPassword(HttpServletRequest) - Method in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter: Enables subclasses to override the composition of the password, such as by including additional values and a separator.
obtainSecurityMetadataSource() - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor: Deprecated.
obtainSecurityMetadataSource() - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor: Deprecated.
obtainSecurityMetadataSource() - Method in class org.springframework.security.messaging.access.intercept.ChannelSecurityInterceptor: Deprecated.
obtainSecurityMetadataSource() - Method in class org.springframework.security.web.access.intercept.FilterSecurityInterceptor: Deprecated.
obtainSubject(ServletRequest) - Method in class org.springframework.security.web.jaasapi.JaasApiIntegrationFilter: Obtains the Subject to run as or null if no Subject is available.
obtainUsername(HttpServletRequest) - Method in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter: Enables subclasses to override the composition of the username, such as by including additional values and a separator.
OID - Static variable in class org.springframework.security.ldap.ppolicy.PasswordPolicyControl: OID of the Password Policy Control
OidcAuthorizationCodeAuthenticationProvider - Class in org.springframework.security.oauth2.client.oidc.authentication: An implementation of an AuthenticationProvider for the OpenID Connect Core 1.0 Authorization Code Grant Flow.
OidcAuthorizationCodeAuthenticationProvider(OAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest>, OAuth2UserService<OidcUserRequest, OidcUser>) - Constructor for class org.springframework.security.oauth2.client.oidc.authentication.OidcAuthorizationCodeAuthenticationProvider: Constructs an OidcAuthorizationCodeAuthenticationProvider using the provided parameters.
OidcAuthorizationCodeReactiveAuthenticationManager - Class in org.springframework.security.oauth2.client.oidc.authentication: An implementation of an AuthenticationProvider for OAuth 2.0 Login, which leverages the OAuth 2.0 Authorization Code Grant Flow.
OidcAuthorizationCodeReactiveAuthenticationManager(ReactiveOAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest>, ReactiveOAuth2UserService<OidcUserRequest, OidcUser>) - Constructor for class org.springframework.security.oauth2.client.oidc.authentication.OidcAuthorizationCodeReactiveAuthenticationManager
OidcClientInitiatedLogoutSuccessHandler - Class in org.springframework.security.oauth2.client.oidc.web.logout: A logout success handler for initiating OIDC logout through the user agent.
OidcClientInitiatedLogoutSuccessHandler(ClientRegistrationRepository) - Constructor for class org.springframework.security.oauth2.client.oidc.web.logout.OidcClientInitiatedLogoutSuccessHandler
OidcClientInitiatedServerLogoutSuccessHandler - Class in org.springframework.security.oauth2.client.oidc.web.server.logout: A reactive logout success handler for initiating OIDC logout through the user agent.
OidcClientInitiatedServerLogoutSuccessHandler(ReactiveClientRegistrationRepository) - Constructor for class org.springframework.security.oauth2.client.oidc.web.server.logout.OidcClientInitiatedServerLogoutSuccessHandler: Constructs an OidcClientInitiatedServerLogoutSuccessHandler with the provided parameters
OidcIdToken - Class in org.springframework.security.oauth2.core.oidc: An implementation of an AbstractOAuth2Token representing an OpenID Connect Core 1.0 ID Token.
OidcIdToken(String, Instant, Instant, Map<String, Object>) - Constructor for class org.springframework.security.oauth2.core.oidc.OidcIdToken: Constructs a OidcIdToken using the provided parameters.
OidcIdToken.Builder - Class in org.springframework.security.oauth2.core.oidc: A builder for OidcIdTokens
OidcIdTokenDecoderFactory - Class in org.springframework.security.oauth2.client.oidc.authentication: A factory that provides a JwtDecoder used for OidcIdToken signature verification.
OidcIdTokenDecoderFactory() - Constructor for class org.springframework.security.oauth2.client.oidc.authentication.OidcIdTokenDecoderFactory
OidcIdTokenValidator - Class in org.springframework.security.oauth2.client.oidc.authentication: An OAuth2TokenValidator responsible for validating the claims in an ID Token.
OidcIdTokenValidator(ClientRegistration) - Constructor for class org.springframework.security.oauth2.client.oidc.authentication.OidcIdTokenValidator
oidcLogin() - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors: Establish a SecurityContext that has a OAuth2AuthenticationToken for the Authentication, a OidcUser as the principal, and a OAuth2AuthorizedClient in the session.
OidcParameterNames - Class in org.springframework.security.oauth2.core.oidc.endpoint: Standard parameter names defined in the OAuth Parameters Registry and used by the authorization endpoint and token endpoint.
OidcReactiveOAuth2UserService - Class in org.springframework.security.oauth2.client.oidc.userinfo: An implementation of an ReactiveOAuth2UserService that supports OpenID Connect 1.0 Provider's.
OidcReactiveOAuth2UserService() - Constructor for class org.springframework.security.oauth2.client.oidc.userinfo.OidcReactiveOAuth2UserService
OidcScopes - Class in org.springframework.security.oauth2.core.oidc: The scope values defined by the OpenID Connect Core 1.0 specification that can be used to request claims.
oidcUser(OidcUser) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.OidcLoginMutator: Use the provided OidcUser as the authenticated user.
oidcUser(OidcUser) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.OidcLoginRequestPostProcessor: Use the provided OidcUser as the authenticated user.
OidcUser - Interface in org.springframework.security.oauth2.core.oidc.user: A representation of a user Principal that is registered with an OpenID Connect 1.0 Provider.
OidcUserAuthority - Class in org.springframework.security.oauth2.core.oidc.user: A GrantedAuthority that may be associated to an OidcUser.
OidcUserAuthority(String, OidcIdToken, OidcUserInfo) - Constructor for class org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority: Constructs a OidcUserAuthority using the provided parameters.
OidcUserAuthority(OidcIdToken) - Constructor for class org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority: Constructs a OidcUserAuthority using the provided parameters.
OidcUserAuthority(OidcIdToken, OidcUserInfo) - Constructor for class org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority: Constructs a OidcUserAuthority using the provided parameters and defaults OAuth2UserAuthority.getAuthority() to OIDC_USER.
OidcUserInfo - Class in org.springframework.security.oauth2.core.oidc: A representation of a UserInfo Response that is returned from the OAuth 2.0 Protected Resource UserInfo Endpoint.
OidcUserInfo(Map<String, Object>) - Constructor for class org.springframework.security.oauth2.core.oidc.OidcUserInfo: Constructs a OidcUserInfo using the provided parameters.
OidcUserInfo.Builder - Class in org.springframework.security.oauth2.core.oidc: A builder for OidcUserInfos
OidcUserRequest - Class in org.springframework.security.oauth2.client.oidc.userinfo: Represents a request the OidcUserService uses when initiating a request to the UserInfo Endpoint.
OidcUserRequest(ClientRegistration, OAuth2AccessToken, OidcIdToken) - Constructor for class org.springframework.security.oauth2.client.oidc.userinfo.OidcUserRequest: Constructs an OidcUserRequest using the provided parameters.
OidcUserRequest(ClientRegistration, OAuth2AccessToken, OidcIdToken, Map<String, Object>) - Constructor for class org.springframework.security.oauth2.client.oidc.userinfo.OidcUserRequest: Constructs an OidcUserRequest using the provided parameters.
oidcUserService(OAuth2UserService<OidcUserRequest, OidcUser>) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer.UserInfoEndpointConfig: Sets the OpenID Connect 1.0 service used for obtaining the user attributes of the End-User from the UserInfo Endpoint.
OidcUserService - Class in org.springframework.security.oauth2.client.oidc.userinfo: An implementation of an OAuth2UserService that supports OpenID Connect 1.0 Provider's.
OidcUserService() - Constructor for class org.springframework.security.oauth2.client.oidc.userinfo.OidcUserService
OKTA - Enum constant in enum class org.springframework.security.config.oauth2.client.CommonOAuth2Provider
onApplicationEvent(ApplicationEvent) - Method in class org.springframework.security.context.DelegatingApplicationListener
onApplicationEvent(AbstractAuthorizationEvent) - Method in class org.springframework.security.access.event.LoggerListener: Deprecated.
onApplicationEvent(AbstractAuthenticationEvent) - Method in class org.springframework.security.authentication.event.LoggerListener
onApplicationEvent(AbstractSessionEvent) - Method in class org.springframework.security.core.session.SessionRegistryImpl
onApplicationEvent(SessionDestroyedEvent) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
onAuthentication(Authentication, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.session.AbstractSessionFixationProtectionStrategy: Called when a user is newly authenticated.
onAuthentication(Authentication, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.session.CompositeSessionAuthenticationStrategy
onAuthentication(Authentication, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy: In addition to the steps from the superclass, the sessionRegistry will be updated with the new session information.
onAuthentication(Authentication, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.session.NullAuthenticatedSessionStrategy
onAuthentication(Authentication, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy: In addition to the steps from the superclass, the sessionRegistry will be updated with the new session information.
onAuthentication(Authentication, HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.authentication.session.SessionAuthenticationStrategy: Performs Http session-related functionality when a new authentication occurs.
onAuthentication(Authentication, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.csrf.CsrfAuthenticationStrategy
onAuthenticationFailure(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.AuthenticationEntryPointFailureHandler
onAuthenticationFailure(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in interface org.springframework.security.web.authentication.AuthenticationFailureHandler: Called when an authentication attempt fails.
onAuthenticationFailure(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.DelegatingAuthenticationFailureHandler
onAuthenticationFailure(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler
onAuthenticationFailure(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.ForwardAuthenticationFailureHandler
onAuthenticationFailure(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler: Performs the redirect or forward to the defaultFailureUrl if set, otherwise returns a 401 error code.
onAuthenticationFailure(WebFilterExchange, AuthenticationException) - Method in class org.springframework.security.web.server.authentication.RedirectServerAuthenticationFailureHandler
onAuthenticationFailure(WebFilterExchange, AuthenticationException) - Method in class org.springframework.security.web.server.authentication.ServerAuthenticationEntryPointFailureHandler
onAuthenticationFailure(WebFilterExchange, AuthenticationException) - Method in interface org.springframework.security.web.server.authentication.ServerAuthenticationFailureHandler: Invoked when authentication attempt fails
onAuthenticationSuccess(HttpServletRequest, HttpServletResponse, FilterChain, Authentication) - Method in interface org.springframework.security.web.authentication.AuthenticationSuccessHandler: Called when a user has been successfully authenticated.
onAuthenticationSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in interface org.springframework.security.web.authentication.AuthenticationSuccessHandler: Called when a user has been successfully authenticated.
onAuthenticationSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.ForwardAuthenticationSuccessHandler
onAuthenticationSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler
onAuthenticationSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler: Calls the parent class handle() method to forward or redirect to the target URL, and then calls clearAuthenticationAttributes() to remove any leftover session data.
onAuthenticationSuccess(Authentication, WebFilterExchange) - Method in class org.springframework.security.oauth2.client.web.server.authentication.OAuth2LoginAuthenticationWebFilter
onAuthenticationSuccess(Authentication, WebFilterExchange) - Method in class org.springframework.security.web.server.authentication.AuthenticationWebFilter
onAuthenticationSuccess(WebFilterExchange, Authentication) - Method in class org.springframework.security.web.server.authentication.DelegatingServerAuthenticationSuccessHandler
onAuthenticationSuccess(WebFilterExchange, Authentication) - Method in class org.springframework.security.web.server.authentication.RedirectServerAuthenticationSuccessHandler
onAuthenticationSuccess(WebFilterExchange, Authentication) - Method in interface org.springframework.security.web.server.authentication.ServerAuthenticationSuccessHandler: Invoked when the application authenticates successfully
onAuthenticationSuccess(WebFilterExchange, Authentication) - Method in class org.springframework.security.web.server.authentication.WebFilterChainServerAuthenticationSuccessHandler
onAuthorizationFailure(OAuth2AuthorizationException, Authentication, Map<String, Object>) - Method in interface org.springframework.security.oauth2.client.OAuth2AuthorizationFailureHandler: Called when an OAuth 2.0 Client fails to authorize (or re-authorize) via the Authorization Server or Resource Server.
onAuthorizationFailure(OAuth2AuthorizationException, Authentication, Map<String, Object>) - Method in interface org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizationFailureHandler: Called when an OAuth 2.0 Client fails to authorize (or re-authorize) via the authorization server or resource server.
onAuthorizationFailure(OAuth2AuthorizationException, Authentication, Map<String, Object>) - Method in class org.springframework.security.oauth2.client.RemoveAuthorizedClientOAuth2AuthorizationFailureHandler
onAuthorizationFailure(OAuth2AuthorizationException, Authentication, Map<String, Object>) - Method in class org.springframework.security.oauth2.client.RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler
onAuthorizationSuccess(OAuth2AuthorizedClient, Authentication, Map<String, Object>) - Method in interface org.springframework.security.oauth2.client.OAuth2AuthorizationSuccessHandler: Called when an OAuth 2.0 Client has been successfully authorized (or re-authorized) via the Authorization Server.
onAuthorizationSuccess(OAuth2AuthorizedClient, Authentication, Map<String, Object>) - Method in interface org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizationSuccessHandler: Called when an OAuth 2.0 Client has been successfully authorized (or re-authorized) via the authorization server.
OnCommittedResponseWrapper - Class in org.springframework.security.web.util: Base class for response wrappers which encapsulate the logic for handling an event when the HttpServletResponse is committed.
OnCommittedResponseWrapper(HttpServletResponse) - Constructor for class org.springframework.security.web.util.OnCommittedResponseWrapper
onExpiredSessionDetected(SessionInformationExpiredEvent) - Method in interface org.springframework.security.web.session.SessionInformationExpiredStrategy
onExpiredSessionDetected(SessionInformationExpiredEvent) - Method in class org.springframework.security.web.session.SimpleRedirectSessionInformationExpiredStrategy
onInvalidSessionDetected(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.session.InvalidSessionStrategy
onInvalidSessionDetected(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.session.RequestedUrlRedirectInvalidSessionStrategy
onInvalidSessionDetected(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.session.SimpleRedirectInvalidSessionStrategy
onLoginFail(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
onLoginSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices: Called from loginSuccess when a remember-me login has been requested.
onLoginSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices: Creates a new persistent login token with a new series number, stores the data in the persistent token repository and adds the corresponding cookie to the response.
onLoginSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices
onLogoutSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2RelyingPartyInitiatedLogoutSuccessHandler: Produce and send a SAML 2.0 Logout Response based on the SAML 2.0 Logout Request received from the asserting party
onLogoutSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.logout.DelegatingLogoutSuccessHandler
onLogoutSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.logout.ForwardLogoutSuccessHandler
onLogoutSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.logout.HttpStatusReturningLogoutSuccessHandler: Implementation of LogoutSuccessHandler.onLogoutSuccess(HttpServletRequest, HttpServletResponse, Authentication) .
onLogoutSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in interface org.springframework.security.web.authentication.logout.LogoutSuccessHandler
onLogoutSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler
onLogoutSuccess(WebFilterExchange, Authentication) - Method in class org.springframework.security.oauth2.client.oidc.web.server.logout.OidcClientInitiatedServerLogoutSuccessHandler
onLogoutSuccess(WebFilterExchange, Authentication) - Method in class org.springframework.security.web.server.authentication.logout.HttpStatusReturningServerLogoutSuccessHandler: Implementation of ServerLogoutSuccessHandler.onLogoutSuccess(WebFilterExchange, Authentication).
onLogoutSuccess(WebFilterExchange, Authentication) - Method in class org.springframework.security.web.server.authentication.logout.RedirectServerLogoutSuccessHandler
onLogoutSuccess(WebFilterExchange, Authentication) - Method in interface org.springframework.security.web.server.authentication.logout.ServerLogoutSuccessHandler: Invoked after log out was successful
onResponseCommitted() - Method in class org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper: Deprecated.

Calls saveContext() with the current contents of the SecurityContextHolder as long as () was not invoked.
onResponseCommitted() - Method in class org.springframework.security.web.util.OnCommittedResponseWrapper: Implement the logic for handling the HttpServletResponse being committed
onSessionChange(String, HttpSession, Authentication) - Method in class org.springframework.security.web.authentication.session.AbstractSessionFixationProtectionStrategy: Called when the session has been changed and the old attributes have been migrated to the new session.
onStartup(ServletContext) - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
onSuccessfulAuthentication(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter: Called if a remember-me token is presented and successfully authenticated by the RememberMeServices autoLogin method and the AuthenticationManager.
onSuccessfulAuthentication(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
onUnsuccessfulAuthentication(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter: Called if the AuthenticationManager rejects the authentication object returned from the RememberMeServices autoLogin method.
onUnsuccessfulAuthentication(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
OPAQUE_TOKEN - Static variable in class org.springframework.security.config.Elements
opaqueToken() - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer
opaqueToken() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec: Enables Opaque Token Resource Server support.
opaqueToken() - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors: Establish a SecurityContext that has a BearerTokenAuthentication for the Authentication and a OAuth2AuthenticatedPrincipal for the Authentication.getPrincipal().
opaqueToken(Customizer<OAuth2ResourceServerConfigurer.OpaqueTokenConfigurer>) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer: Enables opaque bearer token support.
opaqueToken(Customizer<ServerHttpSecurity.OAuth2ResourceServerSpec.OpaqueTokenSpec>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec: Enables Opaque Token Resource Server support.
OpaqueTokenAuthenticationConverter - Interface in org.springframework.security.oauth2.server.resource.introspection: Convert a successful introspection result into an authentication result.
OpaqueTokenAuthenticationProvider - Class in org.springframework.security.oauth2.server.resource.authentication: An AuthenticationProvider implementation for opaque Bearer Tokens, using an OAuth 2.0 Introspection Endpoint to check the token's validity and reveal its attributes.
OpaqueTokenAuthenticationProvider(OpaqueTokenIntrospector) - Constructor for class org.springframework.security.oauth2.server.resource.authentication.OpaqueTokenAuthenticationProvider: Creates a OpaqueTokenAuthenticationProvider with the provided parameters
OpaqueTokenIntrospector - Interface in org.springframework.security.oauth2.server.resource.introspection: A contract for introspecting and verifying an OAuth 2.0 token.
OpaqueTokenReactiveAuthenticationManager - Class in org.springframework.security.oauth2.server.resource.authentication: An ReactiveAuthenticationManager implementation for opaque Bearer Tokens, using an OAuth 2.0 Introspection Endpoint to check the token's validity and reveal its attributes.
OpaqueTokenReactiveAuthenticationManager(ReactiveOpaqueTokenIntrospector) - Constructor for class org.springframework.security.oauth2.server.resource.authentication.OpaqueTokenReactiveAuthenticationManager: Creates a OpaqueTokenReactiveAuthenticationManager with the provided parameters
OPENER_POLICY - Static variable in class org.springframework.security.web.server.header.CrossOriginOpenerPolicyServerHttpHeadersWriter
OPENID - Static variable in class org.springframework.security.oauth2.core.oidc.OidcScopes: The openid scope is required for OpenID Connect Authentication Requests.
OpenSaml4AuthenticationProvider - Class in org.springframework.security.saml2.provider.service.authentication: Implementation of AuthenticationProvider for SAML authentications when receiving a Response object containing an Assertion.
OpenSaml4AuthenticationProvider() - Constructor for class org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationProvider: Creates an OpenSaml4AuthenticationProvider
OpenSaml4AuthenticationProvider.AssertionToken - Class in org.springframework.security.saml2.provider.service.authentication: A tuple containing an OpenSAML Assertion and its associated authentication token.
OpenSaml4AuthenticationProvider.ResponseToken - Class in org.springframework.security.saml2.provider.service.authentication: A tuple containing an OpenSAML Response and its associated authentication token.
OpenSaml4AuthenticationRequestResolver - Class in org.springframework.security.saml2.provider.service.web.authentication: A strategy for resolving a SAML 2.0 Authentication Request from the HttpServletRequest using OpenSAML.
OpenSaml4AuthenticationRequestResolver(RelyingPartyRegistrationResolver) - Constructor for class org.springframework.security.saml2.provider.service.web.authentication.OpenSaml4AuthenticationRequestResolver: Construct a OpenSaml4AuthenticationRequestResolver
OpenSaml4AuthenticationRequestResolver.AuthnRequestContext - Class in org.springframework.security.saml2.provider.service.web.authentication
OpenSaml4LogoutRequestResolver - Class in org.springframework.security.saml2.provider.service.web.authentication.logout: A Saml2LogoutRequestResolver for resolving SAML 2.0 Logout Requests with OpenSAML 4
OpenSaml4LogoutRequestResolver(RelyingPartyRegistrationResolver) - Constructor for class org.springframework.security.saml2.provider.service.web.authentication.logout.OpenSaml4LogoutRequestResolver: Construct a OpenSaml4LogoutRequestResolver
OpenSaml4LogoutRequestResolver.LogoutRequestParameters - Class in org.springframework.security.saml2.provider.service.web.authentication.logout
OpenSaml4LogoutResponseResolver - Class in org.springframework.security.saml2.provider.service.web.authentication.logout: A Saml2LogoutResponseResolver for resolving SAML 2.0 Logout Responses with OpenSAML 4
OpenSaml4LogoutResponseResolver(RelyingPartyRegistrationResolver) - Constructor for class org.springframework.security.saml2.provider.service.web.authentication.logout.OpenSaml4LogoutResponseResolver: Construct a OpenSaml4LogoutResponseResolver
OpenSaml4LogoutResponseResolver.LogoutResponseParameters - Class in org.springframework.security.saml2.provider.service.web.authentication.logout
OpenSamlAssertingPartyDetails - Class in org.springframework.security.saml2.provider.service.registration: A RelyingPartyRegistration.AssertingPartyDetails that contains OpenSAML-specific members
OpenSamlAssertingPartyDetails.Builder - Class in org.springframework.security.saml2.provider.service.registration: An OpenSAML version of RelyingPartyRegistration.AssertingPartyDetails.Builder that contains the underlying EntityDescriptor
OpenSamlInitializationService - Class in org.springframework.security.saml2.core: An initialization service for initializing OpenSAML.
OpenSamlLogoutRequestValidator - Class in org.springframework.security.saml2.provider.service.authentication.logout: A Saml2LogoutRequestValidator that authenticates a SAML 2.0 Logout Requests received from a SAML 2.0 Asserting Party using OpenSAML.
OpenSamlLogoutRequestValidator() - Constructor for class org.springframework.security.saml2.provider.service.authentication.logout.OpenSamlLogoutRequestValidator: Constructs a OpenSamlLogoutRequestValidator
OpenSamlLogoutResponseValidator - Class in org.springframework.security.saml2.provider.service.authentication.logout: A Saml2LogoutResponseValidator that authenticates a SAML 2.0 Logout Responses received from a SAML 2.0 Asserting Party using OpenSAML.
OpenSamlLogoutResponseValidator() - Constructor for class org.springframework.security.saml2.provider.service.authentication.logout.OpenSamlLogoutResponseValidator: Constructs a OpenSamlLogoutRequestValidator
OpenSamlMetadataResolver - Class in org.springframework.security.saml2.provider.service.metadata: Resolves the SAML 2.0 Relying Party Metadata for a given RelyingPartyRegistration using the OpenSAML API.
OpenSamlMetadataResolver() - Constructor for class org.springframework.security.saml2.provider.service.metadata.OpenSamlMetadataResolver
OpenSamlMetadataResolver.EntityDescriptorParameters - Class in org.springframework.security.saml2.provider.service.metadata: A tuple containing an OpenSAML EntityDescriptor and its associated RelyingPartyRegistration
OpenSamlRelyingPartyRegistrationBuilderHttpMessageConverter - Class in org.springframework.security.saml2.provider.service.registration: An HttpMessageConverter that takes an IDPSSODescriptor in an HTTP response and converts it into a RelyingPartyRegistration.Builder.
OpenSamlRelyingPartyRegistrationBuilderHttpMessageConverter() - Constructor for class org.springframework.security.saml2.provider.service.registration.OpenSamlRelyingPartyRegistrationBuilderHttpMessageConverter: Creates a OpenSamlRelyingPartyRegistrationBuilderHttpMessageConverter
order() - Element in annotation interface org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity: Deprecated.

Indicate the ordering of the execution of the security advisor when multiple advices are applied at a specific joinpoint.
order() - Element in annotation interface org.springframework.security.config.annotation.method.configuration.EnableReactiveMethodSecurity: Indicate the ordering of the execution of the security advisor when multiple advices are applied at a specific joinpoint.
ORDERED - Static variable in class org.springframework.security.crypto.codec.Base64: Deprecated.

Encode using the special "ordered" dialect of Base64.
org.springframework.security.access - package org.springframework.security.access: Core access-control related code, including security metadata related classes, interception code, access control annotations, EL support and voter-based implementations of the central AccessDecisionManager interface.
org.springframework.security.access.annotation - package org.springframework.security.access.annotation: Support for JSR-250 and Spring Security @Secured annotations.
org.springframework.security.access.event - package org.springframework.security.access.event: Authorization event and listener classes.
org.springframework.security.access.expression - package org.springframework.security.access.expression: Expression handling code to support the use of Spring-EL based expressions in @PreAuthorize, @PreFilter, @PostAuthorize and @PostFilter annotations.
org.springframework.security.access.expression.method - package org.springframework.security.access.expression.method: Implementation of expression-based method security.
org.springframework.security.access.hierarchicalroles - package org.springframework.security.access.hierarchicalroles: Role hierarchy implementation.
org.springframework.security.access.intercept - package org.springframework.security.access.intercept: Abstract level security interception classes which are responsible for enforcing the configured security constraints for a secure object.
org.springframework.security.access.intercept.aopalliance - package org.springframework.security.access.intercept.aopalliance: Enforces security for AOP Alliance MethodInvocations, such as via Spring AOP.
org.springframework.security.access.intercept.aspectj - package org.springframework.security.access.intercept.aspectj: Enforces security for AspectJ JointPoints, delegating secure object callbacks to the calling aspect.
org.springframework.security.access.method - package org.springframework.security.access.method: Provides SecurityMetadataSource implementations for securing Java method invocations via different AOP libraries.
org.springframework.security.access.prepost - package org.springframework.security.access.prepost: Contains the infrastructure classes for handling the @PreAuthorize, @PreFilter, @PostAuthorize and @PostFilter annotations.
org.springframework.security.access.vote - package org.springframework.security.access.vote: Implements a vote-based approach to authorization decisions.
org.springframework.security.acls - package org.springframework.security.acls: The Spring Security ACL package which implements instance-based security for domain objects.
org.springframework.security.acls.afterinvocation - package org.springframework.security.acls.afterinvocation: After-invocation providers for collection and array filtering.
org.springframework.security.acls.domain - package org.springframework.security.acls.domain: Basic implementation of access control lists (ACLs) interfaces.
org.springframework.security.acls.jdbc - package org.springframework.security.acls.jdbc: JDBC-based persistence of ACL information
org.springframework.security.acls.model - package org.springframework.security.acls.model: Interfaces and shared classes to manage access control lists (ACLs) for domain object instances.
org.springframework.security.authentication - package org.springframework.security.authentication: Core classes and interfaces related to user authentication, which are used throughout Spring Security.
org.springframework.security.authentication.dao - package org.springframework.security.authentication.dao: An AuthenticationProvider which relies upon a data access object.
org.springframework.security.authentication.event - package org.springframework.security.authentication.event: Authentication success and failure events which can be published to the Spring application context.
org.springframework.security.authentication.jaas - package org.springframework.security.authentication.jaas: An authentication provider for JAAS.
org.springframework.security.authentication.jaas.event - package org.springframework.security.authentication.jaas.event: JAAS authentication events which can be published to the Spring application context by the JAAS authentication provider.
org.springframework.security.authentication.jaas.memory - package org.springframework.security.authentication.jaas.memory: An in memory JAAS implementation.
org.springframework.security.authorization - package org.springframework.security.authorization
org.springframework.security.authorization.event - package org.springframework.security.authorization.event
org.springframework.security.authorization.method - package org.springframework.security.authorization.method
org.springframework.security.concurrent - package org.springframework.security.concurrent
org.springframework.security.config - package org.springframework.security.config: Support classes for the Spring Security namespace.
org.springframework.security.config.annotation - package org.springframework.security.config.annotation
org.springframework.security.config.annotation.authentication - package org.springframework.security.config.annotation.authentication
org.springframework.security.config.annotation.authentication.builders - package org.springframework.security.config.annotation.authentication.builders
org.springframework.security.config.annotation.authentication.configuration - package org.springframework.security.config.annotation.authentication.configuration
org.springframework.security.config.annotation.authentication.configurers.ldap - package org.springframework.security.config.annotation.authentication.configurers.ldap
org.springframework.security.config.annotation.authentication.configurers.provisioning - package org.springframework.security.config.annotation.authentication.configurers.provisioning
org.springframework.security.config.annotation.authentication.configurers.userdetails - package org.springframework.security.config.annotation.authentication.configurers.userdetails
org.springframework.security.config.annotation.configuration - package org.springframework.security.config.annotation.configuration
org.springframework.security.config.annotation.method.configuration - package org.springframework.security.config.annotation.method.configuration
org.springframework.security.config.annotation.rsocket - package org.springframework.security.config.annotation.rsocket
org.springframework.security.config.annotation.web - package org.springframework.security.config.annotation.web
org.springframework.security.config.annotation.web.builders - package org.springframework.security.config.annotation.web.builders
org.springframework.security.config.annotation.web.configuration - package org.springframework.security.config.annotation.web.configuration
org.springframework.security.config.annotation.web.configurers - package org.springframework.security.config.annotation.web.configurers
org.springframework.security.config.annotation.web.configurers.oauth2.client - package org.springframework.security.config.annotation.web.configurers.oauth2.client
org.springframework.security.config.annotation.web.configurers.oauth2.server.resource - package org.springframework.security.config.annotation.web.configurers.oauth2.server.resource
org.springframework.security.config.annotation.web.configurers.saml2 - package org.springframework.security.config.annotation.web.configurers.saml2
org.springframework.security.config.annotation.web.messaging - package org.springframework.security.config.annotation.web.messaging
org.springframework.security.config.annotation.web.reactive - package org.springframework.security.config.annotation.web.reactive
org.springframework.security.config.annotation.web.servlet.configuration - package org.springframework.security.config.annotation.web.servlet.configuration
org.springframework.security.config.annotation.web.socket - package org.springframework.security.config.annotation.web.socket
org.springframework.security.config.authentication - package org.springframework.security.config.authentication: Parsing of <authentication-manager> and related elements.
org.springframework.security.config.core - package org.springframework.security.config.core
org.springframework.security.config.core.userdetails - package org.springframework.security.config.core.userdetails
org.springframework.security.config.crypto - package org.springframework.security.config.crypto
org.springframework.security.config.debug - package org.springframework.security.config.debug
org.springframework.security.config.http - package org.springframework.security.config.http: Parsing of the <http> namespace element.
org.springframework.security.config.ldap - package org.springframework.security.config.ldap: Security namespace support for LDAP authentication.
org.springframework.security.config.method - package org.springframework.security.config.method: Support for parsing of the <global-method-security> and <intercept-methods> elements.
org.springframework.security.config.oauth2.client - package org.springframework.security.config.oauth2.client
org.springframework.security.config.provisioning - package org.springframework.security.config.provisioning
org.springframework.security.config.saml2 - package org.springframework.security.config.saml2
org.springframework.security.config.web.server - package org.springframework.security.config.web.server
org.springframework.security.config.websocket - package org.springframework.security.config.websocket
org.springframework.security.context - package org.springframework.security.context
org.springframework.security.converter - package org.springframework.security.converter
org.springframework.security.core - package org.springframework.security.core: Core classes and interfaces related to user authentication and authorization, as well as the maintenance of a security context.
org.springframework.security.core.annotation - package org.springframework.security.core.annotation
org.springframework.security.core.authority - package org.springframework.security.core.authority: The default implementation of the GrantedAuthority interface.
org.springframework.security.core.authority.mapping - package org.springframework.security.core.authority.mapping: Strategies for mapping a list of attributes (such as roles or LDAP groups) to a list of GrantedAuthoritys.
org.springframework.security.core.context - package org.springframework.security.core.context: Classes related to the establishment of a security context for the duration of a request (such as an HTTP or RMI invocation).
org.springframework.security.core.parameters - package org.springframework.security.core.parameters
org.springframework.security.core.session - package org.springframework.security.core.session: Session abstraction which is provided by the org.springframework.security.core.session.SessionInformation SessionInformation class.
org.springframework.security.core.token - package org.springframework.security.core.token: A service for building secure random tokens.
org.springframework.security.core.userdetails - package org.springframework.security.core.userdetails: The standard interfaces for implementing user data DAOs.
org.springframework.security.core.userdetails.cache - package org.springframework.security.core.userdetails.cache: Implementations of UserCache.
org.springframework.security.core.userdetails.jdbc - package org.springframework.security.core.userdetails.jdbc: Exposes a JDBC-based authentication repository, implementing org.springframework.security.core.userdetails.UserDetailsService UserDetailsService.
org.springframework.security.core.userdetails.memory - package org.springframework.security.core.userdetails.memory: Exposes an in-memory authentication repository.
org.springframework.security.crypto.argon2 - package org.springframework.security.crypto.argon2
org.springframework.security.crypto.bcrypt - package org.springframework.security.crypto.bcrypt
org.springframework.security.crypto.codec - package org.springframework.security.crypto.codec: Internal codec classes.
org.springframework.security.crypto.encrypt - package org.springframework.security.crypto.encrypt
org.springframework.security.crypto.factory - package org.springframework.security.crypto.factory
org.springframework.security.crypto.keygen - package org.springframework.security.crypto.keygen
org.springframework.security.crypto.password - package org.springframework.security.crypto.password
org.springframework.security.crypto.scrypt - package org.springframework.security.crypto.scrypt
org.springframework.security.crypto.util - package org.springframework.security.crypto.util
org.springframework.security.data.repository.query - package org.springframework.security.data.repository.query
org.springframework.security.jackson2 - package org.springframework.security.jackson2: Mix-in classes to add Jackson serialization support.
org.springframework.security.ldap - package org.springframework.security.ldap: Spring Security's LDAP module.
org.springframework.security.ldap.authentication - package org.springframework.security.ldap.authentication: The LDAP authentication provider package.
org.springframework.security.ldap.authentication.ad - package org.springframework.security.ldap.authentication.ad
org.springframework.security.ldap.jackson2 - package org.springframework.security.ldap.jackson2
org.springframework.security.ldap.ppolicy - package org.springframework.security.ldap.ppolicy: Implementation of password policy functionality based on the Password Policy for LDAP Directories.
org.springframework.security.ldap.search - package org.springframework.security.ldap.search: LdapUserSearch implementations.
org.springframework.security.ldap.server - package org.springframework.security.ldap.server: Embedded Apache Directory Server implementation, as used by the configuration namespace.
org.springframework.security.ldap.userdetails - package org.springframework.security.ldap.userdetails: LDAP-focused UserDetails implementations which map from a ubset of the data contained in some of the standard LDAP types (such as InetOrgPerson).
org.springframework.security.messaging.access.expression - package org.springframework.security.messaging.access.expression
org.springframework.security.messaging.access.intercept - package org.springframework.security.messaging.access.intercept
org.springframework.security.messaging.context - package org.springframework.security.messaging.context
org.springframework.security.messaging.handler.invocation.reactive - package org.springframework.security.messaging.handler.invocation.reactive
org.springframework.security.messaging.util.matcher - package org.springframework.security.messaging.util.matcher
org.springframework.security.messaging.web.csrf - package org.springframework.security.messaging.web.csrf
org.springframework.security.messaging.web.socket.server - package org.springframework.security.messaging.web.socket.server
org.springframework.security.oauth2.client - package org.springframework.security.oauth2.client: Core classes and interfaces providing support for OAuth 2.0 Client.
org.springframework.security.oauth2.client.annotation - package org.springframework.security.oauth2.client.annotation
org.springframework.security.oauth2.client.authentication - package org.springframework.security.oauth2.client.authentication: Support classes and interfaces for authenticating and authorizing a client with an OAuth 2.0 Authorization Server using a specific authorization grant flow.
org.springframework.security.oauth2.client.endpoint - package org.springframework.security.oauth2.client.endpoint: Classes and interfaces providing support to the client for initiating requests to the Authorization Server's Protocol Endpoints.
org.springframework.security.oauth2.client.http - package org.springframework.security.oauth2.client.http
org.springframework.security.oauth2.client.jackson2 - package org.springframework.security.oauth2.client.jackson2
org.springframework.security.oauth2.client.oidc.authentication - package org.springframework.security.oauth2.client.oidc.authentication: Support classes and interfaces for authenticating and authorizing a client with an OpenID Connect 1.0 Provider using a specific authorization grant flow.
org.springframework.security.oauth2.client.oidc.userinfo - package org.springframework.security.oauth2.client.oidc.userinfo: Classes and interfaces providing support to the client for initiating requests to the OpenID Connect 1.0 Provider's UserInfo Endpoint.
org.springframework.security.oauth2.client.oidc.web.logout - package org.springframework.security.oauth2.client.oidc.web.logout
org.springframework.security.oauth2.client.oidc.web.server.logout - package org.springframework.security.oauth2.client.oidc.web.server.logout
org.springframework.security.oauth2.client.registration - package org.springframework.security.oauth2.client.registration: Classes and interfaces that provide support for ClientRegistration.
org.springframework.security.oauth2.client.userinfo - package org.springframework.security.oauth2.client.userinfo: Classes and interfaces providing support to the client for initiating requests to the OAuth 2.0 Authorization Server's UserInfo Endpoint.
org.springframework.security.oauth2.client.web - package org.springframework.security.oauth2.client.web: OAuth 2.0 Client Filter's and supporting classes and interfaces.
org.springframework.security.oauth2.client.web.method.annotation - package org.springframework.security.oauth2.client.web.method.annotation
org.springframework.security.oauth2.client.web.reactive.function.client - package org.springframework.security.oauth2.client.web.reactive.function.client
org.springframework.security.oauth2.client.web.reactive.result.method.annotation - package org.springframework.security.oauth2.client.web.reactive.result.method.annotation
org.springframework.security.oauth2.client.web.server - package org.springframework.security.oauth2.client.web.server
org.springframework.security.oauth2.client.web.server.authentication - package org.springframework.security.oauth2.client.web.server.authentication
org.springframework.security.oauth2.core - package org.springframework.security.oauth2.core: Core classes and interfaces providing support for the OAuth 2.0 Authorization Framework.
org.springframework.security.oauth2.core.converter - package org.springframework.security.oauth2.core.converter
org.springframework.security.oauth2.core.endpoint - package org.springframework.security.oauth2.core.endpoint: Support classes that model the OAuth 2.0 Request and Response messages from the Authorization Endpoint and Token Endpoint.
org.springframework.security.oauth2.core.http.converter - package org.springframework.security.oauth2.core.http.converter
org.springframework.security.oauth2.core.oidc - package org.springframework.security.oauth2.core.oidc: Core classes and interfaces providing support for OpenID Connect Core 1.0.
org.springframework.security.oauth2.core.oidc.endpoint - package org.springframework.security.oauth2.core.oidc.endpoint: Support classes that model the OpenID Connect Core 1.0 Request and Response messages from the Authorization Endpoint and Token Endpoint.
org.springframework.security.oauth2.core.oidc.user - package org.springframework.security.oauth2.core.oidc.user: Provides a model for an OpenID Connect Core 1.0 representation of a user Principal.
org.springframework.security.oauth2.core.user - package org.springframework.security.oauth2.core.user: Provides a model for an OAuth 2.0 representation of a user Principal.
org.springframework.security.oauth2.core.web.reactive.function - package org.springframework.security.oauth2.core.web.reactive.function
org.springframework.security.oauth2.jose - package org.springframework.security.oauth2.jose
org.springframework.security.oauth2.jose.jws - package org.springframework.security.oauth2.jose.jws: Core classes and interfaces providing support for JSON Web Signature (JWS).
org.springframework.security.oauth2.jwt - package org.springframework.security.oauth2.jwt: Core classes and interfaces providing support for JSON Web Token (JWT).
org.springframework.security.oauth2.server.resource - package org.springframework.security.oauth2.server.resource: OAuth 2.0 Resource Server core classes and interfaces providing support.
org.springframework.security.oauth2.server.resource.authentication - package org.springframework.security.oauth2.server.resource.authentication: OAuth 2.0 Resource Server Authentications and supporting classes and interfaces.
org.springframework.security.oauth2.server.resource.introspection - package org.springframework.security.oauth2.server.resource.introspection: OAuth 2.0 Introspection supporting classes and interfaces.
org.springframework.security.oauth2.server.resource.web - package org.springframework.security.oauth2.server.resource.web: OAuth 2.0 Resource Server Filter's and supporting classes and interfaces.
org.springframework.security.oauth2.server.resource.web.access - package org.springframework.security.oauth2.server.resource.web.access: OAuth 2.0 Resource Server access denial classes and interfaces.
org.springframework.security.oauth2.server.resource.web.access.server - package org.springframework.security.oauth2.server.resource.web.access.server
org.springframework.security.oauth2.server.resource.web.authentication - package org.springframework.security.oauth2.server.resource.web.authentication
org.springframework.security.oauth2.server.resource.web.reactive.function.client - package org.springframework.security.oauth2.server.resource.web.reactive.function.client
org.springframework.security.oauth2.server.resource.web.server - package org.springframework.security.oauth2.server.resource.web.server
org.springframework.security.oauth2.server.resource.web.server.authentication - package org.springframework.security.oauth2.server.resource.web.server.authentication
org.springframework.security.provisioning - package org.springframework.security.provisioning: Contains simple user and authority group account provisioning interfaces together with a a JDBC-based implementation.
org.springframework.security.rsocket.api - package org.springframework.security.rsocket.api
org.springframework.security.rsocket.authentication - package org.springframework.security.rsocket.authentication
org.springframework.security.rsocket.authorization - package org.springframework.security.rsocket.authorization
org.springframework.security.rsocket.core - package org.springframework.security.rsocket.core
org.springframework.security.rsocket.metadata - package org.springframework.security.rsocket.metadata
org.springframework.security.rsocket.util.matcher - package org.springframework.security.rsocket.util.matcher
org.springframework.security.saml2 - package org.springframework.security.saml2
org.springframework.security.saml2.core - package org.springframework.security.saml2.core
org.springframework.security.saml2.jackson2 - package org.springframework.security.saml2.jackson2
org.springframework.security.saml2.provider.service.authentication - package org.springframework.security.saml2.provider.service.authentication
org.springframework.security.saml2.provider.service.authentication.logout - package org.springframework.security.saml2.provider.service.authentication.logout
org.springframework.security.saml2.provider.service.metadata - package org.springframework.security.saml2.provider.service.metadata
org.springframework.security.saml2.provider.service.registration - package org.springframework.security.saml2.provider.service.registration
org.springframework.security.saml2.provider.service.web - package org.springframework.security.saml2.provider.service.web
org.springframework.security.saml2.provider.service.web.authentication - package org.springframework.security.saml2.provider.service.web.authentication
org.springframework.security.saml2.provider.service.web.authentication.logout - package org.springframework.security.saml2.provider.service.web.authentication.logout
org.springframework.security.scheduling - package org.springframework.security.scheduling
org.springframework.security.taglibs - package org.springframework.security.taglibs: Security related tag libraries that can be used in JSPs and templates.
org.springframework.security.taglibs.authz - package org.springframework.security.taglibs.authz: JSP Security tag library implementation.
org.springframework.security.taglibs.csrf - package org.springframework.security.taglibs.csrf
org.springframework.security.task - package org.springframework.security.task
org.springframework.security.test.context - package org.springframework.security.test.context
org.springframework.security.test.context.annotation - package org.springframework.security.test.context.annotation
org.springframework.security.test.context.support - package org.springframework.security.test.context.support
org.springframework.security.test.web.reactive.server - package org.springframework.security.test.web.reactive.server
org.springframework.security.test.web.servlet.request - package org.springframework.security.test.web.servlet.request
org.springframework.security.test.web.servlet.response - package org.springframework.security.test.web.servlet.response
org.springframework.security.test.web.servlet.setup - package org.springframework.security.test.web.servlet.setup
org.springframework.security.test.web.support - package org.springframework.security.test.web.support
org.springframework.security.util - package org.springframework.security.util: General utility classes used throughout the Spring Security framework.
org.springframework.security.web - package org.springframework.security.web: Spring Security's web security module.
org.springframework.security.web.access - package org.springframework.security.web.access: Access-control related classes and packages.
org.springframework.security.web.access.channel - package org.springframework.security.web.access.channel: Classes that ensure web requests are received over required transport channels.
org.springframework.security.web.access.expression - package org.springframework.security.web.access.expression: Implementation of web security expressions.
org.springframework.security.web.access.intercept - package org.springframework.security.web.access.intercept: Enforcement of security for HTTP requests, typically by the URL requested.
org.springframework.security.web.authentication - package org.springframework.security.web.authentication: Authentication processing mechanisms, which respond to the submission of authentication credentials using various protocols (eg BASIC, CAS, form login etc).
org.springframework.security.web.authentication.logout - package org.springframework.security.web.authentication.logout: Logout functionality based around a filter which handles a specific logout URL.
org.springframework.security.web.authentication.preauth - package org.springframework.security.web.authentication.preauth: Support for "pre-authenticated" scenarios, where Spring Security assumes the incoming request has already been authenticated by some externally configured system.
org.springframework.security.web.authentication.preauth.j2ee - package org.springframework.security.web.authentication.preauth.j2ee: Pre-authentication support for container-authenticated requests.
org.springframework.security.web.authentication.preauth.websphere - package org.springframework.security.web.authentication.preauth.websphere: Websphere-specific pre-authentication classes.
org.springframework.security.web.authentication.preauth.x509 - package org.springframework.security.web.authentication.preauth.x509: X.509 client certificate authentication support.
org.springframework.security.web.authentication.rememberme - package org.springframework.security.web.authentication.rememberme: Support for remembering a user between different web sessions.
org.springframework.security.web.authentication.session - package org.springframework.security.web.authentication.session: Strategy interface and implementations for handling session-related behaviour for a newly authenticated user.
org.springframework.security.web.authentication.switchuser - package org.springframework.security.web.authentication.switchuser: Provides HTTP-based "switch user" (su) capabilities.
org.springframework.security.web.authentication.ui - package org.springframework.security.web.authentication.ui: Authentication user-interface rendering code.
org.springframework.security.web.authentication.www - package org.springframework.security.web.authentication.www: WWW-Authenticate based authentication mechanism implementations: Basic and Digest authentication.
org.springframework.security.web.bind.annotation - package org.springframework.security.web.bind.annotation
org.springframework.security.web.bind.support - package org.springframework.security.web.bind.support
org.springframework.security.web.context - package org.springframework.security.web.context: Classes which are responsible for maintaining the security context between HTTP requests.
org.springframework.security.web.context.request.async - package org.springframework.security.web.context.request.async
org.springframework.security.web.context.support - package org.springframework.security.web.context.support
org.springframework.security.web.csrf - package org.springframework.security.web.csrf
org.springframework.security.web.debug - package org.springframework.security.web.debug
org.springframework.security.web.firewall - package org.springframework.security.web.firewall
org.springframework.security.web.header - package org.springframework.security.web.header
org.springframework.security.web.header.writers - package org.springframework.security.web.header.writers
org.springframework.security.web.header.writers.frameoptions - package org.springframework.security.web.header.writers.frameoptions
org.springframework.security.web.http - package org.springframework.security.web.http
org.springframework.security.web.jaasapi - package org.springframework.security.web.jaasapi: Makes a JAAS Subject available as the current Subject.
org.springframework.security.web.jackson2 - package org.springframework.security.web.jackson2: Mix-in classes to provide Jackson serialization support.
org.springframework.security.web.method.annotation - package org.springframework.security.web.method.annotation
org.springframework.security.web.reactive.result.method.annotation - package org.springframework.security.web.reactive.result.method.annotation
org.springframework.security.web.reactive.result.view - package org.springframework.security.web.reactive.result.view
org.springframework.security.web.savedrequest - package org.springframework.security.web.savedrequest: Classes related to the caching of an HttpServletRequest which requires authentication.
org.springframework.security.web.server - package org.springframework.security.web.server
org.springframework.security.web.server.authentication - package org.springframework.security.web.server.authentication
org.springframework.security.web.server.authentication.logout - package org.springframework.security.web.server.authentication.logout
org.springframework.security.web.server.authorization - package org.springframework.security.web.server.authorization
org.springframework.security.web.server.context - package org.springframework.security.web.server.context
org.springframework.security.web.server.csrf - package org.springframework.security.web.server.csrf
org.springframework.security.web.server.header - package org.springframework.security.web.server.header
org.springframework.security.web.server.jackson2 - package org.springframework.security.web.server.jackson2
org.springframework.security.web.server.savedrequest - package org.springframework.security.web.server.savedrequest
org.springframework.security.web.server.transport - package org.springframework.security.web.server.transport
org.springframework.security.web.server.ui - package org.springframework.security.web.server.ui
org.springframework.security.web.server.util.matcher - package org.springframework.security.web.server.util.matcher
org.springframework.security.web.servlet.support.csrf - package org.springframework.security.web.servlet.support.csrf
org.springframework.security.web.servlet.util.matcher - package org.springframework.security.web.servlet.util.matcher
org.springframework.security.web.servletapi - package org.springframework.security.web.servletapi: Populates a Servlet request with a new Spring Security compliant HttpServletRequestWrapper.
org.springframework.security.web.session - package org.springframework.security.web.session: Session management filters, HttpSession events and publisher classes.
org.springframework.security.web.util - package org.springframework.security.web.util: Web utility classes.
org.springframework.security.web.util.matcher - package org.springframework.security.web.util.matcher
ORIGIN - Enum constant in enum class org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter.ReferrerPolicy
ORIGIN - Enum constant in enum class org.springframework.security.web.server.header.ReferrerPolicyServerHttpHeadersWriter.ReferrerPolicy
ORIGIN_WHEN_CROSS_ORIGIN - Enum constant in enum class org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter.ReferrerPolicy
ORIGIN_WHEN_CROSS_ORIGIN - Enum constant in enum class org.springframework.security.web.server.header.ReferrerPolicyServerHttpHeadersWriter.ReferrerPolicy
OrMessageMatcher<T> - Class in org.springframework.security.messaging.util.matcher: MessageMatcher that will return true if any of the passed in MessageMatcher instances match.
OrMessageMatcher(List<MessageMatcher<T>>) - Constructor for class org.springframework.security.messaging.util.matcher.OrMessageMatcher: Creates a new instance
OrMessageMatcher(MessageMatcher<T>...) - Constructor for class org.springframework.security.messaging.util.matcher.OrMessageMatcher: Creates a new instance
OrRequestMatcher - Class in org.springframework.security.web.util.matcher: RequestMatcher that will return true if any of the passed in RequestMatcher instances match.
OrRequestMatcher(List<RequestMatcher>) - Constructor for class org.springframework.security.web.util.matcher.OrRequestMatcher: Creates a new instance
OrRequestMatcher(RequestMatcher...) - Constructor for class org.springframework.security.web.util.matcher.OrRequestMatcher: Creates a new instance
OrServerWebExchangeMatcher - Class in org.springframework.security.web.server.util.matcher: Matches if any of the provided ServerWebExchangeMatcher match
OrServerWebExchangeMatcher(List<ServerWebExchangeMatcher>) - Constructor for class org.springframework.security.web.server.util.matcher.OrServerWebExchangeMatcher
OrServerWebExchangeMatcher(ServerWebExchangeMatcher...) - Constructor for class org.springframework.security.web.server.util.matcher.OrServerWebExchangeMatcher
OwnershipAcl - Interface in org.springframework.security.acls.model: A mutable ACL that provides ownership capabilities.

P

P - Annotation Interface in org.springframework.security.access.method: Deprecated.
use @{code org.springframework.security.core.parameters.P}
P - Annotation Interface in org.springframework.security.core.parameters: An annotation that can be used along with AnnotationParameterNameDiscoverer to specify parameter names.
pageContext - Variable in class org.springframework.security.taglibs.authz.JspAuthorizeTag
parameters(Consumer<Map<String, Object>>) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest.Builder: A Consumer to be provided access to all the parameters allowing the ability to add, replace, or remove.
parameters(Consumer<Map<String, String>>) - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest.Builder: Use this Consumer to modify the set of query parameters No parameter should be URL-encoded as this will be done when the request is sent
parameters(Consumer<Map<String, String>>) - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponse.Builder: Use this Consumer to modify the set of query parameters No parameter should be URL-encoded as this will be done when the response is sent, though any signature specified should be Base64-encoded
parametersQuery(Function<Map<String, String>, String>) - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest.Builder: Use this strategy for converting parameters into an encoded query string.
parametersQuery(Function<Map<String, String>, String>) - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponse.Builder: Use this strategy for converting parameters into an encoded query string.
parentAuthenticationManager(AuthenticationManager) - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder: Allows providing a parent AuthenticationManager that will be tried if this AuthenticationManager was unable to attempt to authenticate the provided Authentication.
parse(Element, ParserContext) - Method in class org.springframework.security.config.authentication.AbstractUserDetailsServiceBeanDefinitionParser
parse(Element, ParserContext) - Method in class org.springframework.security.config.authentication.AuthenticationManagerBeanDefinitionParser
parse(Element, ParserContext) - Method in class org.springframework.security.config.authentication.AuthenticationProviderBeanDefinitionParser
parse(Element, ParserContext) - Method in class org.springframework.security.config.DebugBeanDefinitionParser
parse(Element, ParserContext) - Method in class org.springframework.security.config.http.CorsBeanDefinitionParser
parse(Element, ParserContext) - Method in class org.springframework.security.config.http.CsrfBeanDefinitionParser
parse(Element, ParserContext) - Method in class org.springframework.security.config.http.FilterChainBeanDefinitionParser
parse(Element, ParserContext) - Method in class org.springframework.security.config.http.FilterInvocationSecurityMetadataSourceParser: Deprecated.
parse(Element, ParserContext) - Method in class org.springframework.security.config.http.FormLoginBeanDefinitionParser
parse(Element, ParserContext) - Method in class org.springframework.security.config.http.HeadersBeanDefinitionParser
parse(Element, ParserContext) - Method in class org.springframework.security.config.http.HttpFirewallBeanDefinitionParser
parse(Element, ParserContext) - Method in class org.springframework.security.config.http.HttpSecurityBeanDefinitionParser: The aim of this method is to build the list of filters which have been defined by the namespace elements and attributes within the <http> configuration, along with any custom-filter's linked to user-defined filter beans.
parse(Element, ParserContext) - Method in class org.springframework.security.config.http.WellKnownChangePasswordBeanDefinitionParser
parse(Element, ParserContext) - Method in class org.springframework.security.config.ldap.LdapProviderBeanDefinitionParser
parse(Element, ParserContext) - Method in class org.springframework.security.config.ldap.LdapServerBeanDefinitionParser
parse(Element, ParserContext) - Method in class org.springframework.security.config.method.GlobalMethodSecurityBeanDefinitionParser: Deprecated.
parse(Element, ParserContext) - Method in class org.springframework.security.config.method.MethodSecurityBeanDefinitionParser
parse(Element, ParserContext) - Method in class org.springframework.security.config.oauth2.client.ClientRegistrationsBeanDefinitionParser
parse(Element, ParserContext) - Method in class org.springframework.security.config.saml2.RelyingPartyRegistrationsBeanDefinitionParser
parse(Element, ParserContext) - Method in class org.springframework.security.config.SecurityNamespaceHandler
parse(Element, ParserContext) - Method in class org.springframework.security.config.websocket.WebSocketMessageBrokerSecurityBeanDefinitionParser
parseCache - Static variable in class org.springframework.security.web.savedrequest.FastHttpDateFormat: Parser cache.
parseDate(String, DateFormat[]) - Static method in class org.springframework.security.web.savedrequest.FastHttpDateFormat: Tries to parse the given date as an HTTP date.
parseInternal(Element, ParserContext) - Method in class org.springframework.security.config.method.MethodSecurityMetadataSourceBeanDefinitionParser: Deprecated.
parseRootDnFromUrl(String) - Static method in class org.springframework.security.ldap.LdapUtils: Works out the root DN for an LDAP URL.
password() - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClientProviderBuilder: Deprecated.
The latest OAuth 2.0 Security Best Current Practice disallows the use of the Resource Owner Password Credentials grant. See reference OAuth 2.0 Security Best Current Practice.
password() - Method in class org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder: Deprecated.
The latest OAuth 2.0 Security Best Current Practice disallows the use of the Resource Owner Password Credentials grant. See reference OAuth 2.0 Security Best Current Practice.
password() - Element in annotation interface org.springframework.security.test.context.support.WithMockUser: The password to be used.
password(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder: Populates the password.
password(String) - Method in class org.springframework.security.core.userdetails.User.UserBuilder: Populates the password.
password(String) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.UserExchangeMutator: Specifies the password to use.
password(String) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.FormLoginRequestBuilder: The value of the password parameter.
password(String) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.DigestRequestPostProcessor: Configures the password to use
password(String) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.UserRequestPostProcessor: Populates the user's password.
password(String, String) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.FormLoginRequestBuilder: Specify both the password parameter name and the password.
password(Consumer<OAuth2AuthorizedClientProviderBuilder.PasswordGrantBuilder>) - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClientProviderBuilder: Deprecated.
The latest OAuth 2.0 Security Best Current Practice disallows the use of the Resource Owner Password Credentials grant. See reference OAuth 2.0 Security Best Current Practice.
password(Consumer<ReactiveOAuth2AuthorizedClientProviderBuilder.PasswordGrantBuilder>) - Method in class org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder: Deprecated.
The latest OAuth 2.0 Security Best Current Practice disallows the use of the Resource Owner Password Credentials grant. See reference OAuth 2.0 Security Best Current Practice.
PASSWORD - Static variable in class org.springframework.security.oauth2.core.AuthorizationGrantType: Deprecated.
The latest OAuth 2.0 Security Best Current Practice disallows the use of the Resource Owner Password Credentials grant. See reference OAuth 2.0 Security Best Current Practice.
PASSWORD - Static variable in class org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames: password - used in Access Token Request.
PASSWORD_ATTRIBUTE_NAME - Static variable in class org.springframework.security.oauth2.client.OAuth2AuthorizationContext: The name of the attribute in the context associated to the value for the resource owner's password.
PASSWORD_ENCODER - Static variable in class org.springframework.security.config.Elements
PASSWORD_EXPIRED - Enum constant in enum class org.springframework.security.ldap.ppolicy.PasswordPolicyErrorStatus
PASSWORD_IN_HISTORY - Enum constant in enum class org.springframework.security.ldap.ppolicy.PasswordPolicyErrorStatus
PASSWORD_MANAGEMENT - Static variable in class org.springframework.security.config.Elements
PASSWORD_MOD_NOT_ALLOWED - Enum constant in enum class org.springframework.security.ldap.ppolicy.PasswordPolicyErrorStatus
PASSWORD_TOO_SHORT - Enum constant in enum class org.springframework.security.ldap.ppolicy.PasswordPolicyErrorStatus
PASSWORD_TOO_YOUNG - Enum constant in enum class org.springframework.security.ldap.ppolicy.PasswordPolicyErrorStatus
passwordAttribute(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.PasswordCompareConfigurer: The attribute in the directory which contains the user password.
passwordCompare() - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
PasswordComparisonAuthenticator - Class in org.springframework.security.ldap.authentication: An LdapAuthenticator which compares the login password with the value stored in the directory using a remote LDAP "compare" operation.
PasswordComparisonAuthenticator(BaseLdapPathContextSource) - Constructor for class org.springframework.security.ldap.authentication.PasswordComparisonAuthenticator
passwordEncoder(Function<String, String>) - Method in class org.springframework.security.core.userdetails.User.UserBuilder: Encodes the current password (if non-null) and any future passwords supplied to User.UserBuilder.password(String).
passwordEncoder(PasswordEncoder) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.PasswordCompareConfigurer: Allows specifying the PasswordEncoder to use.
passwordEncoder(PasswordEncoder) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer: Specifies the PasswordEncoder to be used when authenticating with password comparison.
passwordEncoder(PasswordEncoder) - Method in class org.springframework.security.config.annotation.authentication.configurers.userdetails.AbstractDaoAuthenticationConfigurer: Allows specifying the PasswordEncoder to use with the DaoAuthenticationProvider.
PasswordEncoder - Interface in org.springframework.security.crypto.password: Service interface for encoding passwords.
PasswordEncoderFactories - Class in org.springframework.security.crypto.factory: Used for creating PasswordEncoder instances
PasswordEncoderParser - Class in org.springframework.security.config.authentication: Stateful parser for the <password-encoder> element.
PasswordEncoderParser(Element, ParserContext) - Constructor for class org.springframework.security.config.authentication.PasswordEncoderParser
passwordManagement() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Configures password management.
passwordManagement(Customizer<PasswordManagementConfigurer<HttpSecurity>>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Adds support for the password management.
passwordManagement(Customizer<ServerHttpSecurity.PasswordManagementSpec>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Configures password management.
PasswordManagementConfigurer> - Class in org.springframework.security.config.annotation.web.configurers: Adds password management support.
PasswordManagementConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.PasswordManagementConfigurer
PasswordOAuth2AuthorizedClientProvider - Class in org.springframework.security.oauth2.client: Deprecated.
The latest OAuth 2.0 Security Best Current Practice disallows the use of the Resource Owner Password Credentials grant. See reference OAuth 2.0 Security Best Current Practice.
PasswordOAuth2AuthorizedClientProvider() - Constructor for class org.springframework.security.oauth2.client.PasswordOAuth2AuthorizedClientProvider: Deprecated.
passwordParam(String) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.FormLoginRequestBuilder: The HTTP parameter to place the password.
passwordParameter(String) - Method in class org.springframework.security.config.annotation.web.configurers.FormLoginConfigurer: The HTTP parameter to look for the password when performing authentication.
PasswordPolicyAwareContextSource - Class in org.springframework.security.ldap.ppolicy: Extended version of the DefaultSpringSecurityContextSource which adds support for the use of PasswordPolicyControl to make use of user account data stored in the directory.
PasswordPolicyAwareContextSource(String) - Constructor for class org.springframework.security.ldap.ppolicy.PasswordPolicyAwareContextSource
PasswordPolicyControl - Class in org.springframework.security.ldap.ppolicy: A Password Policy request control.
PasswordPolicyControl() - Constructor for class org.springframework.security.ldap.ppolicy.PasswordPolicyControl: Creates a non-critical (request) control.
PasswordPolicyControl(boolean) - Constructor for class org.springframework.security.ldap.ppolicy.PasswordPolicyControl: Creates a (request) control.
PasswordPolicyControlExtractor - Class in org.springframework.security.ldap.ppolicy: Obtains the PasswordPolicyControl from a context for use by other classes.
PasswordPolicyControlFactory - Class in org.springframework.security.ldap.ppolicy: Transforms a control object to a PasswordPolicyResponseControl object, if appropriate.
PasswordPolicyControlFactory() - Constructor for class org.springframework.security.ldap.ppolicy.PasswordPolicyControlFactory
PasswordPolicyData - Interface in org.springframework.security.ldap.ppolicy
PasswordPolicyErrorStatus - Enum Class in org.springframework.security.ldap.ppolicy: Defines status codes for use with PasswordPolicyException, with error codes (for message source lookup) and default messages.
PasswordPolicyException - Exception in org.springframework.security.ldap.ppolicy: Generic exception raised by the ppolicy package.
PasswordPolicyException(PasswordPolicyErrorStatus) - Constructor for exception org.springframework.security.ldap.ppolicy.PasswordPolicyException
PasswordPolicyResponseControl - Class in org.springframework.security.ldap.ppolicy: Represents the response control received when a PasswordPolicyControl is used when binding to a directory.
PasswordPolicyResponseControl(byte[]) - Constructor for class org.springframework.security.ldap.ppolicy.PasswordPolicyResponseControl: Decodes the Ber encoded control data.
PasswordReactiveOAuth2AuthorizedClientProvider - Class in org.springframework.security.oauth2.client: Deprecated.
The latest OAuth 2.0 Security Best Current Practice disallows the use of the Resource Owner Password Credentials grant. See reference OAuth 2.0 Security Best Current Practice.
PasswordReactiveOAuth2AuthorizedClientProvider() - Constructor for class org.springframework.security.oauth2.client.PasswordReactiveOAuth2AuthorizedClientProvider: Deprecated.
pathMatchers(String...) - Method in class org.springframework.security.config.web.server.AbstractServerWebExchangeMatcherRegistry: Maps a List of PathPatternParserServerWebExchangeMatcher instances that do not care which HttpMethod is used.
pathMatchers(String...) - Static method in class org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers: Creates a matcher that matches on any of the provided patterns.
pathMatchers(HttpMethod) - Method in class org.springframework.security.config.web.server.AbstractServerWebExchangeMatcherRegistry: Maps a List of PathPatternParserServerWebExchangeMatcher instances.
pathMatchers(HttpMethod, String...) - Method in class org.springframework.security.config.web.server.AbstractServerWebExchangeMatcherRegistry: Maps a List of PathPatternParserServerWebExchangeMatcher instances.
pathMatchers(HttpMethod, String...) - Static method in class org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers: Creates a matcher that matches on the specific method and any of the provided patterns.
pathMatchers(HttpMethod, PathPattern...) - Static method in class org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers: Creates a matcher that matches on the specific method and any of the provided PathPatterns.
pathMatchers(PathPattern...) - Static method in class org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers: Creates a matcher that matches on any of the provided PathPatterns.
PathPatternParserServerWebExchangeMatcher - Class in org.springframework.security.web.server.util.matcher: Matches if the PathPattern matches the path within the application.
PathPatternParserServerWebExchangeMatcher(String) - Constructor for class org.springframework.security.web.server.util.matcher.PathPatternParserServerWebExchangeMatcher
PathPatternParserServerWebExchangeMatcher(String, HttpMethod) - Constructor for class org.springframework.security.web.server.util.matcher.PathPatternParserServerWebExchangeMatcher
PathPatternParserServerWebExchangeMatcher(PathPattern) - Constructor for class org.springframework.security.web.server.util.matcher.PathPatternParserServerWebExchangeMatcher
PathPatternParserServerWebExchangeMatcher(PathPattern, HttpMethod) - Constructor for class org.springframework.security.web.server.util.matcher.PathPatternParserServerWebExchangeMatcher
pattern(String) - Method in class org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher.Builder: Creates an MvcRequestMatcher that uses the provided pattern to match
pattern(HttpMethod, String) - Method in class org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher.Builder: Creates an MvcRequestMatcher that uses the provided pattern and HTTP method to match
PAYLOAD - Enum constant in enum class org.springframework.security.rsocket.api.PayloadExchangeType: A Payload exchange.
PayloadExchange - Interface in org.springframework.security.rsocket.api: Contract for a Payload interaction.
PayloadExchangeAuthenticationConverter - Interface in org.springframework.security.rsocket.authentication: Converts from a PayloadExchange to an Authentication
PayloadExchangeAuthorizationContext - Class in org.springframework.security.rsocket.util.matcher
PayloadExchangeAuthorizationContext(PayloadExchange) - Constructor for class org.springframework.security.rsocket.util.matcher.PayloadExchangeAuthorizationContext
PayloadExchangeAuthorizationContext(PayloadExchange, Map<String, Object>) - Constructor for class org.springframework.security.rsocket.util.matcher.PayloadExchangeAuthorizationContext
PayloadExchangeMatcher - Interface in org.springframework.security.rsocket.util.matcher: An interface for determining if a PayloadExchangeMatcher matches.
PayloadExchangeMatcher.MatchResult - Class in org.springframework.security.rsocket.util.matcher: The result of matching
PayloadExchangeMatcherEntry<T> - Class in org.springframework.security.rsocket.util.matcher
PayloadExchangeMatcherEntry(PayloadExchangeMatcher, T) - Constructor for class org.springframework.security.rsocket.util.matcher.PayloadExchangeMatcherEntry
PayloadExchangeMatcherReactiveAuthorizationManager - Class in org.springframework.security.rsocket.authorization: Maps a @{code List} of PayloadExchangeMatcher instances to
PayloadExchangeMatcherReactiveAuthorizationManager.Builder - Class in org.springframework.security.rsocket.authorization
PayloadExchangeMatchers - Class in org.springframework.security.rsocket.util.matcher
PayloadExchangeType - Enum Class in org.springframework.security.rsocket.api: The PayloadExchange type
PayloadInterceptor - Interface in org.springframework.security.rsocket.api: Contract for interception-style, chained processing of Payloads that may be used to implement cross-cutting, application-agnostic requirements such as security, timeouts, and others.
PayloadInterceptorChain - Interface in org.springframework.security.rsocket.api: Contract to allow a PayloadInterceptor to delegate to the next in the chain.
PayloadInterceptorOrder - Enum Class in org.springframework.security.config.annotation.rsocket: The standard order for PayloadInterceptor to be sorted.
PayloadSocketAcceptorInterceptor - Class in org.springframework.security.rsocket.core: A SocketAcceptorInterceptor that applies the PayloadInterceptors
PayloadSocketAcceptorInterceptor(List<PayloadInterceptor>) - Constructor for class org.springframework.security.rsocket.core.PayloadSocketAcceptorInterceptor
Pbkdf2PasswordEncoder - Class in org.springframework.security.crypto.password: A PasswordEncoder implementation that uses PBKDF2 with : a configurable random salt value length (default is 16 bytes) a configurable number of iterations (default is 310000) a configurable key derivation function (see Pbkdf2PasswordEncoder.SecretKeyFactoryAlgorithm) a configurable secret appended to the random salt (default is empty) The algorithm is invoked on the concatenated bytes of the salt, secret and password.
Pbkdf2PasswordEncoder(CharSequence, int, int, int) - Constructor for class org.springframework.security.crypto.password.Pbkdf2PasswordEncoder: Deprecated.
Use Pbkdf2PasswordEncoder(CharSequence, int, int, SecretKeyFactoryAlgorithm) instead
Pbkdf2PasswordEncoder(CharSequence, int, int, Pbkdf2PasswordEncoder.SecretKeyFactoryAlgorithm) - Constructor for class org.springframework.security.crypto.password.Pbkdf2PasswordEncoder: Constructs a PBKDF2 password encoder with a secret value as well as salt length, iterations and algorithm.
Pbkdf2PasswordEncoder.SecretKeyFactoryAlgorithm - Enum Class in org.springframework.security.crypto.password: The Algorithm used for creating the SecretKeyFactory
PBKDF2WithHmacSHA1 - Enum constant in enum class org.springframework.security.crypto.password.Pbkdf2PasswordEncoder.SecretKeyFactoryAlgorithm
PBKDF2WithHmacSHA256 - Enum constant in enum class org.springframework.security.crypto.password.Pbkdf2PasswordEncoder.SecretKeyFactoryAlgorithm
PBKDF2WithHmacSHA512 - Enum constant in enum class org.springframework.security.crypto.password.Pbkdf2PasswordEncoder.SecretKeyFactoryAlgorithm
performBuild() - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder: Subclasses must implement this method to build the object that is being returned.
performBuild() - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
performBuild() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
performBuild() - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
Permission - Interface in org.springframework.security.acls.model: Represents a permission granted to a Sid for a given domain object.
PermissionCacheOptimizer - Interface in org.springframework.security.access: Allows permissions to be pre-cached when using pre or post filtering with expressions
PermissionEvaluator - Interface in org.springframework.security.access: Strategy used in expression evaluation to determine whether a user has a permission or permissions for a given domain object.
PermissionFactory - Interface in org.springframework.security.acls.domain: Provides a simple mechanism to retrieve Permission instances from integer masks.
PermissionGrantingStrategy - Interface in org.springframework.security.acls.model: Allow customization of the logic for determining whether a permission or permissions are granted to a particular sid or sids by an Acl.
PERMISSIONS_POLICY - Static variable in class org.springframework.security.web.server.header.PermissionsPolicyServerHttpHeadersWriter
permissionsPolicy() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer: Allows configuration for Permissions Policy.
permissionsPolicy() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec: Configures Permissions-Policy response header.
permissionsPolicy(Customizer<HeadersConfigurer.PermissionsPolicyConfig>) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer: Allows configuration for Permissions Policy.
permissionsPolicy(Customizer<ServerHttpSecurity.HeaderSpec.PermissionsPolicySpec>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec: Configures Permissions-Policy response header.
PermissionsPolicyHeaderWriter - Class in org.springframework.security.web.header.writers: Provides support for Permisisons Policy.
PermissionsPolicyHeaderWriter() - Constructor for class org.springframework.security.web.header.writers.PermissionsPolicyHeaderWriter: Create a new instance of PermissionsPolicyHeaderWriter.
PermissionsPolicyHeaderWriter(String) - Constructor for class org.springframework.security.web.header.writers.PermissionsPolicyHeaderWriter: Create a new instance of PermissionsPolicyHeaderWriter with supplied security policy.
PermissionsPolicyServerHttpHeadersWriter - Class in org.springframework.security.web.server.header: Writes the Permissions-Policy response header with configured policy directives.
PermissionsPolicyServerHttpHeadersWriter() - Constructor for class org.springframework.security.web.server.header.PermissionsPolicyServerHttpHeadersWriter
PERMIT_ALL_ATTRIBUTE - Static variable in class org.springframework.security.access.annotation.Jsr250SecurityConfig: Deprecated.
permitAll - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot: Allows "permitAll" expression
permitAll() - Method in interface org.springframework.security.access.expression.SecurityExpressionOperations: Always grants access.
permitAll() - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
permitAll() - Method in class org.springframework.security.config.annotation.rsocket.RSocketSecurity.AuthorizePayloadsSpec.Access
permitAll() - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer: Equivalent of invoking permitAll(true)
permitAll() - Method in class org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer.AuthorizedUrl: Specify that URLs are allowed by anyone.
permitAll() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl: Deprecated.

Specify that URLs are allowed by anyone.
permitAll() - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer: A shortcut for LogoutConfigurer.permitAll(boolean) with true as an argument.
permitAll() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint: Deprecated.

Specify that Messages are allowed by anyone.
permitAll() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.AuthorizeExchangeSpec.Access: Allow access for anyone
permitAll() - Method in class org.springframework.security.messaging.access.intercept.MessageMatcherDelegatingAuthorizationManager.Builder.Constraint: Specify that Messages are allowed by anyone.
permitAll(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer: Ensures the urls for AbstractAuthenticationFilterConfigurer.failureUrl(String) as well as for the HttpSecurityBuilder, the AbstractAuthenticationFilterConfigurer.getLoginPage() and AbstractAuthenticationFilterConfigurer.getLoginProcessingUrl() are granted access to any user.
permitAll(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer: Grants access to the LogoutConfigurer.logoutSuccessUrl(String) and the LogoutConfigurer.logoutUrl(String) for every user.
PersistentRememberMeToken - Class in org.springframework.security.web.authentication.rememberme
PersistentRememberMeToken(String, String, String, Date) - Constructor for class org.springframework.security.web.authentication.rememberme.PersistentRememberMeToken
PersistentTokenBasedRememberMeServices - Class in org.springframework.security.web.authentication.rememberme: RememberMeServices implementation based on Barry Jaspan's Improved Persistent Login Cookie Best Practice.
PersistentTokenBasedRememberMeServices(String, UserDetailsService, PersistentTokenRepository) - Constructor for class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices
PersistentTokenRepository - Interface in org.springframework.security.web.authentication.rememberme: The abstraction used by PersistentTokenBasedRememberMeServices to store the persistent login tokens for a user.
Person - Class in org.springframework.security.ldap.userdetails: UserDetails implementation whose properties are based on the LDAP schema for Person.
Person() - Constructor for class org.springframework.security.ldap.userdetails.Person
PERSON_MAPPER_CLASS - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
Person.Essence - Class in org.springframework.security.ldap.userdetails
PersonContextMapper - Class in org.springframework.security.ldap.userdetails
PersonContextMapper() - Constructor for class org.springframework.security.ldap.userdetails.PersonContextMapper
PHONE - Static variable in class org.springframework.security.oauth2.core.oidc.OidcScopes: The phone scope requests access to the phone_number and phone_number_verified claims.
PHONE_NUMBER - Static variable in class org.springframework.security.oauth2.core.oidc.StandardClaimNames: phone_number - the user's preferred phone number
PHONE_NUMBER_VERIFIED - Static variable in class org.springframework.security.oauth2.core.oidc.StandardClaimNames: phone_number_verified - true if the user's phone number has been verified, otherwise false
phoneNumber(String) - Method in class org.springframework.security.oauth2.core.oidc.OidcUserInfo.Builder: Use this phone number in the resulting OidcUserInfo
phoneNumberVerified(Boolean) - Method in class org.springframework.security.oauth2.core.oidc.OidcUserInfo.Builder: Use this verified-phone-number indicator in the resulting OidcUserInfo
picture(String) - Method in class org.springframework.security.oauth2.core.oidc.OidcUserInfo.Builder: Use this picture in the resulting OidcUserInfo
PICTURE - Static variable in class org.springframework.security.oauth2.core.oidc.StandardClaimNames: picture - the URL of the user's profile picture
PkceParameterNames - Class in org.springframework.security.oauth2.core.endpoint: Standard parameter names defined in the OAuth Parameters Registry and used by the authorization endpoint and token endpoint.
pkcs8() - Static method in class org.springframework.security.converter.RsaKeyConverters: Construct a Converter for converting a PEM-encoded PKCS#8 RSA Private Key into a RSAPrivateKey.
policy(String) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.PermissionsPolicyConfig: Sets the policy to be used in the response header.
policy(String) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.PermissionsPolicySpec: Sets the policy to be used in the response header.
policy(CrossOriginEmbedderPolicyHeaderWriter.CrossOriginEmbedderPolicy) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.CrossOriginEmbedderPolicyConfig: Sets the policy to be used in the Cross-Origin-Embedder-Policy header
policy(CrossOriginOpenerPolicyHeaderWriter.CrossOriginOpenerPolicy) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.CrossOriginOpenerPolicyConfig: Sets the policy to be used in the Cross-Origin-Opener-Policy header
policy(CrossOriginResourcePolicyHeaderWriter.CrossOriginResourcePolicy) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.CrossOriginResourcePolicyConfig: Sets the policy to be used in the Cross-Origin-Resource-Policy header
policy(ReferrerPolicyHeaderWriter.ReferrerPolicy) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.ReferrerPolicyConfig: Sets the policy to be used in the response header.
policy(CrossOriginEmbedderPolicyServerHttpHeadersWriter.CrossOriginEmbedderPolicy) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.CrossOriginEmbedderPolicySpec: Sets the value to be used in the `Cross-Origin-Embedder-Policy` header
policy(CrossOriginOpenerPolicyServerHttpHeadersWriter.CrossOriginOpenerPolicy) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.CrossOriginOpenerPolicySpec: Sets the value to be used in the `Cross-Origin-Opener-Policy` header
policy(CrossOriginResourcePolicyServerHttpHeadersWriter.CrossOriginResourcePolicy) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.CrossOriginResourcePolicySpec: Sets the value to be used in the `Cross-Origin-Resource-Policy` header
policy(ReferrerPolicyServerHttpHeadersWriter.ReferrerPolicy) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.ReferrerPolicySpec: Sets the policy to be used in the response header.
policyDirectives(String) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.ContentSecurityPolicyConfig: Sets the security policy directive(s) to be used in the response header.
policyDirectives(String) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.ContentSecurityPolicySpec: Sets the security policy directive(s) to be used in the response header.
populateContext(DirContextAdapter) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson
populateContext(DirContextAdapter) - Method in class org.springframework.security.ldap.userdetails.Person
port(int) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.ContextSourceBuilder: The port to connect to LDAP to (the default is 33389 or random available port if unavailable).
PORT_MAPPING - Static variable in class org.springframework.security.config.Elements
PORT_MAPPINGS - Static variable in class org.springframework.security.config.Elements
portMapper() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Allows configuring a PortMapper that is available from AbstractConfiguredSecurityBuilder.getSharedObject(Class).
portMapper(Customizer<PortMapperConfigurer<HttpSecurity>>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Allows configuring a PortMapper that is available from AbstractConfiguredSecurityBuilder.getSharedObject(Class).
portMapper(PortMapper) - Method in class org.springframework.security.config.annotation.web.configurers.PortMapperConfigurer: Allows specifying the PortMapper instance.
portMapper(PortMapper) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HttpsRedirectSpec: Configures a custom HTTPS port to redirect to
PortMapper - Interface in org.springframework.security.web: PortMapper implementations provide callers with information about which HTTP ports are associated with which HTTPS ports on the system, and vice versa.
PortMapperConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers: Allows configuring a shared PortMapper instance used to determine the ports when redirecting between HTTP and HTTPS.
PortMapperConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.PortMapperConfigurer: Creates a new instance
PortMapperConfigurer.HttpPortMapping - Class in org.springframework.security.config.annotation.web.configurers: Allows specifying the HTTPS port for a given HTTP port when redirecting between HTTP and HTTPS.
PortMapperImpl - Class in org.springframework.security.web: Concrete implementation of PortMapper that obtains HTTP:HTTPS pairs from the application context.
PortMapperImpl() - Constructor for class org.springframework.security.web.PortMapperImpl
PortResolver - Interface in org.springframework.security.web: A PortResolver determines the port a web request was received on.
PortResolverImpl - Class in org.springframework.security.web: Concrete implementation of PortResolver that obtains the port from ServletRequest.getServerPort().
PortResolverImpl() - Constructor for class org.springframework.security.web.PortResolverImpl
POST - Enum constant in enum class org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding
POST_AUTHORIZE - Enum constant in enum class org.springframework.security.authorization.method.AuthorizationInterceptorsOrder
POST_FILTER - Enum constant in enum class org.springframework.security.authorization.method.AuthorizationInterceptorsOrder: PostFilterAuthorizationMethodInterceptor
POST_INVOCATION_ADVICE - Static variable in class org.springframework.security.config.Elements
postalCode(String) - Method in class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim.Builder: Sets the zip code or postal code.
postAuthorize() - Static method in class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor: Creates an interceptor for the PostAuthorize annotation
postAuthorize() - Static method in class org.springframework.security.authorization.method.AuthorizationManagerAfterReactiveMethodInterceptor: Creates an instance for the PostAuthorize annotation.
postAuthorize(AuthorizationManager<MethodInvocationResult>) - Static method in class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor: Creates an interceptor for the PostAuthorize annotation
postAuthorize(PostAuthorizeAuthorizationManager) - Static method in class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor: Creates an interceptor for the PostAuthorize annotation
postAuthorize(ReactiveAuthorizationManager<MethodInvocationResult>) - Static method in class org.springframework.security.authorization.method.AuthorizationManagerAfterReactiveMethodInterceptor: Creates an instance for the PostAuthorize annotation.
PostAuthorize - Annotation Interface in org.springframework.security.access.prepost: Annotation for specifying a method access-control expression which will be evaluated after a method has been invoked.
PostAuthorizeAuthorizationManager - Class in org.springframework.security.authorization.method: An AuthorizationManager which can determine if an Authentication may return the result from an invoked MethodInvocation by evaluating an expression from the PostAuthorize annotation.
PostAuthorizeAuthorizationManager() - Constructor for class org.springframework.security.authorization.method.PostAuthorizeAuthorizationManager
PostAuthorizeAuthorizationMethodInterceptor() - Constructor for class org.springframework.security.config.method.MethodSecurityBeanDefinitionParser.PostAuthorizeAuthorizationMethodInterceptor
PostAuthorizeReactiveAuthorizationManager - Class in org.springframework.security.authorization.method: A ReactiveAuthorizationManager which can determine if an Authentication has access to the returned object from the MethodInvocation by evaluating an expression from the PostAuthorize annotation.
PostAuthorizeReactiveAuthorizationManager() - Constructor for class org.springframework.security.authorization.method.PostAuthorizeReactiveAuthorizationManager
PostAuthorizeReactiveAuthorizationManager(MethodSecurityExpressionHandler) - Constructor for class org.springframework.security.authorization.method.PostAuthorizeReactiveAuthorizationManager
postBuildAction(Runnable) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity: Executes the Runnable immediately after the build takes place
PostFilter - Annotation Interface in org.springframework.security.access.prepost: Annotation for specifying a method filtering expression which will be evaluated after a method has been invoked.
PostFilterAuthorizationMethodInterceptor - Class in org.springframework.security.authorization.method: A MethodInterceptor which filters a returnedObject from the MethodInvocation by evaluating an expression from the PostFilter annotation.
PostFilterAuthorizationMethodInterceptor() - Constructor for class org.springframework.security.authorization.method.PostFilterAuthorizationMethodInterceptor: Creates a PostFilterAuthorizationMethodInterceptor using the provided parameters
PostFilterAuthorizationReactiveMethodInterceptor - Class in org.springframework.security.authorization.method: A MethodInterceptor which filters the returned object from the MethodInvocation by evaluating an expression from the PostFilter annotation.
PostFilterAuthorizationReactiveMethodInterceptor() - Constructor for class org.springframework.security.authorization.method.PostFilterAuthorizationReactiveMethodInterceptor: Creates an instance.
PostFilterAuthorizationReactiveMethodInterceptor(MethodSecurityExpressionHandler) - Constructor for class org.springframework.security.authorization.method.PostFilterAuthorizationReactiveMethodInterceptor: Creates an instance.
PostInvocationAdviceProvider - Class in org.springframework.security.access.prepost: Deprecated.
Use AuthorizationManagerAfterMethodInterceptor instead
PostInvocationAdviceProvider(PostInvocationAuthorizationAdvice) - Constructor for class org.springframework.security.access.prepost.PostInvocationAdviceProvider: Deprecated.
PostInvocationAttribute - Interface in org.springframework.security.access.prepost: Deprecated.
Use AuthorizationManagerAfterMethodInterceptor instead
PostInvocationAuthorizationAdvice - Interface in org.springframework.security.access.prepost: Deprecated.
Use AuthorizationManagerAfterMethodInterceptor instead
postProcess(O) - Method in interface org.springframework.security.config.annotation.ObjectPostProcessor: Initialize the object possibly returning a modified instance that should be used instead.
postProcess(NativeWebRequest, Callable<T>, Object) - Method in class org.springframework.security.web.context.request.async.SecurityContextCallableProcessingInterceptor
postProcess(P) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder: Performs post processing of an object.
postProcess(T) - Method in class org.springframework.security.config.annotation.SecurityConfigurerAdapter: Performs post processing of an object.
postProcessBeanDefinitionRegistry(BeanDefinitionRegistry) - Method in class org.springframework.security.config.debug.SecurityDebugBeanFactoryPostProcessor
postProcessBeanDefinitionRegistry(BeanDefinitionRegistry) - Method in class org.springframework.security.config.http.HttpSecurityBeanDefinitionParser.RequestRejectedHandlerPostProcessor
postProcessBeanFactory(ConfigurableListableBeanFactory) - Method in class org.springframework.security.config.crypto.RsaKeyConversionServicePostProcessor
postProcessBeanFactory(ConfigurableListableBeanFactory) - Method in class org.springframework.security.config.debug.SecurityDebugBeanFactoryPostProcessor
postProcessBeanFactory(ConfigurableListableBeanFactory) - Method in class org.springframework.security.config.http.HttpSecurityBeanDefinitionParser.RequestRejectedHandlerPostProcessor
postProcessBeanFactory(ConfigurableListableBeanFactory) - Method in class org.springframework.security.config.ldap.ContextSourceSettingPostProcessor
postProcessRequest(MockHttpServletRequest) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.CsrfRequestPostProcessor
postProcessRequest(MockHttpServletRequest) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.DigestRequestPostProcessor
postProcessRequest(MockHttpServletRequest) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.JwtRequestPostProcessor
postProcessRequest(MockHttpServletRequest) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.OAuth2ClientRequestPostProcessor
postProcessRequest(MockHttpServletRequest) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.OAuth2LoginRequestPostProcessor
postProcessRequest(MockHttpServletRequest) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.OidcLoginRequestPostProcessor
postProcessRequest(MockHttpServletRequest) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.OpaqueTokenRequestPostProcessor
postProcessRequest(MockHttpServletRequest) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.UserRequestPostProcessor
postReceive(Message<?>, MessageChannel) - Method in class org.springframework.security.messaging.access.intercept.ChannelSecurityInterceptor: Deprecated.
postSend(Message<?>, MessageChannel, boolean) - Method in class org.springframework.security.messaging.access.intercept.ChannelSecurityInterceptor: Deprecated.
PRAGMA_VALUE - Static variable in class org.springframework.security.web.server.header.CacheControlServerHttpHeadersWriter: The value for pragma value
PRE_AUTHORIZE - Enum constant in enum class org.springframework.security.authorization.method.AuthorizationInterceptorsOrder
PRE_FILTER - Enum constant in enum class org.springframework.security.authorization.method.AuthorizationInterceptorsOrder: PreFilterAuthorizationMethodInterceptor
PRE_INVOCATION_ADVICE - Static variable in class org.springframework.security.config.Elements
PreAuthenticatedAuthenticationProvider - Class in org.springframework.security.web.authentication.preauth: Processes a pre-authenticated authentication request.
PreAuthenticatedAuthenticationProvider() - Constructor for class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider
PreAuthenticatedAuthenticationToken - Class in org.springframework.security.web.authentication.preauth: Authentication implementation for pre-authenticated authentication.
PreAuthenticatedAuthenticationToken(Object, Object) - Constructor for class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken: Constructor used for an authentication request.
PreAuthenticatedAuthenticationToken(Object, Object, Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken: Constructor used for an authentication response.
PreAuthenticatedCredentialsNotFoundException - Exception in org.springframework.security.web.authentication.preauth
PreAuthenticatedCredentialsNotFoundException(String) - Constructor for exception org.springframework.security.web.authentication.preauth.PreAuthenticatedCredentialsNotFoundException
PreAuthenticatedCredentialsNotFoundException(String, Throwable) - Constructor for exception org.springframework.security.web.authentication.preauth.PreAuthenticatedCredentialsNotFoundException
PreAuthenticatedGrantedAuthoritiesUserDetailsService - Class in org.springframework.security.web.authentication.preauth: This AuthenticationUserDetailsService implementation creates a UserDetails object based solely on the information contained in the given PreAuthenticatedAuthenticationToken.
PreAuthenticatedGrantedAuthoritiesUserDetailsService() - Constructor for class org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesUserDetailsService
PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails - Class in org.springframework.security.web.authentication.preauth: This WebAuthenticationDetails implementation allows for storing a list of pre-authenticated Granted Authorities.
PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails(HttpServletRequest, Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails
preAuthorize() - Static method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor: Creates an interceptor for the PreAuthorize annotation
preAuthorize() - Static method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeReactiveMethodInterceptor: Creates an instance for the PreAuthorize annotation.
preAuthorize(AuthorizationManager<MethodInvocation>) - Static method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor: Creates an interceptor for the PreAuthorize annotation
preAuthorize(PreAuthorizeAuthorizationManager) - Static method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor: Creates an interceptor for the PreAuthorize annotation
preAuthorize(ReactiveAuthorizationManager<MethodInvocation>) - Static method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeReactiveMethodInterceptor: Creates an instance for the PreAuthorize annotation.
PreAuthorize - Annotation Interface in org.springframework.security.access.prepost: Annotation for specifying a method access-control expression which will be evaluated to decide whether a method invocation is allowed or not.
PreAuthorizeAuthorizationManager - Class in org.springframework.security.authorization.method: An AuthorizationManager which can determine if an Authentication may invoke the MethodInvocation by evaluating an expression from the PreAuthorize annotation.
PreAuthorizeAuthorizationManager() - Constructor for class org.springframework.security.authorization.method.PreAuthorizeAuthorizationManager
PreAuthorizeAuthorizationMethodInterceptor() - Constructor for class org.springframework.security.config.method.MethodSecurityBeanDefinitionParser.PreAuthorizeAuthorizationMethodInterceptor
PreAuthorizeReactiveAuthorizationManager - Class in org.springframework.security.authorization.method: A ReactiveAuthorizationManager which can determine if an Authentication has access to the MethodInvocation by evaluating an expression from the PreAuthorize annotation.
PreAuthorizeReactiveAuthorizationManager() - Constructor for class org.springframework.security.authorization.method.PreAuthorizeReactiveAuthorizationManager
PreAuthorizeReactiveAuthorizationManager(MethodSecurityExpressionHandler) - Constructor for class org.springframework.security.authorization.method.PreAuthorizeReactiveAuthorizationManager
PREFERRED_USERNAME - Static variable in class org.springframework.security.oauth2.core.oidc.StandardClaimNames: preferred_username - the preferred username that the user wishes to be referred to
preferredUsername(String) - Method in class org.springframework.security.oauth2.core.oidc.OidcUserInfo.Builder: Use this preferred username in the resulting OidcUserInfo
prefersShortLivedTasks() - Method in class org.springframework.security.scheduling.DelegatingSecurityContextSchedulingTaskExecutor
PreFilter - Annotation Interface in org.springframework.security.access.prepost: Annotation for specifying a method filtering expression which will be evaluated before a method has been invoked.
PreFilterAuthorizationMethodInterceptor - Class in org.springframework.security.authorization.method: A MethodInterceptor which filters a method argument by evaluating an expression from the PreFilter annotation.
PreFilterAuthorizationMethodInterceptor() - Constructor for class org.springframework.security.authorization.method.PreFilterAuthorizationMethodInterceptor: Creates a PreFilterAuthorizationMethodInterceptor using the provided parameters
PreFilterAuthorizationReactiveMethodInterceptor - Class in org.springframework.security.authorization.method: A MethodInterceptor which filters a reactive method argument by evaluating an expression from the PreFilter annotation.
PreFilterAuthorizationReactiveMethodInterceptor() - Constructor for class org.springframework.security.authorization.method.PreFilterAuthorizationReactiveMethodInterceptor
PreFilterAuthorizationReactiveMethodInterceptor(MethodSecurityExpressionHandler) - Constructor for class org.springframework.security.authorization.method.PreFilterAuthorizationReactiveMethodInterceptor: Creates an instance.
PreInvocationAttribute - Interface in org.springframework.security.access.prepost: Deprecated.
Use AuthorizationManagerBeforeMethodInterceptor instead
preInvocationAuthorizationAdvice() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration: Deprecated.

Creates the PreInvocationAuthorizationAdvice to be used.
PreInvocationAuthorizationAdvice - Interface in org.springframework.security.access.prepost: Deprecated.
Use AuthorizationManagerBeforeMethodInterceptor instead
PreInvocationAuthorizationAdviceVoter - Class in org.springframework.security.access.prepost: Deprecated.
Use AuthorizationManagerBeforeMethodInterceptor instead
PreInvocationAuthorizationAdviceVoter(PreInvocationAuthorizationAdvice) - Constructor for class org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter: Deprecated.
preload(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.HstsConfig: If true, preload will be included in HSTS Header.
preload(boolean) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.HstsSpec: Configures if preload should be included.
prepareTestInstance(TestContext) - Method in class org.springframework.security.test.context.support.ReactorContextTestExecutionListener
PrePostAdviceReactiveMethodInterceptor - Class in org.springframework.security.access.prepost: Deprecated.
Use AuthorizationManagerBeforeReactiveMethodInterceptor or AuthorizationManagerAfterReactiveMethodInterceptor
PrePostAdviceReactiveMethodInterceptor(MethodSecurityMetadataSource, PreInvocationAuthorizationAdvice, PostInvocationAuthorizationAdvice) - Constructor for class org.springframework.security.access.prepost.PrePostAdviceReactiveMethodInterceptor: Deprecated.

Creates a new instance
PrePostAnnotationSecurityMetadataSource - Class in org.springframework.security.access.prepost: Deprecated.
Use PreAuthorizeAuthorizationManager and PostAuthorizeAuthorizationManager instead
PrePostAnnotationSecurityMetadataSource(PrePostInvocationAttributeFactory) - Constructor for class org.springframework.security.access.prepost.PrePostAnnotationSecurityMetadataSource: Deprecated.
prePostEnabled() - Element in annotation interface org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity: Deprecated.

Determines if Spring Security's pre post annotations should be enabled.
prePostEnabled() - Element in annotation interface org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity: Determines if Spring Security's PreAuthorize, PostAuthorize, PreFilter, and PostFilter annotations should be enabled.
PrePostInvocationAttributeFactory - Interface in org.springframework.security.access.prepost: Deprecated.
Use delegation with AuthorizationManager
preProcess(NativeWebRequest, Callable<T>) - Method in class org.springframework.security.web.context.request.async.SecurityContextCallableProcessingInterceptor
preReceive(MessageChannel) - Method in class org.springframework.security.messaging.access.intercept.ChannelSecurityInterceptor: Deprecated.
preSend(Message<?>, MessageChannel) - Method in class org.springframework.security.messaging.access.intercept.AuthorizationChannelInterceptor
preSend(Message<?>, MessageChannel) - Method in class org.springframework.security.messaging.access.intercept.ChannelSecurityInterceptor: Deprecated.
preSend(Message<?>, MessageChannel) - Method in class org.springframework.security.messaging.context.SecurityContextChannelInterceptor
preSend(Message<?>, MessageChannel) - Method in class org.springframework.security.messaging.web.csrf.CsrfChannelInterceptor
preSend(Message<?>, MessageChannel) - Method in class org.springframework.security.messaging.web.csrf.XorCsrfChannelInterceptor
principal(Object) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer: Sets the principal for Authentication objects of anonymous users
principal(Object) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.AnonymousSpec: Sets the principal for Authentication objects of anonymous users
principal(String) - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizeRequest.Builder: Sets the name of the Principal (to be) associated to the authorized client.
principal(Authentication) - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizationContext.Builder: Sets the Principal (to be) associated to the authorized client.
principal(Authentication) - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizeRequest.Builder: Sets the Principal (to be) associated to the authorized client.
principal(OAuth2AuthenticatedPrincipal) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.OpaqueTokenMutator: Use the provided principal
principal(OAuth2AuthenticatedPrincipal) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.OpaqueTokenRequestPostProcessor: Use the provided principal
principalChanged(HttpServletRequest, Authentication) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter: Determines if the current principal has changed.
principalExtractor(X509PrincipalExtractor) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.X509Spec
principalName(String) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.OAuth2ClientMutator: Use this as the resource owner's principal name
principalName(String) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.OAuth2ClientRequestPostProcessor: Use this as the resource owner's principal name
PrincipalSid - Class in org.springframework.security.acls.domain: Represents an Authentication.getPrincipal() as a Sid.
PrincipalSid(String) - Constructor for class org.springframework.security.acls.domain.PrincipalSid
PrincipalSid(Authentication) - Constructor for class org.springframework.security.acls.domain.PrincipalSid
printBinary(int) - Static method in class org.springframework.security.acls.domain.AclFormattingUtils: Returns a representation of the active bits in the presented mask, with each active bit being denoted by character '*'.
printBinary(int, char) - Static method in class org.springframework.security.acls.domain.AclFormattingUtils: Returns a representation of the active bits in the presented mask, with each active bit being denoted by the passed character.
PRIVATE_KEY_JWT - Static variable in class org.springframework.security.oauth2.core.ClientAuthenticationMethod
privilegeEvaluator() - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration: Creates the WebInvocationPrivilegeEvaluator that is necessary to evaluate privileges for a given web URI
privilegeEvaluator(WebInvocationPrivilegeEvaluator) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity: Set the WebInvocationPrivilegeEvaluator to be used.
proceed() - Method in class org.springframework.security.access.intercept.aspectj.MethodInvocationAdapter: Deprecated.
proceed() - Method in class org.springframework.security.util.SimpleMethodInvocation
proceedWithObject() - Method in interface org.springframework.security.access.intercept.aspectj.AspectJCallback: Deprecated.
processAction(HttpServletRequest, String) - Method in class org.springframework.security.web.servlet.support.csrf.CsrfRequestDataValueProcessor
processAction(HttpServletRequest, String, String) - Method in class org.springframework.security.web.servlet.support.csrf.CsrfRequestDataValueProcessor
processAction(ServerWebExchange, String, String) - Method in class org.springframework.security.web.reactive.result.view.CsrfRequestDataValueProcessor
processAutoLoginCookie(String[], HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices: Called from autoLogin to process the submitted persistent login cookie.
processAutoLoginCookie(String[], HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices: Locates the presented cookie data in the token repository, using the series id.
processAutoLoginCookie(String[], HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices
processConfigAttribute - Variable in class org.springframework.security.acls.afterinvocation.AbstractAclProvider
processDomainObjectClass - Variable in class org.springframework.security.acls.afterinvocation.AbstractAclProvider
processFormFieldValue(HttpServletRequest, String, String, String) - Method in class org.springframework.security.web.servlet.support.csrf.CsrfRequestDataValueProcessor
processFormFieldValue(ServerWebExchange, String, String, String) - Method in class org.springframework.security.web.reactive.result.view.CsrfRequestDataValueProcessor
processUrl(HttpServletRequest, String) - Method in class org.springframework.security.web.servlet.support.csrf.CsrfRequestDataValueProcessor
processUrl(ServerWebExchange, String) - Method in class org.springframework.security.web.reactive.result.view.CsrfRequestDataValueProcessor
profile(String) - Method in class org.springframework.security.oauth2.core.oidc.OidcUserInfo.Builder: Use this profile in the resulting OidcUserInfo
PROFILE - Static variable in class org.springframework.security.oauth2.core.oidc.OidcScopes: The profile scope requests access to the default profile claims, which are: name, family_name, given_name, middle_name, nickname, preferred_username, profile, picture, website, gender, birthdate, zoneinfo, locale, updated_at.
PROFILE - Static variable in class org.springframework.security.oauth2.core.oidc.StandardClaimNames: profile - the URL of the user's profile page
PROTECT - Static variable in class org.springframework.security.config.Elements
PROTECT_POINTCUT - Static variable in class org.springframework.security.config.Elements
provider(OAuth2AuthorizedClientProvider) - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClientProviderBuilder: Configures an OAuth2AuthorizedClientProvider to be composed with the DelegatingOAuth2AuthorizedClientProvider.
provider(ReactiveOAuth2AuthorizedClientProvider) - Method in class org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder: Configures a ReactiveOAuth2AuthorizedClientProvider to be composed with the DelegatingReactiveOAuth2AuthorizedClientProvider.
providerConfigurationMetadata(Map<String, Object>) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder: Sets the metadata describing the provider's configuration.
ProviderManager - Class in org.springframework.security.authentication: Iterates an Authentication request through a list of AuthenticationProviders.
ProviderManager(List<AuthenticationProvider>) - Constructor for class org.springframework.security.authentication.ProviderManager: Construct a ProviderManager using the given AuthenticationProviders
ProviderManager(List<AuthenticationProvider>, AuthenticationManager) - Constructor for class org.springframework.security.authentication.ProviderManager: Construct a ProviderManager using the provided parameters
ProviderManager(AuthenticationProvider...) - Constructor for class org.springframework.security.authentication.ProviderManager: Construct a ProviderManager using the given AuthenticationProviders
ProviderManagerBuilder> - Interface in org.springframework.security.config.annotation.authentication: Interface for operating on a SecurityBuilder that creates a ProviderManager
ProviderNotFoundException - Exception in org.springframework.security.authentication: Thrown by ProviderManager if no AuthenticationProvider could be found that supports the presented Authentication object.
ProviderNotFoundException(String) - Constructor for exception org.springframework.security.authentication.ProviderNotFoundException: Constructs a ProviderNotFoundException with the specified message.
proxyTargetClass() - Element in annotation interface org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity: Deprecated.

Indicate whether subclass-based (CGLIB) proxies are to be created (true) as opposed to standard Java interface-based proxies (false).
proxyTargetClass() - Element in annotation interface org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity: Indicate whether subclass-based (CGLIB) proxies are to be created as opposed to standard Java interface-based proxies.
proxyTargetClass() - Element in annotation interface org.springframework.security.config.annotation.method.configuration.EnableReactiveMethodSecurity: Indicate whether subclass-based (CGLIB) proxies are to be created as opposed to standard Java interface-based proxies.
PS256 - Enum constant in enum class org.springframework.security.oauth2.jose.jws.SignatureAlgorithm: RSASSA-PSS using SHA-256 and MGF1 with SHA-256 (Optional)
PS256 - Static variable in class org.springframework.security.oauth2.jose.jws.JwsAlgorithms: RSASSA-PSS using SHA-256 and MGF1 with SHA-256 (Optional)
PS384 - Enum constant in enum class org.springframework.security.oauth2.jose.jws.SignatureAlgorithm: RSASSA-PSS using SHA-384 and MGF1 with SHA-384 (Optional)
PS384 - Static variable in class org.springframework.security.oauth2.jose.jws.JwsAlgorithms: RSASSA-PSS using SHA-384 and MGF1 with SHA-384 (Optional)
PS512 - Enum constant in enum class org.springframework.security.oauth2.jose.jws.SignatureAlgorithm: RSASSA-PSS using SHA-512 and MGF1 with SHA-512 (Optional)
PS512 - Static variable in class org.springframework.security.oauth2.jose.jws.JwsAlgorithms: RSASSA-PSS using SHA-512 and MGF1 with SHA-512 (Optional)
PublicInvocationEvent - Class in org.springframework.security.access.event: Deprecated.
Only used by now-deprecated classes. Consider EventObject.getSource() to deduce public invocations.
PublicInvocationEvent(Object) - Constructor for class org.springframework.security.access.event.PublicInvocationEvent: Deprecated.

Construct the event, passing in the public secure object.
publicKey(RSAPublicKey) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpec: Configures a ReactiveJwtDecoder that leverages the provided RSAPublicKey
publishAuthenticationFailure(AuthenticationException, Authentication) - Method in interface org.springframework.security.authentication.AuthenticationEventPublisher
publishAuthenticationFailure(AuthenticationException, Authentication) - Method in class org.springframework.security.authentication.DefaultAuthenticationEventPublisher
publishAuthenticationSuccess(Authentication) - Method in interface org.springframework.security.authentication.AuthenticationEventPublisher
publishAuthenticationSuccess(Authentication) - Method in class org.springframework.security.authentication.DefaultAuthenticationEventPublisher
publishAuthorizationEvent(Supplier<Authentication>, T, AuthorizationDecision) - Method in interface org.springframework.security.authorization.AuthorizationEventPublisher: Publish the given details in the form of an event, typically AuthorizationGrantedEvent or AuthorizationDeniedEvent.
publishAuthorizationEvent(Supplier<Authentication>, T, AuthorizationDecision) - Method in class org.springframework.security.authorization.SpringAuthorizationEventPublisher: Publish the given details in the form of an event, typically AuthorizationGrantedEvent or AuthorizationDeniedEvent.
publishEvent(Object) - Method in class org.springframework.security.web.authentication.session.AbstractSessionFixationProtectionStrategy.NullEventPublisher
publishEvent(ApplicationEvent) - Method in class org.springframework.security.web.authentication.session.AbstractSessionFixationProtectionStrategy.NullEventPublisher
publishFailureEvent(UsernamePasswordAuthenticationToken, AuthenticationException) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider: Publishes the JaasAuthenticationFailedEvent.
publishFailureEvent(UsernamePasswordAuthenticationToken, AuthenticationException) - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider: Publishes the JaasAuthenticationFailedEvent.
publishSuccessEvent(UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider: Publishes the JaasAuthenticationSuccessEvent.
putInCache(MutableAcl) - Method in class org.springframework.security.acls.domain.SpringCacheBasedAclCache
putInCache(MutableAcl) - Method in interface org.springframework.security.acls.model.AclCache
putUserInCache(UserDetails) - Method in class org.springframework.security.core.userdetails.cache.NullUserCache
putUserInCache(UserDetails) - Method in class org.springframework.security.core.userdetails.cache.SpringCacheBasedUserCache
putUserInCache(UserDetails) - Method in interface org.springframework.security.core.userdetails.UserCache: Places a UserDetails in the cache.

Q

QUERY - Static variable in class org.springframework.security.oauth2.core.AuthenticationMethod

R

R2dbcReactiveOAuth2AuthorizedClientService - Class in org.springframework.security.oauth2.client: A R2DBC implementation of ReactiveOAuth2AuthorizedClientService that uses a DatabaseClient for OAuth2AuthorizedClient persistence.
R2dbcReactiveOAuth2AuthorizedClientService(DatabaseClient, ReactiveClientRegistrationRepository) - Constructor for class org.springframework.security.oauth2.client.R2dbcReactiveOAuth2AuthorizedClientService: Constructs a R2dbcReactiveOAuth2AuthorizedClientService using the provided parameters.
R2dbcReactiveOAuth2AuthorizedClientService.OAuth2AuthorizedClientHolder - Class in org.springframework.security.oauth2.client: A holder for OAuth2AuthorizedClient data and End-User Authentication (Resource Owner).
R2dbcReactiveOAuth2AuthorizedClientService.OAuth2AuthorizedClientParametersMapper - Class in org.springframework.security.oauth2.client: The default Function that maps R2dbcReactiveOAuth2AuthorizedClientService.OAuth2AuthorizedClientHolder to a Map of String and Parameter.
R2dbcReactiveOAuth2AuthorizedClientService.OAuth2AuthorizedClientRowMapper - Class in org.springframework.security.oauth2.client: The default BiFunction that maps the current io.r2dbc.spi.Row to a R2dbcReactiveOAuth2AuthorizedClientService.OAuth2AuthorizedClientHolder.
ReactiveAuthenticationManager - Interface in org.springframework.security.authentication: Determines if the provided Authentication can be authenticated.
ReactiveAuthenticationManagerAdapter - Class in org.springframework.security.authentication: Adapts an AuthenticationManager to the reactive APIs.
ReactiveAuthenticationManagerAdapter(AuthenticationManager) - Constructor for class org.springframework.security.authentication.ReactiveAuthenticationManagerAdapter
ReactiveAuthenticationManagerResolver<C> - Interface in org.springframework.security.authentication: An interface for resolving a ReactiveAuthenticationManager based on the provided context
ReactiveAuthorizationManager<T> - Interface in org.springframework.security.authorization: A reactive authorization manager which can determine if an Authentication has access to a specific object.
ReactiveClientRegistrationRepository - Interface in org.springframework.security.oauth2.client.registration: A reactive repository for OAuth 2.0 / OpenID Connect 1.0 ClientRegistration(s).
ReactiveJwtAuthenticationConverter - Class in org.springframework.security.oauth2.server.resource.authentication: Reactive version of JwtAuthenticationConverter for converting a Jwt to a Mono<AbstractAuthenticationToken>.
ReactiveJwtAuthenticationConverter() - Constructor for class org.springframework.security.oauth2.server.resource.authentication.ReactiveJwtAuthenticationConverter
ReactiveJwtAuthenticationConverterAdapter - Class in org.springframework.security.oauth2.server.resource.authentication: A reactive Converter for adapting a non-blocking imperative Converter
ReactiveJwtAuthenticationConverterAdapter(Converter<Jwt, AbstractAuthenticationToken>) - Constructor for class org.springframework.security.oauth2.server.resource.authentication.ReactiveJwtAuthenticationConverterAdapter
ReactiveJwtDecoder - Interface in org.springframework.security.oauth2.jwt: Implementations of this interface are responsible for "decoding" a JSON Web Token (JWT) from it's compact claims representation format to a Jwt.
ReactiveJwtDecoderFactory<C> - Interface in org.springframework.security.oauth2.jwt: A factory for ReactiveJwtDecoder(s).
ReactiveJwtDecoders - Class in org.springframework.security.oauth2.jwt: Allows creating a ReactiveJwtDecoder from an OpenID Provider Configuration or Authorization Server Metadata Request based on provided issuer and method invoked.
ReactiveJwtGrantedAuthoritiesConverterAdapter - Class in org.springframework.security.oauth2.server.resource.authentication: Adapts a Converter<Jwt, Collection<GrantedAuthority>> to a Converter<Jwt, Flux<GrantedAuthority>>.
ReactiveJwtGrantedAuthoritiesConverterAdapter(Converter<Jwt, Collection<GrantedAuthority>>) - Constructor for class org.springframework.security.oauth2.server.resource.authentication.ReactiveJwtGrantedAuthoritiesConverterAdapter
ReactiveOAuth2AccessTokenResponseClient<T extends AbstractOAuth2AuthorizationGrantRequest> - Interface in org.springframework.security.oauth2.client.endpoint: A reactive strategy for "exchanging" an authorization grant credential (e.g.
ReactiveOAuth2AuthorizationFailureHandler - Interface in org.springframework.security.oauth2.client: Handles when an OAuth 2.0 Client fails to authorize (or re-authorize) via the authorization server or resource server.
ReactiveOAuth2AuthorizationSuccessHandler - Interface in org.springframework.security.oauth2.client: Handles when an OAuth 2.0 Client has been successfully authorized (or re-authorized) via the authorization server.
ReactiveOAuth2AuthorizedClientManager - Interface in org.springframework.security.oauth2.client: Implementations of this interface are responsible for the overall management of Authorized Client(s).
ReactiveOAuth2AuthorizedClientProvider - Interface in org.springframework.security.oauth2.client: A strategy for authorizing (or re-authorizing) an OAuth 2.0 Client.
ReactiveOAuth2AuthorizedClientProviderBuilder - Class in org.springframework.security.oauth2.client: A builder that builds a DelegatingReactiveOAuth2AuthorizedClientProvider composed of one or more ReactiveOAuth2AuthorizedClientProvider(s) that implement specific authorization grants.
ReactiveOAuth2AuthorizedClientProviderBuilder.AuthorizationCodeGrantBuilder - Class in org.springframework.security.oauth2.client: A builder for the authorization_code grant.
ReactiveOAuth2AuthorizedClientProviderBuilder.ClientCredentialsGrantBuilder - Class in org.springframework.security.oauth2.client: A builder for the client_credentials grant.
ReactiveOAuth2AuthorizedClientProviderBuilder.PasswordGrantBuilder - Class in org.springframework.security.oauth2.client: A builder for the password grant.
ReactiveOAuth2AuthorizedClientProviderBuilder.RefreshTokenGrantBuilder - Class in org.springframework.security.oauth2.client: A builder for the refresh_token grant.
ReactiveOAuth2AuthorizedClientService - Interface in org.springframework.security.oauth2.client: Implementations of this interface are responsible for the management of Authorized Client(s), which provide the purpose of associating an Access Token credential to a Client and Resource Owner, who is the Principal that originally granted the authorization.
ReactiveOAuth2UserService<R extends OAuth2UserRequest,U extends OAuth2User> - Interface in org.springframework.security.oauth2.client.userinfo: Implementations of this interface are responsible for obtaining the user attributes of the End-User (Resource Owner) from the UserInfo Endpoint using the Access Token granted to the Client and returning an AuthenticatedPrincipal in the form of an OAuth2User.
ReactiveOidcIdTokenDecoderFactory - Class in org.springframework.security.oauth2.client.oidc.authentication: A factory that provides a ReactiveJwtDecoder used for OidcIdToken signature verification.
ReactiveOidcIdTokenDecoderFactory() - Constructor for class org.springframework.security.oauth2.client.oidc.authentication.ReactiveOidcIdTokenDecoderFactory
ReactiveOpaqueTokenAuthenticationConverter - Interface in org.springframework.security.oauth2.server.resource.introspection: Convert a successful introspection result into an authentication result.
ReactiveOpaqueTokenIntrospector - Interface in org.springframework.security.oauth2.server.resource.introspection: A contract for introspecting and verifying an OAuth 2.0 token.
ReactivePreAuthenticatedAuthenticationManager - Class in org.springframework.security.web.server.authentication: Reactive version of PreAuthenticatedAuthenticationProvider This manager receives a PreAuthenticatedAuthenticationToken, checks that associated account is not disabled, expired, or blocked, and returns new authenticated PreAuthenticatedAuthenticationToken.
ReactivePreAuthenticatedAuthenticationManager(ReactiveUserDetailsService) - Constructor for class org.springframework.security.web.server.authentication.ReactivePreAuthenticatedAuthenticationManager
ReactivePreAuthenticatedAuthenticationManager(ReactiveUserDetailsService, UserDetailsChecker) - Constructor for class org.springframework.security.web.server.authentication.ReactivePreAuthenticatedAuthenticationManager
ReactiveSecurityContextHolder - Class in org.springframework.security.core.context: Allows getting and setting the Spring SecurityContext into a Context.
ReactiveUserDetailsPasswordService - Interface in org.springframework.security.core.userdetails: An API for changing a UserDetails password.
ReactiveUserDetailsService - Interface in org.springframework.security.core.userdetails: An API for finding the UserDetails by username.
ReactiveUserDetailsServiceResourceFactoryBean - Class in org.springframework.security.config.core.userdetails: Constructs an MapReactiveUserDetailsService from a resource using UserDetailsResourceFactoryBean.
ReactiveUserDetailsServiceResourceFactoryBean() - Constructor for class org.springframework.security.config.core.userdetails.ReactiveUserDetailsServiceResourceFactoryBean
REACTOR_CONTEXT - Enum constant in enum class org.springframework.security.config.web.server.SecurityWebFiltersOrder: ReactorContextWebFilter
ReactorContextTestExecutionListener - Class in org.springframework.security.test.context.support: Sets up the Reactor Context with the Authentication from the TestSecurityContextHolder and then clears the Reactor Context at the end of the tests.
ReactorContextTestExecutionListener() - Constructor for class org.springframework.security.test.context.support.ReactorContextTestExecutionListener
ReactorContextWebFilter - Class in org.springframework.security.web.server.context: Uses a ServerSecurityContextRepository to provide the SecurityContext to initialize the ReactiveSecurityContextHolder.
ReactorContextWebFilter(ServerSecurityContextRepository) - Constructor for class org.springframework.security.web.server.context.ReactorContextWebFilter
read - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
read(Class<? extends RelyingPartyRegistration.Builder>, HttpInputMessage) - Method in class org.springframework.security.saml2.provider.service.registration.OpenSamlRelyingPartyRegistrationBuilderHttpMessageConverter
READ - Static variable in class org.springframework.security.acls.domain.BasePermission
readAclById(ObjectIdentity) - Method in class org.springframework.security.acls.jdbc.JdbcAclService
readAclById(ObjectIdentity) - Method in interface org.springframework.security.acls.model.AclService: Same as AclService.readAclsById(List) except it returns only a single Acl.
readAclById(ObjectIdentity, List<Sid>) - Method in class org.springframework.security.acls.jdbc.JdbcAclService
readAclById(ObjectIdentity, List<Sid>) - Method in interface org.springframework.security.acls.model.AclService: Same as AclService.readAclsById(List, List) except it returns only a single Acl.
readAclsById(List<ObjectIdentity>) - Method in class org.springframework.security.acls.jdbc.JdbcAclService
readAclsById(List<ObjectIdentity>) - Method in interface org.springframework.security.acls.model.AclService: Obtains all the Acls that apply for the passed Objects.
readAclsById(List<ObjectIdentity>, List<Sid>) - Method in class org.springframework.security.acls.jdbc.BasicLookupStrategy: The main method.
readAclsById(List<ObjectIdentity>, List<Sid>) - Method in class org.springframework.security.acls.jdbc.JdbcAclService
readAclsById(List<ObjectIdentity>, List<Sid>) - Method in interface org.springframework.security.acls.jdbc.LookupStrategy: Perform database-specific optimized lookup.
readAclsById(List<ObjectIdentity>, List<Sid>) - Method in interface org.springframework.security.acls.model.AclService: Obtains all the Acls that apply for the passed Objects, but only for the security identifies passed.
readInternal(Class<? extends OAuth2AccessTokenResponse>, HttpInputMessage) - Method in class org.springframework.security.oauth2.core.http.converter.OAuth2AccessTokenResponseHttpMessageConverter
readInternal(Class<? extends OAuth2Error>, HttpInputMessage) - Method in class org.springframework.security.oauth2.core.http.converter.OAuth2ErrorHttpMessageConverter
realm(String) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.DigestRequestPostProcessor: Configures the realm to use
realmName(String) - Method in class org.springframework.security.config.annotation.web.configurers.HttpBasicConfigurer: Allows easily changing the realm, but leaving the remaining defaults in place.
REDIRECT - Enum constant in enum class org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding
REDIRECT_URI - Static variable in class org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames: redirect_uri - used in Authorization Request and Access Token Request.
redirectionEndpoint() - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer: Returns the OAuth2LoginConfigurer>.RedirectionEndpointConfig for configuring the Client's Redirection Endpoint.
redirectionEndpoint(Customizer<OAuth2LoginConfigurer.RedirectionEndpointConfig>) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer: Configures the Client's Redirection Endpoint.
RedirectServerAuthenticationEntryPoint - Class in org.springframework.security.web.server.authentication: Performs a redirect to a specified location.
RedirectServerAuthenticationEntryPoint(String) - Constructor for class org.springframework.security.web.server.authentication.RedirectServerAuthenticationEntryPoint: Creates an instance
RedirectServerAuthenticationFailureHandler - Class in org.springframework.security.web.server.authentication: Performs a redirect to a specified location.
RedirectServerAuthenticationFailureHandler(String) - Constructor for class org.springframework.security.web.server.authentication.RedirectServerAuthenticationFailureHandler: Creates an instance
RedirectServerAuthenticationSuccessHandler - Class in org.springframework.security.web.server.authentication: Performs a redirect on authentication success.
RedirectServerAuthenticationSuccessHandler() - Constructor for class org.springframework.security.web.server.authentication.RedirectServerAuthenticationSuccessHandler: Creates a new instance with location of "/"
RedirectServerAuthenticationSuccessHandler(String) - Constructor for class org.springframework.security.web.server.authentication.RedirectServerAuthenticationSuccessHandler: Creates a new instance with the specified location
RedirectServerLogoutSuccessHandler - Class in org.springframework.security.web.server.authentication.logout: Performs a redirect on log out success.
RedirectServerLogoutSuccessHandler() - Constructor for class org.springframework.security.web.server.authentication.logout.RedirectServerLogoutSuccessHandler
redirectStrategy(RedirectStrategy) - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.ChannelRequestMatcherRegistry: Sets the RedirectStrategy instances to use in RetryWithHttpEntryPoint and RetryWithHttpsEntryPoint
RedirectStrategy - Interface in org.springframework.security.web: Encapsulates the redirection logic for all classes in the framework which perform redirects.
redirectToHttps() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Configures HTTPS redirection rules.
redirectToHttps(Customizer<ServerHttpSecurity.HttpsRedirectSpec>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Configures HTTPS redirection rules.
redirectUri(String) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder: Sets the uri (or uri template) for the redirection endpoint.
redirectUri(String) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest.Builder: Sets the uri for the redirection endpoint.
redirectUri(String) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse.Builder: Sets the uri where the response was redirected to.
RedirectUrlBuilder - Class in org.springframework.security.web.util: Internal class for building redirect URLs.
RedirectUrlBuilder() - Constructor for class org.springframework.security.web.util.RedirectUrlBuilder
REFERRER_POLICY - Static variable in class org.springframework.security.web.server.header.ReferrerPolicyServerHttpHeadersWriter
referrerPolicy() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer: Allows configuration for Referrer Policy.
referrerPolicy() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec: Configures Referrer-Policy response header.
referrerPolicy(Customizer<HeadersConfigurer.ReferrerPolicyConfig>) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer: Allows configuration for Referrer Policy.
referrerPolicy(Customizer<ServerHttpSecurity.HeaderSpec.ReferrerPolicySpec>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec: Configures Referrer-Policy response header.
referrerPolicy(ReferrerPolicyHeaderWriter.ReferrerPolicy) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer: Allows configuration for Referrer Policy.
referrerPolicy(ReferrerPolicyServerHttpHeadersWriter.ReferrerPolicy) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec: Configures Referrer-Policy response header.
ReferrerPolicyHeaderWriter - Class in org.springframework.security.web.header.writers: Provides support for Referrer Policy.
ReferrerPolicyHeaderWriter() - Constructor for class org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter: Creates a new instance.
ReferrerPolicyHeaderWriter(ReferrerPolicyHeaderWriter.ReferrerPolicy) - Constructor for class org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter: Creates a new instance.
ReferrerPolicyHeaderWriter.ReferrerPolicy - Enum Class in org.springframework.security.web.header.writers
ReferrerPolicyServerHttpHeadersWriter - Class in org.springframework.security.web.server.header: Writes the Referrer-Policy response header.
ReferrerPolicyServerHttpHeadersWriter() - Constructor for class org.springframework.security.web.server.header.ReferrerPolicyServerHttpHeadersWriter
ReferrerPolicyServerHttpHeadersWriter.ReferrerPolicy - Enum Class in org.springframework.security.web.server.header
refresh() - Method in class org.springframework.security.authentication.jaas.memory.InMemoryConfiguration: Does nothing, but required for JDK5
REFRESH_TOKEN - Static variable in class org.springframework.security.oauth2.core.AuthorizationGrantType
REFRESH_TOKEN - Static variable in class org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames: refresh_token - used in Access Token Request and Access Token Response.
refreshLastRequest() - Method in class org.springframework.security.core.session.SessionInformation: Refreshes the internal lastRequest to the current date and time.
refreshLastRequest(String) - Method in interface org.springframework.security.core.session.SessionRegistry: Updates the given sessionId so its last request time is equal to the present date and time.
refreshLastRequest(String) - Method in class org.springframework.security.core.session.SessionRegistryImpl
refreshToken() - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClientProviderBuilder: Configures support for the refresh_token grant.
refreshToken() - Method in class org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder: Configures support for the refresh_token grant.
refreshToken(String) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse.Builder: Sets the refresh token associated to the access token.
refreshToken(Consumer<OAuth2AuthorizedClientProviderBuilder.RefreshTokenGrantBuilder>) - Method in class org.springframework.security.oauth2.client.OAuth2AuthorizedClientProviderBuilder: Configures support for the refresh_token grant.
refreshToken(Consumer<ReactiveOAuth2AuthorizedClientProviderBuilder.RefreshTokenGrantBuilder>) - Method in class org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder: Configures support for the refresh_token grant.
RefreshTokenOAuth2AuthorizedClientProvider - Class in org.springframework.security.oauth2.client: An implementation of an OAuth2AuthorizedClientProvider for the refresh_token grant.
RefreshTokenOAuth2AuthorizedClientProvider() - Constructor for class org.springframework.security.oauth2.client.RefreshTokenOAuth2AuthorizedClientProvider
RefreshTokenReactiveOAuth2AuthorizedClientProvider - Class in org.springframework.security.oauth2.client: An implementation of a ReactiveOAuth2AuthorizedClientProvider for the refresh_token grant.
RefreshTokenReactiveOAuth2AuthorizedClientProvider() - Constructor for class org.springframework.security.oauth2.client.RefreshTokenReactiveOAuth2AuthorizedClientProvider
regex - Enum constant in enum class org.springframework.security.config.http.MatcherType
regexMatcher(String) - Static method in class org.springframework.security.web.util.matcher.RegexRequestMatcher: Creates a case-sensitive Pattern instance to match against the request.
regexMatcher(HttpMethod) - Static method in class org.springframework.security.web.util.matcher.RegexRequestMatcher: Creates an instance that matches to all requests with the same HttpMethod.
regexMatcher(HttpMethod, String) - Static method in class org.springframework.security.web.util.matcher.RegexRequestMatcher: Creates a case-sensitive Pattern instance to match against the request.
RegExpAllowFromStrategy - Class in org.springframework.security.web.header.writers.frameoptions: Deprecated.
ALLOW-FROM is an obsolete directive that no longer works in modern browsers. Instead use Content-Security-Policy with the frame-ancestors directive.
RegExpAllowFromStrategy(String) - Constructor for class org.springframework.security.web.header.writers.frameoptions.RegExpAllowFromStrategy: Deprecated.

Creates a new instance
RegexRequestMatcher - Class in org.springframework.security.web.util.matcher: Uses a regular expression to decide whether a supplied the URL of a supplied HttpServletRequest.
RegexRequestMatcher(String, String) - Constructor for class org.springframework.security.web.util.matcher.RegexRequestMatcher: Creates a case-sensitive Pattern instance to match against the request.
RegexRequestMatcher(String, String, boolean) - Constructor for class org.springframework.security.web.util.matcher.RegexRequestMatcher: As above, but allows setting of whether case-insensitive matching should be used.
region(String) - Method in class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim.Builder: Sets the state, province, prefecture, or region.
registerAuthenticationEntryPoint(B, AuthenticationEntryPoint) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
registerDefaultAuthenticationEntryPoint(B) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
RegisteredOAuth2AuthorizedClient - Annotation Interface in org.springframework.security.oauth2.client.annotation: This annotation may be used to resolve a method parameter to an argument value of type OAuth2AuthorizedClient.
registerExtractor(Class<? extends Throwable>, ThrowableCauseExtractor) - Method in class org.springframework.security.web.util.ThrowableAnalyzer: Registers a ThrowableCauseExtractor for the specified type.
registerMatcher(ServerWebExchangeMatcher) - Method in class org.springframework.security.config.web.server.AbstractServerWebExchangeMatcherRegistry: Subclasses should implement this method for returning the object that is chained to the creation of the ServerWebExchangeMatcher instances.
registerMatcher(ServerWebExchangeMatcher) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.AuthorizeExchangeSpec
registerNewSession(String, Object) - Method in interface org.springframework.security.core.session.SessionRegistry: Registers a new session for the specified principal.
registerNewSession(String, Object) - Method in class org.springframework.security.core.session.SessionRegistryImpl
registerPermission(Permission, String) - Method in class org.springframework.security.acls.domain.DefaultPermissionFactory
registerPublicPermissions(Class<? extends Permission>) - Method in class org.springframework.security.acls.domain.DefaultPermissionFactory: Registers the public static fields of type Permission for a give class.
RegisterSessionAuthenticationStrategy - Class in org.springframework.security.web.authentication.session: Strategy used to register a user with the SessionRegistry after successful Authentication.
RegisterSessionAuthenticationStrategy(SessionRegistry) - Constructor for class org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy
registerStompEndpoints(StompEndpointRegistry) - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer: Deprecated.
REGISTRATION_ID - Static variable in class org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames: Non-standard parameter (used internally).
registrationId() - Element in annotation interface org.springframework.security.oauth2.client.annotation.RegisteredOAuth2AuthorizedClient: Sets the client registration identifier.
registrationId(String) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder: Sets the registration id.
registrationId(String) - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.Builder: Sets the registrationId template.
RELAY_STATE - Static variable in class org.springframework.security.saml2.core.Saml2ParameterNames: RelayState - used to communicate shared state between the relying and asserting party
relayState(String) - Method in class org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest.Builder: Sets the RelayState parameter that will accompany this AuthNRequest
relayState(String) - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest.Builder: Use this value for the relay state when sending the Logout Request to the asserting party It should not be URL-encoded as this will be done when the request is sent
relayState(String) - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponse.Builder: Use this value for the relay state when sending the Logout Request to the asserting party It should not be URL-encoded as this will be done when the response is sent
release() - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
RELYING_PARTY_REGISTRATION_NOT_FOUND - Static variable in class org.springframework.security.saml2.core.Saml2ErrorCodes: The relying party registration was not found.
RELYING_PARTY_REGISTRATIONS - Static variable in class org.springframework.security.config.Elements
RelyingPartyRegistration - Class in org.springframework.security.saml2.provider.service.registration: Represents a configured relying party (aka Service Provider) and asserting party (aka Identity Provider) pair.
RelyingPartyRegistration.AssertingPartyDetails - Class in org.springframework.security.saml2.provider.service.registration: The configuration metadata of the Asserting party
RelyingPartyRegistration.AssertingPartyDetails.Builder - Class in org.springframework.security.saml2.provider.service.registration
RelyingPartyRegistration.Builder - Class in org.springframework.security.saml2.provider.service.registration
relyingPartyRegistrationRepository(RelyingPartyRegistrationRepository) - Method in class org.springframework.security.config.annotation.web.configurers.saml2.Saml2LoginConfigurer: Sets the RelyingPartyRegistrationRepository of relying parties, each party representing a service provider, SP and this host, and identity provider, IDP pair that communicate with each other.
relyingPartyRegistrationRepository(RelyingPartyRegistrationRepository) - Method in class org.springframework.security.config.annotation.web.configurers.saml2.Saml2LogoutConfigurer: Sets the RelyingPartyRegistrationRepository of relying parties, each party representing a service provider, SP and this host, and identity provider, IDP pair that communicate with each other.
RelyingPartyRegistrationRepository - Interface in org.springframework.security.saml2.provider.service.registration: A repository for RelyingPartyRegistrations
RelyingPartyRegistrationResolver - Interface in org.springframework.security.saml2.provider.service.web: A contract for resolving a RelyingPartyRegistration from the HTTP request
RelyingPartyRegistrations - Class in org.springframework.security.saml2.provider.service.registration: A utility class for constructing instances of RelyingPartyRegistration
RelyingPartyRegistrationsBeanDefinitionParser - Class in org.springframework.security.config.saml2
RelyingPartyRegistrationsBeanDefinitionParser() - Constructor for class org.springframework.security.config.saml2.RelyingPartyRegistrationsBeanDefinitionParser
REMEMBER_ME - Static variable in class org.springframework.security.config.Elements
rememberMe() - Static method in class org.springframework.security.authorization.AuthenticatedAuthorizationManager: Creates an instance of AuthenticatedAuthorizationManager that determines if the Authentication is authenticated using remember me.
rememberMe() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Allows configuring of Remember Me authentication.
rememberMe() - Method in class org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer.AuthorizedUrl: Specify that URLs are allowed by users that have been remembered.
rememberMe() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl: Deprecated.

Specify that URLs are allowed by users that have been remembered.
rememberMe() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint: Deprecated.

Specify that Messages are allowed by users that have been remembered.
rememberMe() - Method in class org.springframework.security.messaging.access.intercept.MessageMatcherDelegatingAuthorizationManager.Builder.Constraint: Specify that Messages are allowed by users that have been remembered.
rememberMe(Customizer<RememberMeConfigurer<HttpSecurity>>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Allows configuring of Remember Me authentication.
RememberMeAuthenticationException - Exception in org.springframework.security.web.authentication.rememberme: This exception is thrown when an Authentication exception occurs while using the remember-me authentication.
RememberMeAuthenticationException(String) - Constructor for exception org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationException: Constructs an RememberMeAuthenticationException with the specified message and no root cause.
RememberMeAuthenticationException(String, Throwable) - Constructor for exception org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationException: Constructs a RememberMeAuthenticationException with the specified message and root cause.
RememberMeAuthenticationFilter - Class in org.springframework.security.web.authentication.rememberme: Detects if there is no Authentication object in the SecurityContext, and populates the context with a remember-me authentication token if a RememberMeServices implementation so requests.
RememberMeAuthenticationFilter(AuthenticationManager, RememberMeServices) - Constructor for class org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter
RememberMeAuthenticationProvider - Class in org.springframework.security.authentication: An AuthenticationProvider implementation that validates RememberMeAuthenticationTokens.
RememberMeAuthenticationProvider(String) - Constructor for class org.springframework.security.authentication.RememberMeAuthenticationProvider
RememberMeAuthenticationToken - Class in org.springframework.security.authentication: Represents a remembered Authentication.
RememberMeAuthenticationToken(String, Object, Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.authentication.RememberMeAuthenticationToken: Constructor.
RememberMeConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers: Configures Remember Me authentication.
RememberMeConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer: Creates a new instance
rememberMeCookieDomain(String) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer: The domain name within which the remember me cookie is visible.
rememberMeCookieName(String) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer: The name of cookie which store the token for remember me authentication.
rememberMeParameter(String) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer: The HTTP parameter used to indicate to remember the user at time of login.
rememberMeRequested(HttpServletRequest, String) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices: Allows customization of whether a remember-me login has been requested.
rememberMeServices(RememberMeServices) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer: Specify the RememberMeServices to use.
RememberMeServices - Interface in org.springframework.security.web.authentication: Implement by a class that is capable of providing a remember-me service.
removeAuthenticationRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.saml2.provider.service.web.HttpSessionSaml2AuthenticationRequestRepository
removeAuthenticationRequest(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestRepository: Removes the authentication request using the HttpServletRequest and HttpServletResponse
removeAuthorities(DistinguishedName, Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
removeAuthorizationRequest(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.oauth2.client.web.AuthorizationRequestRepository: Removes and returns the OAuth2AuthorizationRequest associated to the provided HttpServletRequest and HttpServletResponse or if not available returns null.
removeAuthorizationRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizationRequestRepository
removeAuthorizationRequest(ServerWebExchange) - Method in interface org.springframework.security.oauth2.client.web.server.ServerAuthorizationRequestRepository: Removes and returns the OAuth2AuthorizationRequest associated to the provided HttpServletRequest or if not available returns null.
removeAuthorizationRequest(ServerWebExchange) - Method in class org.springframework.security.oauth2.client.web.server.WebSessionOAuth2ServerAuthorizationRequestRepository
removeAuthorizedClient(String, String) - Method in class org.springframework.security.oauth2.client.InMemoryOAuth2AuthorizedClientService
removeAuthorizedClient(String, String) - Method in class org.springframework.security.oauth2.client.InMemoryReactiveOAuth2AuthorizedClientService
removeAuthorizedClient(String, String) - Method in class org.springframework.security.oauth2.client.JdbcOAuth2AuthorizedClientService
removeAuthorizedClient(String, String) - Method in interface org.springframework.security.oauth2.client.OAuth2AuthorizedClientService: Removes the OAuth2AuthorizedClient associated to the provided client registration identifier and End-User's Principal name.
removeAuthorizedClient(String, String) - Method in class org.springframework.security.oauth2.client.R2dbcReactiveOAuth2AuthorizedClientService
removeAuthorizedClient(String, String) - Method in interface org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientService: Removes the OAuth2AuthorizedClient associated to the provided client registration identifier and End-User's Principal name.
removeAuthorizedClient(String, Authentication, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.oauth2.client.web.AuthenticatedPrincipalOAuth2AuthorizedClientRepository
removeAuthorizedClient(String, Authentication, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizedClientRepository
removeAuthorizedClient(String, Authentication, HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository: Removes the OAuth2AuthorizedClient associated to the provided client registration identifier and End-User Authentication (Resource Owner).
removeAuthorizedClient(String, Authentication, Map<String, Object>) - Method in interface org.springframework.security.oauth2.client.RemoveAuthorizedClientOAuth2AuthorizationFailureHandler.OAuth2AuthorizedClientRemover: Removes the OAuth2AuthorizedClient associated to the provided client registration identifier and End-User Authentication (Resource Owner).
removeAuthorizedClient(String, Authentication, Map<String, Object>) - Method in interface org.springframework.security.oauth2.client.RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler.OAuth2AuthorizedClientRemover: Removes the OAuth2AuthorizedClient associated to the provided client registration identifier and End-User Authentication (Resource Owner).
removeAuthorizedClient(String, Authentication, ServerWebExchange) - Method in class org.springframework.security.oauth2.client.web.server.AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository
removeAuthorizedClient(String, Authentication, ServerWebExchange) - Method in interface org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository: Removes the OAuth2AuthorizedClient associated to the provided client registration identifier and End-User Authentication (Resource Owner).
removeAuthorizedClient(String, Authentication, ServerWebExchange) - Method in class org.springframework.security.oauth2.client.web.server.WebSessionServerOAuth2AuthorizedClientRepository
RemoveAuthorizedClientOAuth2AuthorizationFailureHandler - Class in org.springframework.security.oauth2.client: An OAuth2AuthorizationFailureHandler that removes an OAuth2AuthorizedClient when the OAuth2Error.getErrorCode() matches one of the configured OAuth 2.0 error codes.
RemoveAuthorizedClientOAuth2AuthorizationFailureHandler(RemoveAuthorizedClientOAuth2AuthorizationFailureHandler.OAuth2AuthorizedClientRemover) - Constructor for class org.springframework.security.oauth2.client.RemoveAuthorizedClientOAuth2AuthorizationFailureHandler: Constructs a RemoveAuthorizedClientOAuth2AuthorizationFailureHandler using the provided parameters.
RemoveAuthorizedClientOAuth2AuthorizationFailureHandler(RemoveAuthorizedClientOAuth2AuthorizationFailureHandler.OAuth2AuthorizedClientRemover, Set<String>) - Constructor for class org.springframework.security.oauth2.client.RemoveAuthorizedClientOAuth2AuthorizationFailureHandler: Constructs a RemoveAuthorizedClientOAuth2AuthorizationFailureHandler using the provided parameters.
RemoveAuthorizedClientOAuth2AuthorizationFailureHandler.OAuth2AuthorizedClientRemover - Interface in org.springframework.security.oauth2.client: Removes an OAuth2AuthorizedClient from an OAuth2AuthorizedClientRepository or OAuth2AuthorizedClientService.
RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler - Class in org.springframework.security.oauth2.client: A ReactiveOAuth2AuthorizationFailureHandler that removes an OAuth2AuthorizedClient when the OAuth2Error.getErrorCode() matches one of the configured OAuth 2.0 error codes.
RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler(RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler.OAuth2AuthorizedClientRemover) - Constructor for class org.springframework.security.oauth2.client.RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler: Constructs a RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler using the provided parameters.
RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler(RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler.OAuth2AuthorizedClientRemover, Set<String>) - Constructor for class org.springframework.security.oauth2.client.RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler: Constructs a RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler using the provided parameters.
RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler.OAuth2AuthorizedClientRemover - Interface in org.springframework.security.oauth2.client: Removes an OAuth2AuthorizedClient from a ServerOAuth2AuthorizedClientRepository or ReactiveOAuth2AuthorizedClientService.
removeConfigurer(Class<C>) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder: Removes and returns the SecurityConfigurer by its class name or null if not found.
removeConfigurer(Class<C>) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder: Removes the SecurityConfigurer by its class name or null if not found.
removeConfigurers(Class<C>) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder: Removes all the SecurityConfigurer instances by its class name or an empty List if not found.
removeGroupAuthority(String, GrantedAuthority) - Method in interface org.springframework.security.provisioning.GroupManager: Deletes an authority from those assigned to a group
removeGroupAuthority(String, GrantedAuthority) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
removeLogoutRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.saml2.provider.service.web.authentication.logout.HttpSessionLogoutRequestRepository: Removes and returns the Saml2LogoutRequest associated to the provided HttpServletRequest and HttpServletResponse or if not available returns null.
removeLogoutRequest(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutRequestRepository: Removes and returns the Saml2LogoutRequest associated to the provided HttpServletRequest and HttpServletResponse or if not available returns null.
removeMatchingRequest(ServerWebExchange) - Method in class org.springframework.security.web.server.savedrequest.CookieServerRequestCache
removeMatchingRequest(ServerWebExchange) - Method in class org.springframework.security.web.server.savedrequest.NoOpServerRequestCache
removeMatchingRequest(ServerWebExchange) - Method in interface org.springframework.security.web.server.savedrequest.ServerRequestCache: If the provided ServerWebExchange matches the saved ServerHttpRequest gets the saved ServerHttpRequest
removeMatchingRequest(ServerWebExchange) - Method in class org.springframework.security.web.server.savedrequest.WebSessionServerRequestCache
removeRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.CookieRequestCache
removeRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.HttpSessionRequestCache
removeRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.NullRequestCache
removeRequest(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.savedrequest.RequestCache: Removes the cached request.
removeSessionInformation(String) - Method in interface org.springframework.security.core.session.SessionRegistry: Deletes all the session information being maintained for the specified sessionId.
removeSessionInformation(String) - Method in class org.springframework.security.core.session.SessionRegistryImpl
removeUserFromCache(String) - Method in class org.springframework.security.core.userdetails.cache.NullUserCache
removeUserFromCache(String) - Method in class org.springframework.security.core.userdetails.cache.SpringCacheBasedUserCache
removeUserFromCache(String) - Method in interface org.springframework.security.core.userdetails.UserCache: Removes the specified user from the cache.
removeUserFromCache(UserDetails) - Method in class org.springframework.security.core.userdetails.cache.SpringCacheBasedUserCache
removeUserFromGroup(String, String) - Method in interface org.springframework.security.provisioning.GroupManager: Deletes a user's membership of a group.
removeUserFromGroup(String, String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
removeUserTokens(String) - Method in class org.springframework.security.web.authentication.rememberme.InMemoryTokenRepositoryImpl
removeUserTokens(String) - Method in class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl
removeUserTokens(String) - Method in interface org.springframework.security.web.authentication.rememberme.PersistentTokenRepository
renameGroup(String, String) - Method in interface org.springframework.security.provisioning.GroupManager: Changes the name of a group without altering the assigned authorities or members.
renameGroup(String, String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
reportOnly() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.ContentSecurityPolicyConfig: Enables (includes) the Content-Security-Policy-Report-Only header in the response.
reportOnly(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.HpkpConfig: Deprecated.

If true, the browser should not terminate the connection with the server.
reportOnly(boolean) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.ContentSecurityPolicySpec: Whether to include the Content-Security-Policy-Report-Only header in the response.
reportUri(String) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.HpkpConfig: Deprecated.

Sets the URI to which the browser should report pin validation failures.
reportUri(URI) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.HpkpConfig: Deprecated.

Sets the URI to which the browser should report pin validation failures.
request - Variable in class org.springframework.security.web.access.expression.WebSecurityExpressionRoot: Allows direct access to the request object
REQUEST_CACHE - Static variable in class org.springframework.security.config.Elements
REQUEST_CHANNEL - Enum constant in enum class org.springframework.security.rsocket.api.PayloadExchangeType: A Request Channel exchange.
REQUEST_RESPONSE - Enum constant in enum class org.springframework.security.rsocket.api.PayloadExchangeType: A Request Response exchange.
REQUEST_SCOPE_ATTRIBUTE_NAME - Static variable in class org.springframework.security.oauth2.client.OAuth2AuthorizationContext: The name of the attribute in the context associated to the value for the "request scope(s)".
REQUEST_STREAM - Enum constant in enum class org.springframework.security.rsocket.api.PayloadExchangeType: A Request Stream exchange.
RequestAttributeAuthenticationFilter - Class in org.springframework.security.web.authentication.preauth: A simple pre-authenticated filter which obtains the username from request attributes, for use with SSO systems such as Stanford WebAuth or Shibboleth.
RequestAttributeAuthenticationFilter() - Constructor for class org.springframework.security.web.authentication.preauth.RequestAttributeAuthenticationFilter
RequestAttributeSecurityContextRepository - Class in org.springframework.security.web.context: Stores the SecurityContext on a ServletRequest.setAttribute(String, Object) so that it can be restored when different dispatch types occur.
RequestAttributeSecurityContextRepository() - Constructor for class org.springframework.security.web.context.RequestAttributeSecurityContextRepository: Creates a new instance using RequestAttributeSecurityContextRepository.DEFAULT_REQUEST_ATTR_NAME.
RequestAttributeSecurityContextRepository(String) - Constructor for class org.springframework.security.web.context.RequestAttributeSecurityContextRepository: Creates a new instance with the specified request attribute name.
RequestAuthorizationContext - Class in org.springframework.security.web.access.intercept: An HttpServletRequest authorization context.
RequestAuthorizationContext(HttpServletRequest) - Constructor for class org.springframework.security.web.access.intercept.RequestAuthorizationContext: Creates an instance.
RequestAuthorizationContext(HttpServletRequest, Map<String, String>) - Constructor for class org.springframework.security.web.access.intercept.RequestAuthorizationContext: Creates an instance.
requestCache() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Allows configuring the Request Cache.
requestCache() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Configures the request cache which is used when a flow is interrupted (i.e.
requestCache(Customizer<RequestCacheConfigurer<HttpSecurity>>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Allows configuring the Request Cache.
requestCache(Customizer<ServerHttpSecurity.RequestCacheSpec>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: Configures the request cache which is used when a flow is interrupted (i.e.
requestCache(RequestCache) - Method in class org.springframework.security.config.annotation.web.configurers.RequestCacheConfigurer: Allows explicit configuration of the RequestCache to be used.
requestCache(ServerRequestCache) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.RequestCacheSpec: Configures the cache used
RequestCache - Interface in org.springframework.security.web.savedrequest: Implements "saved request" logic, allowing a single request to be retrieved and restarted after redirecting to an authentication mechanism.
RequestCacheAwareFilter - Class in org.springframework.security.web.savedrequest: Responsible for reconstituting the saved request if one is cached and it matches the current request.
RequestCacheAwareFilter() - Constructor for class org.springframework.security.web.savedrequest.RequestCacheAwareFilter
RequestCacheAwareFilter(RequestCache) - Constructor for class org.springframework.security.web.savedrequest.RequestCacheAwareFilter
RequestCacheConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers: Adds request cache for Spring Security.
RequestCacheConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.RequestCacheConfigurer
requestDataValueProcessor() - Method in class org.springframework.security.config.annotation.web.servlet.configuration.WebMvcSecurityConfiguration: Deprecated.
RequestedUrlRedirectInvalidSessionStrategy - Class in org.springframework.security.web.session: Performs a redirect to the original request URL when an invalid requested session is detected by the SessionManagementFilter.
RequestedUrlRedirectInvalidSessionStrategy() - Constructor for class org.springframework.security.web.session.RequestedUrlRedirectInvalidSessionStrategy
RequestHeaderAuthenticationFilter - Class in org.springframework.security.web.authentication.preauth: A simple pre-authenticated filter which obtains the username from a request header, for use with systems such as CA Siteminder.
RequestHeaderAuthenticationFilter() - Constructor for class org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter
RequestHeaderRequestMatcher - Class in org.springframework.security.web.util.matcher: A RequestMatcher that can be used to match request that contain a header with an expected header name and an expected value.
RequestHeaderRequestMatcher(String) - Constructor for class org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher: Creates a new instance that will match if a header by the name of RequestHeaderRequestMatcher.expectedHeaderName is present.
RequestHeaderRequestMatcher(String, String) - Constructor for class org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher: Creates a new instance that will match if a header by the name of RequestHeaderRequestMatcher.expectedHeaderName is present and if the RequestHeaderRequestMatcher.expectedHeaderValue is non-null the first value is the same.
RequestKey - Class in org.springframework.security.web.access.intercept
RequestKey(String) - Constructor for class org.springframework.security.web.access.intercept.RequestKey
RequestKey(String, String) - Constructor for class org.springframework.security.web.access.intercept.RequestKey
requestMatcher(RequestMatcher) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.HstsConfig: Sets the RequestMatcher used to determine if the "Strict-Transport-Security" should be added.
RequestMatcher - Interface in org.springframework.security.web.util.matcher: Simple strategy to match an HttpServletRequest.
RequestMatcher.MatchResult - Class in org.springframework.security.web.util.matcher: The result of matching against an HttpServletRequest Contains the status, true or false, of the match and if present, any variables extracted from the match
RequestMatcherDelegatingAccessDeniedHandler - Class in org.springframework.security.web.access: An AccessDeniedHandler that delegates to other AccessDeniedHandler instances based upon the type of HttpServletRequest passed into RequestMatcherDelegatingAccessDeniedHandler.handle(HttpServletRequest, HttpServletResponse, AccessDeniedException).
RequestMatcherDelegatingAccessDeniedHandler(LinkedHashMap<RequestMatcher, AccessDeniedHandler>, AccessDeniedHandler) - Constructor for class org.springframework.security.web.access.RequestMatcherDelegatingAccessDeniedHandler: Creates a new instance
RequestMatcherDelegatingAuthenticationManagerResolver - Class in org.springframework.security.web.authentication: An AuthenticationManagerResolver that returns a AuthenticationManager instances based upon the type of HttpServletRequest passed into RequestMatcherDelegatingAuthenticationManagerResolver.resolve(HttpServletRequest).
RequestMatcherDelegatingAuthenticationManagerResolver.Builder - Class in org.springframework.security.web.authentication: A builder for RequestMatcherDelegatingAuthenticationManagerResolver.
RequestMatcherDelegatingAuthorizationManager - Class in org.springframework.security.web.access.intercept: An AuthorizationManager which delegates to a specific AuthorizationManager based on a RequestMatcher evaluation.
RequestMatcherDelegatingAuthorizationManager.Builder - Class in org.springframework.security.web.access.intercept: A builder for RequestMatcherDelegatingAuthorizationManager.
RequestMatcherDelegatingWebInvocationPrivilegeEvaluator - Class in org.springframework.security.web.access: A WebInvocationPrivilegeEvaluator which delegates to a list of WebInvocationPrivilegeEvaluator based on a RequestMatcher evaluation
RequestMatcherDelegatingWebInvocationPrivilegeEvaluator(List<RequestMatcherEntry<List<WebInvocationPrivilegeEvaluator>>>) - Constructor for class org.springframework.security.web.access.RequestMatcherDelegatingWebInvocationPrivilegeEvaluator
RequestMatcherEditor - Class in org.springframework.security.web.util.matcher: PropertyEditor which creates ELRequestMatcher instances from Strings This allows to use a String in a BeanDefinition instead of an (inner) bean if a RequestMatcher is required, e.g.
RequestMatcherEditor() - Constructor for class org.springframework.security.web.util.matcher.RequestMatcherEditor
RequestMatcherEntry<T> - Class in org.springframework.security.web.util.matcher: A rich object for associating a RequestMatcher to another object.
RequestMatcherEntry(RequestMatcher, T) - Constructor for class org.springframework.security.web.util.matcher.RequestMatcherEntry
RequestMatcherRedirectFilter - Class in org.springframework.security.web: Filter that redirects requests that match RequestMatcher to the specified URL.
RequestMatcherRedirectFilter(RequestMatcher, String) - Constructor for class org.springframework.security.web.RequestMatcherRedirectFilter: Create and initialize an instance of the filter.
requestMatchers - Variable in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.RequiresChannelUrl
requestMatchers(String...) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry: If the HandlerMappingIntrospector is available in the classpath, maps to an MvcRequestMatcher that does not care which HttpMethod is used.
requestMatchers(String...) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.StandardInterceptUrlRegistry: Deprecated.
requestMatchers(HttpMethod) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry: If the HandlerMappingIntrospector is available in the classpath, maps to an MvcRequestMatcher that matches on a specific HttpMethod.
requestMatchers(HttpMethod) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.StandardInterceptUrlRegistry: Deprecated.
requestMatchers(HttpMethod, String...) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry: If the HandlerMappingIntrospector is available in the classpath, maps to an MvcRequestMatcher that also specifies a specific HttpMethod to match on.
requestMatchers(HttpMethod, String...) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.StandardInterceptUrlRegistry: Deprecated.
requestMatchers(RequestMatcher...) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry: Associates a list of RequestMatcher instances with the AbstractConfigAttributeRequestMatcherRegistry
requestMatchers(RequestMatcher...) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.StandardInterceptUrlRegistry: Deprecated.
RequestRejectedException - Exception in org.springframework.security.web.firewall
RequestRejectedException(String) - Constructor for exception org.springframework.security.web.firewall.RequestRejectedException
requestRejectedHandler(RequestRejectedHandler) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity: Sets the handler to handle RequestRejectedException
RequestRejectedHandler - Interface in org.springframework.security.web.firewall: Used by FilterChainProxy to handle an RequestRejectedException.
RequestVariablesExtractor - Interface in org.springframework.security.web.util.matcher: Deprecated.
use RequestMatcher.MatchResult from RequestMatcher.matcher(HttpServletRequest)
REQUIRE_CORP - Enum constant in enum class org.springframework.security.web.header.writers.CrossOriginEmbedderPolicyHeaderWriter.CrossOriginEmbedderPolicy
REQUIRE_CORP - Enum constant in enum class org.springframework.security.web.server.header.CrossOriginEmbedderPolicyServerHttpHeadersWriter.CrossOriginEmbedderPolicy
requireCsrfProtectionMatcher(ServerWebExchangeMatcher) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.CsrfSpec: Configures the ServerWebExchangeMatcher used to determine when CSRF protection is enabled.
requireCsrfProtectionMatcher(RequestMatcher) - Method in class org.springframework.security.config.annotation.web.configurers.CsrfConfigurer: Specify the RequestMatcher to use for determining when CSRF should be applied.
requireExplicitAuthenticationStrategy(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer: Setting this means that explicit invocation of SessionAuthenticationStrategy is required.
requireExplicitSave(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.SecurityContextConfigurer
requireInitialize(Consumer<XMLObjectProviderRegistry>) - Static method in class org.springframework.security.saml2.core.OpenSamlInitializationService: Ready OpenSAML for use, configure it with reasonable defaults, and modify the XMLObjectProviderRegistry using the provided Consumer.
requirePermission - Variable in class org.springframework.security.acls.afterinvocation.AbstractAclProvider
requires(String) - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.RequiresChannelUrl
requiresAuthentication(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.saml2.provider.service.web.authentication.Saml2WebSsoAuthenticationFilter
requiresAuthentication(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter: Indicates whether this filter should attempt to process a login request for the current invocation.
requiresAuthenticationMatcher(ServerWebExchangeMatcher) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.FormLoginSpec: Configures when authentication is performed.
requiresChannel() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Configures channel security.
requiresChannel(Customizer<ChannelSecurityConfigurer.ChannelRequestMatcherRegistry>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Configures channel security.
requiresExitUser(HttpServletRequest) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter: Checks the request URI for the presence of exitUserUrl.
requiresInsecure() - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.RequiresChannelUrl
requiresLogout(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.logout.LogoutFilter: Allow subclasses to modify when a logout should take place.
requiresLogout(ServerWebExchangeMatcher) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.LogoutSpec: Configures when the log out will be triggered.
requiresSecure() - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.RequiresChannelUrl
requiresSwitchUser(HttpServletRequest) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter: Checks the request URI for the presence of switchUserUrl.
RESERVED_OFF - Static variable in interface org.springframework.security.acls.model.Permission
RESERVED_ON - Static variable in interface org.springframework.security.acls.model.Permission
reset() - Method in class org.springframework.security.web.firewall.FirewalledRequest: This method will be called once the request has passed through the security filter chain, when it is about to proceed to the application proper.
resolve(C) - Method in interface org.springframework.security.authentication.AuthenticationManagerResolver: Resolve an AuthenticationManager from a provided context
resolve(C) - Method in interface org.springframework.security.authentication.ReactiveAuthenticationManagerResolver
resolve(HttpServletRequest) - Method in class org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizationRequestResolver
resolve(HttpServletRequest) - Method in interface org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestResolver: Returns the OAuth2AuthorizationRequest resolved from the provided HttpServletRequest or null if not available.
resolve(HttpServletRequest) - Method in class org.springframework.security.oauth2.server.resource.authentication.JwtIssuerAuthenticationManagerResolver: Return an AuthenticationManager based off of the `iss` claim found in the request's bearer token
resolve(HttpServletRequest) - Method in interface org.springframework.security.oauth2.server.resource.web.BearerTokenResolver: Resolve any Bearer Token value from the request.
resolve(HttpServletRequest) - Method in class org.springframework.security.oauth2.server.resource.web.DefaultBearerTokenResolver
resolve(HttpServletRequest) - Method in class org.springframework.security.oauth2.server.resource.web.HeaderBearerTokenResolver
resolve(HttpServletRequest) - Method in class org.springframework.security.saml2.provider.service.web.authentication.OpenSaml4AuthenticationRequestResolver
resolve(HttpServletRequest) - Method in interface org.springframework.security.saml2.provider.service.web.authentication.Saml2AuthenticationRequestResolver
resolve(HttpServletRequest) - Method in class org.springframework.security.web.authentication.RequestMatcherDelegatingAuthenticationManagerResolver: Resolve an AuthenticationManager from a provided context
resolve(HttpServletRequest, String) - Method in class org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizationRequestResolver
resolve(HttpServletRequest, String) - Method in interface org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestResolver: Returns the OAuth2AuthorizationRequest resolved from the provided HttpServletRequest or null if not available.
resolve(HttpServletRequest, String) - Method in class org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver: Resolve a RelyingPartyRegistration from the HTTP request, using the relyingPartyRegistrationId, if it is provided
resolve(HttpServletRequest, String) - Method in interface org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver: Resolve a RelyingPartyRegistration from the HTTP request, using the relyingPartyRegistrationId, if it is provided
resolve(HttpServletRequest, Authentication) - Method in class org.springframework.security.saml2.provider.service.web.authentication.logout.OpenSaml4LogoutRequestResolver: Prepare to create, sign, and serialize a SAML 2.0 Logout Request.
resolve(HttpServletRequest, Authentication) - Method in class org.springframework.security.saml2.provider.service.web.authentication.logout.OpenSaml4LogoutResponseResolver: Prepare to create, sign, and serialize a SAML 2.0 Logout Response.
resolve(HttpServletRequest, Authentication) - Method in interface org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutRequestResolver: Prepare to create, sign, and serialize a SAML 2.0 Logout Request.
resolve(HttpServletRequest, Authentication) - Method in interface org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutResponseResolver: Prepare to create, sign, and serialize a SAML 2.0 Logout Response.
resolve(RelyingPartyRegistration) - Method in class org.springframework.security.saml2.provider.service.metadata.OpenSamlMetadataResolver
resolve(RelyingPartyRegistration) - Method in interface org.springframework.security.saml2.provider.service.metadata.Saml2MetadataResolver: Resolve the given relying party's metadata
resolve(ServerWebExchange) - Method in class org.springframework.security.oauth2.client.web.server.DefaultServerOAuth2AuthorizationRequestResolver
resolve(ServerWebExchange) - Method in interface org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizationRequestResolver: Returns the OAuth2AuthorizationRequest resolved from the provided HttpServletRequest or null if not available.
resolve(ServerWebExchange) - Method in class org.springframework.security.oauth2.server.resource.authentication.JwtIssuerReactiveAuthenticationManagerResolver: Return an AuthenticationManager based off of the `iss` claim found in the request's bearer token
resolve(ServerWebExchange) - Method in class org.springframework.security.web.server.authentication.ServerWebExchangeDelegatingReactiveAuthenticationManagerResolver
resolve(ServerWebExchange, String) - Method in class org.springframework.security.oauth2.client.web.server.DefaultServerOAuth2AuthorizationRequestResolver
resolve(ServerWebExchange, String) - Method in interface org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizationRequestResolver: Returns the OAuth2AuthorizationRequest resolved from the provided HttpServletRequest or null if not available.
resolveArgument(MethodParameter, Message<?>) - Method in class org.springframework.security.messaging.context.AuthenticationPrincipalArgumentResolver
resolveArgument(MethodParameter, Message<?>) - Method in class org.springframework.security.messaging.handler.invocation.reactive.AuthenticationPrincipalArgumentResolver
resolveArgument(MethodParameter, Message<?>) - Method in class org.springframework.security.messaging.handler.invocation.reactive.CurrentSecurityContextArgumentResolver
resolveArgument(MethodParameter, ModelAndViewContainer, NativeWebRequest, WebDataBinderFactory) - Method in class org.springframework.security.oauth2.client.web.method.annotation.OAuth2AuthorizedClientArgumentResolver
resolveArgument(MethodParameter, ModelAndViewContainer, NativeWebRequest, WebDataBinderFactory) - Method in class org.springframework.security.web.bind.support.AuthenticationPrincipalArgumentResolver: Deprecated.
resolveArgument(MethodParameter, ModelAndViewContainer, NativeWebRequest, WebDataBinderFactory) - Method in class org.springframework.security.web.method.annotation.AuthenticationPrincipalArgumentResolver
resolveArgument(MethodParameter, ModelAndViewContainer, NativeWebRequest, WebDataBinderFactory) - Method in class org.springframework.security.web.method.annotation.CsrfTokenArgumentResolver
resolveArgument(MethodParameter, ModelAndViewContainer, NativeWebRequest, WebDataBinderFactory) - Method in class org.springframework.security.web.method.annotation.CurrentSecurityContextArgumentResolver
resolveArgument(MethodParameter, BindingContext, ServerWebExchange) - Method in class org.springframework.security.oauth2.client.web.reactive.result.method.annotation.OAuth2AuthorizedClientArgumentResolver
resolveArgument(MethodParameter, BindingContext, ServerWebExchange) - Method in class org.springframework.security.web.reactive.result.method.annotation.AuthenticationPrincipalArgumentResolver
resolveArgument(MethodParameter, BindingContext, ServerWebExchange) - Method in class org.springframework.security.web.reactive.result.method.annotation.CurrentSecurityContextArgumentResolver
resolveCsrfTokenValue(HttpServletRequest, CsrfToken) - Method in interface org.springframework.security.web.csrf.CsrfTokenRequestHandler
resolveCsrfTokenValue(HttpServletRequest, CsrfToken) - Method in interface org.springframework.security.web.csrf.CsrfTokenRequestResolver: Returns the token value resolved from the provided HttpServletRequest and CsrfToken or null if not available.
resolveCsrfTokenValue(HttpServletRequest, CsrfToken) - Method in class org.springframework.security.web.csrf.XorCsrfTokenRequestAttributeHandler
resolveCsrfTokenValue(ServerWebExchange, CsrfToken) - Method in class org.springframework.security.web.server.csrf.ServerCsrfTokenRequestAttributeHandler
resolveCsrfTokenValue(ServerWebExchange, CsrfToken) - Method in interface org.springframework.security.web.server.csrf.ServerCsrfTokenRequestHandler
resolveCsrfTokenValue(ServerWebExchange, CsrfToken) - Method in interface org.springframework.security.web.server.csrf.ServerCsrfTokenRequestResolver: Returns the token value resolved from the provided ServerWebExchange and CsrfToken or Mono.empty() if not available.
resolveCsrfTokenValue(ServerWebExchange, CsrfToken) - Method in class org.springframework.security.web.server.csrf.XorServerCsrfTokenRequestAttributeHandler
resolveException(LoginException) - Method in class org.springframework.security.authentication.jaas.DefaultLoginExceptionResolver
resolveException(LoginException) - Method in interface org.springframework.security.authentication.jaas.LoginExceptionResolver: Translates a Jaas LoginException to an SpringSecurityException.
RESOURCE_POLICY - Static variable in class org.springframework.security.web.server.header.CrossOriginResourcePolicyServerHttpHeadersWriter
RESPONSE_TYPE - Static variable in class org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames: response_type - used in Authorization Request.
restOperations(RestOperations) - Method in class org.springframework.security.oauth2.jwt.NimbusJwtDecoder.JwkSetUriJwtDecoderBuilder: Use the given RestOperations to coordinate with the authorization servers indicated in the JWK Set uri as well as the Issuer.
retrieveEntry(String, String[]) - Method in class org.springframework.security.ldap.SpringSecurityLdapTemplate: Composes an object from the attributes of the given DN.
retrieveObjectIdentityPrimaryKey(ObjectIdentity) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService: Retrieves the primary key from the acl_object_identity table for the passed ObjectIdentity.
retrievePassword(Authentication) - Method in class org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices
retrieveUser(String) - Method in class org.springframework.security.authentication.AbstractUserDetailsReactiveAuthenticationManager: Allows subclasses to retrieve the UserDetails from an implementation-specific location.
retrieveUser(String) - Method in class org.springframework.security.authentication.UserDetailsRepositoryReactiveAuthenticationManager
retrieveUser(String, UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider: Allows subclasses to actually retrieve the UserDetails from an implementation-specific location, with the option of throwing an AuthenticationException immediately if the presented credentials are incorrect (this is especially useful if it is necessary to bind to a resource as the user in order to obtain or generate a UserDetails).
retrieveUser(String, UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
retrieveUserName(Authentication) - Method in class org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices
RetryWithHttpEntryPoint - Class in org.springframework.security.web.access.channel: Commences an insecure channel by retrying the original request using HTTP.
RetryWithHttpEntryPoint() - Constructor for class org.springframework.security.web.access.channel.RetryWithHttpEntryPoint
RetryWithHttpsEntryPoint - Class in org.springframework.security.web.access.channel: Commences a secure channel by retrying the original request using HTTPS.
RetryWithHttpsEntryPoint() - Constructor for class org.springframework.security.web.access.channel.RetryWithHttpsEntryPoint
ROLE_PREVIOUS_ADMINISTRATOR - Static variable in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
ROLE_PREVIOUS_ADMINISTRATOR - Static variable in class org.springframework.security.web.server.authentication.SwitchUserWebFilter
RoleHierarchy - Interface in org.springframework.security.access.hierarchicalroles: The simple interface of a role hierarchy.
RoleHierarchyAuthoritiesMapper - Class in org.springframework.security.access.hierarchicalroles
RoleHierarchyAuthoritiesMapper(RoleHierarchy) - Constructor for class org.springframework.security.access.hierarchicalroles.RoleHierarchyAuthoritiesMapper
roleHierarchyFromMap(Map<String, List<String>>) - Static method in class org.springframework.security.access.hierarchicalroles.RoleHierarchyUtils: Converts the supplied Map of role name to implied role name(s) to a string representation understood by RoleHierarchyImpl.setHierarchy(String).
RoleHierarchyImpl - Class in org.springframework.security.access.hierarchicalroles: This class defines a role hierarchy for use with various access checking components.
RoleHierarchyImpl() - Constructor for class org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl
RoleHierarchyUtils - Class in org.springframework.security.access.hierarchicalroles: Utility methods for RoleHierarchy.
RoleHierarchyVoter - Class in org.springframework.security.access.vote: Deprecated.
Use AuthorityAuthorizationManager.setRoleHierarchy(org.springframework.security.access.hierarchicalroles.RoleHierarchy) instead
RoleHierarchyVoter(RoleHierarchy) - Constructor for class org.springframework.security.access.vote.RoleHierarchyVoter: Deprecated.
rolePrefix(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer: A non-empty string prefix that will be added as a prefix to the existing roles.
rolePrefix(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer: A non-empty string prefix that will be added to role strings loaded from persistent storage (default is "").
rolePrefix(String) - Method in class org.springframework.security.config.annotation.web.configurers.ServletApiConfigurer
roles() - Element in annotation interface org.springframework.security.test.context.support.WithMockUser: The roles to use.
roles(String...) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder: Populates the roles.
roles(String...) - Method in class org.springframework.security.core.userdetails.User.UserBuilder: Populates the roles.
roles(String...) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.UserExchangeMutator: Specifies the roles to use.
roles(String...) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.UserRequestPostProcessor: Specify the roles of the user to authenticate as.
RoleVoter - Class in org.springframework.security.access.vote: Deprecated.
Use AuthorityAuthorizationManager instead
RoleVoter() - Constructor for class org.springframework.security.access.vote.RoleVoter: Deprecated.
root(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.ContextSourceBuilder: Optional root suffix for the embedded LDAP server.
route(String) - Method in class org.springframework.security.config.annotation.rsocket.RSocketSecurity.AuthorizePayloadsSpec
RoutePayloadExchangeMatcher - Class in org.springframework.security.rsocket.util.matcher
RoutePayloadExchangeMatcher(MetadataExtractor, RouteMatcher, String) - Constructor for class org.springframework.security.rsocket.util.matcher.RoutePayloadExchangeMatcher
RS256 - Enum constant in enum class org.springframework.security.oauth2.jose.jws.SignatureAlgorithm: RSASSA-PKCS1-v1_5 using SHA-256 (Recommended)
RS256 - Static variable in class org.springframework.security.oauth2.jose.jws.JwsAlgorithms: RSASSA-PKCS1-v1_5 using SHA-256 (Recommended)
RS384 - Enum constant in enum class org.springframework.security.oauth2.jose.jws.SignatureAlgorithm: RSASSA-PKCS1-v1_5 using SHA-384 (Optional)
RS384 - Static variable in class org.springframework.security.oauth2.jose.jws.JwsAlgorithms: RSASSA-PKCS1-v1_5 using SHA-384 (Optional)
RS512 - Enum constant in enum class org.springframework.security.oauth2.jose.jws.SignatureAlgorithm: RSASSA-PKCS1-v1_5 using SHA-512 (Optional)
RS512 - Static variable in class org.springframework.security.oauth2.jose.jws.JwsAlgorithms: RSASSA-PKCS1-v1_5 using SHA-512 (Optional)
RsaKeyConversionServicePostProcessor - Class in org.springframework.security.config.crypto: Adds RsaKeyConverters to the configured ConversionService or PropertyEditors
RsaKeyConversionServicePostProcessor() - Constructor for class org.springframework.security.config.crypto.RsaKeyConversionServicePostProcessor
RsaKeyConverters - Class in org.springframework.security.converter: Used for creating Key converter instances
RSocketSecurity - Class in org.springframework.security.config.annotation.rsocket: Allows configuring RSocket based security.
RSocketSecurity() - Constructor for class org.springframework.security.config.annotation.rsocket.RSocketSecurity
RSocketSecurity.AuthorizePayloadsSpec - Class in org.springframework.security.config.annotation.rsocket
RSocketSecurity.AuthorizePayloadsSpec.Access - Class in org.springframework.security.config.annotation.rsocket
RSocketSecurity.BasicAuthenticationSpec - Class in org.springframework.security.config.annotation.rsocket
RSocketSecurity.JwtSpec - Class in org.springframework.security.config.annotation.rsocket
RSocketSecurity.SimpleAuthenticationSpec - Class in org.springframework.security.config.annotation.rsocket
run() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextRunnable
RunAsImplAuthenticationProvider - Class in org.springframework.security.access.intercept: Deprecated.
Authentication is now separated from authorization in Spring Security. This class is only used by now-deprecated components. There is not yet an equivalent replacement in Spring Security.
RunAsImplAuthenticationProvider() - Constructor for class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider: Deprecated.
runAsManager() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration: Deprecated.

Provide a custom RunAsManager for the default implementation of GlobalMethodSecurityConfiguration.methodSecurityInterceptor(MethodSecurityMetadataSource).
RunAsManager - Interface in org.springframework.security.access.intercept: Deprecated.
Authentication is now separated from authorization in Spring Security. This class is only used by now-deprecated components. There is not yet an equivalent replacement in Spring Security.
RunAsManagerImpl - Class in org.springframework.security.access.intercept: Deprecated.
Authentication is now separated from authorization in Spring Security. This class is only used by now-deprecated components. There is not yet an equivalent replacement in Spring Security.
RunAsManagerImpl() - Constructor for class org.springframework.security.access.intercept.RunAsManagerImpl: Deprecated.
RunAsUserToken - Class in org.springframework.security.access.intercept: Deprecated.
Authentication is now separated from authorization in Spring Security. This class is only used by now-deprecated components. There is not yet an equivalent replacement in Spring Security.
RunAsUserToken(String, Object, Object, Collection<? extends GrantedAuthority>, Class<? extends Authentication>) - Constructor for class org.springframework.security.access.intercept.RunAsUserToken: Deprecated.

S

SAME_ORIGIN - Enum constant in enum class org.springframework.security.web.header.writers.CrossOriginOpenerPolicyHeaderWriter.CrossOriginOpenerPolicy
SAME_ORIGIN - Enum constant in enum class org.springframework.security.web.header.writers.CrossOriginResourcePolicyHeaderWriter.CrossOriginResourcePolicy
SAME_ORIGIN - Enum constant in enum class org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter.ReferrerPolicy
SAME_ORIGIN - Enum constant in enum class org.springframework.security.web.server.header.CrossOriginOpenerPolicyServerHttpHeadersWriter.CrossOriginOpenerPolicy
SAME_ORIGIN - Enum constant in enum class org.springframework.security.web.server.header.CrossOriginResourcePolicyServerHttpHeadersWriter.CrossOriginResourcePolicy
SAME_ORIGIN - Enum constant in enum class org.springframework.security.web.server.header.ReferrerPolicyServerHttpHeadersWriter.ReferrerPolicy
SAME_ORIGIN_ALLOW_POPUPS - Enum constant in enum class org.springframework.security.web.header.writers.CrossOriginOpenerPolicyHeaderWriter.CrossOriginOpenerPolicy
SAME_ORIGIN_ALLOW_POPUPS - Enum constant in enum class org.springframework.security.web.server.header.CrossOriginOpenerPolicyServerHttpHeadersWriter.CrossOriginOpenerPolicy
SAME_SITE - Enum constant in enum class org.springframework.security.web.header.writers.CrossOriginResourcePolicyHeaderWriter.CrossOriginResourcePolicy
SAME_SITE - Enum constant in enum class org.springframework.security.web.server.header.CrossOriginResourcePolicyServerHttpHeadersWriter.CrossOriginResourcePolicy
sameOrigin() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.FrameOptionsConfig: Specify to allow any request that comes from the same origin to frame this application.
SAMEORIGIN - Enum constant in enum class org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter.XFrameOptionsMode
SAMEORIGIN - Enum constant in enum class org.springframework.security.web.server.header.XFrameOptionsServerHttpHeadersWriter.Mode: A browser receiving content with this header field MUST NOT display this content in any frame from a page of different origin than the content itself.
sameOriginDisabled() - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer: Deprecated.

Determines if a CSRF token is required for connecting.
SAML_REQUEST - Static variable in class org.springframework.security.saml2.core.Saml2ParameterNames: SAMLRequest - used to request authentication or request logout
SAML_RESPONSE - Static variable in class org.springframework.security.saml2.core.Saml2ParameterNames: SAMLResponse - used to respond to an authentication or logout request
SAML2_LOGIN - Static variable in class org.springframework.security.config.Elements
SAML2_LOGOUT - Static variable in class org.springframework.security.config.Elements
Saml2AuthenticatedPrincipal - Interface in org.springframework.security.saml2.provider.service.authentication: Saml2 representation of an AuthenticatedPrincipal.
Saml2Authentication - Class in org.springframework.security.saml2.provider.service.authentication: An implementation of an AbstractAuthenticationToken that represents an authenticated SAML 2.0 Authentication.
Saml2Authentication(AuthenticatedPrincipal, String, Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.saml2.provider.service.authentication.Saml2Authentication: Construct a Saml2Authentication using the provided parameters
Saml2AuthenticationException - Exception in org.springframework.security.saml2.provider.service.authentication: This exception is thrown for all SAML 2.0 related Authentication errors.
Saml2AuthenticationException(Saml2Error) - Constructor for exception org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationException: Constructs a Saml2AuthenticationException using the provided parameters.
Saml2AuthenticationException(Saml2Error, String) - Constructor for exception org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationException: Constructs a Saml2AuthenticationException using the provided parameters.
Saml2AuthenticationException(Saml2Error, String, Throwable) - Constructor for exception org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationException: Constructs a Saml2AuthenticationException using the provided parameters.
Saml2AuthenticationException(Saml2Error, Throwable) - Constructor for exception org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationException: Constructs a Saml2AuthenticationException using the provided parameters.
Saml2AuthenticationRequestRepository<T extends AbstractSaml2AuthenticationRequest> - Interface in org.springframework.security.saml2.provider.service.web: A repository for AbstractSaml2AuthenticationRequest
Saml2AuthenticationRequestResolver - Interface in org.springframework.security.saml2.provider.service.web.authentication: A strategy for resolving a SAML 2.0 Authentication Request from the HttpServletRequest.
Saml2AuthenticationToken - Class in org.springframework.security.saml2.provider.service.authentication: Represents an incoming SAML 2.0 response containing an assertion that has not been validated.
Saml2AuthenticationToken(RelyingPartyRegistration, String) - Constructor for class org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken: Creates a Saml2AuthenticationToken with the provided parameters Note that the given RelyingPartyRegistration should have all its templates resolved at this point.
Saml2AuthenticationToken(RelyingPartyRegistration, String, AbstractSaml2AuthenticationRequest) - Constructor for class org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken: Creates a Saml2AuthenticationToken with the provided parameters.
Saml2AuthenticationTokenConverter - Class in org.springframework.security.saml2.provider.service.web: An AuthenticationConverter that generates a Saml2AuthenticationToken appropriate for authenticated a SAML 2.0 Assertion against an AuthenticationManager.
Saml2AuthenticationTokenConverter(RelyingPartyRegistrationResolver) - Constructor for class org.springframework.security.saml2.provider.service.web.Saml2AuthenticationTokenConverter: Constructs a Saml2AuthenticationTokenConverter given a strategy for resolving RelyingPartyRegistrations
Saml2Error - Class in org.springframework.security.saml2.core: A representation of an SAML 2.0 Error.
Saml2Error(String, String) - Constructor for class org.springframework.security.saml2.core.Saml2Error: Constructs a Saml2Error using the provided parameters.
Saml2ErrorCodes - Class in org.springframework.security.saml2.core: A list of SAML known 2 error codes used during SAML authentication.
Saml2Exception - Exception in org.springframework.security.saml2
Saml2Exception(String) - Constructor for exception org.springframework.security.saml2.Saml2Exception
Saml2Exception(String, Throwable) - Constructor for exception org.springframework.security.saml2.Saml2Exception
Saml2Exception(Throwable) - Constructor for exception org.springframework.security.saml2.Saml2Exception
Saml2Jackson2Module - Class in org.springframework.security.saml2.jackson2: Jackson module for saml2-service-provider.
Saml2Jackson2Module() - Constructor for class org.springframework.security.saml2.jackson2.Saml2Jackson2Module
saml2Login() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Configures authentication support using an SAML 2.0 Service Provider.
saml2Login(Customizer<Saml2LoginConfigurer<HttpSecurity>>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Configures authentication support using an SAML 2.0 Service Provider.
Saml2LoginConfigurer> - Class in org.springframework.security.config.annotation.web.configurers.saml2: An AbstractHttpConfigurer for SAML 2.0 Login, which leverages the SAML 2.0 Web Browser Single Sign On (WebSSO) Flow.
Saml2LoginConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.saml2.Saml2LoginConfigurer
saml2Logout() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Configures logout support for an SAML 2.0 Relying Party.
saml2Logout(Customizer<Saml2LogoutConfigurer<HttpSecurity>>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Configures logout support for an SAML 2.0 Relying Party.
Saml2LogoutConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers.saml2: Adds SAML 2.0 logout support.
Saml2LogoutConfigurer(ApplicationContext) - Constructor for class org.springframework.security.config.annotation.web.configurers.saml2.Saml2LogoutConfigurer: Creates a new instance
Saml2LogoutConfigurer.LogoutRequestConfigurer - Class in org.springframework.security.config.annotation.web.configurers.saml2: A configurer for SAML 2.0 LogoutRequest components
Saml2LogoutConfigurer.LogoutResponseConfigurer - Class in org.springframework.security.config.annotation.web.configurers.saml2
Saml2LogoutRequest - Class in org.springframework.security.saml2.provider.service.authentication.logout: A class that represents a signed and serialized SAML 2.0 Logout Request
Saml2LogoutRequest.Builder - Class in org.springframework.security.saml2.provider.service.authentication.logout
Saml2LogoutRequestFilter - Class in org.springframework.security.saml2.provider.service.web.authentication.logout: A filter for handling logout requests in the form of a <saml2:LogoutRequest> sent from the asserting party.
Saml2LogoutRequestFilter(RelyingPartyRegistrationResolver, Saml2LogoutRequestValidator, Saml2LogoutResponseResolver, LogoutHandler...) - Constructor for class org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutRequestFilter: Constructs a Saml2LogoutResponseFilter for accepting SAML 2.0 Logout Requests from the asserting party
Saml2LogoutRequestRepository - Interface in org.springframework.security.saml2.provider.service.web.authentication.logout: Implementations of this interface are responsible for the persistence of Saml2LogoutRequest between requests.
Saml2LogoutRequestResolver - Interface in org.springframework.security.saml2.provider.service.web.authentication.logout: Creates a signed SAML 2.0 Logout Request based on information from the HttpServletRequest and current Authentication.
Saml2LogoutRequestValidator - Interface in org.springframework.security.saml2.provider.service.authentication.logout: Validates SAML 2.0 Logout Requests
Saml2LogoutRequestValidatorParameters - Class in org.springframework.security.saml2.provider.service.authentication.logout: A holder of the parameters needed to invoke Saml2LogoutRequestValidator
Saml2LogoutRequestValidatorParameters(Saml2LogoutRequest, RelyingPartyRegistration, Authentication) - Constructor for class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequestValidatorParameters: Construct a Saml2LogoutRequestValidatorParameters
Saml2LogoutResponse - Class in org.springframework.security.saml2.provider.service.authentication.logout: A class that represents a signed and serialized SAML 2.0 Logout Response
Saml2LogoutResponse.Builder - Class in org.springframework.security.saml2.provider.service.authentication.logout
Saml2LogoutResponseFilter - Class in org.springframework.security.saml2.provider.service.web.authentication.logout: A filter for handling a <saml2:LogoutResponse> sent from the asserting party.
Saml2LogoutResponseFilter(RelyingPartyRegistrationResolver, Saml2LogoutResponseValidator, LogoutSuccessHandler) - Constructor for class org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutResponseFilter: Constructs a Saml2LogoutResponseFilter for accepting SAML 2.0 Logout Responses from the asserting party
Saml2LogoutResponseResolver - Interface in org.springframework.security.saml2.provider.service.web.authentication.logout: Creates a signed SAML 2.0 Logout Response based on information from the HttpServletRequest and current Authentication.
Saml2LogoutResponseValidator - Interface in org.springframework.security.saml2.provider.service.authentication.logout: Validates SAML 2.0 Logout Responses
Saml2LogoutResponseValidatorParameters - Class in org.springframework.security.saml2.provider.service.authentication.logout: A holder of the parameters needed to invoke Saml2LogoutResponseValidator
Saml2LogoutResponseValidatorParameters(Saml2LogoutResponse, Saml2LogoutRequest, RelyingPartyRegistration) - Constructor for class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponseValidatorParameters: Construct a Saml2LogoutRequestValidatorParameters
Saml2LogoutValidatorResult - Class in org.springframework.security.saml2.provider.service.authentication.logout: A result emitted from a SAML 2.0 Logout validation attempt
Saml2LogoutValidatorResult.Builder - Class in org.springframework.security.saml2.provider.service.authentication.logout
Saml2MessageBinding - Enum Class in org.springframework.security.saml2.provider.service.registration: The type of bindings that messages are exchanged using Supported bindings are urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST and urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect.
Saml2MetadataFilter - Class in org.springframework.security.saml2.provider.service.web: A Filter that returns the metadata for a Relying Party
Saml2MetadataFilter(RelyingPartyRegistrationResolver, Saml2MetadataResolver) - Constructor for class org.springframework.security.saml2.provider.service.web.Saml2MetadataFilter
Saml2MetadataResolver - Interface in org.springframework.security.saml2.provider.service.metadata: Resolves the SAML 2.0 Relying Party Metadata for a given RelyingPartyRegistration
Saml2ParameterNames - Class in org.springframework.security.saml2.core: Standard parameter names defined in the SAML 2.0 Specification and used by the Authentication Request, Assertion Consumer Response, Logout Request, and Logout Response endpoints.
Saml2PostAuthenticationRequest - Class in org.springframework.security.saml2.provider.service.authentication: Data holder for information required to send an AuthNRequest over a POST binding from the service provider to the identity provider https://www.oasis-open.org/committees/download.php/35711/sstc-saml-core-errata-2.0-wd-06-diff.pdf (line 2031)
Saml2PostAuthenticationRequest.Builder - Class in org.springframework.security.saml2.provider.service.authentication: Builder class for a Saml2PostAuthenticationRequest object.
Saml2RedirectAuthenticationRequest - Class in org.springframework.security.saml2.provider.service.authentication: Data holder for information required to send an AuthNRequest over a REDIRECT binding from the service provider to the identity provider https://www.oasis-open.org/committees/download.php/35711/sstc-saml-core-errata-2.0-wd-06-diff.pdf (line 2031)
Saml2RedirectAuthenticationRequest.Builder - Class in org.springframework.security.saml2.provider.service.authentication: Builder class for a Saml2RedirectAuthenticationRequest object.
Saml2RelyingPartyInitiatedLogoutSuccessHandler - Class in org.springframework.security.saml2.provider.service.web.authentication.logout: A success handler for issuing a SAML 2.0 Logout Request to the the SAML 2.0 Asserting Party
Saml2RelyingPartyInitiatedLogoutSuccessHandler(Saml2LogoutRequestResolver) - Constructor for class org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2RelyingPartyInitiatedLogoutSuccessHandler: Constructs a Saml2RelyingPartyInitiatedLogoutSuccessHandler using the provided parameters
Saml2ResponseValidatorResult - Class in org.springframework.security.saml2.core: A result emitted from a SAML 2.0 Response validation attempt
Saml2WebSsoAuthenticationFilter - Class in org.springframework.security.saml2.provider.service.web.authentication
Saml2WebSsoAuthenticationFilter(RelyingPartyRegistrationRepository) - Constructor for class org.springframework.security.saml2.provider.service.web.authentication.Saml2WebSsoAuthenticationFilter: Creates a Saml2WebSsoAuthenticationFilter authentication filter that is configured to use the Saml2WebSsoAuthenticationFilter.DEFAULT_FILTER_PROCESSES_URI processing URL
Saml2WebSsoAuthenticationFilter(RelyingPartyRegistrationRepository, String) - Constructor for class org.springframework.security.saml2.provider.service.web.authentication.Saml2WebSsoAuthenticationFilter: Creates a Saml2WebSsoAuthenticationFilter authentication filter
Saml2WebSsoAuthenticationFilter(AuthenticationConverter, String) - Constructor for class org.springframework.security.saml2.provider.service.web.authentication.Saml2WebSsoAuthenticationFilter: Creates a Saml2WebSsoAuthenticationFilter given the provided parameters
Saml2WebSsoAuthenticationRequestFilter - Class in org.springframework.security.saml2.provider.service.web: This Filter formulates a SAML 2.0 AuthnRequest (line 1968) and redirects to a configured asserting party.
Saml2WebSsoAuthenticationRequestFilter(Saml2AuthenticationRequestResolver) - Constructor for class org.springframework.security.saml2.provider.service.web.Saml2WebSsoAuthenticationRequestFilter: Construct a Saml2WebSsoAuthenticationRequestFilter with the strategy for resolving the AuthnRequest
Saml2X509Credential - Class in org.springframework.security.saml2.core: An object for holding a public certificate, any associated private key, and its intended usages (Line 584, Section 4.3 Credentials).
Saml2X509Credential(X509Certificate, Saml2X509Credential.Saml2X509CredentialType...) - Constructor for class org.springframework.security.saml2.core.Saml2X509Credential: Creates a Saml2X509Credential using the provided parameters
Saml2X509Credential(PrivateKey, X509Certificate, Set<Saml2X509Credential.Saml2X509CredentialType>) - Constructor for class org.springframework.security.saml2.core.Saml2X509Credential: Creates a Saml2X509Credential using the provided parameters
Saml2X509Credential(PrivateKey, X509Certificate, Saml2X509Credential.Saml2X509CredentialType...) - Constructor for class org.springframework.security.saml2.core.Saml2X509Credential: Creates a Saml2X509Credential using the provided parameters
Saml2X509Credential.Saml2X509CredentialType - Enum Class in org.springframework.security.saml2.core
samlRequest(String) - Method in class org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest.Builder: Sets the SAMLRequest parameter that will accompany this AuthNRequest
samlRequest(String) - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest.Builder: Use this signed and serialized and Base64-encoded <saml2:LogoutRequest> Note that if using the Redirect binding, the value should be deflated and then Base64-encoded.
samlResponse(String) - Method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponse.Builder: Use this signed and serialized and Base64-encoded <saml2:LogoutResponse> Note that if using the Redirect binding, the value should be deflated and then Base64-encoded.
save(ServerWebExchange, SecurityContext) - Method in class org.springframework.security.web.server.context.NoOpServerSecurityContextRepository
save(ServerWebExchange, SecurityContext) - Method in interface org.springframework.security.web.server.context.ServerSecurityContextRepository: Saves the SecurityContext
save(ServerWebExchange, SecurityContext) - Method in class org.springframework.security.web.server.context.WebSessionServerSecurityContextRepository
saveAuthenticationRequest(AbstractSaml2AuthenticationRequest, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.saml2.provider.service.web.HttpSessionSaml2AuthenticationRequestRepository
saveAuthenticationRequest(T, HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestRepository: Saves the current authentication request using the HttpServletRequest and HttpServletResponse
saveAuthorizationRequest(OAuth2AuthorizationRequest, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizationRequestRepository
saveAuthorizationRequest(OAuth2AuthorizationRequest, ServerWebExchange) - Method in class org.springframework.security.oauth2.client.web.server.WebSessionOAuth2ServerAuthorizationRequestRepository
saveAuthorizationRequest(T, HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.oauth2.client.web.AuthorizationRequestRepository: Persists the OAuth2AuthorizationRequest associating it to the provided HttpServletRequest and/or HttpServletResponse.
saveAuthorizationRequest(T, ServerWebExchange) - Method in interface org.springframework.security.oauth2.client.web.server.ServerAuthorizationRequestRepository: Persists the OAuth2AuthorizationRequest associating it to the provided HttpServletRequest and/or HttpServletResponse.
saveAuthorizedClient(OAuth2AuthorizedClient, Authentication) - Method in class org.springframework.security.oauth2.client.InMemoryOAuth2AuthorizedClientService
saveAuthorizedClient(OAuth2AuthorizedClient, Authentication) - Method in class org.springframework.security.oauth2.client.InMemoryReactiveOAuth2AuthorizedClientService
saveAuthorizedClient(OAuth2AuthorizedClient, Authentication) - Method in class org.springframework.security.oauth2.client.JdbcOAuth2AuthorizedClientService
saveAuthorizedClient(OAuth2AuthorizedClient, Authentication) - Method in interface org.springframework.security.oauth2.client.OAuth2AuthorizedClientService: Saves the OAuth2AuthorizedClient associating it to the provided End-User Authentication (Resource Owner).
saveAuthorizedClient(OAuth2AuthorizedClient, Authentication) - Method in class org.springframework.security.oauth2.client.R2dbcReactiveOAuth2AuthorizedClientService
saveAuthorizedClient(OAuth2AuthorizedClient, Authentication) - Method in interface org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientService: Saves the OAuth2AuthorizedClient associating it to the provided End-User Authentication (Resource Owner).
saveAuthorizedClient(OAuth2AuthorizedClient, Authentication, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.oauth2.client.web.AuthenticatedPrincipalOAuth2AuthorizedClientRepository
saveAuthorizedClient(OAuth2AuthorizedClient, Authentication, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizedClientRepository
saveAuthorizedClient(OAuth2AuthorizedClient, Authentication, HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository: Saves the OAuth2AuthorizedClient associating it to the provided End-User Authentication (Resource Owner).
saveAuthorizedClient(OAuth2AuthorizedClient, Authentication, ServerWebExchange) - Method in class org.springframework.security.oauth2.client.web.server.AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository
saveAuthorizedClient(OAuth2AuthorizedClient, Authentication, ServerWebExchange) - Method in interface org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository: Saves the OAuth2AuthorizedClient associating it to the provided End-User Authentication (Resource Owner).
saveAuthorizedClient(OAuth2AuthorizedClient, Authentication, ServerWebExchange) - Method in class org.springframework.security.oauth2.client.web.server.WebSessionServerOAuth2AuthorizedClientRepository
saveContext(SecurityContext) - Method in class org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper: Deprecated.

Implements the logic for storing the security context.
saveContext(SecurityContext, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.context.DelegatingSecurityContextRepository
saveContext(SecurityContext, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.context.HttpSessionSecurityContextRepository
saveContext(SecurityContext, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.context.NullSecurityContextRepository
saveContext(SecurityContext, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.context.RequestAttributeSecurityContextRepository
saveContext(SecurityContext, HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.context.SecurityContextRepository: Stores the security context on completion of a request.
SaveContextOnUpdateOrErrorResponseWrapper - Class in org.springframework.security.web.context: Deprecated.
Use SecurityContextRepository.loadDeferredContext(HttpServletRequest) instead.
SaveContextOnUpdateOrErrorResponseWrapper(HttpServletResponse, boolean) - Constructor for class org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper: Deprecated.
SavedCookie - Class in org.springframework.security.web.savedrequest: Stores off the values of a cookie in a serializable holder
SavedCookie(Cookie) - Constructor for class org.springframework.security.web.savedrequest.SavedCookie
SavedCookie(String, String, String, String, int, String, boolean, int) - Constructor for class org.springframework.security.web.savedrequest.SavedCookie
SavedRequest - Interface in org.springframework.security.web.savedrequest: Encapsulates the functionality required of a cached request for both an authentication mechanism (typically form-based login) to redirect to the original URL and for a RequestCache to build a wrapped request, reproducing the original request data.
SavedRequestAwareAuthenticationSuccessHandler - Class in org.springframework.security.web.authentication: An authentication success strategy which can make use of the DefaultSavedRequest which may have been stored in the session by the ExceptionTranslationFilter.
SavedRequestAwareAuthenticationSuccessHandler() - Constructor for class org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler
saveException(HttpServletRequest, AuthenticationException) - Method in class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler: Caches the AuthenticationException for use in view rendering.
saveLogoutRequest(Saml2LogoutRequest, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.saml2.provider.service.web.authentication.logout.HttpSessionLogoutRequestRepository: Persists the Saml2LogoutRequest associating it to the provided HttpServletRequest and/or HttpServletResponse.
saveLogoutRequest(Saml2LogoutRequest, HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutRequestRepository: Persists the Saml2LogoutRequest associating it to the provided HttpServletRequest and/or HttpServletResponse.
saveRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.CookieRequestCache
saveRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.HttpSessionRequestCache: Stores the current request, provided the configuration properties allow it.
saveRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.NullRequestCache
saveRequest(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.savedrequest.RequestCache: Caches the current request for later retrieval, once authentication has taken place.
saveRequest(ServerWebExchange) - Method in class org.springframework.security.web.server.savedrequest.CookieServerRequestCache
saveRequest(ServerWebExchange) - Method in class org.springframework.security.web.server.savedrequest.NoOpServerRequestCache
saveRequest(ServerWebExchange) - Method in interface org.springframework.security.web.server.savedrequest.ServerRequestCache: Save the ServerHttpRequest
saveRequest(ServerWebExchange) - Method in class org.springframework.security.web.server.savedrequest.WebSessionServerRequestCache
saveToken(CsrfToken, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.csrf.CookieCsrfTokenRepository
saveToken(CsrfToken, HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.csrf.CsrfTokenRepository: Saves the CsrfToken using the HttpServletRequest and HttpServletResponse.
saveToken(CsrfToken, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository
saveToken(CsrfToken, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.csrf.LazyCsrfTokenRepository: Deprecated.

Does nothing if the CsrfToken is not null.
saveToken(ServerWebExchange, CsrfToken) - Method in class org.springframework.security.web.server.csrf.CookieServerCsrfTokenRepository
saveToken(ServerWebExchange, CsrfToken) - Method in interface org.springframework.security.web.server.csrf.ServerCsrfTokenRepository: Saves the CsrfToken using the ServerWebExchange.
saveToken(ServerWebExchange, CsrfToken) - Method in class org.springframework.security.web.server.csrf.WebSessionServerCsrfTokenRepository
schedule(Runnable, long, TimeUnit) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextScheduledExecutorService
schedule(Runnable, Instant) - Method in class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
schedule(Runnable, Date) - Method in class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
schedule(Runnable, Trigger) - Method in class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
schedule(Callable<V>, long, TimeUnit) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextScheduledExecutorService
scheduleAtFixedRate(Runnable, long) - Method in class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
scheduleAtFixedRate(Runnable, long, long, TimeUnit) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextScheduledExecutorService
scheduleAtFixedRate(Runnable, Duration) - Method in class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
scheduleAtFixedRate(Runnable, Instant, Duration) - Method in class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
scheduleAtFixedRate(Runnable, Date, long) - Method in class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
scheduleWithFixedDelay(Runnable, long) - Method in class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
scheduleWithFixedDelay(Runnable, long, long, TimeUnit) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextScheduledExecutorService
scheduleWithFixedDelay(Runnable, Duration) - Method in class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
scheduleWithFixedDelay(Runnable, Instant, Duration) - Method in class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
scheduleWithFixedDelay(Runnable, Date, long) - Method in class org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler
scope(String...) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder: Sets the scope(s) used for the client.
scope(String...) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest.Builder: Sets the scope(s).
scope(Collection<String>) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder: Sets the scope(s) used for the client.
SCOPE - Static variable in class org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames: scope - used in Authorization Request, Authorization Response, Access Token Request and Access Token Response.
SCOPE - Static variable in class org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimNames: scope - The scopes for the token
scopes(Set<String>) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse.Builder: Sets the scope(s) associated to the access token.
scopes(Set<String>) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest.Builder: Sets the scope(s).
SCryptPasswordEncoder - Class in org.springframework.security.crypto.scrypt: Implementation of PasswordEncoder that uses the SCrypt hashing function.
SCryptPasswordEncoder(int, int, int, int, int) - Constructor for class org.springframework.security.crypto.scrypt.SCryptPasswordEncoder: Constructs a SCrypt password encoder with the provided parameters.
searchForMultipleAttributeValues(String, String, Object[], String[]) - Method in class org.springframework.security.ldap.SpringSecurityLdapTemplate: Performs a search using the supplied filter and returns the values of each named attribute found in all entries matched by the search.
searchForSingleAttributeValues(String, String, Object[], String) - Method in class org.springframework.security.ldap.SpringSecurityLdapTemplate: Performs a search using the supplied filter and returns the union of the values of the named attribute found in all entries matched by the search.
searchForSingleEntry(String, String, Object[]) - Method in class org.springframework.security.ldap.SpringSecurityLdapTemplate: Performs a search, with the requirement that the search shall return a single directory entry, and uses the supplied mapper to create the object from that entry.
searchForSingleEntryInternal(DirContext, SearchControls, String, String, Object[]) - Static method in class org.springframework.security.ldap.SpringSecurityLdapTemplate: Internal method extracted to avoid code duplication in AD search.
searchForUser(String) - Method in class org.springframework.security.ldap.search.FilterBasedLdapUserSearch: Return the LdapUserDetails containing the user's information
searchForUser(String) - Method in interface org.springframework.security.ldap.search.LdapUserSearch: Locates a single user in the directory and returns the LDAP information for that user.
SecureChannelProcessor - Class in org.springframework.security.web.access.channel: Ensures channel security is active by review of HttpServletRequest.isSecure() responses.
SecureChannelProcessor() - Constructor for class org.springframework.security.web.access.channel.SecureChannelProcessor
secured() - Static method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor: Creates an interceptor for the Secured annotation
secured(AuthorizationManager<MethodInvocation>) - Static method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor: Creates an interceptor for the Secured annotation
secured(SecuredAuthorizationManager) - Static method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor: Creates an interceptor for the Secured annotation
Secured - Annotation Interface in org.springframework.security.access.annotation: Java 5 annotation for describing service layer security attributes.
SECURED - Enum constant in enum class org.springframework.security.authorization.method.AuthorizationInterceptorsOrder
SecuredAnnotationSecurityMetadataSource - Class in org.springframework.security.access.annotation: Deprecated.
Use AuthorizationManagerBeforeMethodInterceptor.secured()
SecuredAnnotationSecurityMetadataSource() - Constructor for class org.springframework.security.access.annotation.SecuredAnnotationSecurityMetadataSource: Deprecated.
SecuredAnnotationSecurityMetadataSource(AnnotationMetadataExtractor) - Constructor for class org.springframework.security.access.annotation.SecuredAnnotationSecurityMetadataSource: Deprecated.
SecuredAuthorizationManager - Class in org.springframework.security.authorization.method: An AuthorizationManager which can determine if an Authentication may invoke the MethodInvocation by evaluating if the Authentication contains a specified authority from the Spring Security's Secured annotation.
SecuredAuthorizationManager() - Constructor for class org.springframework.security.authorization.method.SecuredAuthorizationManager
SecuredAuthorizationMethodInterceptor() - Constructor for class org.springframework.security.config.method.MethodSecurityBeanDefinitionParser.SecuredAuthorizationMethodInterceptor
securedEnabled() - Element in annotation interface org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity: Deprecated.

Determines if Spring Security's Secured annotations should be enabled.
securedEnabled() - Element in annotation interface org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity: Determines if Spring Security's Secured annotation should be enabled.
secureRandom() - Static method in class org.springframework.security.crypto.keygen.KeyGenerators: Create a BytesKeyGenerator that uses a SecureRandom to generate keys of 8 bytes in length.
secureRandom(int) - Static method in class org.springframework.security.crypto.keygen.KeyGenerators: Create a BytesKeyGenerator that uses a SecureRandom to generate keys of a custom length.
SecureRandomFactoryBean - Class in org.springframework.security.core.token: Creates a SecureRandom instance.
SecureRandomFactoryBean() - Constructor for class org.springframework.security.core.token.SecureRandomFactoryBean
SECURITY_CONTEXT_SERVER_WEB_EXCHANGE - Enum constant in enum class org.springframework.security.config.web.server.SecurityWebFiltersOrder: SecurityContextServerWebExchangeWebFilter
SecurityBuilder<O> - Interface in org.springframework.security.config.annotation: Interface for building an Object
securityCheck(Acl, int) - Method in interface org.springframework.security.acls.domain.AclAuthorizationStrategy
securityCheck(Acl, int) - Method in class org.springframework.security.acls.domain.AclAuthorizationStrategyImpl
SecurityConfig - Class in org.springframework.security.access: Stores a ConfigAttribute as a String.
SecurityConfig(String) - Constructor for class org.springframework.security.access.SecurityConfig
SecurityConfigurer<O,B extends SecurityBuilder<O>> - Interface in org.springframework.security.config.annotation: Allows for configuring a SecurityBuilder.
SecurityConfigurerAdapter<O,B extends SecurityBuilder<O>> - Class in org.springframework.security.config.annotation: A base class for SecurityConfigurer that allows subclasses to only implement the methods they are interested in.
SecurityConfigurerAdapter() - Constructor for class org.springframework.security.config.annotation.SecurityConfigurerAdapter
securityContext() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Sets up management of the SecurityContext on the SecurityContextHolder between HttpServletRequest's.
securityContext(Customizer<SecurityContextConfigurer<HttpSecurity>>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Sets up management of the SecurityContext on the SecurityContextHolder between HttpServletRequest's.
securityContext(SecurityContext) - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors: Establish the specified SecurityContext to be used.
SecurityContext - Interface in org.springframework.security.core.context: Interface defining the minimum security information associated with the current thread of execution.
SecurityContextCallableProcessingInterceptor - Class in org.springframework.security.web.context.request.async: Allows for integration with Spring MVC's Callable support.
SecurityContextCallableProcessingInterceptor() - Constructor for class org.springframework.security.web.context.request.async.SecurityContextCallableProcessingInterceptor: Create a new SecurityContextCallableProcessingInterceptor that uses the SecurityContext from the SecurityContextHolder at the time SecurityContextCallableProcessingInterceptor.beforeConcurrentHandling(NativeWebRequest, Callable) is invoked.
SecurityContextCallableProcessingInterceptor(SecurityContext) - Constructor for class org.springframework.security.web.context.request.async.SecurityContextCallableProcessingInterceptor: Creates a new SecurityContextCallableProcessingInterceptor with the specified SecurityContext.
securityContextChanged(SecurityContextChangedEvent) - Method in class org.springframework.security.core.context.ObservationSecurityContextChangedListener
securityContextChanged(SecurityContextChangedEvent) - Method in interface org.springframework.security.core.context.SecurityContextChangedListener
SecurityContextChangedEvent - Class in org.springframework.security.core.context: An event that represents a change in SecurityContext
SecurityContextChangedEvent(Supplier<SecurityContext>, Supplier<SecurityContext>) - Constructor for class org.springframework.security.core.context.SecurityContextChangedEvent: Construct an event
SecurityContextChangedEvent(SecurityContext, SecurityContext) - Constructor for class org.springframework.security.core.context.SecurityContextChangedEvent: Construct an event
SecurityContextChangedListener - Interface in org.springframework.security.core.context: A listener for SecurityContextChangedEvents
securityContextChannelInterceptor() - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer: Deprecated.
SecurityContextChannelInterceptor - Class in org.springframework.security.messaging.context: Creates a ExecutorChannelInterceptor that will obtain the Authentication from the specified Message.getHeaders().
SecurityContextChannelInterceptor() - Constructor for class org.springframework.security.messaging.context.SecurityContextChannelInterceptor: Creates a new instance using the header of the name SimpMessageHeaderAccessor.USER_HEADER.
SecurityContextChannelInterceptor(String) - Constructor for class org.springframework.security.messaging.context.SecurityContextChannelInterceptor: Creates a new instance that uses the specified header to obtain the Authentication.
SecurityContextConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers: Allows persisting and restoring of the SecurityContext found on the SecurityContextHolder for each request by configuring the SecurityContextPersistenceFilter.
SecurityContextConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.SecurityContextConfigurer: Creates a new instance
SecurityContextHolder - Class in org.springframework.security.core.context: Associates a given SecurityContext with the current execution thread.
SecurityContextHolder() - Constructor for class org.springframework.security.core.context.SecurityContextHolder
SecurityContextHolderAwareRequestFilter - Class in org.springframework.security.web.servletapi: A Filter which populates the ServletRequest with a request wrapper which implements the servlet API security methods.
SecurityContextHolderAwareRequestFilter() - Constructor for class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter
SecurityContextHolderAwareRequestWrapper - Class in org.springframework.security.web.servletapi: A Spring Security-aware HttpServletRequestWrapper, which uses the SecurityContext-defined Authentication object to implement the servlet API security methods: SecurityContextHolderAwareRequestWrapper.getUserPrincipal() SecurityContextHolderAwareRequestWrapper.isUserInRole(String) HttpServletRequestWrapper.getRemoteUser().
SecurityContextHolderAwareRequestWrapper(HttpServletRequest, String) - Constructor for class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestWrapper: Creates a new instance with AuthenticationTrustResolverImpl.
SecurityContextHolderAwareRequestWrapper(HttpServletRequest, AuthenticationTrustResolver, String) - Constructor for class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestWrapper: Creates a new instance
SecurityContextHolderFilter - Class in org.springframework.security.web.context: A Filter that uses the SecurityContextRepository to obtain the SecurityContext and set it on the SecurityContextHolder.
SecurityContextHolderFilter(SecurityContextRepository) - Constructor for class org.springframework.security.web.context.SecurityContextHolderFilter: Creates a new instance.
SecurityContextHolderStrategy - Interface in org.springframework.security.core.context: A strategy for storing security context information against a thread.
SecurityContextImpl - Class in org.springframework.security.core.context: Base implementation of SecurityContext.
SecurityContextImpl() - Constructor for class org.springframework.security.core.context.SecurityContextImpl
SecurityContextImpl(Authentication) - Constructor for class org.springframework.security.core.context.SecurityContextImpl
SecurityContextLoginModule - Class in org.springframework.security.authentication.jaas: An implementation of LoginModule that uses a Spring Security SecurityContext to provide authentication.
SecurityContextLoginModule() - Constructor for class org.springframework.security.authentication.jaas.SecurityContextLoginModule
SecurityContextLogoutHandler - Class in org.springframework.security.web.authentication.logout: Performs a logout by modifying the SecurityContextHolder.
SecurityContextLogoutHandler() - Constructor for class org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler
SecurityContextPersistenceFilter - Class in org.springframework.security.web.context: Deprecated.
Use SecurityContextHolderFilter
SecurityContextPersistenceFilter() - Constructor for class org.springframework.security.web.context.SecurityContextPersistenceFilter: Deprecated.
SecurityContextPersistenceFilter(SecurityContextRepository) - Constructor for class org.springframework.security.web.context.SecurityContextPersistenceFilter: Deprecated.
securityContextRepository(SecurityContextRepository) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
securityContextRepository(SecurityContextRepository) - Method in class org.springframework.security.config.annotation.web.configurers.SecurityContextConfigurer: Specifies the shared SecurityContextRepository that is to be used
securityContextRepository(ServerSecurityContextRepository) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.FormLoginSpec: The ServerSecurityContextRepository used to save the Authentication.
securityContextRepository(ServerSecurityContextRepository) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HttpBasicSpec: The ServerSecurityContextRepository used to save the Authentication.
securityContextRepository(ServerSecurityContextRepository) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2LoginSpec: The ServerSecurityContextRepository used to save the Authentication.
securityContextRepository(ServerSecurityContextRepository) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: The strategy used with ReactorContextWebFilter.
SecurityContextRepository - Interface in org.springframework.security.web.context: Strategy used for persisting a SecurityContext between requests.
SecurityContextServerLogoutHandler - Class in org.springframework.security.web.server.authentication.logout: A ServerLogoutHandler which removes the SecurityContext using the provided ServerSecurityContextRepository
SecurityContextServerLogoutHandler() - Constructor for class org.springframework.security.web.server.authentication.logout.SecurityContextServerLogoutHandler
SecurityContextServerWebExchange - Class in org.springframework.security.web.server.context: Overrides the ServerWebExchange.getPrincipal() with the provided SecurityContext
SecurityContextServerWebExchange(ServerWebExchange, Mono<SecurityContext>) - Constructor for class org.springframework.security.web.server.context.SecurityContextServerWebExchange
SecurityContextServerWebExchangeWebFilter - Class in org.springframework.security.web.server.context: Override the ServerWebExchange.getPrincipal() to be looked up using ReactiveSecurityContextHolder.
SecurityContextServerWebExchangeWebFilter() - Constructor for class org.springframework.security.web.server.context.SecurityContextServerWebExchangeWebFilter
SecurityDebugBeanFactoryPostProcessor - Class in org.springframework.security.config.debug
SecurityDebugBeanFactoryPostProcessor() - Constructor for class org.springframework.security.config.debug.SecurityDebugBeanFactoryPostProcessor
SecurityEvaluationContextExtension - Class in org.springframework.security.data.repository.query: By defining this object as a Bean, Spring Security is exposed as SpEL expressions for creating Spring Data queries.
SecurityEvaluationContextExtension() - Constructor for class org.springframework.security.data.repository.query.SecurityEvaluationContextExtension: Creates a new instance that uses the current Authentication found on the SecurityContextHolder.
SecurityEvaluationContextExtension(Authentication) - Constructor for class org.springframework.security.data.repository.query.SecurityEvaluationContextExtension: Creates a new instance that always uses the same Authentication object.
SecurityExpressionHandler<T> - Interface in org.springframework.security.access.expression: Facade which isolates Spring Security's requirements for evaluating security expressions from the implementation of the underlying expression objects
SecurityExpressionOperations - Interface in org.springframework.security.access.expression: Standard interface for expression root objects used with expression-based security.
SecurityExpressionRoot - Class in org.springframework.security.access.expression: Base root object for use in Spring Security expression evaluations.
SecurityExpressionRoot(Supplier<Authentication>) - Constructor for class org.springframework.security.access.expression.SecurityExpressionRoot: Creates a new instance that uses lazy initialization of the Authentication object.
SecurityExpressionRoot(Authentication) - Constructor for class org.springframework.security.access.expression.SecurityExpressionRoot: Creates a new instance
SecurityFilterChain - Interface in org.springframework.security.web: Defines a filter chain which is capable of being matched against an HttpServletRequest.
SecurityHeaders - Class in org.springframework.security.web.http: Utilities for interacting with HttpHeaders
SecurityJackson2Modules - Class in org.springframework.security.jackson2: This utility class will find all the SecurityModules in classpath.
securityMatcher(String...) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Allows configuring the HttpSecurity to only be invoked when matching the provided pattern.
securityMatcher(ServerWebExchangeMatcher) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity: The ServerExchangeMatcher that determines which requests apply to this HttpSecurity instance.
securityMatcher(RequestMatcher) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Allows configuring the HttpSecurity to only be invoked when matching the provided RequestMatcher.
securityMatchers() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Allows specifying which HttpServletRequest instances this HttpSecurity will be invoked on.
securityMatchers(Customizer<HttpSecurity.RequestMatcherConfigurer>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Allows specifying which HttpServletRequest instances this HttpSecurity will be invoked on.
SecurityMetadataSource - Interface in org.springframework.security.access: Implemented by classes that store and can identify the ConfigAttributes that applies to a given secure object invocation.
SecurityMockMvcConfigurers - Class in org.springframework.security.test.web.servlet.setup: Provides Security related MockMvcConfigurer implementations.
SecurityMockMvcRequestBuilders - Class in org.springframework.security.test.web.servlet.request: Contains Spring Security related MockMvc RequestBuilders.
SecurityMockMvcRequestBuilders.FormLoginRequestBuilder - Class in org.springframework.security.test.web.servlet.request: Creates a form based login request including any necessary CsrfToken.
SecurityMockMvcRequestBuilders.LogoutRequestBuilder - Class in org.springframework.security.test.web.servlet.request: Creates a logout request (including any necessary CsrfToken)
SecurityMockMvcRequestPostProcessors - Class in org.springframework.security.test.web.servlet.request: Contains MockMvc RequestPostProcessor implementations for Spring Security.
SecurityMockMvcRequestPostProcessors.CsrfRequestPostProcessor - Class in org.springframework.security.test.web.servlet.request: Populates a valid CsrfToken into the request.
SecurityMockMvcRequestPostProcessors.DigestRequestPostProcessor - Class in org.springframework.security.test.web.servlet.request
SecurityMockMvcRequestPostProcessors.JwtRequestPostProcessor - Class in org.springframework.security.test.web.servlet.request
SecurityMockMvcRequestPostProcessors.OAuth2ClientRequestPostProcessor - Class in org.springframework.security.test.web.servlet.request
SecurityMockMvcRequestPostProcessors.OAuth2LoginRequestPostProcessor - Class in org.springframework.security.test.web.servlet.request
SecurityMockMvcRequestPostProcessors.OidcLoginRequestPostProcessor - Class in org.springframework.security.test.web.servlet.request
SecurityMockMvcRequestPostProcessors.OpaqueTokenRequestPostProcessor - Class in org.springframework.security.test.web.servlet.request
SecurityMockMvcRequestPostProcessors.UserRequestPostProcessor - Class in org.springframework.security.test.web.servlet.request: Creates a UsernamePasswordAuthenticationToken and sets the principal to be a User and associates it to the MockHttpServletRequest.
SecurityMockMvcResultHandlers - Class in org.springframework.security.test.web.servlet.response: Security related MockMvc ResultHandlers
SecurityMockMvcResultMatchers - Class in org.springframework.security.test.web.servlet.response: Security related MockMvc ResultMatchers.
SecurityMockMvcResultMatchers.AuthenticatedMatcher - Class in org.springframework.security.test.web.servlet.response: A MockMvc ResultMatcher that verifies a specific user is associated to the MvcResult.
SecurityMockServerConfigurers - Class in org.springframework.security.test.web.reactive.server: Test utilities for working with Spring Security and WebTestClient.Builder.apply(WebTestClientConfigurer).
SecurityMockServerConfigurers.CsrfMutator - Class in org.springframework.security.test.web.reactive.server
SecurityMockServerConfigurers.JwtMutator - Class in org.springframework.security.test.web.reactive.server: Updates the WebServerExchange using {@link SecurityMockServerConfigurers#mockAuthentication(Authentication)}.
SecurityMockServerConfigurers.OAuth2ClientMutator - Class in org.springframework.security.test.web.reactive.server
SecurityMockServerConfigurers.OAuth2LoginMutator - Class in org.springframework.security.test.web.reactive.server
SecurityMockServerConfigurers.OidcLoginMutator - Class in org.springframework.security.test.web.reactive.server
SecurityMockServerConfigurers.OpaqueTokenMutator - Class in org.springframework.security.test.web.reactive.server
SecurityMockServerConfigurers.UserExchangeMutator - Class in org.springframework.security.test.web.reactive.server: Updates the WebServerExchange using {@link SecurityMockServerConfigurers#mockUser(UserDetails)}.
SecurityNamespaceHandler - Class in org.springframework.security.config: Parses elements from the "security" namespace (http://www.springframework.org/schema/security).
SecurityNamespaceHandler() - Constructor for class org.springframework.security.config.SecurityNamespaceHandler
SecuritySocketAcceptorInterceptor - Class in org.springframework.security.rsocket.core: A SocketAcceptorInterceptor that applies Security through a delegate SocketAcceptorInterceptor.
SecuritySocketAcceptorInterceptor(SocketAcceptorInterceptor) - Constructor for class org.springframework.security.rsocket.core.SecuritySocketAcceptorInterceptor
SecurityTestExecutionListeners - Annotation Interface in org.springframework.security.test.context.annotation: There are many times a user may want to use Spring Security's test support (i.e.
SecurityWebApplicationContextUtils - Class in org.springframework.security.web.context.support: Spring Security extension to Spring's WebApplicationContextUtils.
SecurityWebApplicationContextUtils() - Constructor for class org.springframework.security.web.context.support.SecurityWebApplicationContextUtils
SecurityWebFilterChain - Interface in org.springframework.security.web.server: Defines a filter chain which is capable of being matched against a ServerWebExchange in order to decide whether it applies to that request.
SecurityWebFiltersOrder - Enum Class in org.springframework.security.config.web.server
sendError(int) - Method in class org.springframework.security.web.util.OnCommittedResponseWrapper: Makes sure OnCommittedResponseWrapper.onResponseCommitted() is invoked before calling the superclass sendError()
sendError(int, String) - Method in class org.springframework.security.web.util.OnCommittedResponseWrapper: Makes sure OnCommittedResponseWrapper.onResponseCommitted() is invoked before calling the superclass sendError()
sendRedirect(HttpServletRequest, HttpServletResponse, String) - Method in class org.springframework.security.web.DefaultRedirectStrategy: Redirects the response to the supplied URL.
sendRedirect(HttpServletRequest, HttpServletResponse, String) - Method in interface org.springframework.security.web.RedirectStrategy: Performs a redirect to the supplied URL
sendRedirect(String) - Method in class org.springframework.security.web.util.OnCommittedResponseWrapper: Makes sure OnCommittedResponseWrapper.onResponseCommitted() is invoked before calling the superclass sendRedirect()
sendRedirect(ServerWebExchange, URI) - Method in class org.springframework.security.web.server.DefaultServerRedirectStrategy
sendRedirect(ServerWebExchange, URI) - Method in interface org.springframework.security.web.server.ServerRedirectStrategy: Performs a redirect based upon the provided ServerWebExchange and URI
sendStartAuthentication(HttpServletRequest, HttpServletResponse, FilterChain, AuthenticationException) - Method in class org.springframework.security.web.access.ExceptionTranslationFilter
SERIAL_VERSION_UID - Static variable in class org.springframework.security.core.SpringSecurityCoreVersion: Global Serialization value for Spring Security classes.
SERVER_ERROR - Static variable in class org.springframework.security.oauth2.core.OAuth2ErrorCodes: server_error - The authorization server encountered an unexpected condition that prevented it from fulfilling the request.
SERVER_REQUEST_CACHE - Enum constant in enum class org.springframework.security.config.web.server.SecurityWebFiltersOrder: ServerRequestCacheWebFilter
ServerAccessDeniedHandler - Interface in org.springframework.security.web.server.authorization
ServerAuthenticationConverter - Interface in org.springframework.security.web.server.authentication: A strategy used for converting from a ServerWebExchange to an Authentication used for authenticating with a provided ReactiveAuthenticationManager.
ServerAuthenticationEntryPoint - Interface in org.springframework.security.web.server: Used to request authentication
ServerAuthenticationEntryPointFailureHandler - Class in org.springframework.security.web.server.authentication: Adapts a ServerAuthenticationEntryPoint into a ServerAuthenticationFailureHandler
ServerAuthenticationEntryPointFailureHandler(ServerAuthenticationEntryPoint) - Constructor for class org.springframework.security.web.server.authentication.ServerAuthenticationEntryPointFailureHandler
ServerAuthenticationFailureHandler - Interface in org.springframework.security.web.server.authentication: Handles authentication failure
ServerAuthenticationSuccessHandler - Interface in org.springframework.security.web.server.authentication: Handles authentication success
ServerAuthorizationRequestRepository<T extends OAuth2AuthorizationRequest> - Interface in org.springframework.security.oauth2.client.web.server: Implementations of this interface are responsible for the persistence of OAuth2AuthorizationRequest between requests.
ServerBearerExchangeFilterFunction - Class in org.springframework.security.oauth2.server.resource.web.reactive.function.client: An ExchangeFilterFunction that adds the Bearer Token from an existing OAuth2Token tied to the current Authentication.
ServerBearerExchangeFilterFunction() - Constructor for class org.springframework.security.oauth2.server.resource.web.reactive.function.client.ServerBearerExchangeFilterFunction
ServerBearerTokenAuthenticationConverter - Class in org.springframework.security.oauth2.server.resource.web.server.authentication: A strategy for resolving Bearer Tokens from the ServerWebExchange.
ServerBearerTokenAuthenticationConverter() - Constructor for class org.springframework.security.oauth2.server.resource.web.server.authentication.ServerBearerTokenAuthenticationConverter
ServerCsrfTokenRepository - Interface in org.springframework.security.web.server.csrf: An API to allow changing the method in which the expected CsrfToken is associated to the ServerWebExchange.
ServerCsrfTokenRequestAttributeHandler - Class in org.springframework.security.web.server.csrf: An implementation of the ServerCsrfTokenRequestHandler interface that is capable of making the CsrfToken available as an exchange attribute and resolving the token value as either a form data value or header of the request.
ServerCsrfTokenRequestAttributeHandler() - Constructor for class org.springframework.security.web.server.csrf.ServerCsrfTokenRequestAttributeHandler
ServerCsrfTokenRequestHandler - Interface in org.springframework.security.web.server.csrf: A callback interface that is used to make the CsrfToken created by the ServerCsrfTokenRepository available as an exchange attribute.
ServerCsrfTokenRequestResolver - Interface in org.springframework.security.web.server.csrf: Implementations of this interface are capable of resolving the token value of a CsrfToken from the provided ServerWebExchange.
ServerFormLoginAuthenticationConverter - Class in org.springframework.security.web.server.authentication: Converts a ServerWebExchange into a UsernamePasswordAuthenticationToken from the form data HTTP parameters.
ServerFormLoginAuthenticationConverter - Class in org.springframework.security.web.server: Deprecated.
use ServerFormLoginAuthenticationConverter instead.
ServerFormLoginAuthenticationConverter() - Constructor for class org.springframework.security.web.server.authentication.ServerFormLoginAuthenticationConverter
ServerFormLoginAuthenticationConverter() - Constructor for class org.springframework.security.web.server.ServerFormLoginAuthenticationConverter: Deprecated.
ServerHttpBasicAuthenticationConverter - Class in org.springframework.security.web.server.authentication: Converts from a ServerWebExchange to an Authentication that can be authenticated.
ServerHttpBasicAuthenticationConverter - Class in org.springframework.security.web.server: Deprecated.
Use ServerHttpBasicAuthenticationConverter instead.
ServerHttpBasicAuthenticationConverter() - Constructor for class org.springframework.security.web.server.authentication.ServerHttpBasicAuthenticationConverter
ServerHttpBasicAuthenticationConverter() - Constructor for class org.springframework.security.web.server.ServerHttpBasicAuthenticationConverter: Deprecated.
ServerHttpHeadersWriter - Interface in org.springframework.security.web.server.header: Interface for writing headers just before the response is committed.
ServerHttpSecurity - Class in org.springframework.security.config.web.server: A ServerHttpSecurity is similar to Spring Security's HttpSecurity but for WebFlux.
ServerHttpSecurity() - Constructor for class org.springframework.security.config.web.server.ServerHttpSecurity
ServerHttpSecurity.AnonymousSpec - Class in org.springframework.security.config.web.server: Configures anonymous authentication
ServerHttpSecurity.AuthorizeExchangeSpec - Class in org.springframework.security.config.web.server: Configures authorization
ServerHttpSecurity.AuthorizeExchangeSpec.Access - Class in org.springframework.security.config.web.server: Configures the access for a particular set of exchanges.
ServerHttpSecurity.CorsSpec - Class in org.springframework.security.config.web.server: Configures CORS support within Spring Security.
ServerHttpSecurity.CsrfSpec - Class in org.springframework.security.config.web.server: Configures CSRF Protection
ServerHttpSecurity.ExceptionHandlingSpec - Class in org.springframework.security.config.web.server: Configures exception handling
ServerHttpSecurity.FormLoginSpec - Class in org.springframework.security.config.web.server: Configures Form Based authentication
ServerHttpSecurity.HeaderSpec - Class in org.springframework.security.config.web.server: Configures HTTP Response Headers.
ServerHttpSecurity.HeaderSpec.CacheSpec - Class in org.springframework.security.config.web.server: Configures cache control headers
ServerHttpSecurity.HeaderSpec.ContentSecurityPolicySpec - Class in org.springframework.security.config.web.server: Configures Content-Security-Policy response header.
ServerHttpSecurity.HeaderSpec.ContentTypeOptionsSpec - Class in org.springframework.security.config.web.server: The content type headers
ServerHttpSecurity.HeaderSpec.CrossOriginEmbedderPolicySpec - Class in org.springframework.security.config.web.server: Configures the Cross-Origin-Embedder-Policy header
ServerHttpSecurity.HeaderSpec.CrossOriginOpenerPolicySpec - Class in org.springframework.security.config.web.server: Configures the Cross-Origin-Opener-Policy header
ServerHttpSecurity.HeaderSpec.CrossOriginResourcePolicySpec - Class in org.springframework.security.config.web.server: Configures the Cross-Origin-Resource-Policy header
ServerHttpSecurity.HeaderSpec.FeaturePolicySpec - Class in org.springframework.security.config.web.server: Configures Feature-Policy response header.
ServerHttpSecurity.HeaderSpec.FrameOptionsSpec - Class in org.springframework.security.config.web.server: Configures frame options response header
ServerHttpSecurity.HeaderSpec.HstsSpec - Class in org.springframework.security.config.web.server: Configures Strict Transport Security response header
ServerHttpSecurity.HeaderSpec.PermissionsPolicySpec - Class in org.springframework.security.config.web.server: Configures Permissions-Policy response header.
ServerHttpSecurity.HeaderSpec.ReferrerPolicySpec - Class in org.springframework.security.config.web.server: Configures Referrer-Policy response header.
ServerHttpSecurity.HeaderSpec.XssProtectionSpec - Class in org.springframework.security.config.web.server: Configures x-xss-protection response header
ServerHttpSecurity.HttpBasicSpec - Class in org.springframework.security.config.web.server: Configures HTTP Basic Authentication
ServerHttpSecurity.HttpsRedirectSpec - Class in org.springframework.security.config.web.server: Configures HTTPS redirection rules
ServerHttpSecurity.LogoutSpec - Class in org.springframework.security.config.web.server: Configures log out
ServerHttpSecurity.OAuth2ClientSpec - Class in org.springframework.security.config.web.server
ServerHttpSecurity.OAuth2LoginSpec - Class in org.springframework.security.config.web.server
ServerHttpSecurity.OAuth2ResourceServerSpec - Class in org.springframework.security.config.web.server: Configures OAuth2 Resource Server Support
ServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpec - Class in org.springframework.security.config.web.server: Configures JWT Resource Server Support
ServerHttpSecurity.OAuth2ResourceServerSpec.OpaqueTokenSpec - Class in org.springframework.security.config.web.server: Configures Opaque Token Resource Server support
ServerHttpSecurity.PasswordManagementSpec - Class in org.springframework.security.config.web.server: Configures password management.
ServerHttpSecurity.RequestCacheSpec - Class in org.springframework.security.config.web.server: Configures the request cache which is used when a flow is interrupted (i.e.
ServerHttpSecurity.X509Spec - Class in org.springframework.security.config.web.server: Configures X509 authentication
ServerLogoutHandler - Interface in org.springframework.security.web.server.authentication.logout: Handles log out
ServerLogoutSuccessHandler - Interface in org.springframework.security.web.server.authentication.logout: Strategy for when log out was successfully performed (typically after ServerLogoutHandler is invoked).
ServerOAuth2AuthorizationCodeAuthenticationTokenConverter - Class in org.springframework.security.oauth2.client.web.server: Converts from a ServerWebExchange to an OAuth2AuthorizationCodeAuthenticationToken that can be authenticated.
ServerOAuth2AuthorizationCodeAuthenticationTokenConverter(ReactiveClientRegistrationRepository) - Constructor for class org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizationCodeAuthenticationTokenConverter
ServerOAuth2AuthorizationRequestResolver - Interface in org.springframework.security.oauth2.client.web.server: Implementations of this interface are capable of resolving an OAuth2AuthorizationRequest from the provided ServerWebExchange.
ServerOAuth2AuthorizedClientExchangeFilterFunction - Class in org.springframework.security.oauth2.client.web.reactive.function.client: Provides an easy mechanism for using an OAuth2AuthorizedClient to make OAuth2 requests by including the token as a Bearer Token.
ServerOAuth2AuthorizedClientExchangeFilterFunction(ReactiveOAuth2AuthorizedClientManager) - Constructor for class org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction: Constructs a ServerOAuth2AuthorizedClientExchangeFilterFunction using the provided parameters.
ServerOAuth2AuthorizedClientExchangeFilterFunction(ReactiveClientRegistrationRepository, ServerOAuth2AuthorizedClientRepository) - Constructor for class org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction: Constructs a ServerOAuth2AuthorizedClientExchangeFilterFunction using the provided parameters.
ServerOAuth2AuthorizedClientRepository - Interface in org.springframework.security.oauth2.client.web.server: Implementations of this interface are responsible for the persistence of Authorized Client(s) between requests.
ServerRedirectStrategy - Interface in org.springframework.security.web.server: A strategy for performing redirects.
ServerRequestCache - Interface in org.springframework.security.web.server.savedrequest: Saves a ServerHttpRequest so it can be "replayed" later.
ServerRequestCacheWebFilter - Class in org.springframework.security.web.server.savedrequest: A WebFilter that replays any matching request in ServerRequestCache
ServerRequestCacheWebFilter() - Constructor for class org.springframework.security.web.server.savedrequest.ServerRequestCacheWebFilter
ServerSecurityContextRepository - Interface in org.springframework.security.web.server.context: Strategy used for persisting a SecurityContext between requests.
serverWebExchange(ServerWebExchange) - Static method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction: Modifies the ClientRequest.attributes() to include the ServerWebExchange to be used for providing the Bearer Token.
ServerWebExchangeDelegatingReactiveAuthenticationManagerResolver - Class in org.springframework.security.web.server.authentication: A ReactiveAuthenticationManagerResolver that returns a ReactiveAuthenticationManager instances based upon the type of ServerWebExchange passed into ServerWebExchangeDelegatingReactiveAuthenticationManagerResolver.resolve(ServerWebExchange).
ServerWebExchangeDelegatingReactiveAuthenticationManagerResolver.Builder - Class in org.springframework.security.web.server.authentication: A builder for RequestMatcherDelegatingAuthenticationManagerResolver.
ServerWebExchangeDelegatingServerAccessDeniedHandler - Class in org.springframework.security.web.server.authorization: A ServerAccessDeniedHandler which delegates to multiple ServerAccessDeniedHandlers based on a ServerWebExchangeMatcher
ServerWebExchangeDelegatingServerAccessDeniedHandler(List<ServerWebExchangeDelegatingServerAccessDeniedHandler.DelegateEntry>) - Constructor for class org.springframework.security.web.server.authorization.ServerWebExchangeDelegatingServerAccessDeniedHandler: Creates a new instance
ServerWebExchangeDelegatingServerAccessDeniedHandler(ServerWebExchangeDelegatingServerAccessDeniedHandler.DelegateEntry...) - Constructor for class org.springframework.security.web.server.authorization.ServerWebExchangeDelegatingServerAccessDeniedHandler: Creates a new instance
ServerWebExchangeDelegatingServerAccessDeniedHandler.DelegateEntry - Class in org.springframework.security.web.server.authorization
ServerWebExchangeDelegatingServerHttpHeadersWriter - Class in org.springframework.security.web.server.header: Delegates to a provided ServerHttpHeadersWriter if ServerWebExchangeMatcher.matches(ServerWebExchange) returns a match.
ServerWebExchangeDelegatingServerHttpHeadersWriter(ServerWebExchangeMatcherEntry<ServerHttpHeadersWriter>) - Constructor for class org.springframework.security.web.server.header.ServerWebExchangeDelegatingServerHttpHeadersWriter: Creates a new instance
ServerWebExchangeDelegatingServerHttpHeadersWriter(ServerWebExchangeMatcher, ServerHttpHeadersWriter) - Constructor for class org.springframework.security.web.server.header.ServerWebExchangeDelegatingServerHttpHeadersWriter: Creates a new instance
ServerWebExchangeMatcher - Interface in org.springframework.security.web.server.util.matcher: An interface for determining if a ServerWebExchangeMatcher matches.
ServerWebExchangeMatcher.MatchResult - Class in org.springframework.security.web.server.util.matcher: The result of matching
ServerWebExchangeMatcherEntry<T> - Class in org.springframework.security.web.server.util.matcher: A rich object for associating a ServerWebExchangeMatcher to another object.
ServerWebExchangeMatcherEntry(ServerWebExchangeMatcher, T) - Constructor for class org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcherEntry
ServerWebExchangeMatchers - Class in org.springframework.security.web.server.util.matcher: Provides factory methods for creating common ServerWebExchangeMatcher
ServerX509AuthenticationConverter - Class in org.springframework.security.web.server.authentication: Converts from a SslInfo provided by a request to an PreAuthenticatedAuthenticationToken that can be authenticated.
ServerX509AuthenticationConverter(X509PrincipalExtractor) - Constructor for class org.springframework.security.web.server.authentication.ServerX509AuthenticationConverter
servletApi() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Integrates the HttpServletRequest methods with the values found on the SecurityContext.
servletApi(Customizer<ServletApiConfigurer<HttpSecurity>>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Integrates the HttpServletRequest methods with the values found on the SecurityContext.
ServletApiConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers: Implements select methods from the HttpServletRequest using the SecurityContext from the SecurityContextHolder.
ServletApiConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.ServletApiConfigurer: Creates a new instance
ServletBearerExchangeFilterFunction - Class in org.springframework.security.oauth2.server.resource.web.reactive.function.client: An ExchangeFilterFunction that adds the Bearer Token from an existing OAuth2Token tied to the current Authentication.
ServletBearerExchangeFilterFunction() - Constructor for class org.springframework.security.oauth2.server.resource.web.reactive.function.client.ServletBearerExchangeFilterFunction
ServletOAuth2AuthorizedClientExchangeFilterFunction - Class in org.springframework.security.oauth2.client.web.reactive.function.client: Provides an easy mechanism for using an OAuth2AuthorizedClient to make OAuth 2.0 requests by including the access token as a bearer token.
ServletOAuth2AuthorizedClientExchangeFilterFunction() - Constructor for class org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction
ServletOAuth2AuthorizedClientExchangeFilterFunction(OAuth2AuthorizedClientManager) - Constructor for class org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction: Constructs a ServletOAuth2AuthorizedClientExchangeFilterFunction using the provided parameters.
ServletOAuth2AuthorizedClientExchangeFilterFunction(ClientRegistrationRepository, OAuth2AuthorizedClientRepository) - Constructor for class org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction: Constructs a ServletOAuth2AuthorizedClientExchangeFilterFunction using the provided parameters.
servletPath(String) - Method in class org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher.Builder: Sets the servlet path to be used by the MvcRequestMatcher generated by this builder
SESSION_MANAGEMENT - Static variable in class org.springframework.security.config.Elements
sessionAuthenticationErrorUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer: Defines the URL of the error page which should be shown when the SessionAuthenticationStrategy raises an exception.
SessionAuthenticationException - Exception in org.springframework.security.web.authentication.session: Thrown by an SessionAuthenticationStrategy to indicate that an authentication object is not valid for the current session, typically because the same user has exceeded the number of sessions they are allowed to have concurrently.
SessionAuthenticationException(String) - Constructor for exception org.springframework.security.web.authentication.session.SessionAuthenticationException
sessionAuthenticationFailureHandler(AuthenticationFailureHandler) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer: Defines the AuthenticationFailureHandler which will be used when the SessionAuthenticationStrategy raises an exception.
sessionAuthenticationStrategy(SessionAuthenticationStrategy) - Method in class org.springframework.security.config.annotation.web.configurers.CsrfConfigurer: Specify the SessionAuthenticationStrategy to use.
sessionAuthenticationStrategy(SessionAuthenticationStrategy) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer: Allows explicitly specifying the SessionAuthenticationStrategy.
SessionAuthenticationStrategy - Interface in org.springframework.security.web.authentication.session: Allows pluggable support for HttpSession-related behaviour when an authentication occurs.
sessionConcurrency(Customizer<SessionManagementConfigurer.ConcurrencyControlConfigurer>) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer: Controls the maximum number of sessions for a user.
sessionCreated(HttpSessionEvent) - Method in class org.springframework.security.web.session.HttpSessionEventPublisher: Handles the HttpSessionEvent by publishing a HttpSessionCreatedEvent to the application appContext.
SessionCreationEvent - Class in org.springframework.security.core.session: Generic session creation event which indicates that a session (potentially represented by a security context) has begun.
SessionCreationEvent(Object) - Constructor for class org.springframework.security.core.session.SessionCreationEvent
sessionCreationPolicy(SessionCreationPolicy) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer: Allows specifying the SessionCreationPolicy
SessionCreationPolicy - Enum Class in org.springframework.security.config.http: Specifies the various session creation policies for Spring Security.
sessionDestroyed(HttpSessionEvent) - Method in class org.springframework.security.web.session.HttpSessionEventPublisher: Handles the HttpSessionEvent by publishing a HttpSessionDestroyedEvent to the application appContext.
SessionDestroyedEvent - Class in org.springframework.security.core.session: Generic "session termination" event which indicates that a session (potentially represented by a security context) has ended.
SessionDestroyedEvent(Object) - Constructor for class org.springframework.security.core.session.SessionDestroyedEvent
sessionFixation() - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer: Allows changing the default SessionFixationProtectionStrategy.
sessionFixation(Customizer<SessionManagementConfigurer.SessionFixationConfigurer>) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer: Allows configuring session fixation protection.
SessionFixationConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.SessionFixationConfigurer
SessionFixationProtectionEvent - Class in org.springframework.security.web.authentication.session: Indicates a session ID was changed for the purposes of session fixation protection.
SessionFixationProtectionEvent(Authentication, String, String) - Constructor for class org.springframework.security.web.authentication.session.SessionFixationProtectionEvent: Constructs a new session fixation protection event.
SessionFixationProtectionStrategy - Class in org.springframework.security.web.authentication.session: Uses HttpServletRequest.invalidate() to protect against session fixation attacks.
SessionFixationProtectionStrategy() - Constructor for class org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy
sessionIdChanged(HttpSessionEvent, String) - Method in class org.springframework.security.web.session.HttpSessionEventPublisher
SessionIdChangedEvent - Class in org.springframework.security.core.session: Generic "session ID changed" event which indicates that a session identifier (potentially represented by a security context) has changed.
SessionIdChangedEvent(Object) - Constructor for class org.springframework.security.core.session.SessionIdChangedEvent
SessionInformation - Class in org.springframework.security.core.session: Represents a record of a session within the Spring Security framework.
SessionInformation(Object, String, Date) - Constructor for class org.springframework.security.core.session.SessionInformation
SessionInformationExpiredEvent - Class in org.springframework.security.web.session: An event for when a SessionInformation is expired.
SessionInformationExpiredEvent(SessionInformation, HttpServletRequest, HttpServletResponse) - Constructor for class org.springframework.security.web.session.SessionInformationExpiredEvent: Creates a new instance
SessionInformationExpiredStrategy - Interface in org.springframework.security.web.session: Determines the behaviour of the ConcurrentSessionFilter when an expired session is detected in the ConcurrentSessionFilter.
sessionManagement() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Allows configuring of Session Management.
sessionManagement(Customizer<SessionManagementConfigurer<HttpSecurity>>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity: Allows configuring of Session Management.
SessionManagementConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers: Allows configuring session management.
SessionManagementConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer: Creates a new instance
SessionManagementConfigurer.ConcurrencyControlConfigurer - Class in org.springframework.security.config.annotation.web.configurers: Allows configuring controlling of multiple sessions.
SessionManagementConfigurer.SessionFixationConfigurer - Class in org.springframework.security.config.annotation.web.configurers: Allows configuring SessionFixation protection
SessionManagementFilter - Class in org.springframework.security.web.session: Detects that a user has been authenticated since the start of the request and, if they have, calls the configured SessionAuthenticationStrategy to perform any session-related activity such as activating session-fixation protection mechanisms or checking for multiple concurrent logins.
SessionManagementFilter(SecurityContextRepository) - Constructor for class org.springframework.security.web.session.SessionManagementFilter
SessionManagementFilter(SecurityContextRepository, SessionAuthenticationStrategy) - Constructor for class org.springframework.security.web.session.SessionManagementFilter
sessionRegistry(SessionRegistry) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.ConcurrencyControlConfigurer: Controls the SessionRegistry implementation used.
SessionRegistry - Interface in org.springframework.security.core.session: Maintains a registry of SessionInformation instances.
SessionRegistryImpl - Class in org.springframework.security.core.session: Default implementation of SessionRegistry which listens for SessionDestroyedEvents published in the Spring application context.
SessionRegistryImpl() - Constructor for class org.springframework.security.core.session.SessionRegistryImpl
SessionRegistryImpl(ConcurrentMap<Object, Set<String>>, Map<String, SessionInformation>) - Constructor for class org.springframework.security.core.session.SessionRegistryImpl
set(Permission) - Method in class org.springframework.security.acls.domain.CumulativePermission
setAccess(String) - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag
setAccessDecisionManager(AccessDecisionManager) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor: Deprecated.
setAccessDeniedHandler(AccessDeniedHandler) - Method in class org.springframework.security.web.access.ExceptionTranslationFilter
setAccessDeniedHandler(AccessDeniedHandler) - Method in class org.springframework.security.web.csrf.CsrfFilter: Specifies a AccessDeniedHandler that should be used when CSRF protection fails.
setAccessDeniedHandler(ServerAccessDeniedHandler) - Method in class org.springframework.security.web.server.authorization.ExceptionTranslationWebFilter: Sets the access denied handler.
setAccessDeniedHandler(ServerAccessDeniedHandler) - Method in class org.springframework.security.web.server.csrf.CsrfWebFilter
setAccessibleScopes(Set<String>) - Method in class org.springframework.security.oauth2.client.oidc.userinfo.OidcUserService: Sets the scope(s) that allow access to the user info resource.
setAccessTokenResponseClient(OAuth2AccessTokenResponseClient<JwtBearerGrantRequest>) - Method in class org.springframework.security.oauth2.client.JwtBearerOAuth2AuthorizedClientProvider: Sets the client used when requesting an access token credential at the Token Endpoint for the jwt-bearer grant.
setAccessTokenResponseClient(OAuth2AccessTokenResponseClient<OAuth2ClientCredentialsGrantRequest>) - Method in class org.springframework.security.oauth2.client.ClientCredentialsOAuth2AuthorizedClientProvider: Sets the client used when requesting an access token credential at the Token Endpoint for the client_credentials grant.
setAccessTokenResponseClient(OAuth2AccessTokenResponseClient<OAuth2PasswordGrantRequest>) - Method in class org.springframework.security.oauth2.client.PasswordOAuth2AuthorizedClientProvider: Deprecated.

Sets the client used when requesting an access token credential at the Token Endpoint for the password grant.
setAccessTokenResponseClient(OAuth2AccessTokenResponseClient<OAuth2RefreshTokenGrantRequest>) - Method in class org.springframework.security.oauth2.client.RefreshTokenOAuth2AuthorizedClientProvider: Sets the client used when requesting an access token credential at the Token Endpoint for the refresh_token grant.
setAccessTokenResponseClient(ReactiveOAuth2AccessTokenResponseClient<JwtBearerGrantRequest>) - Method in class org.springframework.security.oauth2.client.JwtBearerReactiveOAuth2AuthorizedClientProvider: Sets the client used when requesting an access token credential at the Token Endpoint for the jwt-bearer grant.
setAccessTokenResponseClient(ReactiveOAuth2AccessTokenResponseClient<OAuth2ClientCredentialsGrantRequest>) - Method in class org.springframework.security.oauth2.client.ClientCredentialsReactiveOAuth2AuthorizedClientProvider: Sets the client used when requesting an access token credential at the Token Endpoint for the client_credentials grant.
setAccessTokenResponseClient(ReactiveOAuth2AccessTokenResponseClient<OAuth2PasswordGrantRequest>) - Method in class org.springframework.security.oauth2.client.PasswordReactiveOAuth2AuthorizedClientProvider: Deprecated.

Sets the client used when requesting an access token credential at the Token Endpoint for the password grant.
setAccessTokenResponseClient(ReactiveOAuth2AccessTokenResponseClient<OAuth2RefreshTokenGrantRequest>) - Method in class org.springframework.security.oauth2.client.RefreshTokenReactiveOAuth2AuthorizedClientProvider: Sets the client used when requesting an access token credential at the Token Endpoint for the refresh_token grant.
setAccessTokenResponseConverter(Converter<Map<String, Object>, OAuth2AccessTokenResponse>) - Method in class org.springframework.security.oauth2.core.http.converter.OAuth2AccessTokenResponseHttpMessageConverter: Sets the Converter used for converting the OAuth 2.0 Access Token Response parameters to an OAuth2AccessTokenResponse.
setAccessTokenResponseParametersConverter(Converter<OAuth2AccessTokenResponse, Map<String, Object>>) - Method in class org.springframework.security.oauth2.core.http.converter.OAuth2AccessTokenResponseHttpMessageConverter: Sets the Converter used for converting the OAuth2AccessTokenResponse to a Map representation of the OAuth 2.0 Access Token Response parameters.
setAccountNonExpired(boolean) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
setAccountNonLocked(boolean) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
setAclClassIdSupported(boolean) - Method in class org.springframework.security.acls.jdbc.BasicLookupStrategy
setAclClassIdSupported(boolean) - Method in class org.springframework.security.acls.jdbc.JdbcAclService
setAclClassIdSupported(boolean) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
setAdapterRegistry(ReactiveAdapterRegistry) - Method in class org.springframework.security.messaging.handler.invocation.reactive.AuthenticationPrincipalArgumentResolver: Sets the ReactiveAdapterRegistry to be used.
setAdapterRegistry(ReactiveAdapterRegistry) - Method in class org.springframework.security.messaging.handler.invocation.reactive.CurrentSecurityContextArgumentResolver: Sets the ReactiveAdapterRegistry to be used.
setAdditionalExceptionMappings(Map<Class<? extends AuthenticationException>, Class<? extends AbstractAuthenticationFailureEvent>>) - Method in class org.springframework.security.authentication.DefaultAuthenticationEventPublisher: Sets additional exception to event mappings.
setAdditionalExceptionMappings(Properties) - Method in class org.springframework.security.authentication.DefaultAuthenticationEventPublisher: Deprecated.
use DefaultAuthenticationEventPublisher.setAdditionalExceptionMappings(Map)
setAddPrefixIfAlreadyExisting(boolean) - Method in class org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper
setAfterInvocationManager(AfterInvocationManager) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor: Deprecated.
setAlgorithm(String) - Method in class org.springframework.security.core.token.SecureRandomFactoryBean: Allows the Pseudo Random Number Generator (PRNG) algorithm to be nominated.
setAlgorithm(Pbkdf2PasswordEncoder.SecretKeyFactoryAlgorithm) - Method in class org.springframework.security.crypto.password.Pbkdf2PasswordEncoder: Sets the algorithm to use.
setAllowBackSlash(boolean) - Method in class org.springframework.security.web.firewall.StrictHttpFirewall: Determines if a backslash "\" or a URL encoded backslash "%5C" should be allowed in the path or not.
setAllowedHeaderNames(Predicate<String>) - Method in class org.springframework.security.web.firewall.StrictHttpFirewall: Determines which header names should be allowed.
setAllowedHeaderValues(Predicate<String>) - Method in class org.springframework.security.web.firewall.StrictHttpFirewall: Determines which header values should be allowed.
setAllowedHostnames(Predicate<String>) - Method in class org.springframework.security.web.firewall.StrictHttpFirewall: Determines which hostnames should be allowed.
setAllowedHttpMethods(Collection<String>) - Method in class org.springframework.security.web.firewall.StrictHttpFirewall: Determines which HTTP methods should be allowed.
setAllowedParameterNames(Predicate<String>) - Method in class org.springframework.security.web.firewall.StrictHttpFirewall: Determines which parameter names should be allowed.
setAllowedParameterValues(Predicate<String>) - Method in class org.springframework.security.web.firewall.StrictHttpFirewall: Determines which parameter values should be allowed.
setAllowFormEncodedBodyParameter(boolean) - Method in class org.springframework.security.oauth2.server.resource.web.DefaultBearerTokenResolver: Set if transport of access token using form-encoded body parameter is supported.
setAllowFromParameterName(String) - Method in class org.springframework.security.web.header.writers.frameoptions.AbstractRequestParameterAllowFromStrategy: Deprecated.

Sets the HTTP parameter used to retrieve the value for the origin that is allowed from.
setAllowIfAllAbstainDecisions(boolean) - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager: Deprecated.
setAllowIfEqualGrantedDeniedDecisions(boolean) - Method in class org.springframework.security.access.vote.ConsensusBased: Deprecated.
setAllowNull(boolean) - Method in class org.springframework.security.web.firewall.StrictHttpFirewall: Determines if a null "\0" or a URL encoded nul "%00" should be allowed in the path or not.
setAllowSemicolon(boolean) - Method in class org.springframework.security.web.firewall.StrictHttpFirewall: Determines if semicolon is allowed in the URL (i.e.
setAllowSessionCreation(boolean) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
setAllowSessionCreation(boolean) - Method in class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
setAllowSessionCreation(boolean) - Method in class org.springframework.security.web.context.HttpSessionSecurityContextRepository: If set to true (the default), a session will be created (if required) to store the security context if it is determined that its contents are different from the default empty context value.
setAllowUriQueryParameter(boolean) - Method in class org.springframework.security.oauth2.server.resource.web.DefaultBearerTokenResolver: Set if transport of access token using URI query parameter is supported.
setAllowUriQueryParameter(boolean) - Method in class org.springframework.security.oauth2.server.resource.web.server.authentication.ServerBearerTokenAuthenticationConverter: Set if transport of access token using URI query parameter is supported.
setAllowUrlEncodedCarriageReturn(boolean) - Method in class org.springframework.security.web.firewall.StrictHttpFirewall: Determines if a URL encoded Carriage Return is allowed in the path or not.
setAllowUrlEncodedDoubleSlash(boolean) - Method in class org.springframework.security.web.firewall.StrictHttpFirewall: Determines if double slash "//" that is URL encoded "%2F%2F" should be allowed in the path or not.
setAllowUrlEncodedLineFeed(boolean) - Method in class org.springframework.security.web.firewall.StrictHttpFirewall: Determines if a URL encoded Line Feed is allowed in the path or not.
setAllowUrlEncodedLineSeparator(boolean) - Method in class org.springframework.security.web.firewall.StrictHttpFirewall: Determines if a URL encoded line separator is allowed in the path or not.
setAllowUrlEncodedParagraphSeparator(boolean) - Method in class org.springframework.security.web.firewall.StrictHttpFirewall: Determines if a URL encoded paragraph separator is allowed in the path or not.
setAllowUrlEncodedPercent(boolean) - Method in class org.springframework.security.web.firewall.StrictHttpFirewall: Determines if a percent "%" that is URL encoded "%25" should be allowed in the path or not.
setAllowUrlEncodedPeriod(boolean) - Method in class org.springframework.security.web.firewall.StrictHttpFirewall: Determines if a period "." that is URL encoded "%2E" should be allowed in the path or not.
setAllowUrlEncodedSlash(boolean) - Method in class org.springframework.security.web.firewall.DefaultHttpFirewall: Sets if the application should allow a URL encoded slash character.
setAllowUrlEncodedSlash(boolean) - Method in class org.springframework.security.web.firewall.StrictHttpFirewall: Determines if a slash "/" that is URL encoded "%2F" should be allowed in the path or not.
setAlwaysCreateSession(boolean) - Method in class org.springframework.security.web.authentication.session.AbstractSessionFixationProtectionStrategy
setAlwaysReauthenticate(boolean) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor: Deprecated.

Indicates whether the AbstractSecurityInterceptor should ignore the Authentication.isAuthenticated() property.
setAlwaysRemember(boolean) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
setAlwaysUseDefaultTargetUrl(boolean) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler: If true, will always redirect to the value of defaultTargetUrl (defaults to false).
setAnonymousAuthentication(Authentication) - Method in class org.springframework.security.messaging.context.SecurityContextChannelInterceptor: Allows setting the Authentication used for anonymous authentication.
setAnonymousAuthorizedClientRepository(OAuth2AuthorizedClientRepository) - Method in class org.springframework.security.oauth2.client.web.AuthenticatedPrincipalOAuth2AuthorizedClientRepository: Sets the OAuth2AuthorizedClientRepository used for requests that are unauthenticated (or anonymous).
setAnonymousAuthorizedClientRepository(ServerOAuth2AuthorizedClientRepository) - Method in class org.springframework.security.oauth2.client.web.server.AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository: Sets the ServerOAuth2AuthorizedClientRepository used for requests that are unauthenticated (or anonymous).
setAnonymousClass(Class<? extends Authentication>) - Method in class org.springframework.security.authentication.AuthenticationTrustResolverImpl
setApplicationContext(ApplicationContext) - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
setApplicationContext(ApplicationContext) - Method in class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
setApplicationContext(ApplicationContext) - Method in class org.springframework.security.config.annotation.rsocket.RSocketSecurity
setApplicationContext(ApplicationContext) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
setApplicationContext(ApplicationContext) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
setApplicationContext(ApplicationContext) - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer: Deprecated.
setApplicationContext(ApplicationContext) - Method in class org.springframework.security.config.http.UserDetailsServiceFactoryBean
setApplicationContext(ApplicationContext) - Method in class org.springframework.security.config.ldap.EmbeddedLdapServerContextSourceFactoryBean
setApplicationContext(ApplicationContext) - Method in class org.springframework.security.config.method.MethodSecurityBeanDefinitionParser.Jsr250AuthorizationMethodInterceptor
setApplicationContext(ApplicationContext) - Method in class org.springframework.security.config.method.MethodSecurityBeanDefinitionParser.MethodSecurityExpressionHandlerBean
setApplicationContext(ApplicationContext) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity
setApplicationContext(ApplicationContext) - Method in class org.springframework.security.ldap.server.ApacheDSContainer: Deprecated.
setApplicationContext(ApplicationContext) - Method in class org.springframework.security.ldap.server.UnboundIdContainer
setApplicationEventPublisher(ApplicationEventPublisher) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor: Deprecated.
setApplicationEventPublisher(ApplicationEventPublisher) - Method in class org.springframework.security.authentication.DefaultAuthenticationEventPublisher
setApplicationEventPublisher(ApplicationEventPublisher) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
setApplicationEventPublisher(ApplicationEventPublisher) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
setApplicationEventPublisher(ApplicationEventPublisher) - Method in class org.springframework.security.web.authentication.logout.LogoutSuccessEventPublishingLogoutHandler
setApplicationEventPublisher(ApplicationEventPublisher) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
setApplicationEventPublisher(ApplicationEventPublisher) - Method in class org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter
setApplicationEventPublisher(ApplicationEventPublisher) - Method in class org.springframework.security.web.authentication.session.AbstractSessionFixationProtectionStrategy: Sets the ApplicationEventPublisher to use for submitting SessionFixationProtectionEvent.
setApplicationEventPublisher(ApplicationEventPublisher) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
setAssertionElementsDecrypter(Consumer<OpenSaml4AuthenticationProvider.AssertionToken>) - Method in class org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationProvider: Set the Consumer strategy to use for decrypting elements of a validated Assertion.
setAssertionValidator(Converter<OpenSaml4AuthenticationProvider.AssertionToken, Saml2ResponseValidatorResult>) - Method in class org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationProvider: Set the Converter to use for validating each Assertion in the SAML 2.0 Response.
setAsText(String) - Method in class org.springframework.security.core.userdetails.memory.UserAttributeEditor
setAsText(String) - Method in class org.springframework.security.web.util.matcher.RequestMatcherEditor
setAttributeNames(Set<String>) - Method in class org.springframework.security.ldap.userdetails.NestedLdapAuthoritiesPopulator: Sets the attribute names to retrieve for each ldap groups.
setAttributePrefix(String) - Method in class org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper
setAttributes2grantedAuthoritiesMap(Map<?, ?>) - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
setAttributesToRetrieve(String[]) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
setAuthenticated(boolean) - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
setAuthenticated(boolean) - Method in class org.springframework.security.authentication.UsernamePasswordAuthenticationToken
setAuthenticated(boolean) - Method in interface org.springframework.security.core.Authentication: See Authentication.isAuthenticated() for a full description.
setAuthenticated(boolean) - Method in class org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken: The state of this object cannot be changed.
setAuthentication(Authentication) - Method in class org.springframework.security.authorization.AuthorizationObservationContext: Set the observed Authentication for this authorization
setAuthentication(Authentication) - Method in interface org.springframework.security.core.context.SecurityContext: Changes the currently authenticated principal, or removes the authentication information.
setAuthentication(Authentication) - Method in class org.springframework.security.core.context.SecurityContextImpl
setAuthentication(Authentication) - Static method in class org.springframework.security.test.context.TestSecurityContextHolder: Creates a new SecurityContext with the given Authentication.
setAuthenticationConverter(Function<ServerWebExchange, Mono<Authentication>>) - Method in class org.springframework.security.web.server.authentication.AuthenticationWebFilter: Deprecated.
As of 5.1 in favor of AuthenticationWebFilter.setServerAuthenticationConverter(ServerAuthenticationConverter)
setAuthenticationConverter(OpaqueTokenAuthenticationConverter) - Method in class org.springframework.security.oauth2.server.resource.authentication.OpaqueTokenAuthenticationProvider: Provide with a custom bean to turn successful introspection result into an Authentication instance of your choice.
setAuthenticationConverter(ReactiveOpaqueTokenAuthenticationConverter) - Method in class org.springframework.security.oauth2.server.resource.authentication.OpaqueTokenReactiveAuthenticationManager: Provide with a custom bean to turn successful introspection result into an Authentication instance of your choice.
setAuthenticationConverter(PayloadExchangeAuthenticationConverter) - Method in class org.springframework.security.rsocket.authentication.AuthenticationPayloadInterceptor: Sets the convert to be used
setAuthenticationConverter(AuthenticationConverter) - Method in class org.springframework.security.web.authentication.AuthenticationFilter
setAuthenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.oauth2.server.resource.web.authentication.BearerTokenAuthenticationFilter: Set the AuthenticationDetailsSource to use.
setAuthenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
setAuthenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.web.authentication.AnonymousAuthenticationFilter
setAuthenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
setAuthenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
setAuthenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
setAuthenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationConverter
setAuthenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
setAuthenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
setAuthenticationEntryPoint(DigestAuthenticationEntryPoint) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
setAuthenticationEntryPoint(AuthenticationEntryPoint) - Method in class org.springframework.security.oauth2.server.resource.web.authentication.BearerTokenAuthenticationFilter: Set the AuthenticationEntryPoint to use.
setAuthenticationEntryPoint(AuthenticationEntryPoint) - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter: Sets the AuthenticationEntryPoint used when integrating HttpServletRequest with Servlet 3 APIs.
setAuthenticationEntryPoint(ServerAuthenticationEntryPoint) - Method in class org.springframework.security.web.server.authorization.ExceptionTranslationWebFilter: Sets the authentication entry point used when authentication is required
setAuthenticationEventPublisher(AuthenticationEventPublisher) - Method in class org.springframework.security.authentication.ProviderManager
setAuthenticationEventPublisher(AuthenticationEventPublisher) - Method in class org.springframework.security.config.http.HttpSecurityBeanDefinitionParser.ChildAuthenticationManagerFactoryBean
setAuthenticationFailureHandler(AuthenticationFailureHandler) - Method in class org.springframework.security.oauth2.server.resource.web.authentication.BearerTokenAuthenticationFilter: Set the AuthenticationFailureHandler to use.
setAuthenticationFailureHandler(AuthenticationFailureHandler) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
setAuthenticationFailureHandler(AuthenticationFailureHandler) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter: Sets the strategy used to handle a failed authentication.
setAuthenticationFailureHandler(AuthenticationFailureHandler) - Method in class org.springframework.security.web.session.SessionManagementFilter: The handler which will be invoked if the AuthenticatedSessionStrategy raises a SessionAuthenticationException, indicating that the user is not allowed to be authenticated for this session (typically because they already have too many sessions open).
setAuthenticationFailureHandler(ServerAuthenticationFailureHandler) - Method in class org.springframework.security.web.server.authentication.AuthenticationWebFilter: Sets the failure handler used when authentication fails.
setAuthenticationFilter(F) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer: Sets the Authentication Filter
setAuthenticationManager(AuthenticationManager) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor: Deprecated.
setAuthenticationManager(AuthenticationManager) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
setAuthenticationManager(AuthenticationManager) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
setAuthenticationManager(AuthenticationManager) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
setAuthenticationManager(AuthenticationManager) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
setAuthenticationManager(AuthenticationManager) - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter: Sets the AuthenticationManager used when integrating HttpServletRequest with Servlet 3 APIs.
setAuthenticationManagerClass(Class<?>) - Method in class org.springframework.security.authentication.AuthenticationObservationContext: Set the AuthenticationManager class that processed the authentication
setAuthenticationManagerResolver(AuthenticationManagerResolver<HttpServletRequest>) - Method in class org.springframework.security.web.authentication.AuthenticationFilter
setAuthenticationRequest(Authentication) - Method in class org.springframework.security.authentication.AuthenticationObservationContext: Set the Authentication request that was observed
setAuthenticationRequestRepository(Saml2AuthenticationRequestRepository<AbstractSaml2AuthenticationRequest>) - Method in class org.springframework.security.saml2.provider.service.web.authentication.Saml2WebSsoAuthenticationFilter: Use the given Saml2AuthenticationRequestRepository to remove the saved authentication request.
setAuthenticationRequestRepository(Saml2AuthenticationRequestRepository<AbstractSaml2AuthenticationRequest>) - Method in class org.springframework.security.saml2.provider.service.web.Saml2AuthenticationTokenConverter: Use the given Saml2AuthenticationRequestRepository to load authentication request.
setAuthenticationRequestRepository(Saml2AuthenticationRequestRepository<AbstractSaml2AuthenticationRequest>) - Method in class org.springframework.security.saml2.provider.service.web.Saml2WebSsoAuthenticationRequestFilter: Use the given Saml2AuthenticationRequestRepository to save the authentication request
setAuthenticationResult(Authentication) - Method in class org.springframework.security.authentication.AuthenticationObservationContext: Set the Authentication result that was observed
setAuthenticationResultConverter(Converter<OAuth2LoginAuthenticationToken, OAuth2AuthenticationToken>) - Method in class org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter: Sets the converter responsible for converting from OAuth2LoginAuthenticationToken to OAuth2AuthenticationToken authentication result.
setAuthenticationSuccessHandler(AuthenticationSuccessHandler) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter: Sets the strategy used to handle a successful authentication.
setAuthenticationSuccessHandler(AuthenticationSuccessHandler) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter: Sets the strategy used to handle a successful authentication.
setAuthenticationSuccessHandler(AuthenticationSuccessHandler) - Method in class org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter: Allows control over the destination a remembered user is sent to when they are successfully authenticated.
setAuthenticationSuccessHandler(ServerAuthenticationSuccessHandler) - Method in class org.springframework.security.web.server.authentication.AuthenticationWebFilter: Sets the authentication success handler.
setAuthenticationTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.access.vote.AuthenticatedVoter: Deprecated.
setAuthenticationTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.web.access.ExceptionTranslationFilter
setAuthenticationTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.web.server.authorization.ExceptionTranslationWebFilter: Sets the authentication trust resolver.
setAuthenticationUrl(String) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
setAuthnRequestCustomizer(Consumer<OpenSaml4AuthenticationRequestResolver.AuthnRequestContext>) - Method in class org.springframework.security.saml2.provider.service.web.authentication.OpenSaml4AuthenticationRequestResolver: Set a Consumer for modifying the OpenSAML AuthnRequest
setAuthorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
setAuthorities(List<GrantedAuthority>) - Method in class org.springframework.security.core.userdetails.memory.UserAttribute: Set all authorities for this user.
setAuthoritiesAsString(List<String>) - Method in class org.springframework.security.core.userdetails.memory.UserAttribute: Set all authorities for this user from String values.
setAuthoritiesByUsernameQuery(String) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl: Allows the default query string used to retrieve authorities based on username to be overridden, if default table or column names need to be changed.
setAuthoritiesClaimName(String) - Method in class org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuthoritiesConverter: Sets the name of token claim to use for mapping authorities by this converter.
setAuthoritiesMapper(GrantedAuthoritiesMapper) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
setAuthoritiesMapper(GrantedAuthoritiesMapper) - Method in class org.springframework.security.config.ldap.AbstractLdapAuthenticationManagerFactory: Sets the GrantedAuthoritiesMapper used for converting the authorities loaded from storage to a new set of authorities which will be associated to the UsernamePasswordAuthenticationToken.
setAuthoritiesMapper(GrantedAuthoritiesMapper) - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider: Sets the GrantedAuthoritiesMapper used for converting the authorities loaded from storage to a new set of authorities which will be associated to the UsernamePasswordAuthenticationToken.
setAuthoritiesMapper(GrantedAuthoritiesMapper) - Method in class org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationProvider: Sets the GrantedAuthoritiesMapper used for mapping OAuth2AuthenticatedPrincipal.getAuthorities() to a new set of authorities which will be associated to the OAuth2LoginAuthenticationToken.
setAuthoritiesMapper(GrantedAuthoritiesMapper) - Method in class org.springframework.security.oauth2.client.authentication.OAuth2LoginReactiveAuthenticationManager: Sets the GrantedAuthoritiesMapper used for mapping OAuth2AuthenticatedPrincipal.getAuthorities() to a new set of authorities which will be associated to the OAuth2LoginAuthenticationToken.
setAuthoritiesMapper(GrantedAuthoritiesMapper) - Method in class org.springframework.security.oauth2.client.oidc.authentication.OidcAuthorizationCodeAuthenticationProvider: Sets the GrantedAuthoritiesMapper used for mapping OAuth2AuthenticatedPrincipal.getAuthorities()} to a new set of authorities which will be associated to the OAuth2LoginAuthenticationToken.
setAuthoritiesMapper(GrantedAuthoritiesMapper) - Method in class org.springframework.security.oauth2.client.oidc.authentication.OidcAuthorizationCodeReactiveAuthenticationManager: Sets the GrantedAuthoritiesMapper used for mapping OAuth2AuthenticatedPrincipal.getAuthorities() to a new set of authorities which will be associated to the OAuth2LoginAuthenticationToken.
setAuthoritiesMapper(GrantedAuthoritiesMapper) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
setAuthorityGranters(AuthorityGranter[]) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider: Set the AuthorityGranters that should be consulted for role names to be granted to the Authentication.
setAuthorityMapper(Function<Map<String, List<String>>, GrantedAuthority>) - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator: Sets the mapping function which will be used to create instances of GrantedAuthority given the context record.
setAuthorityPrefix(String) - Method in class org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuthoritiesConverter: Sets the prefix to use for authorities mapped by this converter.
setAuthorizationEventPublisher(AuthorizationEventPublisher) - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor: Use this AuthorizationEventPublisher to publish the AuthorizationManager result.
setAuthorizationEventPublisher(AuthorizationEventPublisher) - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor: Use this AuthorizationEventPublisher to publish the AuthorizationManager result.
setAuthorizationEventPublisher(AuthorizationEventPublisher) - Method in class org.springframework.security.messaging.access.intercept.AuthorizationChannelInterceptor: Use this AuthorizationEventPublisher to publish the AuthorizationManager result.
setAuthorizationEventPublisher(AuthorizationEventPublisher) - Method in class org.springframework.security.web.access.intercept.AuthorizationFilter: Use this AuthorizationEventPublisher to publish AuthorizationDeniedEvents and AuthorizationGrantedEvents.
setAuthorizationFailureHandler(OAuth2AuthorizationFailureHandler) - Method in class org.springframework.security.oauth2.client.AuthorizedClientServiceOAuth2AuthorizedClientManager: Sets the OAuth2AuthorizationFailureHandler that handles authorization failures.
setAuthorizationFailureHandler(OAuth2AuthorizationFailureHandler) - Method in class org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizedClientManager: Sets the OAuth2AuthorizationFailureHandler that handles authorization failures.
setAuthorizationFailureHandler(OAuth2AuthorizationFailureHandler) - Method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction: Sets the OAuth2AuthorizationFailureHandler that handles authentication and authorization failures when communicating to the OAuth 2.0 Resource Server.
setAuthorizationFailureHandler(ReactiveOAuth2AuthorizationFailureHandler) - Method in class org.springframework.security.oauth2.client.AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager: Sets the handler that handles authorization failures.
setAuthorizationFailureHandler(ReactiveOAuth2AuthorizationFailureHandler) - Method in class org.springframework.security.oauth2.client.web.DefaultReactiveOAuth2AuthorizedClientManager: Sets the handler that handles authorization failures.
setAuthorizationFailureHandler(ReactiveOAuth2AuthorizationFailureHandler) - Method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction: Sets the handler that handles authentication and authorization failures when communicating to the OAuth 2.0 Resource Server.
setAuthorizationRedirectStrategy(RedirectStrategy) - Method in class org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter: Sets the redirect strategy for Authorization Endpoint redirect URI.
setAuthorizationRedirectStrategy(ServerRedirectStrategy) - Method in class org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationRequestRedirectWebFilter: Sets the redirect strategy for Authorization Endpoint redirect URI.
setAuthorizationRequestCustomizer(Consumer<OAuth2AuthorizationRequest.Builder>) - Method in class org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizationRequestResolver: Sets the Consumer to be provided the OAuth2AuthorizationRequest.Builder allowing for further customizations.
setAuthorizationRequestCustomizer(Consumer<OAuth2AuthorizationRequest.Builder>) - Method in class org.springframework.security.oauth2.client.web.server.DefaultServerOAuth2AuthorizationRequestResolver: Sets the Consumer to be provided the OAuth2AuthorizationRequest.Builder allowing for further customizations.
setAuthorizationRequestRepository(AuthorizationRequestRepository<OAuth2AuthorizationRequest>) - Method in class org.springframework.security.oauth2.client.web.OAuth2AuthorizationCodeGrantFilter: Sets the repository for stored OAuth2AuthorizationRequest's.
setAuthorizationRequestRepository(AuthorizationRequestRepository<OAuth2AuthorizationRequest>) - Method in class org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter: Sets the repository used for storing OAuth2AuthorizationRequest's.
setAuthorizationRequestRepository(AuthorizationRequestRepository<OAuth2AuthorizationRequest>) - Method in class org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter: Sets the repository for stored OAuth2AuthorizationRequest's.
setAuthorizationRequestRepository(ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest>) - Method in class org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationCodeGrantWebFilter: Sets the repository used for storing OAuth2AuthorizationRequest's.
setAuthorizationRequestRepository(ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest>) - Method in class org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationRequestRedirectWebFilter: Sets the repository used for storing OAuth2AuthorizationRequest's.
setAuthorizationRequestRepository(ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest>) - Method in class org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizationCodeAuthenticationTokenConverter: Sets the ServerAuthorizationRequestRepository to be used.
setAuthorizationSuccessHandler(OAuth2AuthorizationSuccessHandler) - Method in class org.springframework.security.oauth2.client.AuthorizedClientServiceOAuth2AuthorizedClientManager: Sets the OAuth2AuthorizationSuccessHandler that handles successful authorizations.
setAuthorizationSuccessHandler(OAuth2AuthorizationSuccessHandler) - Method in class org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizedClientManager: Sets the OAuth2AuthorizationSuccessHandler that handles successful authorizations.
setAuthorizationSuccessHandler(ReactiveOAuth2AuthorizationSuccessHandler) - Method in class org.springframework.security.oauth2.client.AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager: Sets the handler that handles successful authorizations.
setAuthorizationSuccessHandler(ReactiveOAuth2AuthorizationSuccessHandler) - Method in class org.springframework.security.oauth2.client.web.DefaultReactiveOAuth2AuthorizedClientManager: Sets the handler that handles successful authorizations.
setAuthorizedClientParametersMapper(Function<JdbcOAuth2AuthorizedClientService.OAuth2AuthorizedClientHolder, List<SqlParameterValue>>) - Method in class org.springframework.security.oauth2.client.JdbcOAuth2AuthorizedClientService: Sets the Function used for mapping JdbcOAuth2AuthorizedClientService.OAuth2AuthorizedClientHolder to a List of SqlParameterValue.
setAuthorizedClientParametersMapper(Function<R2dbcReactiveOAuth2AuthorizedClientService.OAuth2AuthorizedClientHolder, Map<String, Parameter>>) - Method in class org.springframework.security.oauth2.client.R2dbcReactiveOAuth2AuthorizedClientService: Sets the Function used for mapping R2dbcReactiveOAuth2AuthorizedClientService.OAuth2AuthorizedClientHolder to a Map of String and Parameter.
setAuthorizedClientProvider(OAuth2AuthorizedClientProvider) - Method in class org.springframework.security.oauth2.client.AuthorizedClientServiceOAuth2AuthorizedClientManager: Sets the OAuth2AuthorizedClientProvider used for authorizing (or re-authorizing) an OAuth 2.0 Client.
setAuthorizedClientProvider(OAuth2AuthorizedClientProvider) - Method in class org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizedClientManager: Sets the OAuth2AuthorizedClientProvider used for authorizing (or re-authorizing) an OAuth 2.0 Client.
setAuthorizedClientProvider(ReactiveOAuth2AuthorizedClientProvider) - Method in class org.springframework.security.oauth2.client.AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager: Sets the ReactiveOAuth2AuthorizedClientProvider used for authorizing (or re-authorizing) an OAuth 2.0 Client.
setAuthorizedClientProvider(ReactiveOAuth2AuthorizedClientProvider) - Method in class org.springframework.security.oauth2.client.web.DefaultReactiveOAuth2AuthorizedClientManager: Sets the ReactiveOAuth2AuthorizedClientProvider used for authorizing (or re-authorizing) an OAuth 2.0 Client.
setAuthorizedClientRowMapper(BiFunction<Row, RowMetadata, R2dbcReactiveOAuth2AuthorizedClientService.OAuth2AuthorizedClientHolder>) - Method in class org.springframework.security.oauth2.client.R2dbcReactiveOAuth2AuthorizedClientService: Sets the BiFunction used for mapping the current io.r2dbc.spi.Row to R2dbcReactiveOAuth2AuthorizedClientService.OAuth2AuthorizedClientHolder.
setAuthorizedClientRowMapper(RowMapper<OAuth2AuthorizedClient>) - Method in class org.springframework.security.oauth2.client.JdbcOAuth2AuthorizedClientService: Sets the RowMapper used for mapping the current row in java.sql.ResultSet to OAuth2AuthorizedClient.
setBatchSize(int) - Method in class org.springframework.security.acls.jdbc.BasicLookupStrategy
setBeanClassLoader(ClassLoader) - Method in class org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource: Deprecated.
setBeanClassLoader(ClassLoader) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
setBeanFactory(BeanFactory) - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityMetadataSourceAdvisor: Deprecated.
setBeanFactory(BeanFactory) - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration: Deprecated.
setBeanFactory(BeanFactory) - Method in class org.springframework.security.config.authentication.AuthenticationManagerFactoryBean
setBeanResolver(BeanResolver) - Method in class org.springframework.security.messaging.handler.invocation.reactive.AuthenticationPrincipalArgumentResolver: Sets the BeanResolver to be used on the expressions
setBeanResolver(BeanResolver) - Method in class org.springframework.security.messaging.handler.invocation.reactive.CurrentSecurityContextArgumentResolver: Sets the BeanResolver to be used on the expressions
setBeanResolver(BeanResolver) - Method in class org.springframework.security.web.method.annotation.AuthenticationPrincipalArgumentResolver: Sets the BeanResolver to be used on the expressions
setBeanResolver(BeanResolver) - Method in class org.springframework.security.web.method.annotation.CurrentSecurityContextArgumentResolver: Set the BeanResolver to be used on the expressions
setBeanResolver(BeanResolver) - Method in class org.springframework.security.web.reactive.result.method.annotation.AuthenticationPrincipalArgumentResolver: Sets the BeanResolver to be used on the expressions
setBeanResolver(BeanResolver) - Method in class org.springframework.security.web.reactive.result.method.annotation.CurrentSecurityContextArgumentResolver: Sets the BeanResolver to be used on the expressions
setBearerTokenHeaderName(String) - Method in class org.springframework.security.oauth2.server.resource.web.DefaultBearerTokenResolver: Set this value to configure what header is checked when resolving a Bearer Token.
setBearerTokenHeaderName(String) - Method in class org.springframework.security.oauth2.server.resource.web.server.authentication.ServerBearerTokenAuthenticationConverter: Set this value to configure what header is checked when resolving a Bearer Token.
setBearerTokenResolver(BearerTokenResolver) - Method in class org.springframework.security.oauth2.server.resource.web.authentication.BearerTokenAuthenticationFilter: Set the BearerTokenResolver to use.
setBodyExtractor(BodyExtractor<Mono<OAuth2AccessTokenResponse>, ReactiveHttpInputMessage>) - Method in class org.springframework.security.oauth2.client.endpoint.AbstractWebClientReactiveOAuth2AccessTokenResponseClient: Sets the BodyExtractor that will be used to decode the OAuth2AccessTokenResponse
setBuilder(B) - Method in class org.springframework.security.config.annotation.SecurityConfigurerAdapter: Sets the SecurityBuilder to be used.
setCacheSecurityContext(boolean) - Method in class org.springframework.security.web.server.context.WebSessionServerSecurityContextRepository: If set to true the result of WebSessionServerSecurityContextRepository.load(ServerWebExchange) will use Mono.cache() to prevent multiple lookups.
setCallbackHandlers(JaasAuthenticationCallbackHandler[]) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider: Set the JAASAuthentcationCallbackHandler array to handle callback objects generated by the LoginContext.login method.
setCarLicense(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
setCertificatePassord(String) - Method in class org.springframework.security.ldap.server.ApacheDSContainer: Deprecated.

Will set the certificate password on the underlying LdapServer.
setChangePasswordSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
setChannelDecisionManager(ChannelDecisionManager) - Method in class org.springframework.security.web.access.channel.ChannelProcessingFilter
setChannelProcessors(List<?>) - Method in class org.springframework.security.web.access.channel.ChannelDecisionManagerImpl
setCheckForPrincipalChanges(boolean) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter: If set, the pre-authenticated principal will be checked on each request and compared against the name of the current Authentication object.
setClaimSetConverter(Converter<Map<String, Object>, Map<String, Object>>) - Method in class org.springframework.security.oauth2.jwt.NimbusJwtDecoder: Use the following Converter for manipulating the JWT's claim set
setClaimSetConverter(Converter<Map<String, Object>, Map<String, Object>>) - Method in class org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder: Use the following Converter for manipulating the JWT's claim set
setClaimTypeConverterFactory(Function<ClientRegistration, Converter<Map<String, Object>, Map<String, Object>>>) - Method in class org.springframework.security.oauth2.client.oidc.authentication.OidcIdTokenDecoderFactory: Sets the factory that provides a Converter used for type conversion of claim values for an OidcIdToken.
setClaimTypeConverterFactory(Function<ClientRegistration, Converter<Map<String, Object>, Map<String, Object>>>) - Method in class org.springframework.security.oauth2.client.oidc.authentication.ReactiveOidcIdTokenDecoderFactory: Sets the factory that provides a Converter used for type conversion of claim values for an OidcIdToken.
setClaimTypeConverterFactory(Function<ClientRegistration, Converter<Map<String, Object>, Map<String, Object>>>) - Method in class org.springframework.security.oauth2.client.oidc.userinfo.OidcReactiveOAuth2UserService: Sets the factory that provides a Converter used for type conversion of claim values for an OidcUserInfo.
setClaimTypeConverterFactory(Function<ClientRegistration, Converter<Map<String, Object>, Map<String, Object>>>) - Method in class org.springframework.security.oauth2.client.oidc.userinfo.OidcUserService: Sets the factory that provides a Converter used for type conversion of claim values for an OidcUserInfo.
setClassIdentityQuery(String) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService: Sets the query that will be used to retrieve the identity of a newly created row in the acl_class table.
setClassPrimaryKeyQuery(String) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
setClearAuthentication(boolean) - Method in class org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler: If true, removes the Authentication from the SecurityContext to prevent issues with concurrent requests.
setClock(Clock) - Method in class org.springframework.security.oauth2.client.ClientCredentialsOAuth2AuthorizedClientProvider: Sets the Clock used in Instant.now(Clock) when checking the access token expiry.
setClock(Clock) - Method in class org.springframework.security.oauth2.client.ClientCredentialsReactiveOAuth2AuthorizedClientProvider: Sets the Clock used in Instant.now(Clock) when checking the access token expiry.
setClock(Clock) - Method in class org.springframework.security.oauth2.client.JwtBearerOAuth2AuthorizedClientProvider: Sets the Clock used in Instant.now(Clock) when checking the access token expiry.
setClock(Clock) - Method in class org.springframework.security.oauth2.client.JwtBearerReactiveOAuth2AuthorizedClientProvider: Sets the Clock used in Instant.now(Clock) when checking the access token expiry.
setClock(Clock) - Method in class org.springframework.security.oauth2.client.oidc.authentication.OidcIdTokenValidator: Sets the Clock used in Instant.now(Clock) when validating the exp and iat claims.
setClock(Clock) - Method in class org.springframework.security.oauth2.client.PasswordOAuth2AuthorizedClientProvider: Deprecated.

Sets the Clock used in Instant.now(Clock) when checking the access token expiry.
setClock(Clock) - Method in class org.springframework.security.oauth2.client.PasswordReactiveOAuth2AuthorizedClientProvider: Deprecated.

Sets the Clock used in Instant.now(Clock) when checking the access token expiry.
setClock(Clock) - Method in class org.springframework.security.oauth2.client.RefreshTokenOAuth2AuthorizedClientProvider: Sets the Clock used in Instant.now(Clock) when checking the access token expiry.
setClock(Clock) - Method in class org.springframework.security.oauth2.client.RefreshTokenReactiveOAuth2AuthorizedClientProvider: Sets the Clock used in Instant.now(Clock) when checking the access token expiry.
setClock(Clock) - Method in class org.springframework.security.oauth2.jwt.JwtTimestampValidator: Use this Clock with Instant.now() for assessing timestamp validity
setClock(Clock) - Method in class org.springframework.security.saml2.provider.service.web.authentication.logout.OpenSaml4LogoutRequestResolver: Use this Clock for determining the issued Instant
setClock(Clock) - Method in class org.springframework.security.saml2.provider.service.web.authentication.logout.OpenSaml4LogoutResponseResolver
setClock(Clock) - Method in class org.springframework.security.saml2.provider.service.web.authentication.OpenSaml4AuthenticationRequestResolver: Use this Clock for generating the issued Instant
setClockSkew(Duration) - Method in class org.springframework.security.oauth2.client.ClientCredentialsOAuth2AuthorizedClientProvider: Sets the maximum acceptable clock skew, which is used when checking the access token expiry.
setClockSkew(Duration) - Method in class org.springframework.security.oauth2.client.ClientCredentialsReactiveOAuth2AuthorizedClientProvider: Sets the maximum acceptable clock skew, which is used when checking the access token expiry.
setClockSkew(Duration) - Method in class org.springframework.security.oauth2.client.JwtBearerOAuth2AuthorizedClientProvider: Sets the maximum acceptable clock skew, which is used when checking the access token expiry.
setClockSkew(Duration) - Method in class org.springframework.security.oauth2.client.JwtBearerReactiveOAuth2AuthorizedClientProvider: Sets the maximum acceptable clock skew, which is used when checking the access token expiry.
setClockSkew(Duration) - Method in class org.springframework.security.oauth2.client.oidc.authentication.OidcIdTokenValidator: Sets the maximum acceptable clock skew.
setClockSkew(Duration) - Method in class org.springframework.security.oauth2.client.PasswordOAuth2AuthorizedClientProvider: Deprecated.

Sets the maximum acceptable clock skew, which is used when checking the access token expiry.
setClockSkew(Duration) - Method in class org.springframework.security.oauth2.client.PasswordReactiveOAuth2AuthorizedClientProvider: Deprecated.

Sets the maximum acceptable clock skew, which is used when checking the access token expiry.
setClockSkew(Duration) - Method in class org.springframework.security.oauth2.client.RefreshTokenOAuth2AuthorizedClientProvider: Sets the maximum acceptable clock skew, which is used when checking the access token expiry.
setClockSkew(Duration) - Method in class org.springframework.security.oauth2.client.RefreshTokenReactiveOAuth2AuthorizedClientProvider: Sets the maximum acceptable clock skew, which is used when checking the access token expiry.
setCn(String[]) - Method in class org.springframework.security.ldap.userdetails.Person.Essence
setConfiguration(Configuration) - Method in class org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider: Sets the Configuration to use for Authentication.
setContentLength(int) - Method in class org.springframework.security.web.util.OnCommittedResponseWrapper
setContentLengthLong(long) - Method in class org.springframework.security.web.util.OnCommittedResponseWrapper
setContext(SecurityContext) - Method in class org.springframework.security.core.context.ListeningSecurityContextHolderStrategy: Sets the current context.
setContext(SecurityContext) - Static method in class org.springframework.security.core.context.SecurityContextHolder: Associates a new SecurityContext with the current thread of execution.
setContext(SecurityContext) - Method in interface org.springframework.security.core.context.SecurityContextHolderStrategy: Sets the current context.
setContext(SecurityContext) - Static method in class org.springframework.security.test.context.TestSecurityContextHolder: Sets the SecurityContext on TestSecurityContextHolder and SecurityContextHolder.
setContext(SecurityContext) - Method in class org.springframework.security.test.context.TestSecurityContextHolderStrategyAdapter
setContextAttributesMapper(Function<OAuth2AuthorizeRequest, Map<String, Object>>) - Method in class org.springframework.security.oauth2.client.AuthorizedClientServiceOAuth2AuthorizedClientManager: Sets the Function used for mapping attribute(s) from the OAuth2AuthorizeRequest to a Map of attributes to be associated to the authorization context.
setContextAttributesMapper(Function<OAuth2AuthorizeRequest, Map<String, Object>>) - Method in class org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizedClientManager: Sets the Function used for mapping attribute(s) from the OAuth2AuthorizeRequest to a Map of attributes to be associated to the authorization context.
setContextAttributesMapper(Function<OAuth2AuthorizeRequest, Mono<Map<String, Object>>>) - Method in class org.springframework.security.oauth2.client.AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager: Sets the Function used for mapping attribute(s) from the OAuth2AuthorizeRequest to a Map of attributes to be associated to the authorization context.
setContextAttributesMapper(Function<OAuth2AuthorizeRequest, Mono<Map<String, Object>>>) - Method in class org.springframework.security.oauth2.client.web.DefaultReactiveOAuth2AuthorizedClientManager: Sets the Function used for mapping attribute(s) from the OAuth2AuthorizeRequest to a Map of attributes to be associated to the authorization context.
setContextEnvironmentProperties(Map<String, Object>) - Method in class org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider: Allows a custom environment properties to be used to create initial LDAP context.
setContextHolderStrategy(SecurityContextHolderStrategy) - Static method in class org.springframework.security.core.context.SecurityContextHolder: Use this SecurityContextHolderStrategy.
setContextPath(String) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
setContextPath(String) - Method in class org.springframework.security.web.util.RedirectUrlBuilder
setContextRelative(boolean) - Method in class org.springframework.security.web.DefaultRedirectStrategy: If true, causes any redirection URLs to be calculated minus the protocol and context path (defaults to false).
setContextRelative(boolean) - Method in class org.springframework.security.web.server.DefaultServerRedirectStrategy: Sets if the location is relative to the context.
setContextSource(BaseLdapPathContextSource) - Method in class org.springframework.security.config.ldap.AbstractLdapAuthenticationManagerFactory: Sets the BaseLdapPathContextSource used to perform LDAP authentication.
setContinueChainBeforeSuccessfulAuthentication(boolean) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter: Indicates if the filter chain should be continued prior to delegation to AbstractAuthenticationProcessingFilter.successfulAuthentication(HttpServletRequest, HttpServletResponse, FilterChain, Authentication) , which may be useful in certain environment (such as Tapestry applications).
setContinueFilterChainOnUnsuccessfulAuthentication(boolean) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter: If set to true (the default), any AuthenticationException raised by the AuthenticationManager will be swallowed, and the request will be allowed to proceed, potentially using alternative authentication mechanisms.
setConversionService(ConversionService) - Method in class org.springframework.security.acls.jdbc.BasicLookupStrategy
setConversionService(ConversionService) - Method in class org.springframework.security.acls.jdbc.JdbcAclService
setConvertAttributeToLowerCase(boolean) - Method in class org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper
setConvertAttributeToUpperCase(boolean) - Method in class org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper
setConvertSubErrorCodesToExceptions(boolean) - Method in class org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider: By default, a failed authentication (LDAP error 49) will result in a BadCredentialsException.
setConvertToLowerCase(boolean) - Method in class org.springframework.security.core.authority.mapping.SimpleAuthorityMapper: Whether to convert the authority value to lower case in the mapping.
setConvertToUpperCase(boolean) - Method in class org.springframework.security.core.authority.mapping.SimpleAuthorityMapper: Whether to convert the authority value to upper case in the mapping.
setConvertToUpperCase(boolean) - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator: Convert the role to uppercase
setConvertToUpperCase(boolean) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsMapper: Determines whether role field values will be converted to upper case when loaded.
setCookie(String[], int, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices: Sets the cookie on the response.
setCookieDomain(String) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
setCookieDomain(String) - Method in class org.springframework.security.web.csrf.CookieCsrfTokenRepository: Sets the domain of the cookie that the expected CSRF token is saved to and read from.
setCookieDomain(String) - Method in class org.springframework.security.web.server.csrf.CookieServerCsrfTokenRepository: Sets the cookie domain
setCookieHttpOnly(boolean) - Method in class org.springframework.security.web.csrf.CookieCsrfTokenRepository: Sets the HttpOnly attribute on the cookie containing the CSRF token.
setCookieHttpOnly(boolean) - Method in class org.springframework.security.web.server.csrf.CookieServerCsrfTokenRepository: Sets the HttpOnly attribute on the cookie containing the CSRF token
setCookieMaxAge(int) - Method in class org.springframework.security.web.csrf.CookieCsrfTokenRepository: Sets maximum age in seconds for the cookie that the expected CSRF token is saved to and read from.
setCookieMaxAge(int) - Method in class org.springframework.security.web.server.csrf.CookieServerCsrfTokenRepository: Sets maximum age in seconds for the cookie that the expected CSRF token is saved to and read from.
setCookieName(String) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
setCookieName(String) - Method in class org.springframework.security.web.csrf.CookieCsrfTokenRepository: Sets the name of the cookie that the expected CSRF token is saved to and read from.
setCookieName(String) - Method in class org.springframework.security.web.server.csrf.CookieServerCsrfTokenRepository: Sets the cookie name
setCookiePath(String) - Method in class org.springframework.security.web.csrf.CookieCsrfTokenRepository: Set the path that the Cookie will be created with.
setCookiePath(String) - Method in class org.springframework.security.web.server.csrf.CookieServerCsrfTokenRepository: Sets the cookie path
setCookies(List<Cookie>) - Method in class org.springframework.security.web.savedrequest.SimpleSavedRequest
setCookies(List<SavedCookie>) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
setCreateAuthenticatedToken(boolean) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter: If you set this property, the Authentication object, which is created after the successful digest authentication will be marked as authenticated and filled with the authorities loaded by the UserDetailsService.
setCreateAuthoritySql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
setCreateEmptySubject(boolean) - Method in class org.springframework.security.web.jaasapi.JaasApiIntegrationFilter: Sets createEmptySubject.
setCreateNewSession(boolean) - Method in class org.springframework.security.web.session.RequestedUrlRedirectInvalidSessionStrategy: Determines whether a new session should be created before redirecting (to avoid possible looping issues where the same session ID is sent with the redirected request).
setCreateNewSession(boolean) - Method in class org.springframework.security.web.session.SimpleRedirectInvalidSessionStrategy: Determines whether a new session should be created before redirecting (to avoid possible looping issues where the same session ID is sent with the redirected request).
setCreateSessionAllowed(boolean) - Method in class org.springframework.security.web.savedrequest.HttpSessionRequestCache: If true, indicates that it is permitted to store the target URL and exception information in a new HttpSession (the default).
setCreateTableOnStartup(boolean) - Method in class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl: Intended for convenience in debugging.
setCreateUserSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
setCredentialsCharset(String) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
setCredentialsCharset(Charset) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationConverter
setCredentialsCharset(Charset) - Method in class org.springframework.security.web.server.ServerHttpBasicAuthenticationConverter: Deprecated.

Sets the Charset used to decode the Base64-encoded bytes of the basic authentication credentials.
setCredentialsEnvironmentVariable(String) - Method in class org.springframework.security.web.authentication.preauth.RequestAttributeAuthenticationFilter
setCredentialsNonExpired(boolean) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
setCredentialsRequestHeader(String) - Method in class org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter
setCsrfRequestAttributeName(String) - Method in class org.springframework.security.web.csrf.CsrfTokenRequestAttributeHandler: The CsrfToken is available as a request attribute named CsrfToken.class.getName().
setCsrfTokenRepository(HttpServletRequest, CsrfTokenRepository) - Static method in class org.springframework.security.test.web.support.WebTestUtils: Sets the CsrfTokenRepository for the specified HttpServletRequest.
setCsrfTokenRepository(ServerCsrfTokenRepository) - Method in class org.springframework.security.web.server.csrf.CsrfWebFilter
setDecision(AuthorizationDecision) - Method in class org.springframework.security.authorization.AuthorizationObservationContext: Set the observed AuthorizationDecision
setDefaultAccessDeniedHandler(ServerAccessDeniedHandler) - Method in class org.springframework.security.web.server.authorization.ServerWebExchangeDelegatingServerAccessDeniedHandler: Use this ServerAccessDeniedHandler when no ServerWebExchangeMatcher matches.
setDefaultAuthenticationFailureEvent(Class<? extends AbstractAuthenticationFailureEvent>) - Method in class org.springframework.security.authentication.DefaultAuthenticationEventPublisher: Sets a default authentication failure event as a fallback event for any unmapped exceptions not mapped in the exception mappings.
setDefaultAuthenticationManager(AuthenticationManager) - Method in class org.springframework.security.web.authentication.RequestMatcherDelegatingAuthenticationManagerResolver: Set the default AuthenticationManager to use when a request does not match
setDefaultAuthenticationManager(ReactiveAuthenticationManager) - Method in class org.springframework.security.web.server.authentication.ServerWebExchangeDelegatingReactiveAuthenticationManagerResolver: Set the default ReactiveAuthenticationManager to use when a request does not match
setDefaultAuthority(String) - Method in class org.springframework.security.core.authority.mapping.SimpleAuthorityMapper: Sets a default authority to be assigned to all users
setDefaultClientRegistrationId(String) - Method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction: If set, will be used as the default ClientRegistration.getRegistrationId().
setDefaultClientRegistrationId(String) - Method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction: If set, will be used as the default ClientRegistration.getRegistrationId().
setDefaultDataMimeType(MimeType) - Method in class org.springframework.security.rsocket.core.PayloadSocketAcceptorInterceptor
setDefaultEntryPoint(AuthenticationEntryPoint) - Method in class org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint: EntryPoint which is used when no RequestMatcher returned true
setDefaultEntryPoint(ServerAuthenticationEntryPoint) - Method in class org.springframework.security.web.server.DelegatingServerAuthenticationEntryPoint: EntryPoint which is used when no RequestMatcher returned true
setDefaultFailureUrl(String) - Method in class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler: The URL which will be used as the failure destination.
setDefaultLogoutSuccessHandler(LogoutSuccessHandler) - Method in class org.springframework.security.web.authentication.logout.DelegatingLogoutSuccessHandler: Sets the default LogoutSuccessHandler if no other handlers available
setDefaultMetadataMimeType(MimeType) - Method in class org.springframework.security.rsocket.core.PayloadSocketAcceptorInterceptor
setDefaultNameRequired(boolean) - Method in class org.springframework.security.config.ldap.ContextSourceSettingPostProcessor
setDefaultOAuth2AuthorizedClient(boolean) - Method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction: If true, a default OAuth2AuthorizedClient can be discovered from the current Authentication.
setDefaultOAuth2AuthorizedClient(boolean) - Method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction: If true, a default OAuth2AuthorizedClient can be discovered from the current Authentication.
setDefaultPasswordEncoderForMatches(PasswordEncoder) - Method in class org.springframework.security.crypto.password.DelegatingPasswordEncoder: Sets the PasswordEncoder to delegate to for DelegatingPasswordEncoder.matches(CharSequence, String) if the id is not mapped to a PasswordEncoder.
setDefaultRole(String) - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator: The default role which will be assigned to all users.
setDefaultRolePrefix(String) - Method in class org.springframework.security.access.annotation.Jsr250MethodSecurityMetadataSource: Deprecated.

Sets the default prefix to be added to RolesAllowed.
setDefaultRolePrefix(String) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler: Sets the default prefix to be added to SecurityExpressionRoot.hasAnyRole(String...) or SecurityExpressionRoot.hasRole(String).
setDefaultRolePrefix(String) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot: Sets the default prefix to be added to SecurityExpressionRoot.hasAnyRole(String...) or SecurityExpressionRoot.hasRole(String).
setDefaultRolePrefix(String) - Method in class org.springframework.security.data.repository.query.SecurityEvaluationContextExtension: Sets the default prefix to be added to SecurityExpressionRoot.hasAnyRole(String...) or SecurityExpressionRoot.hasRole(String).
setDefaultRolePrefix(String) - Method in class org.springframework.security.web.access.expression.DefaultHttpSecurityExpressionHandler: Sets the default prefix to be added to SecurityExpressionRoot.hasAnyRole(String...) or SecurityExpressionRoot.hasRole(String).
setDefaultRolePrefix(String) - Method in class org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler: Sets the default prefix to be added to SecurityExpressionRoot.hasAnyRole(String...) or SecurityExpressionRoot.hasRole(String).
setDefaultTargetUrl(String) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler: Supplies the default target Url that will be used if no saved request is found in the session, or the alwaysUseDefaultTargetUrl property is set to true.
setDeferLoadToken(boolean) - Method in class org.springframework.security.web.csrf.LazyCsrfTokenRepository: Deprecated.

Determines if LazyCsrfTokenRepository.loadToken(HttpServletRequest) should be lazily loaded.
setDeferredContext(Supplier<SecurityContext>) - Method in class org.springframework.security.core.context.ListeningSecurityContextHolderStrategy: Sets a Supplier that will return the current context.
setDeferredContext(Supplier<SecurityContext>) - Static method in class org.springframework.security.core.context.SecurityContextHolder: Sets a Supplier that will return the current context.
setDeferredContext(Supplier<SecurityContext>) - Method in interface org.springframework.security.core.context.SecurityContextHolderStrategy: Sets a Supplier that will return the current context.
setDeleteEntryByObjectIdentityForeignKeySql(String) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
setDeleteGroupAuthoritiesSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
setDeleteGroupAuthoritySql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
setDeleteGroupMemberSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
setDeleteGroupMembersSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
setDeleteGroupSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
setDeleteObjectIdentityByPrimaryKeySql(String) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
setDeleteUserAuthoritiesSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
setDeleteUserSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
setDepartmentNumber(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
setDerefLinkFlag(boolean) - Method in class org.springframework.security.ldap.search.FilterBasedLdapUserSearch: Sets the corresponding property on the SearchControls instance used in the search.
setDescription(String) - Method in class org.springframework.security.ldap.userdetails.Person.Essence
setDestinationIndicator(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
setDetails(HttpServletRequest, UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter: Provided so that subclasses may configure what is put into the authentication request's details property.
setDetails(Object) - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
setDisableUrlRewriting(boolean) - Method in class org.springframework.security.web.context.HttpSessionSecurityContextRepository: Allows the use of session identifiers in URLs to be disabled.
setDisplayName(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
setDn(String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
setDn(Name) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
setDomainObject(Object) - Method in class org.springframework.security.taglibs.authz.AccessControlListTag
setEmployeeNumber(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
setEnableAuthorities(boolean) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl: Enables loading of authorities (roles) from the authorities table.
setEnabled(boolean) - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
setEnabled(boolean) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
setEnableGroups(boolean) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl: Enables support for group authorities.
setEncodeHashAsBase64(boolean) - Method in class org.springframework.security.crypto.password.Md4PasswordEncoder: Deprecated.
setEncodeHashAsBase64(boolean) - Method in class org.springframework.security.crypto.password.MessageDigestPasswordEncoder: Deprecated.
setEncodeHashAsBase64(boolean) - Method in class org.springframework.security.crypto.password.Pbkdf2PasswordEncoder: Sets if the resulting hash should be encoded as Base64.
setEntityDescriptorCustomizer(Consumer<OpenSamlMetadataResolver.EntityDescriptorParameters>) - Method in class org.springframework.security.saml2.provider.service.metadata.OpenSamlMetadataResolver: Set a Consumer for modifying the OpenSAML EntityDescriptor
setEntriesInheriting(boolean) - Method in class org.springframework.security.acls.domain.AclImpl
setEntriesInheriting(boolean) - Method in interface org.springframework.security.acls.model.MutableAcl: Change the value returned by Acl.isEntriesInheriting().
setEntryPoint(ChannelEntryPoint) - Method in class org.springframework.security.web.access.channel.InsecureChannelProcessor
setEntryPoint(ChannelEntryPoint) - Method in class org.springframework.security.web.access.channel.SecureChannelProcessor
setEraseCredentialsAfterAuthentication(boolean) - Method in class org.springframework.security.authentication.ProviderManager: If set to, a resulting Authentication which implements the CredentialsContainer interface will have its eraseCredentials method called before it is returned from the authenticate() method.
setEraseCredentialsAfterAuthentication(boolean) - Method in class org.springframework.security.config.http.HttpSecurityBeanDefinitionParser.ChildAuthenticationManagerFactoryBean
setErrorConverter(Converter<Map<String, String>, OAuth2Error>) - Method in class org.springframework.security.oauth2.core.http.converter.OAuth2ErrorHttpMessageConverter: Sets the Converter used for converting the OAuth 2.0 Error parameters to an OAuth2Error.
setErrorConverter(HttpMessageConverter<OAuth2Error>) - Method in class org.springframework.security.oauth2.client.http.OAuth2ErrorResponseErrorHandler: Sets the HttpMessageConverter for an OAuth 2.0 Error.
setErrorPage(String) - Method in class org.springframework.security.web.access.AccessDeniedHandlerImpl: The error page to use.
setErrorParametersConverter(Converter<OAuth2Error, Map<String, String>>) - Method in class org.springframework.security.oauth2.core.http.converter.OAuth2ErrorHttpMessageConverter: Sets the Converter used for converting the OAuth2Error to a Map representation of the OAuth 2.0 Error parameters.
setExceptionIfHeaderMissing(boolean) - Method in class org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter: Defines whether an exception should be raised if the principal header is missing.
setExceptionIfMaximumExceeded(boolean) - Method in class org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy: Sets the exceptionIfMaximumExceeded property, which determines whether the user should be prevented from opening more sessions than allowed.
setExceptionIfVariableMissing(boolean) - Method in class org.springframework.security.web.authentication.preauth.RequestAttributeAuthenticationFilter: Defines whether an exception should be raised if the principal variable is missing.
setExceptionMappings(Map<?, ?>) - Method in class org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler: Sets the map of exception types (by name) to URLs.
setExitUserMatcher(ServerWebExchangeMatcher) - Method in class org.springframework.security.web.server.authentication.SwitchUserWebFilter: Set the matcher to respond to exit user processing.
setExitUserMatcher(RequestMatcher) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter: Set the matcher to respond to exit user processing.
setExitUserUrl(String) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter: Set the URL to respond to exit user processing.
setExitUserUrl(String) - Method in class org.springframework.security.web.server.authentication.SwitchUserWebFilter: Set the URL to respond to exit user processing.
setExpressionHandler(MethodSecurityExpressionHandler) - Method in class org.springframework.security.access.expression.method.ExpressionBasedPreInvocationAdvice: Deprecated.
setExpressionHandler(MethodSecurityExpressionHandler) - Method in class org.springframework.security.authorization.method.PostAuthorizeAuthorizationManager: Use this the MethodSecurityExpressionHandler.
setExpressionHandler(MethodSecurityExpressionHandler) - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationMethodInterceptor: Use this MethodSecurityExpressionHandler.
setExpressionHandler(MethodSecurityExpressionHandler) - Method in class org.springframework.security.authorization.method.PreAuthorizeAuthorizationManager: Sets the MethodSecurityExpressionHandler.
setExpressionHandler(MethodSecurityExpressionHandler) - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationMethodInterceptor: Use this MethodSecurityExpressionHandler
setExpressionHandler(MethodSecurityExpressionHandler) - Method in class org.springframework.security.config.method.MethodSecurityBeanDefinitionParser.PostAuthorizeAuthorizationMethodInterceptor
setExpressionHandler(MethodSecurityExpressionHandler) - Method in class org.springframework.security.config.method.MethodSecurityBeanDefinitionParser.PreAuthorizeAuthorizationMethodInterceptor
setExpressionHandler(SecurityExpressionHandler<MethodInvocation>) - Method in class org.springframework.security.authorization.method.MethodExpressionAuthorizationManager: Sets the SecurityExpressionHandler to be used.
setExpressionHandler(SecurityExpressionHandler<Message<T>>) - Method in class org.springframework.security.messaging.access.expression.MessageExpressionVoter: Deprecated.
setExpressionHandler(SecurityExpressionHandler<RequestAuthorizationContext>) - Method in class org.springframework.security.web.access.expression.WebExpressionAuthorizationManager: Sets the SecurityExpressionHandler to be used.
setExpressionHandler(SecurityExpressionHandler<FilterInvocation>) - Method in class org.springframework.security.web.access.expression.WebExpressionVoter: Deprecated.
setExpressionParser(ExpressionParser) - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
setFailureHandler(AuthenticationFailureHandler) - Method in class org.springframework.security.web.authentication.AuthenticationFilter
setFailureHandler(AuthenticationFailureHandler) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter: Used to define custom behaviour when a switch fails.
setFailureUrl(String) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
setFilterAsyncDispatch(boolean) - Method in class org.springframework.security.web.access.intercept.AuthorizationFilter: If set to true, the filter will be applied to the async dispatcher.
setFilterChainDecorator(FilterChainProxy.FilterChainDecorator) - Method in class org.springframework.security.web.FilterChainProxy: Used to decorate the original FilterChain for each request
setFilterChainDecorator(WebFilterChainProxy.WebFilterChainDecorator) - Method in class org.springframework.security.web.server.WebFilterChainProxy: Used to decorate the original FilterChain for each request
setFilterChainProxySecurityConfigurer(ObjectPostProcessor<Object>, ConfigurableListableBeanFactory) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration: Sets the <SecurityConfigurer<FilterChainProxy, WebSecurityBuilder> instances used to create the web configuration.
setFilterChainValidator(FilterChainProxy.FilterChainValidator) - Method in class org.springframework.security.web.FilterChainProxy: Used (internally) to specify a validation strategy for the filters in each configured chain.
setFilterErrorDispatch(boolean) - Method in class org.springframework.security.web.access.intercept.AuthorizationFilter: If set to true, the filter will be applied to error dispatcher.
setFilterObject(Object) - Method in interface org.springframework.security.access.expression.method.MethodSecurityExpressionOperations
setFilterProcessesUrl(String) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter: Sets the URL that determines if authentication is required
setFilterProcessesUrl(String) - Method in class org.springframework.security.web.authentication.logout.LogoutFilter
setFindAllGroupsSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
setFindChildrenQuery(String) - Method in class org.springframework.security.acls.jdbc.JdbcAclService: Allows customization of the SQL query used to find child object identities.
setFindGroupIdSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
setFindUsersInGroupSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
setFirewall(HttpFirewall) - Method in class org.springframework.security.web.FilterChainProxy: Sets the "firewall" implementation which will be used to validate and wrap (or potentially reject) the incoming requests.
setForceEagerSessionCreation(boolean) - Method in class org.springframework.security.web.context.SecurityContextPersistenceFilter: Deprecated.
setForceHttps(boolean) - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint: Set to true to force login form access to be via https.
setForceLowerCasePrefix(boolean) - Method in class org.springframework.security.crypto.password.LdapShaPasswordEncoder: Deprecated.
setForcePrincipalAsString(boolean) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
setForeignKeysInDatabase(boolean) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
setFormLoginEnabled(boolean) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
setFormLoginEnabled(boolean) - Method in class org.springframework.security.web.server.ui.LoginPageGeneratingWebFilter
setGivenName(String) - Method in class org.springframework.security.ldap.userdetails.Person.Essence
setGlobalAuthenticationConfigurers(List<GlobalAuthenticationConfigurerAdapter>) - Method in class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
setGraceLoginsRemaining(int) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
setGroupAuthoritiesByUsernameQuery(String) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl: Allows the default query string used to retrieve group authorities based on username to be overridden, if default table or column names need to be changed.
setGroupAuthoritiesSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
setGroupMemberAttributeName(String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager: Sets the name of the multi-valued attribute which holds the DNs of users who are members of a group.
setGroupRoleAttribute(String) - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
setGroupRoleAttributeName(String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
setGroupSearchBase(String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
setGroupSearchFilter(String) - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
setHasPermission(String) - Method in class org.springframework.security.taglibs.authz.AccessControlListTag
setHeaderName(String) - Method in class org.springframework.security.web.csrf.CookieCsrfTokenRepository: Sets the name of the HTTP header that should be used to provide the token.
setHeaderName(String) - Method in class org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository: Sets the header name that the CsrfToken is expected to appear on and the header that the response will contain the CsrfToken.
setHeaderName(String) - Method in class org.springframework.security.web.server.csrf.CookieServerCsrfTokenRepository: Sets the header name
setHeaderName(String) - Method in class org.springframework.security.web.server.csrf.WebSessionServerCsrfTokenRepository: Sets the header name that the CsrfToken is expected to appear on and the header that the response will contain the CsrfToken.
setHeaders(Map<String, List<String>>) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
setHeaders(Map<String, List<String>>) - Method in class org.springframework.security.web.savedrequest.SimpleSavedRequest
setHeadersConverter(Converter<OAuth2PasswordGrantRequest, HttpHeaders>) - Method in class org.springframework.security.oauth2.client.endpoint.OAuth2PasswordGrantRequestEntityConverter: Sets the Converter used for converting the AbstractOAuth2AuthorizationGrantRequest instance to a HttpHeaders used in the OAuth 2.0 Access Token Request headers.
setHeadersConverter(Converter<T, HttpHeaders>) - Method in class org.springframework.security.oauth2.client.endpoint.AbstractWebClientReactiveOAuth2AccessTokenResponseClient: Sets the Converter used for converting the AbstractOAuth2AuthorizationGrantRequest instance to a HttpHeaders used in the OAuth 2.0 Access Token Request headers.
setHeaderValue(XXssProtectionHeaderWriter.HeaderValue) - Method in class org.springframework.security.web.header.writers.XXssProtectionHeaderWriter: Sets the value of the X-XSS-PROTECTION header.
setHeaderValue(XXssProtectionServerHttpHeadersWriter.HeaderValue) - Method in class org.springframework.security.web.server.header.XXssProtectionServerHttpHeadersWriter: Sets the value of the X-XSS-PROTECTION header.
setHideUserNotFoundExceptions(boolean) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider: By default the AbstractUserDetailsAuthenticationProvider throws a BadCredentialsException if a username is not found or the password is incorrect.
setHideUserNotFoundExceptions(boolean) - Method in class org.springframework.security.ldap.authentication.LdapAuthenticationProvider
setHierarchy(String) - Method in class org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl: Set the role hierarchy and pre-calculate for every role the set of all reachable roles, i.e.
setHomePhone(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
setHomePostalAddress(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
setHtmlEscape(String) - Method in class org.springframework.security.taglibs.authz.AuthenticationTag: Set HTML escaping for this tag, as boolean value.
setHttpStatus(HttpStatus) - Method in class org.springframework.security.web.server.DefaultServerRedirectStrategy: The HttpStatus to use for the redirect.
setId(String) - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
setIgnoredMediaTypes(Set<MediaType>) - Method in class org.springframework.security.web.server.util.matcher.MediaTypeServerWebExchangeMatcher: Set the MediaType to ignore from the ContentNegotiationStrategy.
setIgnoredMediaTypes(Set<MediaType>) - Method in class org.springframework.security.web.util.matcher.MediaTypeRequestMatcher: Set the MediaType to ignore from the ContentNegotiationStrategy.
setIgnorePartialResultException(boolean) - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator: Sets the corresponding property on the underlying template, avoiding specific issues with Active Directory.
setImportMetadata(AnnotationMetadata) - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration: Deprecated.

Obtains the attributes from EnableGlobalMethodSecurity if this class was imported using the EnableGlobalMethodSecurity annotation.
setImportMetadata(AnnotationMetadata) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
setIncludeSubDomains(boolean) - Method in class org.springframework.security.web.header.writers.HpkpHeaderWriter: Deprecated.

If true, the pinning policy applies to this pinned host as well as any subdomains of the host's domain name.
setIncludeSubDomains(boolean) - Method in class org.springframework.security.web.header.writers.HstsHeaderWriter: If true, subdomains should be considered HSTS Hosts too.
setIncludeSubDomains(boolean) - Method in class org.springframework.security.web.server.header.StrictTransportSecurityServerHttpHeadersWriter: Sets if subdomains should be included.
setInitials(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
setInsecureKeyword(String) - Method in class org.springframework.security.web.access.channel.InsecureChannelProcessor
setInsertClassSql(String) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
setInsertEntrySql(String) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
setInsertGroupAuthoritySql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
setInsertGroupMemberSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
setInsertGroupSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
setInsertObjectIdentitySql(String) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
setInsertSidSql(String) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
setInternalMethod(String) - Method in class org.springframework.security.acls.AclEntryVoter
setInvalidateHttpSession(boolean) - Method in class org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler: Causes the HttpSession to be invalidated when this LogoutHandler is invoked.
setInvalidateSessionOnPrincipalChange(boolean) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter: If checkForPrincipalChanges is set, and a change of principal is detected, determines whether any existing session should be invalidated before proceeding to authenticate the new principal.
setInvalidSessionStrategy(InvalidSessionStrategy) - Method in class org.springframework.security.web.session.SessionManagementFilter: Sets the strategy which will be invoked instead of allowing the filter chain to proceed, if the user agent requests an invalid session ID.
setIterations(int) - Method in class org.springframework.security.crypto.password.MessageDigestPasswordEncoder: Deprecated.

Sets the number of iterations for which the calculated hash value should be "stretched".
setJwsAlgorithmResolver(Function<ClientRegistration, JwsAlgorithm>) - Method in class org.springframework.security.oauth2.client.oidc.authentication.OidcIdTokenDecoderFactory: Sets the resolver that provides the expected JWS algorithm used for the signature or MAC on the ID Token.
setJwsAlgorithmResolver(Function<ClientRegistration, JwsAlgorithm>) - Method in class org.springframework.security.oauth2.client.oidc.authentication.ReactiveOidcIdTokenDecoderFactory: Sets the resolver that provides the expected JWS algorithm used for the signature or MAC on the ID Token.
setJwtAssertionResolver(Function<OAuth2AuthorizationContext, Jwt>) - Method in class org.springframework.security.oauth2.client.JwtBearerOAuth2AuthorizedClientProvider: Sets the resolver used for resolving the Jwt assertion.
setJwtAssertionResolver(Function<OAuth2AuthorizationContext, Mono<Jwt>>) - Method in class org.springframework.security.oauth2.client.JwtBearerReactiveOAuth2AuthorizedClientProvider: Sets the resolver used for resolving the Jwt assertion.
setJwtAuthenticationConverter(Converter<Jwt, ? extends AbstractAuthenticationToken>) - Method in class org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationProvider
setJwtAuthenticationConverter(Converter<Jwt, ? extends Mono<? extends AbstractAuthenticationToken>>) - Method in class org.springframework.security.oauth2.server.resource.authentication.JwtReactiveAuthenticationManager: Use the given Converter for converting a Jwt into an AbstractAuthenticationToken.
setJwtClientAssertionCustomizer(Consumer<NimbusJwtClientAuthenticationParametersConverter.JwtClientAuthenticationContext<T>>) - Method in class org.springframework.security.oauth2.client.endpoint.NimbusJwtClientAuthenticationParametersConverter: Sets the Consumer to be provided the NimbusJwtClientAuthenticationParametersConverter.JwtClientAuthenticationContext, which contains the JwsHeader.Builder and JwtClaimsSet.Builder for further customization.
setJwtDecoderFactory(JwtDecoderFactory<ClientRegistration>) - Method in class org.springframework.security.oauth2.client.oidc.authentication.OidcAuthorizationCodeAuthenticationProvider: Sets the JwtDecoderFactory used for OidcIdToken signature verification.
setJwtDecoderFactory(ReactiveJwtDecoderFactory<ClientRegistration>) - Method in class org.springframework.security.oauth2.client.oidc.authentication.OidcAuthorizationCodeReactiveAuthenticationManager: Sets the ReactiveJwtDecoderFactory used for OidcIdToken signature verification.
setJwtGrantedAuthoritiesConverter(Converter<Jwt, Collection<GrantedAuthority>>) - Method in class org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter: Sets the Converter<Jwt, Collection<GrantedAuthority>> to use.
setJwtGrantedAuthoritiesConverter(Converter<Jwt, Flux<GrantedAuthority>>) - Method in class org.springframework.security.oauth2.server.resource.authentication.ReactiveJwtAuthenticationConverter: Sets the Converter<Jwt, Flux<GrantedAuthority>> to use.
setJwtValidator(OAuth2TokenValidator<Jwt>) - Method in class org.springframework.security.oauth2.jwt.NimbusJwtDecoder: Use this Jwt Validator
setJwtValidator(OAuth2TokenValidator<Jwt>) - Method in class org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder: Use the provided OAuth2TokenValidator to validate incoming Jwts.
setJwtValidatorFactory(Function<ClientRegistration, OAuth2TokenValidator<Jwt>>) - Method in class org.springframework.security.oauth2.client.oidc.authentication.OidcIdTokenDecoderFactory: Sets the factory that provides an OAuth2TokenValidator, which is used by the JwtDecoder.
setJwtValidatorFactory(Function<ClientRegistration, OAuth2TokenValidator<Jwt>>) - Method in class org.springframework.security.oauth2.client.oidc.authentication.ReactiveOidcIdTokenDecoderFactory: Sets the factory that provides an OAuth2TokenValidator, which is used by the ReactiveJwtDecoder.
setKey(String) - Method in class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider: Deprecated.
setKey(String) - Method in class org.springframework.security.access.intercept.RunAsManagerImpl: Deprecated.
setKey(String) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
setKeyStoreFile(File) - Method in class org.springframework.security.ldap.server.ApacheDSContainer: Deprecated.

The keyStore must not be null and must be a valid file.
setLdapAuthoritiesPopulator(LdapAuthoritiesPopulator) - Method in class org.springframework.security.config.ldap.AbstractLdapAuthenticationManagerFactory: Sets the LdapAuthoritiesPopulator used to obtain a list of granted authorities for an LDAP user.
setLdapOverSslEnabled(boolean) - Method in class org.springframework.security.ldap.server.ApacheDSContainer: Deprecated.

If set to true will enable LDAP over SSL (LDAPs).
setLdif(String) - Method in class org.springframework.security.config.ldap.EmbeddedLdapServerContextSourceFactoryBean: Specifies an LDIF to load at startup for an embedded LDAP server.
setLobHandler(LobHandler) - Method in class org.springframework.security.oauth2.client.JdbcOAuth2AuthorizedClientService.OAuth2AuthorizedClientRowMapper
setLocales(List<Locale>) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
setLocales(List<Locale>) - Method in class org.springframework.security.web.savedrequest.SimpleSavedRequest
setLocation(URI) - Method in class org.springframework.security.web.server.authentication.RedirectServerAuthenticationSuccessHandler: Where the user is redirected to upon authentication success
setLoginConfig(Resource) - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider: Set the JAAS login configuration file.
setLoginContextName(String) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider: Set the loginContextName, this name is used as the index to the configuration specified in the loginConfig property.
setLoginExceptionResolver(LoginExceptionResolver) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
setLoginPageUrl(String) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
setLogInteractiveAuthenticationSuccessEvents(boolean) - Method in class org.springframework.security.authentication.event.LoggerListener
setLogoutHandler(ServerLogoutHandler) - Method in class org.springframework.security.web.server.authentication.logout.LogoutWebFilter: Sets the ServerLogoutHandler.
setLogoutHandlers(List<LogoutHandler>) - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter: Sets the LogoutHandlers used when integrating with HttpServletRequest with Servlet 3 APIs.
setLogoutHandlers(List<LogoutHandler>) - Method in class org.springframework.security.web.session.ConcurrentSessionFilter: Set list of LogoutHandler
setLogoutHandlers(LogoutHandler[]) - Method in class org.springframework.security.web.session.ConcurrentSessionFilter
setLogoutRequestMatcher(RequestMatcher) - Method in class org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutRequestFilter
setLogoutRequestMatcher(RequestMatcher) - Method in class org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutResponseFilter
setLogoutRequestMatcher(RequestMatcher) - Method in class org.springframework.security.web.authentication.logout.LogoutFilter
setLogoutRequestRepository(Saml2LogoutRequestRepository) - Method in class org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutResponseFilter: Use this Saml2LogoutRequestRepository for retrieving the SAML 2.0 Logout Request associated with the request's RelayState
setLogoutRequestRepository(Saml2LogoutRequestRepository) - Method in class org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2RelyingPartyInitiatedLogoutSuccessHandler: Use this Saml2LogoutRequestRepository for saving the SAML 2.0 Logout Request
setLogoutSuccessHandler(ServerLogoutSuccessHandler) - Method in class org.springframework.security.web.server.authentication.logout.LogoutWebFilter: Sets the ServerLogoutSuccessHandler.
setLogoutSuccessUrl(String) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
setLogoutSuccessUrl(URI) - Method in class org.springframework.security.oauth2.client.oidc.web.server.logout.OidcClientInitiatedServerLogoutSuccessHandler: The URL to redirect to after successfully logging out when not originally an OIDC login
setLogoutSuccessUrl(URI) - Method in class org.springframework.security.web.server.authentication.logout.RedirectServerLogoutSuccessHandler: The URL to redirect to after successfully logging out.
setLookupObjectIdentitiesWhereClause(String) - Method in class org.springframework.security.acls.jdbc.BasicLookupStrategy: The SQL for the where clause used in the lookupObjectIdentities method.
setLookupPrimaryKeysWhereClause(String) - Method in class org.springframework.security.acls.jdbc.BasicLookupStrategy: The SQL for the where clause used in the lookupPrimaryKey method.
setMail(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
setManagerDn(String) - Method in class org.springframework.security.config.ldap.EmbeddedLdapServerContextSourceFactoryBean: Username (DN) of the "manager" user identity (i.e.
setManagerPassword(String) - Method in class org.springframework.security.config.ldap.EmbeddedLdapServerContextSourceFactoryBean: The password for the manager DN.
setMappableAttributes(Set<String>) - Method in class org.springframework.security.core.authority.mapping.SimpleMappableAttributesRetriever
setMappableRolesRetriever(MappableAttributesRetriever) - Method in class org.springframework.security.web.authentication.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource
setMatchingAlgorithm(TokenBasedRememberMeServices.RememberMeTokenAlgorithm) - Method in class org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices: Sets the algorithm to be used to match the token signature
setMatchingRequestParameterName(String) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
setMatchingRequestParameterName(String) - Method in class org.springframework.security.web.savedrequest.HttpSessionRequestCache: Specify the name of a query parameter that is added to the URL that specifies the request cache should be checked in HttpSessionRequestCache.getMatchingRequest(HttpServletRequest, HttpServletResponse)
setMatchingRequestParameterName(String) - Method in class org.springframework.security.web.server.savedrequest.WebSessionServerRequestCache: Specify the name of a query parameter that is added to the URL in WebSessionServerRequestCache.getRedirectUri(ServerWebExchange) and is required for WebSessionServerRequestCache.removeMatchingRequest(ServerWebExchange) to look up the ServerHttpRequest.
setMaxAge(Duration) - Method in class org.springframework.security.web.server.header.StrictTransportSecurityServerHttpHeadersWriter: Sets the max age of the header.
setMaxAgeInSeconds(long) - Method in class org.springframework.security.web.header.writers.HpkpHeaderWriter: Deprecated.

Sets the value (in seconds) for the max-age directive of the Public-Key-Pins header.
setMaxAgeInSeconds(long) - Method in class org.springframework.security.web.header.writers.HstsHeaderWriter: Sets the value (in seconds) for the max-age directive of the Strict-Transport-Security header.
setMaximumSessions(int) - Method in class org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy: Sets the maxSessions property.
setMaxSearchDepth(int) - Method in class org.springframework.security.ldap.userdetails.NestedLdapAuthoritiesPopulator: How far should a nested search go.
setMessageExpessionHandler(List<SecurityExpressionHandler<Message<Object>>>) - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer: Deprecated.
setMessageExpressionHandler(List<SecurityExpressionHandler<Message<Object>>>) - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer: Deprecated.
setMessageSource(MessageSource) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor: Deprecated.
setMessageSource(MessageSource) - Method in class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider: Deprecated.
setMessageSource(MessageSource) - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager: Deprecated.
setMessageSource(MessageSource) - Method in class org.springframework.security.acls.afterinvocation.AclEntryAfterInvocationProvider
setMessageSource(MessageSource) - Method in class org.springframework.security.authentication.AbstractUserDetailsReactiveAuthenticationManager
setMessageSource(MessageSource) - Method in class org.springframework.security.authentication.AccountStatusUserDetailsChecker
setMessageSource(MessageSource) - Method in class org.springframework.security.authentication.AnonymousAuthenticationProvider
setMessageSource(MessageSource) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
setMessageSource(MessageSource) - Method in class org.springframework.security.authentication.ProviderManager
setMessageSource(MessageSource) - Method in class org.springframework.security.authentication.RememberMeAuthenticationProvider
setMessageSource(MessageSource) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
setMessageSource(MessageSource) - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
setMessageSource(MessageSource) - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticator
setMessageSource(MessageSource) - Method in class org.springframework.security.web.access.ExceptionTranslationFilter
setMessageSource(MessageSource) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
setMessageSource(MessageSource) - Method in class org.springframework.security.web.authentication.preauth.x509.SubjectDnX509PrincipalExtractor
setMessageSource(MessageSource) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
setMessageSource(MessageSource) - Method in class org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy: Sets the MessageSource used for reporting errors back to the user when the user has exceeded the maximum number of authentications.
setMessageSource(MessageSource) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
setMessageSource(MessageSource) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
setMetadataFilename(String) - Method in class org.springframework.security.saml2.provider.service.web.Saml2MetadataFilter: Sets the metadata filename template containing the {registrationId} template variable.
setMethod(String) - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag
setMethod(String) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
setMethod(String) - Method in class org.springframework.security.web.savedrequest.SimpleSavedRequest
setMethod(HttpMethod) - Method in class org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher
setMethodSecurityExpressionHandler(List<MethodSecurityExpressionHandler>) - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration: Deprecated.
setMigrateSessionAttributes(boolean) - Method in class org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy: Defines whether attributes should be migrated to a new session or not.
setMobile(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
setMode(XFrameOptionsServerHttpHeadersWriter.Mode) - Method in class org.springframework.security.web.server.header.XFrameOptionsServerHttpHeadersWriter: Sets the X-Frame-Options mode.
setNonceValiditySeconds(int) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
setO(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
setOauth2AuthenticationUrlToClientName(Map<String, String>) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
setOauth2AuthenticationUrlToClientName(Map<String, String>) - Method in class org.springframework.security.web.server.ui.LoginPageGeneratingWebFilter
setOauth2LoginEnabled(boolean) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
setOauth2UserService(OAuth2UserService<OAuth2UserRequest, OAuth2User>) - Method in class org.springframework.security.oauth2.client.oidc.userinfo.OidcUserService: Sets the OAuth2UserService used when requesting the user info resource.
setOauth2UserService(ReactiveOAuth2UserService<OAuth2UserRequest, OAuth2User>) - Method in class org.springframework.security.oauth2.client.oidc.userinfo.OidcReactiveOAuth2UserService
setObjectIdentityGenerator(ObjectIdentityGenerator) - Method in class org.springframework.security.acls.AclPermissionEvaluator
setObjectIdentityGenerator(ObjectIdentityGenerator) - Method in class org.springframework.security.acls.jdbc.BasicLookupStrategy
setObjectIdentityGenerator(ObjectIdentityGenerator) - Method in class org.springframework.security.acls.jdbc.JdbcAclService
setObjectIdentityPrimaryKeyQuery(String) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
setObjectIdentityRetrievalStrategy(ObjectIdentityRetrievalStrategy) - Method in class org.springframework.security.acls.AclEntryVoter
setObjectIdentityRetrievalStrategy(ObjectIdentityRetrievalStrategy) - Method in class org.springframework.security.acls.AclPermissionCacheOptimizer
setObjectIdentityRetrievalStrategy(ObjectIdentityRetrievalStrategy) - Method in class org.springframework.security.acls.AclPermissionEvaluator
setObjectIdentityRetrievalStrategy(ObjectIdentityRetrievalStrategy) - Method in class org.springframework.security.acls.afterinvocation.AbstractAclProvider
setObjectPostProcessor(ObjectPostProcessor<Object>) - Method in class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
setObjectPostProcessor(ObjectPostProcessor<Object>) - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration: Deprecated.
setObjectPostProcessor(ObjectPostProcessor<Object>) - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer: Deprecated.
setObservationRegistry(ObservationRegistry) - Method in class org.springframework.security.config.authentication.AuthenticationManagerFactoryBean
setObservationRegistry(ObservationRegistry) - Method in class org.springframework.security.config.http.HttpSecurityBeanDefinitionParser.ChildAuthenticationManagerFactoryBean
setObservationRegistry(ObservationRegistry) - Method in class org.springframework.security.config.http.HttpSecurityBeanDefinitionParser.FilterChainDecoratorFactory
setObservationRegistry(ObservationRegistry) - Method in class org.springframework.security.config.http.HttpSecurityBeanDefinitionParser.RequestRejectedHandlerPostProcessor
setObservationRegistry(ObservationRegistry) - Method in class org.springframework.security.config.method.MethodSecurityBeanDefinitionParser.Jsr250AuthorizationMethodInterceptor
setObservationRegistry(ObservationRegistry) - Method in class org.springframework.security.config.method.MethodSecurityBeanDefinitionParser.PostAuthorizeAuthorizationMethodInterceptor
setObservationRegistry(ObservationRegistry) - Method in class org.springframework.security.config.method.MethodSecurityBeanDefinitionParser.PreAuthorizeAuthorizationMethodInterceptor
setObservationRegistry(ObservationRegistry) - Method in class org.springframework.security.config.method.MethodSecurityBeanDefinitionParser.SecuredAuthorizationMethodInterceptor
setObserveOncePerRequest(boolean) - Method in class org.springframework.security.web.access.intercept.AuthorizationFilter: Sets whether this filter apply only once per request.
setObserveOncePerRequest(boolean) - Method in class org.springframework.security.web.access.intercept.FilterSecurityInterceptor: Deprecated.
setOrder(int) - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor
setOrder(int) - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterReactiveMethodInterceptor
setOrder(int) - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor
setOrder(int) - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeReactiveMethodInterceptor
setOrder(int) - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationMethodInterceptor
setOrder(int) - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationReactiveMethodInterceptor
setOrder(int) - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationMethodInterceptor
setOrder(int) - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationReactiveMethodInterceptor
setOrder(int) - Method in class org.springframework.security.rsocket.authentication.AnonymousPayloadInterceptor
setOrder(int) - Method in class org.springframework.security.rsocket.authentication.AuthenticationPayloadInterceptor
setOrder(int) - Method in class org.springframework.security.rsocket.authorization.AuthorizationPayloadInterceptor
setOrder(int) - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider
setOrder(int) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
setOrderByClause(String) - Method in class org.springframework.security.acls.jdbc.BasicLookupStrategy: The SQL for the "order by" clause used in both queries.
setOu(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
setOwner(Sid) - Method in class org.springframework.security.acls.domain.AclImpl
setOwner(Sid) - Method in interface org.springframework.security.acls.model.MutableAcl: Changes the present owner to a different owner.
setOwner(Sid) - Method in interface org.springframework.security.acls.model.OwnershipAcl
setPageContext(PageContext) - Method in class org.springframework.security.taglibs.authz.AuthenticationTag
setPageContext(PageContext) - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
setParameter(String) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices: Sets the name of the parameter which should be checked for to see if a remember-me has been requested during a login request.
setParameterName(String) - Method in class org.springframework.security.web.csrf.CookieCsrfTokenRepository: Sets the name of the HTTP request parameter that should be used to provide a token.
setParameterName(String) - Method in class org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository: Sets the HttpServletRequest parameter name that the CsrfToken is expected to appear on
setParameterName(String) - Method in class org.springframework.security.web.server.csrf.CookieServerCsrfTokenRepository: Sets the parameter name
setParameterName(String) - Method in class org.springframework.security.web.server.csrf.WebSessionServerCsrfTokenRepository: Sets the HttpServletRequest parameter name that the CsrfToken is expected to appear on
setParameterNameDiscoverer(ParameterNameDiscoverer) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler: Sets the ParameterNameDiscoverer to use.
setParameterNameDiscoverer(ParameterNameDiscoverer) - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationReactiveMethodInterceptor: Sets the ParameterNameDiscoverer.
setParameters(Map<String, String[]>) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
setParameters(Map<String, String[]>) - Method in class org.springframework.security.web.savedrequest.SimpleSavedRequest
setParametersConsumer(Consumer<OpenSaml4LogoutRequestResolver.LogoutRequestParameters>) - Method in class org.springframework.security.saml2.provider.service.web.authentication.logout.OpenSaml4LogoutRequestResolver: Set a Consumer for modifying the OpenSAML LogoutRequest
setParametersConsumer(Consumer<OpenSaml4LogoutResponseResolver.LogoutResponseParameters>) - Method in class org.springframework.security.saml2.provider.service.web.authentication.logout.OpenSaml4LogoutResponseResolver: Set a Consumer for modifying the OpenSAML LogoutResponse
setParametersConverter(Converter<OAuth2PasswordGrantRequest, MultiValueMap<String, String>>) - Method in class org.springframework.security.oauth2.client.endpoint.OAuth2PasswordGrantRequestEntityConverter: Sets the Converter used for converting the AbstractOAuth2AuthorizationGrantRequest instance to a MultiValueMap of the parameters used in the OAuth 2.0 Access Token Request body.
setParametersConverter(Converter<T, MultiValueMap<String, String>>) - Method in class org.springframework.security.oauth2.client.endpoint.AbstractWebClientReactiveOAuth2AccessTokenResponseClient: Sets the Converter used for converting the AbstractOAuth2AuthorizationGrantRequest instance to a MultiValueMap used in the OAuth 2.0 Access Token Request body.
setParent(Tag) - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
setParent(Acl) - Method in class org.springframework.security.acls.domain.AclImpl
setParent(Acl) - Method in interface org.springframework.security.acls.model.MutableAcl: Changes the parent of this ACL.
setPassword(String) - Method in class org.springframework.security.core.userdetails.memory.UserAttribute
setPassword(String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
setPasswordAlreadyEncoded(boolean) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
setPasswordAttribute(String) - Method in class org.springframework.security.config.ldap.LdapPasswordComparisonAuthenticationManagerFactory: The attribute in the directory which contains the user password.
setPasswordAttributeName(String) - Method in class org.springframework.security.ldap.authentication.PasswordComparisonAuthenticator
setPasswordAttributeName(String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
setPasswordAttributeName(String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsMapper: The name of the attribute which contains the user's password.
setPasswordEncoder(PasswordEncoder) - Method in class org.springframework.security.authentication.AbstractUserDetailsReactiveAuthenticationManager: The PasswordEncoder that is used for validating the password.
setPasswordEncoder(PasswordEncoder) - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider: Sets the PasswordEncoder instance to be used to encode and validate passwords.
setPasswordEncoder(PasswordEncoder) - Method in class org.springframework.security.config.ldap.LdapPasswordComparisonAuthenticationManagerFactory: Specifies the PasswordEncoder to be used when authenticating with password comparison.
setPasswordEncoder(PasswordEncoder) - Method in class org.springframework.security.ldap.authentication.PasswordComparisonAuthenticator
setPasswordParameter(String) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
setPasswordParameter(String) - Method in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter: Sets the parameter name which will be used to obtain the password from the login request..
setPasswordParameter(String) - Method in class org.springframework.security.web.server.ServerFormLoginAuthenticationConverter: Deprecated.

The parameter name of the form data to extract the password
setPathInfo(String) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
setPathInfo(String) - Method in class org.springframework.security.web.util.RedirectUrlBuilder
setPermissionCacheOptimizer(PermissionCacheOptimizer) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
setPermissionEvaluator(PermissionEvaluator) - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
setPermissionEvaluator(PermissionEvaluator) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
setPermissionEvaluator(PermissionEvaluator) - Method in class org.springframework.security.data.repository.query.SecurityEvaluationContextExtension: Sets the PermissionEvaluator to be used.
setPermissionFactory(PermissionFactory) - Method in class org.springframework.security.acls.AclPermissionEvaluator
setPermissionFactory(PermissionFactory) - Method in class org.springframework.security.acls.jdbc.BasicLookupStrategy: Sets the PermissionFactory instance which will be used to convert loaded permission data values to Permissions.
setPins(Map<String, String>) - Method in class org.springframework.security.web.header.writers.HpkpHeaderWriter: Deprecated.

Sets the value for the pin- directive of the Public-Key-Pins header.
setPolicy(String) - Method in class org.springframework.security.web.header.writers.PermissionsPolicyHeaderWriter: Sets the policy to be used in the response header.
setPolicy(String) - Method in class org.springframework.security.web.server.header.PermissionsPolicyServerHttpHeadersWriter: Set the policy to be used in the response header.
setPolicy(CrossOriginEmbedderPolicyHeaderWriter.CrossOriginEmbedderPolicy) - Method in class org.springframework.security.web.header.writers.CrossOriginEmbedderPolicyHeaderWriter: Sets the CrossOriginEmbedderPolicyHeaderWriter.CrossOriginEmbedderPolicy value to be used in the Cross-Origin-Embedder-Policy header
setPolicy(CrossOriginOpenerPolicyHeaderWriter.CrossOriginOpenerPolicy) - Method in class org.springframework.security.web.header.writers.CrossOriginOpenerPolicyHeaderWriter: Sets the CrossOriginOpenerPolicyHeaderWriter.CrossOriginOpenerPolicy value to be used in the Cross-Origin-Opener-Policy header
setPolicy(CrossOriginResourcePolicyHeaderWriter.CrossOriginResourcePolicy) - Method in class org.springframework.security.web.header.writers.CrossOriginResourcePolicyHeaderWriter: Sets the CrossOriginResourcePolicyHeaderWriter.CrossOriginResourcePolicy value to be used in the Cross-Origin-Resource-Policy header
setPolicy(ReferrerPolicyHeaderWriter.ReferrerPolicy) - Method in class org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter: Sets the policy to be used in the response header.
setPolicy(CrossOriginEmbedderPolicyServerHttpHeadersWriter.CrossOriginEmbedderPolicy) - Method in class org.springframework.security.web.server.header.CrossOriginEmbedderPolicyServerHttpHeadersWriter: Sets the CrossOriginEmbedderPolicyServerHttpHeadersWriter.CrossOriginEmbedderPolicy value to be used in the Cross-Origin-Embedder-Policy header
setPolicy(CrossOriginOpenerPolicyServerHttpHeadersWriter.CrossOriginOpenerPolicy) - Method in class org.springframework.security.web.server.header.CrossOriginOpenerPolicyServerHttpHeadersWriter: Sets the CrossOriginOpenerPolicyServerHttpHeadersWriter.CrossOriginOpenerPolicy value to be used in the Cross-Origin-Opener-Policy header
setPolicy(CrossOriginResourcePolicyServerHttpHeadersWriter.CrossOriginResourcePolicy) - Method in class org.springframework.security.web.server.header.CrossOriginResourcePolicyServerHttpHeadersWriter: Sets the CrossOriginResourcePolicyServerHttpHeadersWriter.CrossOriginResourcePolicy value to be used in the Cross-Origin-Embedder-Policy header
setPolicy(ReferrerPolicyServerHttpHeadersWriter.ReferrerPolicy) - Method in class org.springframework.security.web.server.header.ReferrerPolicyServerHttpHeadersWriter: Set the policy to be used in the response header.
setPolicyDirectives(String) - Method in class org.springframework.security.web.header.writers.ContentSecurityPolicyHeaderWriter: Sets the security policy directive(s) to be used in the response header.
setPolicyDirectives(String) - Method in class org.springframework.security.web.header.writers.FeaturePolicyHeaderWriter: Set the security policy directive(s) to be used in the response header.
setPolicyDirectives(String) - Method in class org.springframework.security.web.server.header.ContentSecurityPolicyServerHttpHeadersWriter: Set the policy directive(s) to be used in the response header.
setPolicyDirectives(String) - Method in class org.springframework.security.web.server.header.FeaturePolicyServerHttpHeadersWriter: Set the policy directive(s) to be used in the response header.
setPort(int) - Method in class org.springframework.security.config.ldap.EmbeddedLdapServerContextSourceFactoryBean: The port to connect to LDAP to (the default is 33389 or random available port if unavailable).
setPort(int) - Method in class org.springframework.security.ldap.server.ApacheDSContainer: Deprecated.
setPort(int) - Method in interface org.springframework.security.ldap.server.EmbeddedLdapServerContainer: The embedded LDAP server port to connect to.
setPort(int) - Method in class org.springframework.security.ldap.server.UnboundIdContainer
setPort(int) - Method in class org.springframework.security.web.util.RedirectUrlBuilder
setPortMapper(PortMapper) - Method in class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
setPortMapper(PortMapper) - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
setPortMapper(PortMapper) - Method in class org.springframework.security.web.PortResolverImpl
setPortMapper(PortMapper) - Method in class org.springframework.security.web.server.transport.HttpsRedirectWebFilter: Use this PortMapper for mapping custom ports
setPortMappings(Map<String, String>) - Method in class org.springframework.security.web.PortMapperImpl: Set to override the default HTTP port to HTTPS port mappings of 80:443, and 8080:8443.
setPortResolver(PortResolver) - Method in class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
setPortResolver(PortResolver) - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
setPortResolver(PortResolver) - Method in class org.springframework.security.web.savedrequest.HttpSessionRequestCache
setPostalAddress(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
setPostalCode(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
setPostAuthenticationChecks(UserDetailsChecker) - Method in class org.springframework.security.authentication.AbstractUserDetailsReactiveAuthenticationManager: Sets the strategy which will be used to validate the loaded UserDetails object after authentication occurs.
setPostAuthenticationChecks(UserDetailsChecker) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
setPostLogoutRedirectUri(String) - Method in class org.springframework.security.oauth2.client.oidc.web.logout.OidcClientInitiatedLogoutSuccessHandler: Set the post logout redirect uri template.
setPostLogoutRedirectUri(String) - Method in class org.springframework.security.oauth2.client.oidc.web.server.logout.OidcClientInitiatedServerLogoutSuccessHandler: Set the post logout redirect uri template.
setPostOnly(boolean) - Method in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter: Defines whether only HTTP POST requests will be allowed by this filter.
setPreAuthenticatedUserDetailsService(AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken>) - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider: Set the AuthenticatedUserDetailsService to be used to load the UserDetails for the authenticated user.
setPreAuthenticationChecks(UserDetailsChecker) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider: Sets the policy will be used to verify the status of the loaded UserDetails before validation of the credentials takes place.
setPrefix(String) - Method in class org.springframework.security.core.authority.mapping.SimpleAuthorityMapper: Sets the prefix which should be added to the authority name (if it doesn't already exist)
setPreload(boolean) - Method in class org.springframework.security.web.header.writers.HstsHeaderWriter: If true, preload will be included in HSTS Header.
setPreload(boolean) - Method in class org.springframework.security.web.server.header.StrictTransportSecurityServerHttpHeadersWriter: Sets if preload should be included.
setPrincipalClaimName(String) - Method in class org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter: Sets the principal claim name.
setPrincipalEnvironmentVariable(String) - Method in class org.springframework.security.web.authentication.preauth.RequestAttributeAuthenticationFilter
setPrincipalExtractor(X509PrincipalExtractor) - Method in class org.springframework.security.web.authentication.preauth.x509.X509AuthenticationFilter
setPrincipalRequestHeader(String) - Method in class org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter
setProcessConfigAttribute(String) - Method in class org.springframework.security.acls.afterinvocation.AbstractAclProvider
setProcessDomainObjectClass(Class<?>) - Method in class org.springframework.security.access.vote.AbstractAclVoter: Deprecated.
setProcessDomainObjectClass(Class<?>) - Method in class org.springframework.security.acls.afterinvocation.AbstractAclProvider
setProperty(String) - Method in class org.springframework.security.taglibs.authz.AuthenticationTag
setProtectedFieldValue(String, Object, Object) - Static method in class org.springframework.security.util.FieldUtils
setProviders(List<?>) - Method in class org.springframework.security.access.intercept.AfterInvocationProviderManager: Deprecated.
setPseudoRandomNumberBytes(int) - Method in class org.springframework.security.core.token.KeyBasedPersistenceTokenService
setPublishAuthorizationSuccess(boolean) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor: Deprecated.

Only AuthorizationFailureEvent will be published.
setQuery(String) - Method in class org.springframework.security.web.util.RedirectUrlBuilder
setQueryString(String) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
setRealm(String) - Method in class org.springframework.security.web.server.authentication.HttpBasicServerAuthenticationEntryPoint: Sets the realm to be used
setRealmName(String) - Method in class org.springframework.security.oauth2.server.resource.web.access.BearerTokenAccessDeniedHandler: Set the default realm name to use in the bearer token error response
setRealmName(String) - Method in class org.springframework.security.oauth2.server.resource.web.access.server.BearerTokenServerAccessDeniedHandler: Set the default realm name to use in the bearer token error response
setRealmName(String) - Method in class org.springframework.security.oauth2.server.resource.web.BearerTokenAuthenticationEntryPoint: Set the default realm name to use in the bearer token error response
setRealmName(String) - Method in class org.springframework.security.oauth2.server.resource.web.server.BearerTokenServerAuthenticationEntryPoint
setRealmName(String) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint
setRealmName(String) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
setRedirectStrategy(RedirectStrategy) - Method in class org.springframework.security.web.access.channel.AbstractRetryEntryPoint: Sets the strategy to be used for redirecting to the required channel URL.
setRedirectStrategy(RedirectStrategy) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler: Allows overriding of the behaviour when redirecting to a target URL.
setRedirectStrategy(RedirectStrategy) - Method in class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler: Allows overriding of the behaviour when redirecting to a target URL.
setRedirectStrategy(RedirectStrategy) - Method in class org.springframework.security.web.session.ConcurrentSessionFilter: Deprecated.
use ConcurrentSessionFilter(SessionRegistry, SessionInformationExpiredStrategy) instead.
setRedirectStrategy(ServerRedirectStrategy) - Method in class org.springframework.security.web.server.authentication.RedirectServerAuthenticationEntryPoint: Sets the RedirectStrategy to use.
setRedirectStrategy(ServerRedirectStrategy) - Method in class org.springframework.security.web.server.authentication.RedirectServerAuthenticationFailureHandler: Sets the RedirectStrategy to use.
setRedirectStrategy(ServerRedirectStrategy) - Method in class org.springframework.security.web.server.authentication.RedirectServerAuthenticationSuccessHandler: The RedirectStrategy to use.
setRedirectUrl(String) - Method in class org.springframework.security.web.savedrequest.SimpleSavedRequest
setRefreshConfigurationOnStartup(boolean) - Method in class org.springframework.security.authentication.jaas.JaasAuthenticationProvider: If set, a call to Configuration#refresh() will be made by #configureJaas(Resource) method.
setRejectPublicInvocations(boolean) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor: Deprecated.

By rejecting public invocations (and setting this property to true), essentially you are ensuring that every secure object invocation advised by AbstractSecurityInterceptor has a configuration attribute defined.
setRelayStateResolver(Converter<HttpServletRequest, String>) - Method in class org.springframework.security.saml2.provider.service.web.authentication.OpenSaml4AuthenticationRequestResolver: Use this Converter to compute the RelayState
setRelyingPartyRegistrationId(String) - Method in class org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal
setRememberMeClass(Class<? extends Authentication>) - Method in class org.springframework.security.authentication.AuthenticationTrustResolverImpl
setRememberMeParameter(String) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
setRememberMeServices(RememberMeServices) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
setRememberMeServices(RememberMeServices) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
setRenameGroupSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
setReportOnly(boolean) - Method in class org.springframework.security.web.header.writers.ContentSecurityPolicyHeaderWriter: If true, includes the Content-Security-Policy-Report-Only header in the response, otherwise, defaults to the Content-Security-Policy header.
setReportOnly(boolean) - Method in class org.springframework.security.web.header.writers.HpkpHeaderWriter: Deprecated.

To get a Public-Key-Pins header you should set this to false, otherwise the header will be Public-Key-Pins-Report-Only.
setReportOnly(boolean) - Method in class org.springframework.security.web.server.header.ContentSecurityPolicyServerHttpHeadersWriter: Set whether to include the Content-Security-Policy-Report-Only header in the response.
setReportUri(String) - Method in class org.springframework.security.web.header.writers.HpkpHeaderWriter: Deprecated.

Sets the URI to which the browser should report pin validation failures.
setReportUri(URI) - Method in class org.springframework.security.web.header.writers.HpkpHeaderWriter: Deprecated.

Sets the URI to which the browser should report pin validation failures.
setRequest(HttpServletRequest) - Method in class org.springframework.security.web.context.HttpRequestResponseHolder: Deprecated.
setRequestCache(RequestCache) - Method in class org.springframework.security.oauth2.client.web.OAuth2AuthorizationCodeGrantFilter: Sets the RequestCache used for loading a previously saved request (if available) and replaying it after completing the processing of the OAuth 2.0 Authorization Response.
setRequestCache(RequestCache) - Method in class org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter: Sets the RequestCache used for storing the current request before redirecting the OAuth 2.0 Authorization Request.
setRequestCache(RequestCache) - Method in class org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler
setRequestCache(ServerRequestCache) - Method in class org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationCodeGrantWebFilter: Sets the ServerRequestCache used for loading a previously saved request (if available) and replaying it after completing the processing of the OAuth 2.0 Authorization Response.
setRequestCache(ServerRequestCache) - Method in class org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationRequestRedirectWebFilter: The request cache to use to save the request before sending a redirect.
setRequestCache(ServerRequestCache) - Method in class org.springframework.security.web.server.authentication.RedirectServerAuthenticationEntryPoint: The request cache to use to save the request before sending a redirect.
setRequestCache(ServerRequestCache) - Method in class org.springframework.security.web.server.authentication.RedirectServerAuthenticationSuccessHandler: Sets the ServerRequestCache used to redirect to.
setRequestCache(ServerRequestCache) - Method in class org.springframework.security.web.server.savedrequest.ServerRequestCacheWebFilter
setRequestEntityConverter(Converter<String, RequestEntity<?>>) - Method in class org.springframework.security.oauth2.server.resource.introspection.NimbusOpaqueTokenIntrospector: Sets the Converter used for converting the OAuth 2.0 access token to a RequestEntity representation of the OAuth 2.0 token introspection request.
setRequestEntityConverter(Converter<String, RequestEntity<?>>) - Method in class org.springframework.security.oauth2.server.resource.introspection.SpringOpaqueTokenIntrospector: Sets the Converter used for converting the OAuth 2.0 access token to a RequestEntity representation of the OAuth 2.0 token introspection request.
setRequestEntityConverter(Converter<JwtBearerGrantRequest, RequestEntity<?>>) - Method in class org.springframework.security.oauth2.client.endpoint.DefaultJwtBearerTokenResponseClient: Sets the Converter used for converting the JwtBearerGrantRequest to a RequestEntity representation of the OAuth 2.0 Access Token Request.
setRequestEntityConverter(Converter<OAuth2AuthorizationCodeGrantRequest, RequestEntity<?>>) - Method in class org.springframework.security.oauth2.client.endpoint.DefaultAuthorizationCodeTokenResponseClient: Sets the Converter used for converting the OAuth2AuthorizationCodeGrantRequest to a RequestEntity representation of the OAuth 2.0 Access Token Request.
setRequestEntityConverter(Converter<OAuth2ClientCredentialsGrantRequest, RequestEntity<?>>) - Method in class org.springframework.security.oauth2.client.endpoint.DefaultClientCredentialsTokenResponseClient: Sets the Converter used for converting the OAuth2ClientCredentialsGrantRequest to a RequestEntity representation of the OAuth 2.0 Access Token Request.
setRequestEntityConverter(Converter<OAuth2PasswordGrantRequest, RequestEntity<?>>) - Method in class org.springframework.security.oauth2.client.endpoint.DefaultPasswordTokenResponseClient: Deprecated.

Sets the Converter used for converting the OAuth2PasswordGrantRequest to a RequestEntity representation of the OAuth 2.0 Access Token Request.
setRequestEntityConverter(Converter<OAuth2RefreshTokenGrantRequest, RequestEntity<?>>) - Method in class org.springframework.security.oauth2.client.endpoint.DefaultRefreshTokenTokenResponseClient: Sets the Converter used for converting the OAuth2RefreshTokenGrantRequest to a RequestEntity representation of the OAuth 2.0 Access Token Request.
setRequestEntityConverter(Converter<OAuth2UserRequest, RequestEntity<?>>) - Method in class org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService: Sets the Converter used for converting the OAuth2UserRequest to a RequestEntity representation of the UserInfo Request.
setRequestHandler(CsrfTokenRequestHandler) - Method in class org.springframework.security.web.csrf.CsrfAuthenticationStrategy: Specify a CsrfTokenRequestHandler to use for making the CsrfToken available as a request attribute.
setRequestHandler(CsrfTokenRequestHandler) - Method in class org.springframework.security.web.csrf.CsrfFilter: Specifies a CsrfTokenRequestHandler that is used to make the CsrfToken available as a request attribute.
setRequestHandler(ServerCsrfTokenRequestHandler) - Method in class org.springframework.security.web.server.csrf.CsrfWebFilter: Specifies a ServerCsrfTokenRequestHandler that is used to make the CsrfToken available as an exchange attribute.
setRequestMatcher(RequestMatcher) - Method in class org.springframework.security.saml2.provider.service.web.authentication.OpenSaml4AuthenticationRequestResolver: Set the RequestMatcher to use for setting the OpenSamlAuthenticationRequestResolver.setRequestMatcher(RequestMatcher) (RequestMatcher)}
setRequestMatcher(RequestMatcher) - Method in class org.springframework.security.saml2.provider.service.web.Saml2MetadataFilter: Set the RequestMatcher that determines whether this filter should handle the incoming HttpServletRequest
setRequestMatcher(RequestMatcher) - Method in class org.springframework.security.web.authentication.AuthenticationFilter
setRequestMatcher(RequestMatcher) - Method in class org.springframework.security.web.header.writers.HstsHeaderWriter: Sets the RequestMatcher used to determine if the "Strict-Transport-Security" should be added.
setRequestMatcher(RequestMatcher) - Method in class org.springframework.security.web.savedrequest.CookieRequestCache: Allows selective use of saved requests for a subset of requests.
setRequestMatcher(RequestMatcher) - Method in class org.springframework.security.web.savedrequest.HttpSessionRequestCache: Allows selective use of saved requests for a subset of requests.
setRequestRejectedHandler(RequestRejectedHandler) - Method in class org.springframework.security.web.FilterChainProxy: Sets the RequestRejectedHandler to be used for requests rejected by the firewall.
setRequestURI(String) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
setRequestURL(String) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
setRequireCsrfProtectionMatcher(ServerWebExchangeMatcher) - Method in class org.springframework.security.web.server.csrf.CsrfWebFilter
setRequireCsrfProtectionMatcher(RequestMatcher) - Method in class org.springframework.security.web.csrf.CsrfFilter: Specifies a RequestMatcher that is used to determine if CSRF protection should be applied.
setRequiresAuthenticationMatcher(ServerWebExchangeMatcher) - Method in class org.springframework.security.web.server.authentication.AuthenticationWebFilter: Sets the matcher used to determine when creating an Authentication from AuthenticationWebFilter.setServerAuthenticationConverter(ServerAuthenticationConverter) to be authentication.
setRequiresAuthenticationRequestMatcher(RequestMatcher) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
setRequiresAuthenticationRequestMatcher(RequestMatcher) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter: Sets the request matcher to check whether to proceed the request further.
setRequiresHttpsRedirectMatcher(ServerWebExchangeMatcher) - Method in class org.springframework.security.web.server.transport.HttpsRedirectWebFilter: Use this ServerWebExchangeMatcher to narrow which requests are redirected to HTTPS.
setRequiresLogoutMatcher(ServerWebExchangeMatcher) - Method in class org.springframework.security.web.server.authentication.logout.LogoutWebFilter
setResolveHiddenInputs(Function<HttpServletRequest, Map<String, String>>) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter: Sets a Function used to resolve a Map of the hidden inputs where the key is the name of the input and the value is the value of the input.
setResolveHiddenInputs(Function<HttpServletRequest, Map<String, String>>) - Method in class org.springframework.security.web.authentication.ui.DefaultLogoutPageGeneratingFilter: Sets a Function used to resolve a Map of the hidden inputs where the key is the name of the input and the value is the value of the input.
setResource(Resource) - Method in class org.springframework.security.config.core.userdetails.ReactiveUserDetailsServiceResourceFactoryBean: Sets a Resource that is a Properties file in the format defined in UserDetailsResourceFactoryBean.
setResource(Resource) - Method in class org.springframework.security.config.core.userdetails.UserDetailsResourceFactoryBean: Sets a Resource that is a Properties file in the format defined in UserDetailsResourceFactoryBean.
setResource(Resource) - Method in class org.springframework.security.config.provisioning.UserDetailsManagerResourceFactoryBean: Sets a Resource that is a Properties file in the format defined in UserDetailsResourceFactoryBean.
setResourceLoader(ResourceLoader) - Method in class org.springframework.security.config.core.userdetails.ReactiveUserDetailsServiceResourceFactoryBean
setResourceLoader(ResourceLoader) - Method in class org.springframework.security.config.core.userdetails.UserDetailsResourceFactoryBean
setResourceLoader(ResourceLoader) - Method in class org.springframework.security.config.crypto.RsaKeyConversionServicePostProcessor
setResourceLoader(ResourceLoader) - Method in class org.springframework.security.config.provisioning.UserDetailsManagerResourceFactoryBean
setResourceLoader(ResourceLoader) - Method in class org.springframework.security.web.authentication.preauth.j2ee.WebXmlMappableAttributesRetriever
setResourceLocation(String) - Method in class org.springframework.security.config.core.userdetails.ReactiveUserDetailsServiceResourceFactoryBean: Sets the location of a Resource that is a Properties file in the format defined in UserDetailsResourceFactoryBean.
setResourceLocation(String) - Method in class org.springframework.security.config.core.userdetails.UserDetailsResourceFactoryBean: Sets the location of a Resource that is a Properties file in the format defined in UserDetailsResourceFactoryBean.
setResourceLocation(String) - Method in class org.springframework.security.config.provisioning.UserDetailsManagerResourceFactoryBean: Sets the location of a Resource that is a Properties file in the format defined in UserDetailsResourceFactoryBean.
setResponse(HttpServletResponse) - Method in class org.springframework.security.web.context.HttpRequestResponseHolder: Deprecated.
setResponseAuthenticationConverter(Converter<OpenSaml4AuthenticationProvider.ResponseToken, ? extends AbstractAuthenticationToken>) - Method in class org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationProvider: Set the Converter to use for converting a validated Response into an AbstractAuthenticationToken.
setResponseElementsDecrypter(Consumer<OpenSaml4AuthenticationProvider.ResponseToken>) - Method in class org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationProvider: Set the Consumer strategy to use for decrypting elements of a validated Response.
setResponseValidator(Converter<OpenSaml4AuthenticationProvider.ResponseToken, Saml2ResponseValidatorResult>) - Method in class org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationProvider: Set the Converter to use for validating the SAML 2.0 Response.
setRestOperations(RestOperations) - Method in class org.springframework.security.oauth2.client.endpoint.DefaultAuthorizationCodeTokenResponseClient: Sets the RestOperations used when requesting the OAuth 2.0 Access Token Response.
setRestOperations(RestOperations) - Method in class org.springframework.security.oauth2.client.endpoint.DefaultClientCredentialsTokenResponseClient: Sets the RestOperations used when requesting the OAuth 2.0 Access Token Response.
setRestOperations(RestOperations) - Method in class org.springframework.security.oauth2.client.endpoint.DefaultJwtBearerTokenResponseClient: Sets the RestOperations used when requesting the OAuth 2.0 Access Token Response.
setRestOperations(RestOperations) - Method in class org.springframework.security.oauth2.client.endpoint.DefaultPasswordTokenResponseClient: Deprecated.

Sets the RestOperations used when requesting the OAuth 2.0 Access Token Response.
setRestOperations(RestOperations) - Method in class org.springframework.security.oauth2.client.endpoint.DefaultRefreshTokenTokenResponseClient: Sets the RestOperations used when requesting the OAuth 2.0 Access Token Response.
setRestOperations(RestOperations) - Method in class org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService: Sets the RestOperations used when requesting the UserInfo resource.
setRethrowAuthenticationServiceException(boolean) - Method in class org.springframework.security.web.authentication.AuthenticationEntryPointFailureHandler: Set whether to rethrow AuthenticationServiceExceptions (defaults to true)
setRethrowAuthenticationServiceException(boolean) - Method in class org.springframework.security.web.server.authentication.ServerAuthenticationEntryPointFailureHandler: Set whether to rethrow AuthenticationServiceExceptions (defaults to true)
setReturningAttributes(String[]) - Method in class org.springframework.security.ldap.search.FilterBasedLdapUserSearch: Specifies the attributes that will be returned as part of the search.
setReturnObject(Object) - Method in interface org.springframework.security.access.expression.method.MethodSecurityExpressionOperations
setReturnObject(Object, EvaluationContext) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
setReturnObject(Object, EvaluationContext) - Method in interface org.springframework.security.access.expression.method.MethodSecurityExpressionHandler: Used to inform the expression system of the return object for the given evaluation context.
setRoleAttributes(String[]) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsMapper: The names of any attributes in the user's entry which represent application roles.
setRoleHierarchy(RoleHierarchy) - Method in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
setRoleHierarchy(RoleHierarchy) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
setRoleHierarchy(RoleHierarchy) - Method in class org.springframework.security.authorization.AuthorityAuthorizationManager: Sets the RoleHierarchy to be used.
setRoleHierarchy(RoleHierarchy) - Method in class org.springframework.security.data.repository.query.SecurityEvaluationContextExtension: Sets the RoleHierarchy to be used.
setRoleMapper(AttributesMapper) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
setRolePrefix(String) - Method in class org.springframework.security.access.intercept.RunAsManagerImpl: Deprecated.

Allows the default role prefix of ROLE_ to be overridden.
setRolePrefix(String) - Method in class org.springframework.security.access.vote.RoleVoter: Deprecated.

Allows the default role prefix of ROLE_ to be overridden.
setRolePrefix(String) - Method in class org.springframework.security.authorization.method.Jsr250AuthorizationManager: Sets the role prefix.
setRolePrefix(String) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl: Allows a default role prefix to be specified.
setRolePrefix(String) - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator: Sets the prefix which will be prepended to the values loaded from the directory.
setRolePrefix(String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsMapper: The prefix that should be applied to the role names
setRolePrefix(String) - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter
setRoomNumber(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
setRoot(String) - Method in class org.springframework.security.config.ldap.EmbeddedLdapServerContextSourceFactoryBean: Optional root suffix for the embedded LDAP server.
setRunAsManager(RunAsManager) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor: Deprecated.
setSaml2AuthenticationUrlToProviderName(Map<String, String>) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
setSaml2LoginEnabled(boolean) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
setSaveRequestMatcher(ServerWebExchangeMatcher) - Method in class org.springframework.security.web.server.savedrequest.CookieServerRequestCache: Sets the matcher to determine if the request should be saved.
setSaveRequestMatcher(ServerWebExchangeMatcher) - Method in class org.springframework.security.web.server.savedrequest.WebSessionServerRequestCache: Sets the matcher to determine if the request should be saved.
setScheduler(Scheduler) - Method in class org.springframework.security.authentication.AbstractUserDetailsReactiveAuthenticationManager: Sets the Scheduler used by the UserDetailsRepositoryReactiveAuthenticationManager.
setScheduler(Scheduler) - Method in class org.springframework.security.authentication.ReactiveAuthenticationManagerAdapter: Set a scheduler that will be published on to perform the authentication logic.
setScheme(String) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
setScheme(String) - Method in class org.springframework.security.web.util.RedirectUrlBuilder
setScope(String) - Method in class org.springframework.security.taglibs.authz.AuthenticationTag
setSearchControls(SearchControls) - Method in class org.springframework.security.ldap.SpringSecurityLdapTemplate: Sets the search controls which will be used for search operations by the template.
setSearchFilter(String) - Method in class org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider: The LDAP filter string to search for the user being authenticated.
setSearchSubtree(boolean) - Method in class org.springframework.security.ldap.search.FilterBasedLdapUserSearch: If true then searches the entire subtree as identified by context, if false (the default) then only searches the level identified by the context.
setSearchSubtree(boolean) - Method in class org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator: If set to true, a subtree scope search will be performed.
setSearchTimeLimit(int) - Method in class org.springframework.security.ldap.search.FilterBasedLdapUserSearch: The time to wait before the search fails; the default is zero, meaning forever.
setSecure(boolean) - Method in class org.springframework.security.web.server.csrf.CookieServerCsrfTokenRepository: Sets the cookie secure flag.
setSecure(Boolean) - Method in class org.springframework.security.web.csrf.CookieCsrfTokenRepository: Sets secure flag of the cookie that the expected CSRF token is saved to and read from.
setSecureKeyword(String) - Method in class org.springframework.security.web.access.channel.SecureChannelProcessor
setSecureRandom(SecureRandom) - Method in class org.springframework.security.core.token.KeyBasedPersistenceTokenService
setSecureRandom(SecureRandom) - Method in class org.springframework.security.web.csrf.XorCsrfTokenRequestAttributeHandler: Specifies the SecureRandom used to generate random bytes that are used to mask the value of the CsrfToken on each request.
setSecureRandom(SecureRandom) - Method in class org.springframework.security.web.server.csrf.XorServerCsrfTokenRequestAttributeHandler: Specifies the SecureRandom used to generate random bytes that are used to mask the value of the CsrfToken on each request.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor: Deprecated.

Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.acls.domain.AclAuthorizationStrategyImpl: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.authentication.jaas.SecurityContextLoginModule: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.authorization.method.PostFilterAuthorizationMethodInterceptor: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.authorization.method.PreFilterAuthorizationMethodInterceptor: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextCallable: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutor: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextRunnable: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.config.method.MethodSecurityBeanDefinitionParser.Jsr250AuthorizationMethodInterceptor
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.config.method.MethodSecurityBeanDefinitionParser.PostAuthorizeAuthorizationMethodInterceptor
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.config.method.MethodSecurityBeanDefinitionParser.PreAuthorizeAuthorizationMethodInterceptor
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.config.method.MethodSecurityBeanDefinitionParser.SecuredAuthorizationMethodInterceptor
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.data.repository.query.SecurityEvaluationContextExtension: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.ldap.authentication.SpringSecurityAuthenticationSource: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.messaging.access.intercept.AuthorizationChannelInterceptor: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.messaging.context.AuthenticationPrincipalArgumentResolver: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.messaging.context.SecurityContextChannelInterceptor
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.oauth2.client.web.method.annotation.OAuth2AuthorizedClientArgumentResolver: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.oauth2.client.web.OAuth2AuthorizationCodeGrantFilter: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.oauth2.server.resource.web.authentication.BearerTokenAuthenticationFilter: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutRequestFilter: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.web.access.ExceptionTranslationFilter: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.web.access.intercept.AuthorizationFilter: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.web.authentication.AnonymousAuthenticationFilter: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.web.authentication.AuthenticationFilter: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.web.authentication.logout.LogoutFilter: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.web.context.HttpSessionSecurityContextRepository: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.web.context.NullSecurityContextRepository: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.web.context.request.async.SecurityContextCallableProcessingInterceptor: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.web.context.RequestAttributeSecurityContextRepository: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper: Deprecated.

Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.web.context.SecurityContextHolderFilter: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.web.context.SecurityContextPersistenceFilter: Deprecated.

Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.web.FilterChainProxy: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.web.jaasapi.JaasApiIntegrationFilter: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.web.method.annotation.AuthenticationPrincipalArgumentResolver: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.web.method.annotation.CurrentSecurityContextArgumentResolver: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestWrapper: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.web.session.ConcurrentSessionFilter: Sets the SecurityContextHolderStrategy to use.
setSecurityContextHolderStrategy(SecurityContextHolderStrategy) - Method in class org.springframework.security.web.session.SessionManagementFilter: Sets the SecurityContextHolderStrategy to use.
setSecurityContextRepository(HttpServletRequest, SecurityContextRepository) - Static method in class org.springframework.security.test.web.support.WebTestUtils: Sets the SecurityContextRepository for the specified HttpServletRequest.
setSecurityContextRepository(SecurityContextRepository) - Method in class org.springframework.security.oauth2.server.resource.web.authentication.BearerTokenAuthenticationFilter: Sets the SecurityContextRepository to save the SecurityContext on authentication success.
setSecurityContextRepository(SecurityContextRepository) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter: Sets the SecurityContextRepository to save the SecurityContext on authentication success.
setSecurityContextRepository(SecurityContextRepository) - Method in class org.springframework.security.web.authentication.AuthenticationFilter: Sets the SecurityContextRepository to save the SecurityContext on authentication success.
setSecurityContextRepository(SecurityContextRepository) - Method in class org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler: Sets the SecurityContextRepository to use.
setSecurityContextRepository(SecurityContextRepository) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter: Sets the SecurityContextRepository to save the SecurityContext on authentication success.
setSecurityContextRepository(SecurityContextRepository) - Method in class org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter: Sets the SecurityContextRepository to save the SecurityContext on authentication success.
setSecurityContextRepository(SecurityContextRepository) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter: Sets the SecurityContextRepository to save the SecurityContext on switch user success.
setSecurityContextRepository(SecurityContextRepository) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter: Sets the SecurityContextRepository to save the SecurityContext on authentication success.
setSecurityContextRepository(SecurityContextRepository) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter: Sets the SecurityContextRepository to save the SecurityContext on authentication success.
setSecurityContextRepository(SecurityContextRepository) - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter: Sets the SecurityContextRepository to use.
setSecurityContextRepository(ServerSecurityContextRepository) - Method in class org.springframework.security.web.server.authentication.AuthenticationWebFilter: Sets the repository for persisting the SecurityContext.
setSecurityContextRepository(ServerSecurityContextRepository) - Method in class org.springframework.security.web.server.authentication.logout.SecurityContextServerLogoutHandler: Sets the ServerSecurityContextRepository that should be used for logging out.
setSecurityContextRepository(ServerSecurityContextRepository) - Method in class org.springframework.security.web.server.authentication.SwitchUserWebFilter: Sets the repository for persisting the SecurityContext.
setSecurityInterceptor(AbstractSecurityInterceptor) - Method in class org.springframework.security.access.intercept.MethodInvocationPrivilegeEvaluator: Deprecated.
setSecurityMetadataSource(MethodSecurityMetadataSource) - Method in class org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor: Deprecated.
setSecurityMetadataSource(FilterInvocationSecurityMetadataSource) - Method in class org.springframework.security.web.access.channel.ChannelProcessingFilter
setSecurityMetadataSource(FilterInvocationSecurityMetadataSource) - Method in class org.springframework.security.web.access.intercept.FilterSecurityInterceptor: Deprecated.
setSeed(Resource) - Method in class org.springframework.security.core.token.SecureRandomFactoryBean: Allows the user to specify a resource which will act as a seed for the SecureRandom instance.
setSelectClause(String) - Method in class org.springframework.security.acls.jdbc.BasicLookupStrategy: The SQL for the select clause.
setSeriesLength(int) - Method in class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices
setServerAuthenticationConverter(ServerAuthenticationConverter) - Method in class org.springframework.security.web.server.authentication.AuthenticationWebFilter: Sets the strategy used for converting from a ServerWebExchange to an Authentication used for authenticating with the provided ReactiveAuthenticationManager.
setServerInteger(Integer) - Method in class org.springframework.security.core.token.KeyBasedPersistenceTokenService
setServerName(String) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
setServerName(String) - Method in class org.springframework.security.web.util.RedirectUrlBuilder
setServerPort(int) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
setServerSecret(String) - Method in class org.springframework.security.core.token.KeyBasedPersistenceTokenService
setServletContext(ServletContext) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
setServletContext(ServletContext) - Method in class org.springframework.security.web.access.AuthorizationManagerWebInvocationPrivilegeEvaluator
setServletContext(ServletContext) - Method in class org.springframework.security.web.access.DefaultWebInvocationPrivilegeEvaluator: Deprecated.
setServletContext(ServletContext) - Method in class org.springframework.security.web.access.RequestMatcherDelegatingWebInvocationPrivilegeEvaluator
setServletPath(String) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest.Builder
setServletPath(String) - Method in class org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher: The servlet path to match on.
setServletPath(String) - Method in class org.springframework.security.web.util.RedirectUrlBuilder
setSessionAttributeName(String) - Method in class org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository: Sets the HttpSession attribute name that the CsrfToken is stored in
setSessionAttributeName(String) - Method in class org.springframework.security.web.server.csrf.WebSessionServerCsrfTokenRepository: Sets the HttpSession attribute name that the CsrfToken is stored in
setSessionAttrName(String) - Method in class org.springframework.security.web.savedrequest.HttpSessionRequestCache: If the sessionAttrName property is set, the request is stored in the session using this attribute name.
setSessionAuthenticationStrategy(SessionAuthenticationStrategy) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter: The session handling strategy which will be invoked immediately after an authentication request is successfully processed by the AuthenticationManager.
setSharedObject(Class<C>, C) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder: Sets an object that is shared by multiple SecurityConfigurer.
setSharedObject(Class<C>, C) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
setSharedObject(Class<C>, C) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder: Sets an object that is shared by multiple SecurityConfigurer.
setShouldFilterAllDispatcherTypes(boolean) - Method in class org.springframework.security.web.access.intercept.AuthorizationFilter: Sets whether to filter all dispatcher types.
setShouldWriteHeadersEagerly(boolean) - Method in class org.springframework.security.web.header.HeaderWriterFilter: Allow writing headers at the beginning of the request.
setSidIdentityQuery(String) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService: Sets the query that will be used to retrieve the identity of a newly created row in the acl_sid table.
setSidPrimaryKeyQuery(String) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
setSidRetrievalStrategy(SidRetrievalStrategy) - Method in class org.springframework.security.acls.AclEntryVoter
setSidRetrievalStrategy(SidRetrievalStrategy) - Method in class org.springframework.security.acls.AclPermissionCacheOptimizer
setSidRetrievalStrategy(SidRetrievalStrategy) - Method in class org.springframework.security.acls.AclPermissionEvaluator
setSidRetrievalStrategy(SidRetrievalStrategy) - Method in class org.springframework.security.acls.afterinvocation.AbstractAclProvider
setSidRetrievalStrategy(SidRetrievalStrategy) - Method in class org.springframework.security.acls.domain.AclAuthorizationStrategyImpl
setSn(String) - Method in class org.springframework.security.ldap.userdetails.Person.Essence
setSpringSecurityContextAttrName(String) - Method in class org.springframework.security.web.server.context.WebSessionServerSecurityContextRepository: Sets the session attribute name used to save and load the SecurityContext
setSpringSecurityContextKey(String) - Method in class org.springframework.security.web.context.HttpSessionSecurityContextRepository: Allows the session attribute name to be customized for this repository instance.
setStrategyName(String) - Static method in class org.springframework.security.core.context.SecurityContextHolder: Changes the preferred strategy.
setStreet(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
setStringSeparator(String) - Method in class org.springframework.security.core.authority.mapping.MapBasedAttributes2GrantedAuthoritiesMapper
setSubjectDnRegex(String) - Method in class org.springframework.security.web.authentication.preauth.x509.SubjectDnX509PrincipalExtractor: Sets the regular expression which will by used to extract the user name from the certificate's Subject DN.
setSuccessHandler(AuthenticationSuccessHandler) - Method in class org.springframework.security.web.authentication.AuthenticationFilter
setSuccessHandler(AuthenticationSuccessHandler) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter: Used to define custom behaviour on a successful switch or exit user.
setSwitchAuthorityRole(String) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter: Allows the role of the switchAuthority to be customized.
setSwitchFailureUrl(String) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter: Sets the URL to which a user should be redirected if the switch fails.
setSwitchUserAuthorityChanger(SwitchUserAuthorityChanger) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
setSwitchUserMatcher(ServerWebExchangeMatcher) - Method in class org.springframework.security.web.server.authentication.SwitchUserWebFilter: Set the matcher to respond to switch user processing.
setSwitchUserMatcher(RequestMatcher) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter: Set the matcher to respond to switch user processing.
setSwitchUserUrl(String) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter: Set the URL to respond to switch user processing.
setSwitchUserUrl(String) - Method in class org.springframework.security.web.server.authentication.SwitchUserWebFilter: Set the URL to respond to switch user processing.
setTargetUrl(String) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter: Sets the URL to go to after a successful switch / exit user request.
setTargetUrlParameter(String) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler: If this property is set, the current request will be checked for this a parameter with this name and the value used as the target URL if present.
setTelephoneNumber(String) - Method in class org.springframework.security.ldap.userdetails.Person.Essence
setThrowableAnalyzer(ThrowableAnalyzer) - Method in class org.springframework.security.web.access.ExceptionTranslationFilter
setThrowExceptionWhenTokenRejected(boolean) - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider: If true, causes the provider to throw a BadCredentialsException if the presented authentication request is invalid (contains a null principal or credentials).
setTimeBeforeExpiration(int) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
setTitle(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
setTokenFromMultipartDataEnabled(boolean) - Method in class org.springframework.security.web.server.csrf.ServerCsrfTokenRequestAttributeHandler: Specifies if the ServerCsrfTokenRequestResolver should try to resolve the actual CSRF token from the body of multipart data requests.
setTokenLength(int) - Method in class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices
setTokenValiditySeconds(int) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
setTokenValiditySeconds(int) - Method in class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices
setTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler: Sets the AuthenticationTrustResolver to be used.
setTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.access.expression.SecurityExpressionRoot
setTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.authorization.AuthenticatedAuthorizationManager: Sets the AuthenticationTrustResolver to be used.
setTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.data.repository.query.SecurityEvaluationContextExtension: Sets the AuthenticationTrustResolver to be used.
setTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.messaging.access.expression.DefaultMessageSecurityExpressionHandler
setTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.web.access.expression.DefaultHttpSecurityExpressionHandler: Sets the AuthenticationTrustResolver to be used.
setTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler: Sets the AuthenticationTrustResolver to be used.
setTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.web.context.HttpSessionSecurityContextRepository: Sets the AuthenticationTrustResolver to be used.
setTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter: Sets the AuthenticationTrustResolver to be used.
setTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.web.session.SessionManagementFilter: Sets the AuthenticationTrustResolver to be used.
setUid(String) - Method in class org.springframework.security.ldap.userdetails.InetOrgPerson.Essence
setUnsafeAllowAnyHttpMethod(boolean) - Method in class org.springframework.security.web.firewall.StrictHttpFirewall: Sets if any HTTP method is allowed.
setup() - Method in class org.springframework.security.config.annotation.rsocket.RSocketSecurity.AuthorizePayloadsSpec
setup() - Static method in class org.springframework.security.rsocket.util.matcher.PayloadExchangeMatchers
SETUP - Enum constant in enum class org.springframework.security.rsocket.api.PayloadExchangeType: The Setup.
setupBefore() - Element in annotation interface org.springframework.security.test.context.support.WithAnonymousUser: Determines when the SecurityContext is setup.
setupBefore() - Element in annotation interface org.springframework.security.test.context.support.WithMockUser: Determines when the SecurityContext is setup.
setupBefore() - Element in annotation interface org.springframework.security.test.context.support.WithSecurityContext: Determines when the SecurityContext is setup.
setupBefore() - Element in annotation interface org.springframework.security.test.context.support.WithUserDetails: Determines when the SecurityContext is setup.
setUpdateObjectIdentity(String) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService
setUpdateUserSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
setupModule(Module.SetupContext) - Method in class org.springframework.security.jackson2.CoreJackson2Module
setupModule(Module.SetupContext) - Method in class org.springframework.security.ldap.jackson2.LdapJackson2Module
setupModule(Module.SetupContext) - Method in class org.springframework.security.oauth2.client.jackson2.OAuth2ClientJackson2Module
setupModule(Module.SetupContext) - Method in class org.springframework.security.saml2.jackson2.Saml2Jackson2Module
setupModule(Module.SetupContext) - Method in class org.springframework.security.web.jackson2.WebJackson2Module
setupModule(Module.SetupContext) - Method in class org.springframework.security.web.jackson2.WebServletJackson2Module
setupModule(Module.SetupContext) - Method in class org.springframework.security.web.server.jackson2.WebServerJackson2Module
setUrl(String) - Method in class org.springframework.security.taglibs.authz.AbstractAuthorizeTag
setUseAuthenticationRequestCredentials(boolean) - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider: Determines whether the supplied password will be used as the credentials in the successful authentication token.
setUseEquals(boolean) - Method in class org.springframework.security.web.server.util.matcher.MediaTypeServerWebExchangeMatcher: If set to true, matches on exact MediaType, else uses MediaType.isCompatibleWith(MediaType).
setUseEquals(boolean) - Method in class org.springframework.security.web.util.matcher.MediaTypeRequestMatcher: If set to true, matches on exact MediaType, else uses MediaType.isCompatibleWith(MediaType).
setUseForward(boolean) - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint: Tells if we are to do a forward to the loginFormUrl using the RequestDispatcher, instead of a 302 redirect.
setUseForward(boolean) - Method in class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler: If set to true, performs a forward to the failure destination URL instead of a redirect.
setUsePasswordAttrCompare(boolean) - Method in class org.springframework.security.ldap.authentication.PasswordComparisonAuthenticator
setUsePasswordModifyExtensionOperation(boolean) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager: Sets the method by which a user's password gets modified.
setUserAttributes(String[]) - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticator: Sets the user attributes which will be retrieved from the directory.
setUserCache(UserCache) - Method in class org.springframework.security.authentication.CachingUserDetailsService
setUserCache(UserCache) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
setUserCache(UserCache) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager: Optionally sets the UserCache if one is in use in the application.
setUserCache(UserCache) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
setUserDetailsChecker(UserDetailsChecker) - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider: Sets the strategy which will be used to validate the loaded UserDetails object for the user.
setUserDetailsChecker(UserDetailsChecker) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices: Sets the strategy to be used to validate the UserDetails object obtained for the user when processing a remember-me cookie to automatically log in a user.
setUserDetailsChecker(UserDetailsChecker) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter: Sets the UserDetailsChecker that is called on the target user whenever the user is switched.
setUserDetailsContextMapper(UserDetailsContextMapper) - Method in class org.springframework.security.config.ldap.AbstractLdapAuthenticationManagerFactory: Sets a custom strategy to be used for creating the UserDetails which will be stored as the principal in the Authentication.
setUserDetailsContextMapper(UserDetailsContextMapper) - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider: Allows a custom strategy to be used for creating the UserDetails which will be stored as the principal in the Authentication returned by the AbstractLdapAuthenticationProvider.createSuccessfulAuthentication(org.springframework.security.authentication.UsernamePasswordAuthenticationToken, org.springframework.security.core.userdetails.UserDetails) method.
setUserDetailsMapper(UserDetailsContextMapper) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
setUserDetailsMapper(UserDetailsContextMapper) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsService
setUserDetailsPasswordService(ReactiveUserDetailsPasswordService) - Method in class org.springframework.security.authentication.AbstractUserDetailsReactiveAuthenticationManager: Sets the service to use for upgrading passwords on successful authentication.
setUserDetailsPasswordService(UserDetailsPasswordService) - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
setUserDetailsService(UserDetailsService) - Method in class org.springframework.security.authentication.dao.DaoAuthenticationProvider
setUserDetailsService(UserDetailsService) - Method in class org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper: Set the wrapped UserDetailsService implementation
setUserDetailsService(UserDetailsService) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter: Sets the authentication data access object.
setUserDetailsService(UserDetailsService) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
setUserDnPatterns(String...) - Method in class org.springframework.security.config.ldap.AbstractLdapAuthenticationManagerFactory: If your users are at a fixed location in the directory (i.e.
setUserDnPatterns(String[]) - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticator: Sets the pattern which will be used to supply a DN for the user.
setUseReferer(boolean) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler: If set to true the Referer header will be used (if available).
setUserExistsSql(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
setUsername(String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.Essence
setUsernameBasedPrimaryKey(boolean) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl: If true (the default), indicates the JdbcDaoImpl.getUsersByUsernameQuery() returns a username in response to a query.
setUsernameMapper(LdapUsernameToDnMapper) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
setUsernameParameter(String) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter: Allows the parameter containing the username to be customized.
setUsernameParameter(String) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
setUsernameParameter(String) - Method in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter: Sets the parameter name which will be used to obtain the username from the login request.
setUsernameParameter(String) - Method in class org.springframework.security.web.server.ServerFormLoginAuthenticationConverter: Deprecated.

The parameter name of the form data to extract the username
setUserRoles2GrantedAuthoritiesMapper(Attributes2GrantedAuthoritiesMapper) - Method in class org.springframework.security.web.authentication.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource
setUsersByUsernameQuery(String) - Method in class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl: Allows the default query string used to retrieve users based on username to be overridden, if default table or column names need to be changed.
setUserSearch(LdapUserSearch) - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticator
setUserSearchBase(String) - Method in class org.springframework.security.config.ldap.AbstractLdapAuthenticationManagerFactory: Search base for user searches.
setUserSearchFilter(String) - Method in class org.springframework.security.config.ldap.AbstractLdapAuthenticationManagerFactory: The LDAP filter used to search for users (optional).
setUseSecureCookie(boolean) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices: Whether the cookie should be flagged as secure or not.
setValidateConfigAttributes(boolean) - Method in class org.springframework.security.access.intercept.AbstractSecurityInterceptor: Deprecated.
setVar(String) - Method in class org.springframework.security.taglibs.authz.AccessControlListTag
setVar(String) - Method in class org.springframework.security.taglibs.authz.AuthenticationTag
setVar(String) - Method in class org.springframework.security.taglibs.authz.JspAuthorizeTag
setWebClient(WebClient) - Method in class org.springframework.security.oauth2.client.endpoint.AbstractWebClientReactiveOAuth2AccessTokenResponseClient: Sets the WebClient used when requesting the OAuth 2.0 Access Token Response.
setWebClient(WebClient) - Method in class org.springframework.security.oauth2.client.userinfo.DefaultReactiveOAuth2UserService: Sets the WebClient used for retrieving the user endpoint
setWebSphereGroups2GrantedAuthoritiesMapper(Attributes2GrantedAuthoritiesMapper) - Method in class org.springframework.security.web.authentication.preauth.websphere.WebSpherePreAuthenticatedWebAuthenticationDetailsSource
setWorkingDirectory(File) - Method in class org.springframework.security.ldap.server.ApacheDSContainer: Deprecated.
sha(byte[]) - Static method in class org.springframework.security.core.token.Sha512DigestUtils: Calculates the SHA digest and returns the value as a byte[].
sha(String) - Static method in class org.springframework.security.core.token.Sha512DigestUtils: Calculates the SHA digest and returns the value as a byte[].
SHA256 - Enum constant in enum class org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices.RememberMeTokenAlgorithm
Sha512DigestUtils - Class in org.springframework.security.core.token: Provides SHA512 digest methods.
Sha512DigestUtils() - Constructor for class org.springframework.security.core.token.Sha512DigestUtils
shaHex(byte[]) - Static method in class org.springframework.security.core.token.Sha512DigestUtils: Calculates the SHA digest and returns the value as a hex string.
shaHex(String) - Static method in class org.springframework.security.core.token.Sha512DigestUtils: Calculates the SHA digest and returns the value as a hex string.
shared(int) - Static method in class org.springframework.security.crypto.keygen.KeyGenerators: Create a BytesKeyGenerator that returns a single, shared SecureRandom key of a custom length.
shouldFilterAllDispatcherTypes(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry: Sets whether all dispatcher types should be filtered.
shouldNotFilter(HttpServletRequest) - Method in class org.springframework.security.web.csrf.CsrfFilter
shutdown() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
shutdownNow() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
Sid - Interface in org.springframework.security.acls.model: A security identity recognised by the ACL system.
sidRetrievalStrategy - Variable in class org.springframework.security.acls.afterinvocation.AbstractAclProvider
SidRetrievalStrategy - Interface in org.springframework.security.acls.model: Strategy interface that provides an ability to determine the Sid instances applicable for an Authentication.
SidRetrievalStrategyImpl - Class in org.springframework.security.acls.domain: Basic implementation of SidRetrievalStrategy that creates a Sid for the principal, as well as every granted authority the principal holds.
SidRetrievalStrategyImpl() - Constructor for class org.springframework.security.acls.domain.SidRetrievalStrategyImpl
SidRetrievalStrategyImpl(RoleHierarchy) - Constructor for class org.springframework.security.acls.domain.SidRetrievalStrategyImpl
SIG_ALG - Static variable in class org.springframework.security.saml2.core.Saml2ParameterNames: SigAlg - used to communicate which signature algorithm to use to verify signature
sigAlg(String) - Method in class org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest.Builder: Sets the SigAlg parameter that will accompany this AuthNRequest
signature(String) - Method in class org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest.Builder: Sets the Signature parameter that will accompany this AuthNRequest
SIGNATURE - Static variable in class org.springframework.security.saml2.core.Saml2ParameterNames: Signature - used to supply cryptographic signature on any SAML 2.0 payload
signatureAlgorithm(SignatureAlgorithm) - Method in class org.springframework.security.oauth2.jwt.NimbusJwtDecoder.PublicKeyJwtDecoderBuilder: Use the given signing algorithm.
signatureAlgorithm(SignatureAlgorithm) - Method in class org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder.PublicKeyReactiveJwtDecoderBuilder: Use the given signing algorithm.
SignatureAlgorithm - Enum Class in org.springframework.security.oauth2.jose.jws: An enumeration of the cryptographic algorithms defined by the JSON Web Algorithms (JWA) specification and used by JSON Web Signature (JWS) to digitally sign the contents of the JWS Protected Header and JWS Payload.
signing(PrivateKey, X509Certificate) - Static method in class org.springframework.security.saml2.core.Saml2X509Credential: Create a Saml2X509Credential that can be used for signing.
SIGNING - Enum constant in enum class org.springframework.security.saml2.core.Saml2X509Credential.Saml2X509CredentialType
signingAlgorithms(Consumer<List<String>>) - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails.Builder: Apply this Consumer to the list of SigningMethod Algorithms
signingX509Credentials(Consumer<Collection<Saml2X509Credential>>) - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.Builder: Apply this Consumer to the Collection of Saml2X509Credentials for the purposes of modifying the Collection
SimpDestinationMessageMatcher - Class in org.springframework.security.messaging.util.matcher: MessageMatcher which compares a pre-defined pattern against the destination of a Message.
SimpDestinationMessageMatcher(String) - Constructor for class org.springframework.security.messaging.util.matcher.SimpDestinationMessageMatcher: Creates a new instance with the specified pattern, null SimpMessageType (matches any type), and a AntPathMatcher created from the default constructor.
SimpDestinationMessageMatcher(String, PathMatcher) - Constructor for class org.springframework.security.messaging.util.matcher.SimpDestinationMessageMatcher: Creates a new instance with the specified pattern and PathMatcher.
simpDestMatchers(String...) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry: Deprecated.

Maps a List of SimpDestinationMessageMatcher instances without regard to the SimpMessageType.
simpDestMatchers(String...) - Method in class org.springframework.security.messaging.access.intercept.MessageMatcherDelegatingAuthorizationManager.Builder: Maps a List of SimpDestinationMessageMatcher instances without regard to the SimpMessageType.
simpDestPathMatcher(Supplier<PathMatcher>) - Method in class org.springframework.security.messaging.access.intercept.MessageMatcherDelegatingAuthorizationManager.Builder: The PathMatcher to be used with the MessageMatcherDelegatingAuthorizationManager.Builder.simpDestMatchers(String...).
simpDestPathMatcher(PathMatcher) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry: Deprecated.

The PathMatcher to be used with the MessageSecurityMetadataSourceRegistry.simpDestMatchers(String...).
simpDestPathMatcher(PathMatcher) - Method in class org.springframework.security.messaging.access.intercept.MessageMatcherDelegatingAuthorizationManager.Builder: The PathMatcher to be used with the MessageMatcherDelegatingAuthorizationManager.Builder.simpDestMatchers(String...).
SimpleAttributes2GrantedAuthoritiesMapper - Class in org.springframework.security.core.authority.mapping: This class implements the Attributes2GrantedAuthoritiesMapper interface by doing a one-to-one mapping from roles to Spring Security GrantedAuthorities.
SimpleAttributes2GrantedAuthoritiesMapper() - Constructor for class org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper
simpleAuthentication(Customizer<RSocketSecurity.SimpleAuthenticationSpec>) - Method in class org.springframework.security.config.annotation.rsocket.RSocketSecurity: Adds support for validating a username and password using Simple Authentication
SimpleAuthenticationEncoder - Class in org.springframework.security.rsocket.metadata: Encodes Simple Authentication.
SimpleAuthenticationEncoder() - Constructor for class org.springframework.security.rsocket.metadata.SimpleAuthenticationEncoder
SimpleAuthorityMapper - Class in org.springframework.security.core.authority.mapping: Simple one-to-one GrantedAuthoritiesMapper which allows for case conversion of the authority name and the addition of a string prefix (which defaults to ROLE_ ).
SimpleAuthorityMapper() - Constructor for class org.springframework.security.core.authority.mapping.SimpleAuthorityMapper
SimpleGrantedAuthority - Class in org.springframework.security.core.authority: Basic concrete implementation of a GrantedAuthority.
SimpleGrantedAuthority(String) - Constructor for class org.springframework.security.core.authority.SimpleGrantedAuthority
SimpleGrantedAuthorityMixin - Class in org.springframework.security.jackson2: Jackson Mixin class helps in serialize/deserialize SimpleGrantedAuthority.
SimpleGrantedAuthorityMixin(String) - Constructor for class org.springframework.security.jackson2.SimpleGrantedAuthorityMixin: Mixin Constructor.
SimpleMappableAttributesRetriever - Class in org.springframework.security.core.authority.mapping: This class implements the MappableAttributesRetriever interface by just returning a list of mappable attributes as previously set using the corresponding setter method.
SimpleMappableAttributesRetriever() - Constructor for class org.springframework.security.core.authority.mapping.SimpleMappableAttributesRetriever
SimpleMethodInvocation - Class in org.springframework.security.util: Represents the AOP Alliance MethodInvocation.
SimpleMethodInvocation() - Constructor for class org.springframework.security.util.SimpleMethodInvocation
SimpleMethodInvocation(Object, Method, Object...) - Constructor for class org.springframework.security.util.SimpleMethodInvocation
SimpleRedirectInvalidSessionStrategy - Class in org.springframework.security.web.session: Performs a redirect to a fixed URL when an invalid requested session is detected by the SessionManagementFilter.
SimpleRedirectInvalidSessionStrategy(String) - Constructor for class org.springframework.security.web.session.SimpleRedirectInvalidSessionStrategy
SimpleRedirectSessionInformationExpiredStrategy - Class in org.springframework.security.web.session: Performs a redirect to a fixed URL when an expired session is detected by the ConcurrentSessionFilter.
SimpleRedirectSessionInformationExpiredStrategy(String) - Constructor for class org.springframework.security.web.session.SimpleRedirectSessionInformationExpiredStrategy
SimpleRedirectSessionInformationExpiredStrategy(String, RedirectStrategy) - Constructor for class org.springframework.security.web.session.SimpleRedirectSessionInformationExpiredStrategy
SimpleSavedRequest - Class in org.springframework.security.web.savedrequest: A Bean implementation of SavedRequest
SimpleSavedRequest() - Constructor for class org.springframework.security.web.savedrequest.SimpleSavedRequest
SimpleSavedRequest(String) - Constructor for class org.springframework.security.web.savedrequest.SimpleSavedRequest
SimpleSavedRequest(SavedRequest) - Constructor for class org.springframework.security.web.savedrequest.SimpleSavedRequest
SimpleUrlAuthenticationFailureHandler - Class in org.springframework.security.web.authentication: AuthenticationFailureHandler which performs a redirect to the value of the defaultFailureUrl property when the onAuthenticationFailure method is called.
SimpleUrlAuthenticationFailureHandler() - Constructor for class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
SimpleUrlAuthenticationFailureHandler(String) - Constructor for class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
SimpleUrlAuthenticationSuccessHandler - Class in org.springframework.security.web.authentication: AuthenticationSuccessHandler which can be configured with a default URL which users should be sent to upon successful authentication.
SimpleUrlAuthenticationSuccessHandler() - Constructor for class org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler
SimpleUrlAuthenticationSuccessHandler(String) - Constructor for class org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler: Constructor which sets the defaultTargetUrl property of the base class.
SimpleUrlLogoutSuccessHandler - Class in org.springframework.security.web.authentication.logout: Handles the navigation on logout by delegating to the AbstractAuthenticationTargetUrlRequestHandler base class logic.
SimpleUrlLogoutSuccessHandler() - Constructor for class org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler
simpMessageDestMatchers(String...) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry: Deprecated.

Maps a List of SimpDestinationMessageMatcher instances that match on SimpMessageType.MESSAGE.
simpMessageDestMatchers(String...) - Method in class org.springframework.security.messaging.access.intercept.MessageMatcherDelegatingAuthorizationManager.Builder: Maps a List of SimpDestinationMessageMatcher instances that match on SimpMessageType.MESSAGE.
SimpMessageTypeMatcher - Class in org.springframework.security.messaging.util.matcher: A MessageMatcher that matches if the provided Message has a type that is the same as the SimpMessageType that was specified in the constructor.
SimpMessageTypeMatcher(SimpMessageType) - Constructor for class org.springframework.security.messaging.util.matcher.SimpMessageTypeMatcher: Creates a new instance
simpSubscribeDestMatchers(String...) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry: Deprecated.

Maps a List of SimpDestinationMessageMatcher instances that match on SimpMessageType.SUBSCRIBE.
simpSubscribeDestMatchers(String...) - Method in class org.springframework.security.messaging.access.intercept.MessageMatcherDelegatingAuthorizationManager.Builder: Maps a List of SimpDestinationMessageMatcher instances that match on SimpMessageType.SUBSCRIBE.
simpTypeMatchers(SimpMessageType...) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry: Deprecated.

Maps a List of SimpDestinationMessageMatcher instances.
simpTypeMatchers(SimpMessageType...) - Method in class org.springframework.security.messaging.access.intercept.MessageMatcherDelegatingAuthorizationManager.Builder: Maps a List of SimpDestinationMessageMatcher instances.
singleLogoutServiceBinding(Saml2MessageBinding) - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails.Builder: Set the SingleLogoutService Binding
singleLogoutServiceBinding(Saml2MessageBinding) - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.Builder: Set the SingleLogoutService Binding
singleLogoutServiceBindings(Consumer<Collection<Saml2MessageBinding>>) - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.Builder: Apply this Consumer to the Collection of Saml2MessageBindings for the purposes of modifying the SingleLogoutService Binding Collection.
singleLogoutServiceLocation(String) - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails.Builder: Set the SingleLogoutService Location
singleLogoutServiceLocation(String) - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.Builder: Set the SingleLogoutService Location
singleLogoutServiceResponseLocation(String) - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails.Builder: Set the SingleLogoutService Response Location
singleLogoutServiceResponseLocation(String) - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.Builder: Set the SingleLogoutService Response Location
singleSignOnServiceBinding(Saml2MessageBinding) - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails.Builder: Set the SingleSignOnService Binding.
singleSignOnServiceLocation(String) - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails.Builder: Set the SingleSignOnService Location.
skipExchange(ServerWebExchange) - Static method in class org.springframework.security.web.server.csrf.CsrfWebFilter
skipRequest(HttpServletRequest) - Static method in class org.springframework.security.web.csrf.CsrfFilter
SPRING_SECURITY_CONTEXT_KEY - Static variable in class org.springframework.security.web.context.HttpSessionSecurityContextRepository: The default key under which the security context will be stored in the session.
SPRING_SECURITY_FILTER_CHAIN - Static variable in class org.springframework.security.config.BeanIds: External alias for FilterChainProxy bean, for use in web.xml files
SPRING_SECURITY_FORM_PASSWORD_KEY - Static variable in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
SPRING_SECURITY_FORM_USERNAME_KEY - Static variable in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY - Static variable in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
SPRING_SECURITY_SWITCH_USERNAME_KEY - Static variable in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
SPRING_SECURITY_SWITCH_USERNAME_KEY - Static variable in class org.springframework.security.web.server.authentication.SwitchUserWebFilter
SpringAuthorizationEventPublisher - Class in org.springframework.security.authorization: An implementation of AuthorizationEventPublisher that uses Spring's event publishing support.
SpringAuthorizationEventPublisher(ApplicationEventPublisher) - Constructor for class org.springframework.security.authorization.SpringAuthorizationEventPublisher: Construct this publisher using Spring's ApplicationEventPublisher
SpringCacheBasedAclCache - Class in org.springframework.security.acls.domain: Simple implementation of AclCache that delegates to Cache implementation.
SpringCacheBasedAclCache(Cache, PermissionGrantingStrategy, AclAuthorizationStrategy) - Constructor for class org.springframework.security.acls.domain.SpringCacheBasedAclCache
SpringCacheBasedUserCache - Class in org.springframework.security.core.userdetails.cache: Caches UserDetails instances in a Spring defined Cache.
SpringCacheBasedUserCache(Cache) - Constructor for class org.springframework.security.core.userdetails.cache.SpringCacheBasedUserCache
SpringOpaqueTokenIntrospector - Class in org.springframework.security.oauth2.server.resource.introspection: A Spring implementation of OpaqueTokenIntrospector that verifies and introspects a token using the configured OAuth 2.0 Introspection Endpoint.
SpringOpaqueTokenIntrospector(String, String, String) - Constructor for class org.springframework.security.oauth2.server.resource.introspection.SpringOpaqueTokenIntrospector: Creates a OpaqueTokenAuthenticationProvider with the provided parameters
SpringOpaqueTokenIntrospector(String, RestOperations) - Constructor for class org.springframework.security.oauth2.server.resource.introspection.SpringOpaqueTokenIntrospector: Creates a OpaqueTokenAuthenticationProvider with the provided parameters The given RestOperations should perform its own client authentication against the introspection endpoint.
SpringReactiveOpaqueTokenIntrospector - Class in org.springframework.security.oauth2.server.resource.introspection: A Spring implementation of ReactiveOpaqueTokenIntrospector that verifies and introspects a token using the configured OAuth 2.0 Introspection Endpoint.
SpringReactiveOpaqueTokenIntrospector(String, String, String) - Constructor for class org.springframework.security.oauth2.server.resource.introspection.SpringReactiveOpaqueTokenIntrospector: Creates a OpaqueTokenReactiveAuthenticationManager with the provided parameters
SpringReactiveOpaqueTokenIntrospector(String, WebClient) - Constructor for class org.springframework.security.oauth2.server.resource.introspection.SpringReactiveOpaqueTokenIntrospector: Creates a OpaqueTokenReactiveAuthenticationManager with the provided parameters
springSecurity() - Static method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers: Sets up Spring Security's WebTestClient test support
springSecurity() - Static method in class org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers: Configures the MockMvcBuilder for use with Spring Security.
springSecurity(Filter) - Static method in class org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers: Configures the MockMvcBuilder for use with Spring Security.
SpringSecurityAuthenticationSource - Class in org.springframework.security.ldap.authentication: An AuthenticationSource to retrieve authentication information stored in Spring Security's SecurityContextHolder.
SpringSecurityAuthenticationSource() - Constructor for class org.springframework.security.ldap.authentication.SpringSecurityAuthenticationSource
SpringSecurityCoreVersion - Class in org.springframework.security.core: Internal class used for checking version compatibility in a deployed application.
springSecurityFilterChain() - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration: Creates the Spring Security Filter Chain
SpringSecurityLdapTemplate - Class in org.springframework.security.ldap: Extension of Spring LDAP's LdapTemplate class which adds extra functionality required by Spring Security.
SpringSecurityLdapTemplate(ContextSource) - Constructor for class org.springframework.security.ldap.SpringSecurityLdapTemplate
SpringSecurityMessageSource - Class in org.springframework.security.core: The default MessageSource used by Spring Security.
SpringSecurityMessageSource() - Constructor for class org.springframework.security.core.SpringSecurityMessageSource
standard(CharSequence, CharSequence) - Static method in class org.springframework.security.crypto.encrypt.Encryptors: Creates a standard password-based bytes encryptor using 256 bit AES encryption.
StandardClaimAccessor - Interface in org.springframework.security.oauth2.core.oidc: A ClaimAccessor for the "Standard Claims" that can be returned either in the UserInfo Response or the ID Token.
StandardClaimNames - Class in org.springframework.security.oauth2.core.oidc: The names of the "Standard Claims" defined by the OpenID Connect Core 1.0 specification that can be returned either in the UserInfo Response or the ID Token.
StandardPasswordEncoder - Class in org.springframework.security.crypto.password: Deprecated.
Digest based password encoding is not considered secure. Instead use an adaptive one way function like BCryptPasswordEncoder, Pbkdf2PasswordEncoder, or SCryptPasswordEncoder. Even better use DelegatingPasswordEncoder which supports password upgrades. There are no plans to remove this support. It is deprecated to indicate that this is a legacy implementation and using it is considered insecure.
StandardPasswordEncoder() - Constructor for class org.springframework.security.crypto.password.StandardPasswordEncoder: Deprecated.

Constructs a standard password encoder with no additional secret value.
StandardPasswordEncoder(CharSequence) - Constructor for class org.springframework.security.crypto.password.StandardPasswordEncoder: Deprecated.

Constructs a standard password encoder with a secret value which is also included in the password hash.
start() - Method in class org.springframework.security.ldap.server.ApacheDSContainer: Deprecated.
start() - Method in class org.springframework.security.ldap.server.UnboundIdContainer
state(String) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest.Builder: Sets the state.
state(String) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse.Builder: Sets the state.
STATE - Static variable in class org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames: state - used in Authorization Request and Authorization Response.
STATELESS - Enum constant in enum class org.springframework.security.config.http.SessionCreationPolicy: Spring Security will never create an HttpSession and it will never use it to obtain the SecurityContext
StaticAllowFromStrategy - Class in org.springframework.security.web.header.writers.frameoptions: Deprecated.
ALLOW-FROM is an obsolete directive that no longer works in modern browsers. Instead use Content-Security-Policy with the frame-ancestors directive.
StaticAllowFromStrategy(URI) - Constructor for class org.springframework.security.web.header.writers.frameoptions.StaticAllowFromStrategy: Deprecated.
StaticHeadersWriter - Class in org.springframework.security.web.header.writers: HeaderWriter implementation which writes the same Header instance.
StaticHeadersWriter(String, String...) - Constructor for class org.springframework.security.web.header.writers.StaticHeadersWriter: Creates a new instance with a single header
StaticHeadersWriter(List<Header>) - Constructor for class org.springframework.security.web.header.writers.StaticHeadersWriter: Creates a new instance
StaticServerHttpHeadersWriter - Class in org.springframework.security.web.server.header: Allows specifying HttpHeaders that should be written to the response.
StaticServerHttpHeadersWriter(HttpHeaders) - Constructor for class org.springframework.security.web.server.header.StaticServerHttpHeadersWriter
StaticServerHttpHeadersWriter.Builder - Class in org.springframework.security.web.server.header
statusError() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse: Returns true if the Authorization Request failed, otherwise false.
statusOk() - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse: Returns true if the Authorization Request succeeded, otherwise false.
stop() - Method in class org.springframework.security.ldap.server.ApacheDSContainer: Deprecated.
stop() - Method in class org.springframework.security.ldap.server.UnboundIdContainer
STORAGE - Enum constant in enum class org.springframework.security.web.header.writers.ClearSiteDataHeaderWriter.Directive
STORAGE - Enum constant in enum class org.springframework.security.web.server.header.ClearSiteDataServerHttpHeadersWriter.Directive
streetAddress(String) - Method in class org.springframework.security.oauth2.core.oidc.DefaultAddressStandardClaim.Builder: Sets the full street address, which may include house number, street name, P.O.
STRICT_ORIGIN - Enum constant in enum class org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter.ReferrerPolicy
STRICT_ORIGIN - Enum constant in enum class org.springframework.security.web.server.header.ReferrerPolicyServerHttpHeadersWriter.ReferrerPolicy
STRICT_ORIGIN_WHEN_CROSS_ORIGIN - Enum constant in enum class org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter.ReferrerPolicy
STRICT_ORIGIN_WHEN_CROSS_ORIGIN - Enum constant in enum class org.springframework.security.web.server.header.ReferrerPolicyServerHttpHeadersWriter.ReferrerPolicy
STRICT_TRANSPORT_SECURITY - Static variable in class org.springframework.security.web.server.header.StrictTransportSecurityServerHttpHeadersWriter
StrictHttpFirewall - Class in org.springframework.security.web.firewall: A strict implementation of HttpFirewall that rejects any suspicious requests with a RequestRejectedException.
StrictHttpFirewall() - Constructor for class org.springframework.security.web.firewall.StrictHttpFirewall
StrictTransportSecurityServerHttpHeadersWriter - Class in org.springframework.security.web.server.header: Writes the Strict-Transport-Security if the request is secure.
StrictTransportSecurityServerHttpHeadersWriter() - Constructor for class org.springframework.security.web.server.header.StrictTransportSecurityServerHttpHeadersWriter
string() - Static method in class org.springframework.security.crypto.keygen.KeyGenerators: Creates a StringKeyGenerator that hex-encodes SecureRandom keys of 8 bytes in length.
StringKeyGenerator - Interface in org.springframework.security.crypto.keygen: A generator for unique string keys.
stronger(CharSequence, CharSequence) - Static method in class org.springframework.security.crypto.encrypt.Encryptors: Creates a standard password-based bytes encryptor using 256 bit AES encryption with Galois Counter Mode (GCM).
SUB - Static variable in class org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimNames: sub - Usually a machine-readable identifier of the resource owner who authorized the token
SUB - Static variable in class org.springframework.security.oauth2.core.oidc.IdTokenClaimNames: sub - the Subject identifier
SUB - Static variable in class org.springframework.security.oauth2.core.oidc.StandardClaimNames: sub - the Subject identifier
SUB - Static variable in class org.springframework.security.oauth2.jwt.JwtClaimNames: sub - the Subject claim identifies the principal that is the subject of the JWT
subArray(byte[], int, int) - Static method in class org.springframework.security.crypto.util.EncodingUtils: Extract a sub array of bytes out of the byte array.
subject(String) - Method in class org.springframework.security.oauth2.core.oidc.OidcIdToken.Builder: Use this subject in the resulting OidcIdToken
subject(String) - Method in class org.springframework.security.oauth2.core.oidc.OidcUserInfo.Builder: Use this subject in the resulting OidcUserInfo
subject(String) - Method in class org.springframework.security.oauth2.jwt.Jwt.Builder: Use this subject in the resulting Jwt
subject(String) - Method in class org.springframework.security.oauth2.jwt.JwtClaimsSet.Builder: Sets the subject (sub) claim, which identifies the principal that is the subject of the JWT.
SUBJECT_NOT_FOUND - Static variable in class org.springframework.security.saml2.core.Saml2ErrorCodes: The assertion did not contain a subject element.
SubjectDnX509PrincipalExtractor - Class in org.springframework.security.web.authentication.preauth.x509: Obtains the principal from a certificate using a regular expression match against the Subject (as returned by a call to X509Certificate.getSubjectDN()).
SubjectDnX509PrincipalExtractor() - Constructor for class org.springframework.security.web.authentication.preauth.x509.SubjectDnX509PrincipalExtractor
subjectPrincipalRegex(String) - Method in class org.springframework.security.config.annotation.web.configurers.X509Configurer: Specifies the regex to extract the principal from the certificate.
submit(Runnable) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
submit(Runnable) - Method in class org.springframework.security.task.DelegatingSecurityContextAsyncTaskExecutor
submit(Runnable, T) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
submit(Callable<T>) - Method in class org.springframework.security.concurrent.DelegatingSecurityContextExecutorService
submit(Callable<T>) - Method in class org.springframework.security.task.DelegatingSecurityContextAsyncTaskExecutor
success() - Static method in class org.springframework.security.oauth2.core.OAuth2TokenValidatorResult: Construct a successful OAuth2TokenValidatorResult
success() - Static method in class org.springframework.security.saml2.core.Saml2ResponseValidatorResult: Construct a successful Saml2ResponseValidatorResult
success() - Static method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutValidatorResult: Construct a successful Saml2LogoutValidatorResult
success(String) - Static method in class org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse: Returns a new OAuth2AuthorizationResponse.Builder, initialized with the authorization code.
successForwardUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.FormLoginConfigurer: Forward Authentication Success Handler
successfulAuthentication(HttpServletRequest, HttpServletResponse, FilterChain, Authentication) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter: Default behaviour for successful authentication.
successfulAuthentication(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter: Puts the Authentication instance returned by the authentication manager into the secure context.
successHandler(AuthenticationSuccessHandler) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer: Specifies the AuthenticationSuccessHandler to be used.
SupplierJwtDecoder - Class in org.springframework.security.oauth2.jwt: A JwtDecoder that lazily initializes another JwtDecoder
SupplierJwtDecoder(Supplier<JwtDecoder>) - Constructor for class org.springframework.security.oauth2.jwt.SupplierJwtDecoder
SupplierReactiveJwtDecoder - Class in org.springframework.security.oauth2.jwt: A ReactiveJwtDecoder that lazily initializes another ReactiveJwtDecoder
SupplierReactiveJwtDecoder(Supplier<ReactiveJwtDecoder>) - Constructor for class org.springframework.security.oauth2.jwt.SupplierReactiveJwtDecoder
supports(Class<?>) - Method in interface org.springframework.security.access.AccessDecisionManager: Deprecated.

Indicates whether the AccessDecisionManager implementation is able to provide access control decisions for the indicated secured object type.
supports(Class<?>) - Method in interface org.springframework.security.access.AccessDecisionVoter: Deprecated.

Indicates whether the AccessDecisionVoter implementation is able to provide access control votes for the indicated secured object type.
supports(Class<?>) - Method in interface org.springframework.security.access.AfterInvocationProvider: Deprecated.

Indicates whether the AfterInvocationProvider is able to provide "after invocation" processing for the indicated secured object type.
supports(Class<?>) - Method in class org.springframework.security.access.annotation.Jsr250Voter: Deprecated.

All classes are supported.
supports(Class<?>) - Method in interface org.springframework.security.access.intercept.AfterInvocationManager: Deprecated.

Indicates whether the AfterInvocationManager implementation is able to provide access control decisions for the indicated secured object type.
supports(Class<?>) - Method in class org.springframework.security.access.intercept.AfterInvocationProviderManager: Deprecated.

Iterates through all AfterInvocationProviders and ensures each can support the presented class.
supports(Class<?>) - Method in class org.springframework.security.access.intercept.RunAsImplAuthenticationProvider: Deprecated.
supports(Class<?>) - Method in interface org.springframework.security.access.intercept.RunAsManager: Deprecated.

Indicates whether the RunAsManager implementation is able to provide run-as replacement for the indicated secure object type.
supports(Class<?>) - Method in class org.springframework.security.access.intercept.RunAsManagerImpl: Deprecated.

This implementation supports any type of class, because it does not query the presented secure object.
supports(Class<?>) - Method in class org.springframework.security.access.method.AbstractMethodSecurityMetadataSource: Deprecated.
supports(Class<?>) - Method in class org.springframework.security.access.prepost.PostInvocationAdviceProvider: Deprecated.
supports(Class<?>) - Method in class org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter: Deprecated.
supports(Class<?>) - Method in interface org.springframework.security.access.SecurityMetadataSource: Indicates whether the SecurityMetadataSource implementation is able to provide ConfigAttributes for the indicated secure object type.
supports(Class<?>) - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager: Deprecated.

Iterates through all AccessDecisionVoters and ensures each can support the presented class.
supports(Class<?>) - Method in class org.springframework.security.access.vote.AbstractAclVoter: Deprecated.

This implementation supports only MethodSecurityInterceptor, because it queries the presented MethodInvocation.
supports(Class<?>) - Method in class org.springframework.security.access.vote.AuthenticatedVoter: Deprecated.

This implementation supports any type of class, because it does not query the presented secure object.
supports(Class<?>) - Method in class org.springframework.security.access.vote.RoleVoter: Deprecated.

This implementation supports any type of class, because it does not query the presented secure object.
supports(Class<?>) - Method in class org.springframework.security.acls.afterinvocation.AbstractAclProvider: This implementation supports any type of class, because it does not query the presented secure object.
supports(Class<?>) - Method in class org.springframework.security.authentication.AnonymousAuthenticationProvider
supports(Class<?>) - Method in interface org.springframework.security.authentication.AuthenticationProvider: Returns true if this AuthenticationProvider supports the indicated Authentication object.
supports(Class<?>) - Method in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
supports(Class<?>) - Method in class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
supports(Class<?>) - Method in class org.springframework.security.authentication.RememberMeAuthenticationProvider
supports(Class<?>) - Method in class org.springframework.security.authentication.TestingAuthenticationProvider
supports(Class<?>) - Method in class org.springframework.security.config.authentication.AuthenticationManagerBeanDefinitionParser.NullAuthenticationProvider
supports(Class<?>) - Method in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
supports(Class<?>) - Method in class org.springframework.security.messaging.access.expression.MessageExpressionVoter: Deprecated.
supports(Class<?>) - Method in class org.springframework.security.messaging.access.intercept.DefaultMessageSecurityMetadataSource: Deprecated.
supports(Class<?>) - Method in class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationProvider
supports(Class<?>) - Method in class org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationProvider
supports(Class<?>) - Method in class org.springframework.security.oauth2.client.oidc.authentication.OidcAuthorizationCodeAuthenticationProvider
supports(Class<?>) - Method in class org.springframework.security.oauth2.core.http.converter.OAuth2AccessTokenResponseHttpMessageConverter
supports(Class<?>) - Method in class org.springframework.security.oauth2.core.http.converter.OAuth2ErrorHttpMessageConverter
supports(Class<?>) - Method in class org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationProvider
supports(Class<?>) - Method in class org.springframework.security.oauth2.server.resource.authentication.OpaqueTokenAuthenticationProvider
supports(Class<?>) - Method in class org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationProvider
supports(Class<?>) - Method in class org.springframework.security.web.access.expression.WebExpressionVoter: Deprecated.
supports(Class<?>) - Method in class org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource
supports(Class<?>) - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider: Indicate that this provider only supports PreAuthenticatedAuthenticationToken (sub)classes.
supports(ConfigAttribute) - Method in interface org.springframework.security.access.AccessDecisionManager: Deprecated.

Indicates whether this AccessDecisionManager is able to process authorization requests presented with the passed ConfigAttribute.
supports(ConfigAttribute) - Method in interface org.springframework.security.access.AccessDecisionVoter: Deprecated.

Indicates whether this AccessDecisionVoter is able to vote on the passed ConfigAttribute.
supports(ConfigAttribute) - Method in interface org.springframework.security.access.AfterInvocationProvider: Deprecated.

Indicates whether this AfterInvocationProvider is able to participate in a decision involving the passed ConfigAttribute.
supports(ConfigAttribute) - Method in class org.springframework.security.access.annotation.Jsr250Voter: Deprecated.

The specified config attribute is supported if its an instance of a Jsr250SecurityConfig.
supports(ConfigAttribute) - Method in interface org.springframework.security.access.intercept.AfterInvocationManager: Deprecated.

Indicates whether this AfterInvocationManager is able to process "after invocation" requests presented with the passed ConfigAttribute.
supports(ConfigAttribute) - Method in class org.springframework.security.access.intercept.AfterInvocationProviderManager: Deprecated.
supports(ConfigAttribute) - Method in interface org.springframework.security.access.intercept.RunAsManager: Deprecated.

Indicates whether this RunAsManager is able to process the passed ConfigAttribute.
supports(ConfigAttribute) - Method in class org.springframework.security.access.intercept.RunAsManagerImpl: Deprecated.
supports(ConfigAttribute) - Method in class org.springframework.security.access.prepost.PostInvocationAdviceProvider: Deprecated.
supports(ConfigAttribute) - Method in class org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter: Deprecated.
supports(ConfigAttribute) - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager: Deprecated.
supports(ConfigAttribute) - Method in class org.springframework.security.access.vote.AuthenticatedVoter: Deprecated.
supports(ConfigAttribute) - Method in class org.springframework.security.access.vote.RoleVoter: Deprecated.
supports(ConfigAttribute) - Method in class org.springframework.security.acls.AclEntryVoter
supports(ConfigAttribute) - Method in class org.springframework.security.acls.afterinvocation.AbstractAclProvider
supports(ConfigAttribute) - Method in class org.springframework.security.messaging.access.expression.MessageExpressionVoter: Deprecated.
supports(ConfigAttribute) - Method in interface org.springframework.security.web.access.channel.ChannelDecisionManager: Indicates whether this ChannelDecisionManager is able to process the passed ConfigAttribute.
supports(ConfigAttribute) - Method in class org.springframework.security.web.access.channel.ChannelDecisionManagerImpl
supports(ConfigAttribute) - Method in interface org.springframework.security.web.access.channel.ChannelProcessor: Indicates whether this ChannelProcessor is able to process the passed ConfigAttribute.
supports(ConfigAttribute) - Method in class org.springframework.security.web.access.channel.InsecureChannelProcessor
supports(ConfigAttribute) - Method in class org.springframework.security.web.access.channel.SecureChannelProcessor
supports(ConfigAttribute) - Method in class org.springframework.security.web.access.expression.WebExpressionVoter: Deprecated.
supportsContext(Observation.Context) - Method in class org.springframework.security.authentication.AuthenticationObservationConvention
supportsContext(Observation.Context) - Method in class org.springframework.security.authorization.AuthorizationObservationConvention
supportsParameter(MethodParameter) - Method in class org.springframework.security.messaging.context.AuthenticationPrincipalArgumentResolver
supportsParameter(MethodParameter) - Method in class org.springframework.security.messaging.handler.invocation.reactive.AuthenticationPrincipalArgumentResolver
supportsParameter(MethodParameter) - Method in class org.springframework.security.messaging.handler.invocation.reactive.CurrentSecurityContextArgumentResolver
supportsParameter(MethodParameter) - Method in class org.springframework.security.oauth2.client.web.method.annotation.OAuth2AuthorizedClientArgumentResolver
supportsParameter(MethodParameter) - Method in class org.springframework.security.oauth2.client.web.reactive.result.method.annotation.OAuth2AuthorizedClientArgumentResolver
supportsParameter(MethodParameter) - Method in class org.springframework.security.web.bind.support.AuthenticationPrincipalArgumentResolver: Deprecated.
supportsParameter(MethodParameter) - Method in class org.springframework.security.web.method.annotation.AuthenticationPrincipalArgumentResolver
supportsParameter(MethodParameter) - Method in class org.springframework.security.web.method.annotation.CsrfTokenArgumentResolver
supportsParameter(MethodParameter) - Method in class org.springframework.security.web.method.annotation.CurrentSecurityContextArgumentResolver
supportsParameter(MethodParameter) - Method in class org.springframework.security.web.reactive.result.method.annotation.AuthenticationPrincipalArgumentResolver
supportsParameter(MethodParameter) - Method in class org.springframework.security.web.reactive.result.method.annotation.CurrentSecurityContextArgumentResolver
switchUser(WebFilterExchange) - Method in class org.springframework.security.web.server.authentication.SwitchUserWebFilter: Attempt to switch to another user.
SwitchUserAuthorityChanger - Interface in org.springframework.security.web.authentication.switchuser: Allows subclasses to modify the GrantedAuthority list that will be assigned to the principal when they assume the identity of a different principal.
SwitchUserFilter - Class in org.springframework.security.web.authentication.switchuser: Switch User processing filter responsible for user context switching.
SwitchUserFilter() - Constructor for class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
SwitchUserGrantedAuthority - Class in org.springframework.security.web.authentication.switchuser: Custom GrantedAuthority used by SwitchUserFilter
SwitchUserGrantedAuthority(String, Authentication) - Constructor for class org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority
SwitchUserWebFilter - Class in org.springframework.security.web.server.authentication: Switch User processing filter responsible for user context switching.
SwitchUserWebFilter(ReactiveUserDetailsService, String, String) - Constructor for class org.springframework.security.web.server.authentication.SwitchUserWebFilter: Creates a filter for the user context switching
SwitchUserWebFilter(ReactiveUserDetailsService, ServerAuthenticationSuccessHandler, ServerAuthenticationFailureHandler) - Constructor for class org.springframework.security.web.server.authentication.SwitchUserWebFilter: Creates a filter for the user context switching
SYSTEM_PROPERTY - Static variable in class org.springframework.security.core.context.SecurityContextHolder

T

TagLibConfig - Class in org.springframework.security.taglibs: internal configuration class for taglibs.
TEMPORARILY_UNAVAILABLE - Static variable in class org.springframework.security.oauth2.core.OAuth2ErrorCodes: temporarily_unavailable - The authorization server is currently unable to handle the request due to a temporary overloading or maintenance of the server.
TEST_EXECUTION - Enum constant in enum class org.springframework.security.test.context.support.TestExecutionEvent: Associated to TestExecutionListener.beforeTestExecution(TestContext) event.
TEST_METHOD - Enum constant in enum class org.springframework.security.test.context.support.TestExecutionEvent: Associated to TestExecutionListener.beforeTestMethod(TestContext) event.
TestExecutionEvent - Enum Class in org.springframework.security.test.context.support: Represents the events on the methods of TestExecutionListener
TestingAuthenticationProvider - Class in org.springframework.security.authentication: An AuthenticationProvider implementation for the TestingAuthenticationToken.
TestingAuthenticationProvider() - Constructor for class org.springframework.security.authentication.TestingAuthenticationProvider
TestingAuthenticationToken - Class in org.springframework.security.authentication: An Authentication implementation that is designed for use whilst unit testing.
TestingAuthenticationToken(Object, Object) - Constructor for class org.springframework.security.authentication.TestingAuthenticationToken
TestingAuthenticationToken(Object, Object, String...) - Constructor for class org.springframework.security.authentication.TestingAuthenticationToken
TestingAuthenticationToken(Object, Object, List<GrantedAuthority>) - Constructor for class org.springframework.security.authentication.TestingAuthenticationToken
testSecurityContext() - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors: Creates a RequestPostProcessor that can be used to ensure that the resulting request is ran with the user in the TestSecurityContextHolder.
TestSecurityContextHolder - Class in org.springframework.security.test.context: The TestSecurityContextHolder is very similar to SecurityContextHolder, but is necessary for testing.
TestSecurityContextHolderStrategyAdapter - Class in org.springframework.security.test.context
TestSecurityContextHolderStrategyAdapter() - Constructor for class org.springframework.security.test.context.TestSecurityContextHolderStrategyAdapter
text(CharSequence, CharSequence) - Static method in class org.springframework.security.crypto.encrypt.Encryptors: Creates a text encryptor that uses "standard" password-based encryption.
TextEncryptor - Interface in org.springframework.security.crypto.encrypt: Service interface for symmetric encryption of text strings.
TextEscapeUtils - Class in org.springframework.security.web.util: Internal utility for escaping characters in HTML strings.
TextEscapeUtils() - Constructor for class org.springframework.security.web.util.TextEscapeUtils
THIRTY_TWO_RESERVED_OFF - Static variable in interface org.springframework.security.acls.model.Permission
ThrowableAnalyzer - Class in org.springframework.security.web.util: Handler for analyzing Throwable instances.
ThrowableAnalyzer() - Constructor for class org.springframework.security.web.util.ThrowableAnalyzer: Creates a new ThrowableAnalyzer instance.
ThrowableCauseExtractor - Interface in org.springframework.security.web.util: Interface for handlers extracting the cause out of a specific Throwable type.
Token - Interface in org.springframework.security.core.token: A token issued by TokenService.
TOKEN - Static variable in class org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames: token - used in Token Revocation Request.
TOKEN_TYPE - Static variable in class org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames: token_type - used in Authorization Response and Access Token Response.
TOKEN_TYPE - Static variable in class org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimNames: token_type - The type of the token, for example bearer.
TOKEN_TYPE_HINT - Static variable in class org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames: token_type_hint - used in Token Revocation Request.
TokenBasedRememberMeServices - Class in org.springframework.security.web.authentication.rememberme: Identifies previously remembered users by a Base-64 encoded cookie.
TokenBasedRememberMeServices(String, UserDetailsService) - Constructor for class org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices
TokenBasedRememberMeServices(String, UserDetailsService, TokenBasedRememberMeServices.RememberMeTokenAlgorithm) - Constructor for class org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices: Construct the instance with the parameters provided
TokenBasedRememberMeServices.RememberMeTokenAlgorithm - Enum Class in org.springframework.security.web.authentication.rememberme
tokenEndpoint() - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer: Returns the OAuth2LoginConfigurer>.TokenEndpointConfig for configuring the Authorization Server's Token Endpoint.
tokenEndpoint(Customizer<OAuth2LoginConfigurer.TokenEndpointConfig>) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer: Configures the Authorization Server's Token Endpoint.
tokenRepository(PersistentTokenRepository) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer: Specifies the PersistentTokenRepository to use.
TokenService - Interface in org.springframework.security.core.token: Provides a mechanism to allocate and rebuild secure, randomised tokens.
tokenType(OAuth2AccessToken.TokenType) - Method in class org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse.Builder: Sets the token type.
tokenUri(String) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder: Sets the uri for the token endpoint.
tokenValiditySeconds(int) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer: Allows specifying how long (in seconds) a token is valid for
tokenValue(String) - Method in class org.springframework.security.oauth2.core.oidc.OidcIdToken.Builder: Use this token value in the resulting OidcIdToken
tokenValue(String) - Method in class org.springframework.security.oauth2.jwt.Jwt.Builder: Use this token value in the resulting Jwt
toString() - Method in class org.springframework.security.access.intercept.RunAsUserToken: Deprecated.
toString() - Method in class org.springframework.security.access.SecurityConfig
toString() - Method in class org.springframework.security.access.vote.AbstractAccessDecisionManager: Deprecated.
toString() - Method in class org.springframework.security.acls.domain.AbstractPermission
toString() - Method in class org.springframework.security.acls.domain.AccessControlEntryImpl
toString() - Method in class org.springframework.security.acls.domain.AclImpl
toString() - Method in class org.springframework.security.acls.domain.GrantedAuthoritySid
toString() - Method in class org.springframework.security.acls.domain.ObjectIdentityImpl
toString() - Method in class org.springframework.security.acls.domain.PrincipalSid
toString() - Method in class org.springframework.security.authentication.AbstractAuthenticationToken
toString() - Method in class org.springframework.security.authentication.jaas.JaasGrantedAuthority
toString() - Method in class org.springframework.security.authorization.AuthorityAuthorizationDecision
toString() - Method in class org.springframework.security.authorization.AuthorityAuthorizationManager
toString() - Method in class org.springframework.security.authorization.AuthorizationDecision
toString() - Method in class org.springframework.security.authorization.ExpressionAuthorizationDecision
toString() - Method in class org.springframework.security.authorization.method.ExpressionAttributeAuthorizationDecision: Deprecated.
toString() - Method in class org.springframework.security.authorization.method.MethodExpressionAuthorizationManager
toString() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextCallable
toString() - Method in class org.springframework.security.concurrent.DelegatingSecurityContextRunnable
toString() - Method in class org.springframework.security.core.authority.SimpleGrantedAuthority
toString() - Method in class org.springframework.security.core.context.SecurityContextHolder
toString() - Method in class org.springframework.security.core.context.SecurityContextImpl
toString() - Method in class org.springframework.security.core.token.DefaultToken
toString() - Method in class org.springframework.security.core.userdetails.User
toString() - Method in enum class org.springframework.security.crypto.encrypt.AesBytesEncryptor.CipherAlgorithm
toString() - Method in class org.springframework.security.ldap.ppolicy.PasswordPolicyResponseControl: Create a textual representation containing error and warning messages, if any are present.
toString() - Method in class org.springframework.security.ldap.search.FilterBasedLdapUserSearch
toString() - Method in class org.springframework.security.ldap.userdetails.LdapAuthority
toString() - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsImpl
toString() - Method in class org.springframework.security.messaging.util.matcher.AbstractMessageMatcherComposite
toString() - Method in class org.springframework.security.messaging.util.matcher.SimpDestinationMessageMatcher
toString() - Method in class org.springframework.security.messaging.util.matcher.SimpMessageTypeMatcher
toString() - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration
toString() - Method in class org.springframework.security.oauth2.core.OAuth2Error
toString() - Method in class org.springframework.security.oauth2.core.user.DefaultOAuth2User
toString() - Method in class org.springframework.security.oauth2.core.user.OAuth2UserAuthority
toString() - Method in class org.springframework.security.saml2.core.Saml2Error
toString() - Method in exception org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationException
toString() - Method in class org.springframework.security.util.SimpleMethodInvocation
toString() - Method in class org.springframework.security.web.access.expression.WebExpressionAuthorizationManager
toString() - Method in class org.springframework.security.web.access.intercept.RequestKey
toString() - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails
toString() - Method in class org.springframework.security.web.authentication.session.CompositeSessionAuthenticationStrategy
toString() - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority
toString() - Method in class org.springframework.security.web.authentication.WebAuthenticationDetails
toString() - Method in class org.springframework.security.web.DefaultSecurityFilterChain
toString() - Method in class org.springframework.security.web.FilterChainProxy
toString() - Method in class org.springframework.security.web.FilterInvocation
toString() - Method in class org.springframework.security.web.firewall.FirewalledRequest
toString() - Method in class org.springframework.security.web.header.Header
toString() - Method in class org.springframework.security.web.header.writers.ClearSiteDataHeaderWriter
toString() - Method in class org.springframework.security.web.header.writers.ContentSecurityPolicyHeaderWriter
toString() - Method in class org.springframework.security.web.header.writers.DelegatingRequestMatcherHeaderWriter
toString() - Method in class org.springframework.security.web.header.writers.FeaturePolicyHeaderWriter
toString() - Method in class org.springframework.security.web.header.writers.PermissionsPolicyHeaderWriter
toString() - Method in class org.springframework.security.web.header.writers.StaticHeadersWriter
toString() - Method in enum class org.springframework.security.web.header.writers.XXssProtectionHeaderWriter.HeaderValue
toString() - Method in class org.springframework.security.web.header.writers.XXssProtectionHeaderWriter
toString() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
toString() - Method in enum class org.springframework.security.web.server.header.XXssProtectionServerHttpHeadersWriter.HeaderValue
toString() - Method in class org.springframework.security.web.server.util.matcher.AndServerWebExchangeMatcher
toString() - Method in class org.springframework.security.web.server.util.matcher.IpAddressServerWebExchangeMatcher
toString() - Method in class org.springframework.security.web.server.util.matcher.MediaTypeServerWebExchangeMatcher
toString() - Method in class org.springframework.security.web.server.util.matcher.NegatedServerWebExchangeMatcher
toString() - Method in class org.springframework.security.web.server.util.matcher.OrServerWebExchangeMatcher
toString() - Method in class org.springframework.security.web.server.util.matcher.PathPatternParserServerWebExchangeMatcher
toString() - Method in class org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher
toString() - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestWrapper
toString() - Method in class org.springframework.security.web.util.matcher.AndRequestMatcher
toString() - Method in class org.springframework.security.web.util.matcher.AntPathRequestMatcher
toString() - Method in class org.springframework.security.web.util.matcher.AnyRequestMatcher
toString() - Method in class org.springframework.security.web.util.matcher.DispatcherTypeRequestMatcher
toString() - Method in class org.springframework.security.web.util.matcher.ELRequestMatcher
toString() - Method in class org.springframework.security.web.util.matcher.MediaTypeRequestMatcher
toString() - Method in class org.springframework.security.web.util.matcher.NegatedRequestMatcher
toString() - Method in class org.springframework.security.web.util.matcher.OrRequestMatcher
toString() - Method in class org.springframework.security.web.util.matcher.RegexRequestMatcher
toString() - Method in class org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher
Transient - Annotation Interface in org.springframework.security.core: A marker for Authentications that should never be stored across requests, for example a bearer token authentication
TransientSecurityContext - Class in org.springframework.security.core.context: A SecurityContext that is annotated with @Transient and thus should never be stored across requests.
TransientSecurityContext() - Constructor for class org.springframework.security.core.context.TransientSecurityContext
TransientSecurityContext(Authentication) - Constructor for class org.springframework.security.core.context.TransientSecurityContext
TWO_WEEKS_S - Static variable in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
TYP - Static variable in class org.springframework.security.oauth2.jwt.JoseHeaderNames: typ - the type header is used by JWS/JWE applications to declare the media type of a JWS/JWE
type(String) - Method in class org.springframework.security.oauth2.jwt.JwsHeader.Builder: Sets the type header that declares the media type of the JWS/JWE.

U

UnanimousBased - Class in org.springframework.security.access.vote: Deprecated.
Use AuthorizationManager instead
UnanimousBased(List<AccessDecisionVoter<?>>) - Constructor for class org.springframework.security.access.vote.UnanimousBased: Deprecated.
unauthenticated() - Static method in class org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers: ResultMatcher that verifies that no user is authenticated.
unauthenticated(Object, Object) - Static method in class org.springframework.security.authentication.UsernamePasswordAuthenticationToken: This factory method can be safely used by any code that wishes to create a unauthenticated UsernamePasswordAuthenticationToken.
UNAUTHORIZED_CLIENT - Static variable in class org.springframework.security.oauth2.core.OAuth2ErrorCodes: unauthorized_client - The client is not authorized to request an authorization code or access token using this method.
UnboundIdContainer - Class in org.springframework.security.ldap.server
UnboundIdContainer(String, String) - Constructor for class org.springframework.security.ldap.server.UnboundIdContainer
UNKNOWN_RESPONSE_CLASS - Static variable in class org.springframework.security.saml2.core.Saml2ErrorCodes: SAML Data does not represent a SAML 2 Response object.
UnloadedSidException - Exception in org.springframework.security.acls.model: Thrown if an Acl cannot perform an operation because it only loaded a subset of Sids and the caller has requested details for an unloaded Sid .
UnloadedSidException(String) - Constructor for exception org.springframework.security.acls.model.UnloadedSidException: Constructs an NotFoundException with the specified message.
UnloadedSidException(String, Throwable) - Constructor for exception org.springframework.security.acls.model.UnloadedSidException: Constructs an NotFoundException with the specified message and root cause.
UNSAFE_NONE - Enum constant in enum class org.springframework.security.web.header.writers.CrossOriginEmbedderPolicyHeaderWriter.CrossOriginEmbedderPolicy
UNSAFE_NONE - Enum constant in enum class org.springframework.security.web.header.writers.CrossOriginOpenerPolicyHeaderWriter.CrossOriginOpenerPolicy
UNSAFE_NONE - Enum constant in enum class org.springframework.security.web.server.header.CrossOriginEmbedderPolicyServerHttpHeadersWriter.CrossOriginEmbedderPolicy
UNSAFE_NONE - Enum constant in enum class org.springframework.security.web.server.header.CrossOriginOpenerPolicyServerHttpHeadersWriter.CrossOriginOpenerPolicy
UNSAFE_URL - Enum constant in enum class org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter.ReferrerPolicy
UNSAFE_URL - Enum constant in enum class org.springframework.security.web.server.header.ReferrerPolicyServerHttpHeadersWriter.ReferrerPolicy
unsuccessfulAuthentication(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter: Default behaviour for unsuccessful authentication.
unsuccessfulAuthentication(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter: Ensures the authentication object in the secure context is set to null when authentication fails.
UNSUPPORTED_GRANT_TYPE - Static variable in class org.springframework.security.oauth2.core.OAuth2ErrorCodes: unsupported_grant_type - The authorization grant type is not supported by the authorization server.
UNSUPPORTED_RESPONSE_TYPE - Static variable in class org.springframework.security.oauth2.core.OAuth2ErrorCodes: unsupported_response_type - The authorization server does not support obtaining an authorization code or access token using this method.
UNSUPPORTED_TOKEN_TYPE - Static variable in class org.springframework.security.oauth2.core.OAuth2ErrorCodes: unsupported_token_type - The authorization server does not support the revocation of the presented token type.
updateAccessDefaults(B) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer: Updates the default values for access.
updateAce(int, Permission) - Method in class org.springframework.security.acls.domain.AclImpl
updateAce(int, Permission) - Method in interface org.springframework.security.acls.model.MutableAcl
updateAcl(MutableAcl) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService: This implementation will simply delete all ACEs in the database and recreate them on each invocation of this method.
updateAcl(MutableAcl) - Method in interface org.springframework.security.acls.model.MutableAclService: Changes an existing Acl in the database.
updateAuditing(int, boolean, boolean) - Method in class org.springframework.security.acls.domain.AclImpl
updateAuditing(int, boolean, boolean) - Method in interface org.springframework.security.acls.model.AuditableAcl
updateAuthenticationDefaults() - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer: Updates the default values for authentication.
UPDATED_AT - Static variable in class org.springframework.security.oauth2.core.oidc.StandardClaimNames: updated_at - the time the user's information was last updated
updatedAt(String) - Method in class org.springframework.security.oauth2.core.oidc.OidcUserInfo.Builder: Use this updated-at Instant in the resulting OidcUserInfo
updateObjectIdentity(MutableAcl) - Method in class org.springframework.security.acls.jdbc.JdbcMutableAclService: Updates an existing acl_object_identity row, with new information presented in the passed MutableAcl object.
updatePassword(UserDetails, String) - Method in class org.springframework.security.core.userdetails.MapReactiveUserDetailsService
updatePassword(UserDetails, String) - Method in interface org.springframework.security.core.userdetails.ReactiveUserDetailsPasswordService: Modify the specified user's password.
updatePassword(UserDetails, String) - Method in interface org.springframework.security.core.userdetails.UserDetailsPasswordService: Modify the specified user's password.
updatePassword(UserDetails, String) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
updateToken(String, String, Date) - Method in class org.springframework.security.web.authentication.rememberme.InMemoryTokenRepositoryImpl
updateToken(String, String, Date) - Method in class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl
updateToken(String, String, Date) - Method in interface org.springframework.security.web.authentication.rememberme.PersistentTokenRepository
updateUser(UserDetails) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
updateUser(UserDetails) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
updateUser(UserDetails) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
updateUser(UserDetails) - Method in interface org.springframework.security.provisioning.UserDetailsManager: Update the specified user.
upgradeEncoding(String) - Method in class org.springframework.security.crypto.argon2.Argon2PasswordEncoder
upgradeEncoding(String) - Method in class org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
upgradeEncoding(String) - Method in class org.springframework.security.crypto.password.DelegatingPasswordEncoder
upgradeEncoding(String) - Method in interface org.springframework.security.crypto.password.PasswordEncoder: Returns true if the encoded password should be encoded again for better security, else false.
upgradeEncoding(String) - Method in class org.springframework.security.crypto.scrypt.SCryptPasswordEncoder
url(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.ContextSourceBuilder: Specifies the ldap server URL when not using the embedded LDAP server.
URL_SAFE - Static variable in class org.springframework.security.crypto.codec.Base64: Deprecated.

Encode using Base64-like encoding that is URL- and Filename-safe as described in Section 4 of RFC3548: https://tools.ietf.org/html/rfc3548.
UrlAuthorizationConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers: Deprecated.
Use AuthorizeHttpRequestsConfigurer instead
UrlAuthorizationConfigurer(ApplicationContext) - Constructor for class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer: Deprecated.
UrlAuthorizationConfigurer.AuthorizedUrl - Class in org.springframework.security.config.annotation.web.configurers: Deprecated.

Maps the specified RequestMatcher instances to ConfigAttribute instances.
UrlAuthorizationConfigurer.StandardInterceptUrlRegistry - Class in org.springframework.security.config.annotation.web.configurers: Deprecated.
UrlUtils - Class in org.springframework.security.web.util: Provides static methods for composing URLs.
useAuthorizationManager() - Element in annotation interface org.springframework.security.config.annotation.method.configuration.EnableReactiveMethodSecurity: Indicate whether ReactiveAuthorizationManager based Method Security to be used.
useInvalidToken() - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.CsrfRequestPostProcessor: Populates an invalid token value on the request.
user(String) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.FormLoginRequestBuilder: The value of the username parameter.
user(String) - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors: Establish a SecurityContext that has a UsernamePasswordAuthenticationToken for the Authentication.getPrincipal() and a User for the UsernamePasswordAuthenticationToken.getPrincipal().
user(String, String) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.FormLoginRequestBuilder: Specify both the password parameter name and the password.
user(UserDetails) - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors: Establish a SecurityContext that has a UsernamePasswordAuthenticationToken for the Authentication.getPrincipal() and a custom UserDetails for the UsernamePasswordAuthenticationToken.getPrincipal().
User - Class in org.springframework.security.core.userdetails: Models core user information retrieved by a UserDetailsService.
User(String, String, boolean, boolean, boolean, boolean, Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.core.userdetails.User: Construct the User with the details required by DaoAuthenticationProvider.
User(String, String, Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.core.userdetails.User: Calls the more complex constructor with all boolean arguments set to true.
USER_DETAILS_SERVICE - Static variable in class org.springframework.security.config.BeanIds
USER_DETAILS_SERVICE_FACTORY - Static variable in class org.springframework.security.config.BeanIds
USER_SERVICE - Static variable in class org.springframework.security.config.Elements
User.UserBuilder - Class in org.springframework.security.core.userdetails: Builds the user to be added.
UserAttribute - Class in org.springframework.security.core.userdetails.memory: Used by InMemoryUserDetailsManager to temporarily store the attributes associated with a user.
UserAttribute() - Constructor for class org.springframework.security.core.userdetails.memory.UserAttribute
UserAttributeEditor - Class in org.springframework.security.core.userdetails.memory: Property editor that creates a UserAttribute from a comma separated list of values.
UserAttributeEditor() - Constructor for class org.springframework.security.core.userdetails.memory.UserAttributeEditor
userAuthoritiesMapper(GrantedAuthoritiesMapper) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer.UserInfoEndpointConfig: Sets the GrantedAuthoritiesMapper used for mapping OAuth2AuthenticatedPrincipal.getAuthorities().
userCache(UserCache) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer: Defines the UserCache to use
UserCache - Interface in org.springframework.security.core.userdetails: Provides a cache of UserDetails objects.
UserDetails - Interface in org.springframework.security.core.userdetails: Provides core user information.
UserDetailsAwareConfigurer,U extends UserDetailsService> - Class in org.springframework.security.config.annotation.authentication.configurers.userdetails: Base class that allows access to the UserDetailsService for using as a default value with AuthenticationManagerBuilder.
UserDetailsAwareConfigurer() - Constructor for class org.springframework.security.config.annotation.authentication.configurers.userdetails.UserDetailsAwareConfigurer
UserDetailsByNameServiceWrapper<T extends Authentication> - Class in org.springframework.security.core.userdetails: This implementation for AuthenticationUserDetailsService wraps a regular Spring Security UserDetailsService implementation, to retrieve a UserDetails object based on the user name contained in an Authentication object.
UserDetailsByNameServiceWrapper() - Constructor for class org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper: Constructs an empty wrapper for compatibility with Spring Security 2.0.x's method of using a setter.
UserDetailsByNameServiceWrapper(UserDetailsService) - Constructor for class org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper: Constructs a new wrapper using the supplied UserDetailsService as the service to delegate to.
UserDetailsChecker - Interface in org.springframework.security.core.userdetails: Called by classes which make use of a UserDetailsService to check the status of the loaded UserDetails object.
userDetailsContextMapper - Variable in class org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
userDetailsContextMapper(UserDetailsContextMapper) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer: Allows explicit customization of the loaded user object by specifying a UserDetailsContextMapper bean which will be called with the context information from the user's directory entry.
UserDetailsContextMapper - Interface in org.springframework.security.ldap.userdetails: Operations to map a UserDetails object to and from a Spring LDAP DirContextOperations implementation.
UserDetailsManager - Interface in org.springframework.security.provisioning: An extension of the UserDetailsService which provides the ability to create new users and update existing ones.
UserDetailsManagerConfigurer,C extends UserDetailsManagerConfigurer<B,C>> - Class in org.springframework.security.config.annotation.authentication.configurers.provisioning: Base class for populating an AuthenticationManagerBuilder with a UserDetailsManager.
UserDetailsManagerConfigurer(UserDetailsManager) - Constructor for class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer
UserDetailsManagerConfigurer.UserDetailsBuilder - Class in org.springframework.security.config.annotation.authentication.configurers.provisioning: Builds the user to be added.
UserDetailsManagerResourceFactoryBean - Class in org.springframework.security.config.provisioning: Constructs an InMemoryUserDetailsManager from a resource using UserDetailsResourceFactoryBean.
UserDetailsManagerResourceFactoryBean() - Constructor for class org.springframework.security.config.provisioning.UserDetailsManagerResourceFactoryBean
UserDetailsMapFactoryBean - Class in org.springframework.security.config.core.userdetails: Creates a Collection<UserDetails> from a @{code Map} in the format of
UserDetailsMapFactoryBean(Map<String, String>) - Constructor for class org.springframework.security.config.core.userdetails.UserDetailsMapFactoryBean
userDetailsPasswordManager(UserDetailsPasswordService) - Method in class org.springframework.security.config.annotation.authentication.configurers.userdetails.AbstractDaoAuthenticationConfigurer
UserDetailsPasswordService - Interface in org.springframework.security.core.userdetails: An API for changing a UserDetails password.
UserDetailsRepositoryReactiveAuthenticationManager - Class in org.springframework.security.authentication: A ReactiveAuthenticationManager that uses a ReactiveUserDetailsService to validate the provided username and password.
UserDetailsRepositoryReactiveAuthenticationManager(ReactiveUserDetailsService) - Constructor for class org.springframework.security.authentication.UserDetailsRepositoryReactiveAuthenticationManager
UserDetailsResourceFactoryBean - Class in org.springframework.security.config.core.userdetails: Parses a Resource that is a Properties file in the format of: username=password[,enabled|disabled],roles...
UserDetailsResourceFactoryBean() - Constructor for class org.springframework.security.config.core.userdetails.UserDetailsResourceFactoryBean
userDetailsService(UserDetailsService) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
userDetailsService(UserDetailsService) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer: Specifies the UserDetailsService used to look up the UserDetails when a remember me token is valid.
userDetailsService(UserDetailsService) - Method in class org.springframework.security.config.annotation.web.configurers.X509Configurer: Shortcut for invoking X509Configurer.authenticationUserDetailsService(AuthenticationUserDetailsService) with a UserDetailsByNameServiceWrapper.
userDetailsService(UserDetailsService) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder: Allows adding an additional UserDetailsService to be used
userDetailsService(T) - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder: Add authentication based upon the custom UserDetailsService that is passed in.
UserDetailsService - Interface in org.springframework.security.core.userdetails: Core interface which loads user-specific data.
userDetailsServiceBeanName() - Element in annotation interface org.springframework.security.test.context.support.WithUserDetails: The bean name for the UserDetailsService to use.
UserDetailsServiceConfigurer,C extends UserDetailsServiceConfigurer<B,C,U>,U extends UserDetailsService> - Class in org.springframework.security.config.annotation.authentication.configurers.userdetails: Allows configuring a UserDetailsService within a AuthenticationManagerBuilder.
UserDetailsServiceConfigurer(U) - Constructor for class org.springframework.security.config.annotation.authentication.configurers.userdetails.UserDetailsServiceConfigurer: Creates a new instance
UserDetailsServiceFactoryBean - Class in org.springframework.security.config.http: Bean used to lookup a named UserDetailsService or AuthenticationUserDetailsService.
UserDetailsServiceFactoryBean() - Constructor for class org.springframework.security.config.http.UserDetailsServiceFactoryBean
UserDetailsServiceLdapAuthoritiesPopulator - Class in org.springframework.security.ldap.authentication: Simple LdapAuthoritiesPopulator which delegates to a UserDetailsService, using the name which was supplied at login as the username.
UserDetailsServiceLdapAuthoritiesPopulator(UserDetailsService) - Constructor for class org.springframework.security.ldap.authentication.UserDetailsServiceLdapAuthoritiesPopulator
userDnPatterns(String...) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer: If your users are at a fixed location in the directory (i.e.
userExists(String) - Method in class org.springframework.security.ldap.userdetails.LdapUserDetailsManager
userExists(String) - Method in class org.springframework.security.provisioning.InMemoryUserDetailsManager
userExists(String) - Method in class org.springframework.security.provisioning.JdbcUserDetailsManager
userExists(String) - Method in interface org.springframework.security.provisioning.UserDetailsManager: Check if a user with the supplied login name exists in the system.
userInfoAuthenticationMethod(AuthenticationMethod) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder: Sets the authentication method for the user info endpoint.
userInfoEndpoint() - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer: Returns the OAuth2LoginConfigurer>.UserInfoEndpointConfig for configuring the Authorization Server's UserInfo Endpoint.
userInfoEndpoint(Customizer<OAuth2LoginConfigurer.UserInfoEndpointConfig>) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer: Configures the Authorization Server's UserInfo Endpoint.
userInfoToken(Consumer<OidcUserInfo.Builder>) - Method in class org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.OidcLoginMutator: Use the provided OidcUserInfo when constructing the authenticated user
userInfoToken(Consumer<OidcUserInfo.Builder>) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.OidcLoginRequestPostProcessor: Use the provided OidcUserInfo when constructing the authenticated user
userInfoUri(String) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder: Sets the uri for the user info endpoint.
username() - Element in annotation interface org.springframework.security.test.context.support.WithMockUser: The username to be used.
username(String) - Method in class org.springframework.security.core.userdetails.User.UserBuilder: Populates the username.
USERNAME - Static variable in class org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames: username - used in Access Token Request.
USERNAME - Static variable in class org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimNames: username - A human-readable identifier for the resource owner that authorized the token
USERNAME_ATTRIBUTE_NAME - Static variable in class org.springframework.security.oauth2.client.OAuth2AuthorizationContext: The name of the attribute in the context associated to the value for the resource owner's username.
USERNAME_NOT_FOUND - Static variable in class org.springframework.security.saml2.core.Saml2ErrorCodes: The subject did not contain a user identifier The assertion contained a subject element, but the subject element did not have a NameID or EncryptedID element https://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf#page=18
userNameAttributeName(String) - Method in class org.springframework.security.oauth2.client.registration.ClientRegistration.Builder: Sets the attribute name used to access the user's name from the user info response.
UsernameNotFoundException - Exception in org.springframework.security.core.userdetails: Thrown if an UserDetailsService implementation cannot locate a User by its username.
UsernameNotFoundException(String) - Constructor for exception org.springframework.security.core.userdetails.UsernameNotFoundException: Constructs a UsernameNotFoundException with the specified message.
UsernameNotFoundException(String, Throwable) - Constructor for exception org.springframework.security.core.userdetails.UsernameNotFoundException: Constructs a UsernameNotFoundException with the specified message and root cause.
usernameParameter(String) - Method in class org.springframework.security.config.annotation.web.configurers.FormLoginConfigurer: The HTTP parameter to look for the username when performing authentication.
UsernamePasswordAuthenticationFilter - Class in org.springframework.security.web.authentication: Processes an authentication form submission.
UsernamePasswordAuthenticationFilter() - Constructor for class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
UsernamePasswordAuthenticationFilter(AuthenticationManager) - Constructor for class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
UsernamePasswordAuthenticationToken - Class in org.springframework.security.authentication: An Authentication implementation that is designed for simple presentation of a username and password.
UsernamePasswordAuthenticationToken(Object, Object) - Constructor for class org.springframework.security.authentication.UsernamePasswordAuthenticationToken: This constructor can be safely used by any code that wishes to create a UsernamePasswordAuthenticationToken, as the AbstractAuthenticationToken.isAuthenticated() will return false.
UsernamePasswordAuthenticationToken(Object, Object, Collection<? extends GrantedAuthority>) - Constructor for class org.springframework.security.authentication.UsernamePasswordAuthenticationToken: This constructor should only be used by AuthenticationManager or AuthenticationProvider implementations that are satisfied with producing a trusted (i.e.
UsernamePasswordMetadata - Class in org.springframework.security.rsocket.metadata: Represents a username and password that have been encoded into a Payload.metadata().
UsernamePasswordMetadata(String, String) - Constructor for class org.springframework.security.rsocket.metadata.UsernamePasswordMetadata
userParameter(String) - Method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.FormLoginRequestBuilder: The HTTP parameter to place the username.
usersByUsernameQuery(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer: Sets the query to be used for finding a user by their username.
userSearchBase(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer: Search base for user searches.
userSearchFilter(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer: The LDAP filter used to search for users (optional).
userService(OAuth2UserService<OAuth2UserRequest, OAuth2User>) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer.UserInfoEndpointConfig: Sets the OAuth 2.0 service used for obtaining the user attributes of the End-User from the UserInfo Endpoint.
UserServiceBeanDefinitionParser - Class in org.springframework.security.config.authentication
UserServiceBeanDefinitionParser() - Constructor for class org.springframework.security.config.authentication.UserServiceBeanDefinitionParser
useSecureCookie(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer: Whether the cookie should be flagged as secure or not.
Utf8 - Class in org.springframework.security.crypto.codec: UTF-8 Charset encoder/decoder.


V

validate(Jwt) - Method in class org.springframework.security.oauth2.client.oidc.authentication.OidcIdTokenValidator
 
validate(Jwt) - Method in class org.springframework.security.oauth2.jwt.JwtClaimValidator
 
validate(Jwt) - Method in class org.springframework.security.oauth2.jwt.JwtIssuerValidator
 
validate(Jwt) - Method in class org.springframework.security.oauth2.jwt.JwtTimestampValidator
 
validate(Saml2LogoutRequestValidatorParameters) - Method in class org.springframework.security.saml2.provider.service.authentication.logout.OpenSamlLogoutRequestValidator

Authenticates the SAML 2.0 Logout Request received from the SAML 2.0 Asserting
 Party.

validate(Saml2LogoutRequestValidatorParameters) - Method in interface org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequestValidator

Authenticates the SAML 2.0 Logout Request received from the SAML 2.0 Asserting
 Party.

validate(Saml2LogoutResponseValidatorParameters) - Method in class org.springframework.security.saml2.provider.service.authentication.logout.OpenSamlLogoutResponseValidator

Authenticates the SAML 2.0 Logout Response received from the SAML 2.0 Asserting
 Party.

validate(Saml2LogoutResponseValidatorParameters) - Method in interface org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponseValidator

Authenticates the SAML 2.0 Logout Response received from the SAML 2.0 Asserting
 Party.

validate(FilterChainProxy) - Method in class org.springframework.security.config.http.DefaultFilterChainValidator
 
validate(FilterChainProxy) - Method in interface org.springframework.security.web.FilterChainProxy.FilterChainValidator
 
validate(T) - Method in class org.springframework.security.oauth2.core.DelegatingOAuth2TokenValidator
 
validate(T) - Method in interface org.springframework.security.oauth2.core.OAuth2TokenValidator

Verify the validity and/or constraints of the provided OAuth 2.0 Token.

value() - Element in annotation interface org.springframework.security.access.annotation.Secured

Returns the list of security configuration attributes (e.g. ROLE_USER,
 ROLE_ADMIN).

value() - Element in annotation interface org.springframework.security.access.method.P

Deprecated.
The parameter name

value() - Element in annotation interface org.springframework.security.access.prepost.PostAuthorize
 
value() - Element in annotation interface org.springframework.security.access.prepost.PostFilter
 
value() - Element in annotation interface org.springframework.security.access.prepost.PreAuthorize
 
value() - Element in annotation interface org.springframework.security.access.prepost.PreFilter
 
value() - Element in annotation interface org.springframework.security.core.parameters.P

The parameter name

value() - Element in annotation interface org.springframework.security.oauth2.client.annotation.RegisteredOAuth2AuthorizedClient

The default attribute for this annotation.

value() - Element in annotation interface org.springframework.security.test.context.support.WithMockUser

Convenience mechanism for specifying the username.

value() - Element in annotation interface org.springframework.security.test.context.support.WithUserDetails

The username to look up in the UserDetailsService

valueOf(String) - Static method in enum class org.springframework.security.authorization.method.AuthorizationInterceptorsOrder

Returns the enum constant of this class with the specified name.

valueOf(String) - Static method in enum class org.springframework.security.config.annotation.rsocket.PayloadInterceptorOrder

Returns the enum constant of this class with the specified name.

valueOf(String) - Static method in enum class org.springframework.security.config.http.MatcherType

Returns the enum constant of this class with the specified name.

valueOf(String) - Static method in enum class org.springframework.security.config.http.SessionCreationPolicy

Returns the enum constant of this class with the specified name.

valueOf(String) - Static method in enum class org.springframework.security.config.oauth2.client.CommonOAuth2Provider

Returns the enum constant of this class with the specified name.

valueOf(String) - Static method in enum class org.springframework.security.config.web.server.SecurityWebFiltersOrder

Returns the enum constant of this class with the specified name.

valueOf(String) - Static method in enum class org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder.BCryptVersion

Returns the enum constant of this class with the specified name.

valueOf(String) - Static method in enum class org.springframework.security.crypto.encrypt.AesBytesEncryptor.CipherAlgorithm

Returns the enum constant of this class with the specified name.

valueOf(String) - Static method in enum class org.springframework.security.crypto.password.Pbkdf2PasswordEncoder.SecretKeyFactoryAlgorithm

Returns the enum constant of this class with the specified name.

valueOf(String) - Static method in enum class org.springframework.security.ldap.ppolicy.PasswordPolicyErrorStatus

Returns the enum constant of this class with the specified name.

valueOf(String) - Static method in enum class org.springframework.security.oauth2.jose.jws.MacAlgorithm

Returns the enum constant of this class with the specified name.

valueOf(String) - Static method in enum class org.springframework.security.oauth2.jose.jws.SignatureAlgorithm

Returns the enum constant of this class with the specified name.

valueOf(String) - Static method in enum class org.springframework.security.rsocket.api.PayloadExchangeType

Returns the enum constant of this class with the specified name.

valueOf(String) - Static method in enum class org.springframework.security.saml2.core.Saml2X509Credential.Saml2X509CredentialType

Returns the enum constant of this class with the specified name.

valueOf(String) - Static method in enum class org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding

Returns the enum constant of this class with the specified name.

valueOf(String) - Static method in enum class org.springframework.security.test.context.support.TestExecutionEvent

Returns the enum constant of this class with the specified name.

valueOf(String) - Static method in enum class org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices.RememberMeTokenAlgorithm

Returns the enum constant of this class with the specified name.

valueOf(String) - Static method in enum class org.springframework.security.web.header.writers.ClearSiteDataHeaderWriter.Directive

Returns the enum constant of this class with the specified name.

valueOf(String) - Static method in enum class org.springframework.security.web.header.writers.CrossOriginEmbedderPolicyHeaderWriter.CrossOriginEmbedderPolicy

Returns the enum constant of this class with the specified name.

valueOf(String) - Static method in enum class org.springframework.security.web.header.writers.CrossOriginOpenerPolicyHeaderWriter.CrossOriginOpenerPolicy

Returns the enum constant of this class with the specified name.

valueOf(String) - Static method in enum class org.springframework.security.web.header.writers.CrossOriginResourcePolicyHeaderWriter.CrossOriginResourcePolicy

Returns the enum constant of this class with the specified name.

valueOf(String) - Static method in enum class org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter.XFrameOptionsMode

Returns the enum constant of this class with the specified name.

valueOf(String) - Static method in enum class org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter.ReferrerPolicy

Returns the enum constant of this class with the specified name.

valueOf(String) - Static method in enum class org.springframework.security.web.header.writers.XXssProtectionHeaderWriter.HeaderValue

Returns the enum constant of this class with the specified name.

valueOf(String) - Static method in enum class org.springframework.security.web.server.header.ClearSiteDataServerHttpHeadersWriter.Directive

Returns the enum constant of this class with the specified name.

valueOf(String) - Static method in enum class org.springframework.security.web.server.header.CrossOriginEmbedderPolicyServerHttpHeadersWriter.CrossOriginEmbedderPolicy

Returns the enum constant of this class with the specified name.

valueOf(String) - Static method in enum class org.springframework.security.web.server.header.CrossOriginOpenerPolicyServerHttpHeadersWriter.CrossOriginOpenerPolicy

Returns the enum constant of this class with the specified name.

valueOf(String) - Static method in enum class org.springframework.security.web.server.header.CrossOriginResourcePolicyServerHttpHeadersWriter.CrossOriginResourcePolicy

Returns the enum constant of this class with the specified name.

valueOf(String) - Static method in enum class org.springframework.security.web.server.header.ReferrerPolicyServerHttpHeadersWriter.ReferrerPolicy

Returns the enum constant of this class with the specified name.

valueOf(String) - Static method in enum class org.springframework.security.web.server.header.XFrameOptionsServerHttpHeadersWriter.Mode

Returns the enum constant of this class with the specified name.

valueOf(String) - Static method in enum class org.springframework.security.web.server.header.XXssProtectionServerHttpHeadersWriter.HeaderValue

Returns the enum constant of this class with the specified name.

values() - Static method in enum class org.springframework.security.authorization.method.AuthorizationInterceptorsOrder

Returns an array containing the constants of this enum class, in
the order they are declared.

values() - Static method in enum class org.springframework.security.config.annotation.rsocket.PayloadInterceptorOrder

Returns an array containing the constants of this enum class, in
the order they are declared.

values() - Static method in enum class org.springframework.security.config.http.MatcherType

Returns an array containing the constants of this enum class, in
the order they are declared.

values() - Static method in enum class org.springframework.security.config.http.SessionCreationPolicy

Returns an array containing the constants of this enum class, in
the order they are declared.

values() - Static method in enum class org.springframework.security.config.oauth2.client.CommonOAuth2Provider

Returns an array containing the constants of this enum class, in
the order they are declared.

values() - Static method in enum class org.springframework.security.config.web.server.SecurityWebFiltersOrder

Returns an array containing the constants of this enum class, in
the order they are declared.

values() - Static method in enum class org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder.BCryptVersion

Returns an array containing the constants of this enum class, in
the order they are declared.

values() - Static method in enum class org.springframework.security.crypto.encrypt.AesBytesEncryptor.CipherAlgorithm

Returns an array containing the constants of this enum class, in
the order they are declared.

values() - Static method in enum class org.springframework.security.crypto.password.Pbkdf2PasswordEncoder.SecretKeyFactoryAlgorithm

Returns an array containing the constants of this enum class, in
the order they are declared.

values() - Static method in enum class org.springframework.security.ldap.ppolicy.PasswordPolicyErrorStatus

Returns an array containing the constants of this enum class, in
the order they are declared.

values() - Static method in enum class org.springframework.security.oauth2.jose.jws.MacAlgorithm

Returns an array containing the constants of this enum class, in
the order they are declared.

values() - Static method in enum class org.springframework.security.oauth2.jose.jws.SignatureAlgorithm

Returns an array containing the constants of this enum class, in
the order they are declared.

values() - Static method in enum class org.springframework.security.rsocket.api.PayloadExchangeType

Returns an array containing the constants of this enum class, in
the order they are declared.

values() - Static method in enum class org.springframework.security.saml2.core.Saml2X509Credential.Saml2X509CredentialType

Returns an array containing the constants of this enum class, in
the order they are declared.

values() - Static method in enum class org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding

Returns an array containing the constants of this enum class, in
the order they are declared.

values() - Static method in enum class org.springframework.security.test.context.support.TestExecutionEvent

Returns an array containing the constants of this enum class, in
the order they are declared.

values() - Static method in enum class org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices.RememberMeTokenAlgorithm

Returns an array containing the constants of this enum class, in
the order they are declared.

values() - Static method in enum class org.springframework.security.web.header.writers.ClearSiteDataHeaderWriter.Directive

Returns an array containing the constants of this enum class, in
the order they are declared.

values() - Static method in enum class org.springframework.security.web.header.writers.CrossOriginEmbedderPolicyHeaderWriter.CrossOriginEmbedderPolicy

Returns an array containing the constants of this enum class, in
the order they are declared.

values() - Static method in enum class org.springframework.security.web.header.writers.CrossOriginOpenerPolicyHeaderWriter.CrossOriginOpenerPolicy

Returns an array containing the constants of this enum class, in
the order they are declared.

values() - Static method in enum class org.springframework.security.web.header.writers.CrossOriginResourcePolicyHeaderWriter.CrossOriginResourcePolicy

Returns an array containing the constants of this enum class, in
the order they are declared.

values() - Static method in enum class org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter.XFrameOptionsMode

Returns an array containing the constants of this enum class, in
the order they are declared.

values() - Static method in enum class org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter.ReferrerPolicy

Returns an array containing the constants of this enum class, in
the order they are declared.

values() - Static method in enum class org.springframework.security.web.header.writers.XXssProtectionHeaderWriter.HeaderValue

Returns an array containing the constants of this enum class, in
the order they are declared.

values() - Static method in enum class org.springframework.security.web.server.header.ClearSiteDataServerHttpHeadersWriter.Directive

Returns an array containing the constants of this enum class, in
the order they are declared.

values() - Static method in enum class org.springframework.security.web.server.header.CrossOriginEmbedderPolicyServerHttpHeadersWriter.CrossOriginEmbedderPolicy

Returns an array containing the constants of this enum class, in
the order they are declared.

values() - Static method in enum class org.springframework.security.web.server.header.CrossOriginOpenerPolicyServerHttpHeadersWriter.CrossOriginOpenerPolicy

Returns an array containing the constants of this enum class, in
the order they are declared.

values() - Static method in enum class org.springframework.security.web.server.header.CrossOriginResourcePolicyServerHttpHeadersWriter.CrossOriginResourcePolicy

Returns an array containing the constants of this enum class, in
the order they are declared.

values() - Static method in enum class org.springframework.security.web.server.header.ReferrerPolicyServerHttpHeadersWriter.ReferrerPolicy

Returns an array containing the constants of this enum class, in
the order they are declared.

values() - Static method in enum class org.springframework.security.web.server.header.XFrameOptionsServerHttpHeadersWriter.Mode

Returns an array containing the constants of this enum class, in
the order they are declared.

values() - Static method in enum class org.springframework.security.web.server.header.XXssProtectionServerHttpHeadersWriter.HeaderValue

Returns an array containing the constants of this enum class, in
the order they are declared.

verification(X509Certificate) - Static method in class org.springframework.security.saml2.core.Saml2X509Credential

Create a Saml2X509Credential that can be used for verification.

VERIFICATION - Enum constant in enum class org.springframework.security.saml2.core.Saml2X509Credential.Saml2X509CredentialType
 
verificationX509Credentials(Consumer<Collection<Saml2X509Credential>>) - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails.Builder

Apply this Consumer to the list of Saml2X509Credentials

verify(Supplier<Authentication>, T) - Method in interface org.springframework.security.authorization.AuthorizationManager

Determines if access should be granted for a specific authentication and object.

verify(Mono<Authentication>, T) - Method in interface org.springframework.security.authorization.ReactiveAuthorizationManager

Determines if access should be granted for a specific authentication and object

verifyThrowableHierarchy(Throwable, Class<? extends Throwable>) - Static method in class org.springframework.security.web.util.ThrowableAnalyzer

Verifies that the provided throwable is a valid subclass of the provided type (or
 of the type itself).

verifyToken(String) - Method in class org.springframework.security.core.token.KeyBasedPersistenceTokenService
 
verifyToken(String) - Method in interface org.springframework.security.core.token.TokenService

Permits verification the Token.getKey() was issued by this
 TokenService and reconstructs the corresponding Token.

VirtualFilterChainDecorator() - Constructor for class org.springframework.security.web.FilterChainProxy.VirtualFilterChainDecorator
 
vote(Authentication, Object, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.annotation.Jsr250Voter

Deprecated.
Votes according to JSR 250.

vote(Authentication, Object, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.vote.AuthenticatedVoter

Deprecated.
 
vote(Authentication, Object, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.vote.RoleVoter

Deprecated.
 
vote(Authentication, MethodInvocation, Collection<ConfigAttribute>) - Method in class org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter

Deprecated.
 
vote(Authentication, MethodInvocation, Collection<ConfigAttribute>) - Method in class org.springframework.security.acls.AclEntryVoter
 
vote(Authentication, Message<T>, Collection<ConfigAttribute>) - Method in class org.springframework.security.messaging.access.expression.MessageExpressionVoter

Deprecated.
 
vote(Authentication, FilterInvocation, Collection<ConfigAttribute>) - Method in class org.springframework.security.web.access.expression.WebExpressionVoter

Deprecated.
 
vote(Authentication, S, Collection<ConfigAttribute>) - Method in interface org.springframework.security.access.AccessDecisionVoter

Deprecated.
Indicates whether or not access is granted.


W

wantAuthnRequestsSigned(boolean) - Method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails.Builder

Set the WantAuthnRequestsSigned setting, indicating the asserting party's
 preference that relying parties should sign the AuthnRequest before
 sending.

WEB_INVOCATION_PRIVILEGE_EVALUATOR_ATTRIBUTE - Static variable in class org.springframework.security.web.WebAttributes

Set as a request attribute to override the default
 WebInvocationPrivilegeEvaluator

WebAsyncManagerIntegrationFilter - Class in org.springframework.security.web.context.request.async

Provides integration between the SecurityContext and Spring Web's
 WebAsyncManager by using the
 SecurityContextCallableProcessingInterceptor.beforeConcurrentHandling(org.springframework.web.context.request.NativeWebRequest, Callable)
 to populate the SecurityContext on the Callable.

WebAsyncManagerIntegrationFilter() - Constructor for class org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter
 
WebAttributes - Class in org.springframework.security.web

Well-known keys which are used to store Spring Security information in request or
 session scope.

WebAuthenticationDetails - Class in org.springframework.security.web.authentication

A holder of selected HTTP details related to a web authentication request.

WebAuthenticationDetails(HttpServletRequest) - Constructor for class org.springframework.security.web.authentication.WebAuthenticationDetails

Records the remote address and will also set the session Id if a session already
 exists (it won't create one).

WebAuthenticationDetails(String, String) - Constructor for class org.springframework.security.web.authentication.WebAuthenticationDetails

Constructor to add Jackson2 serialize/deserialize support

WebAuthenticationDetailsSource - Class in org.springframework.security.web.authentication

Implementation of AuthenticationDetailsSource which builds the details object
 from an HttpServletRequest object, creating a WebAuthenticationDetails
 .

WebAuthenticationDetailsSource() - Constructor for class org.springframework.security.web.authentication.WebAuthenticationDetailsSource
 
webClient(WebClient) - Method in class org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder.JwkSetUriReactiveJwtDecoderBuilder

Use the given WebClient to coordinate with the authorization servers
 indicated in the JWK
 Set uri as well as the Issuer.

WebClientReactiveAuthorizationCodeTokenResponseClient - Class in org.springframework.security.oauth2.client.endpoint

An implementation of a ReactiveOAuth2AccessTokenResponseClient that
 "exchanges" an authorization code credential for an access token credential
 at the Authorization Server's Token Endpoint.

WebClientReactiveAuthorizationCodeTokenResponseClient() - Constructor for class org.springframework.security.oauth2.client.endpoint.WebClientReactiveAuthorizationCodeTokenResponseClient
 
WebClientReactiveClientCredentialsTokenResponseClient - Class in org.springframework.security.oauth2.client.endpoint

An implementation of a ReactiveOAuth2AccessTokenResponseClient that
 "exchanges" a client credential for an access token credential at the
 Authorization Server's Token Endpoint.

WebClientReactiveClientCredentialsTokenResponseClient() - Constructor for class org.springframework.security.oauth2.client.endpoint.WebClientReactiveClientCredentialsTokenResponseClient
 
WebClientReactiveJwtBearerTokenResponseClient - Class in org.springframework.security.oauth2.client.endpoint

The default implementation of an ReactiveOAuth2AccessTokenResponseClient for
 the jwt-bearer grant.

WebClientReactiveJwtBearerTokenResponseClient() - Constructor for class org.springframework.security.oauth2.client.endpoint.WebClientReactiveJwtBearerTokenResponseClient
 
WebClientReactivePasswordTokenResponseClient - Class in org.springframework.security.oauth2.client.endpoint

Deprecated.
The latest OAuth 2.0 Security Best Current Practice disallows the use of
 the Resource Owner Password Credentials grant. See reference OAuth
 2.0 Security Best Current Practice.


WebClientReactivePasswordTokenResponseClient() - Constructor for class org.springframework.security.oauth2.client.endpoint.WebClientReactivePasswordTokenResponseClient

Deprecated.
 
WebClientReactiveRefreshTokenTokenResponseClient - Class in org.springframework.security.oauth2.client.endpoint

An implementation of a ReactiveOAuth2AccessTokenResponseClient for the
 refresh_token grant.

WebClientReactiveRefreshTokenTokenResponseClient() - Constructor for class org.springframework.security.oauth2.client.endpoint.WebClientReactiveRefreshTokenTokenResponseClient
 
WebExpressionAuthorizationManager - Class in org.springframework.security.web.access.expression

An expression-based AuthorizationManager that determines the access by
 evaluating the provided expression.

WebExpressionAuthorizationManager(String) - Constructor for class org.springframework.security.web.access.expression.WebExpressionAuthorizationManager

Creates an instance.

WebExpressionVoter - Class in org.springframework.security.web.access.expression

Deprecated.
Use WebExpressionAuthorizationManager instead


WebExpressionVoter() - Constructor for class org.springframework.security.web.access.expression.WebExpressionVoter

Deprecated.
 
WebFilterChainProxy - Class in org.springframework.security.web.server

Used to delegate to a List of SecurityWebFilterChain instances.

WebFilterChainProxy(List<SecurityWebFilterChain>) - Constructor for class org.springframework.security.web.server.WebFilterChainProxy
 
WebFilterChainProxy(SecurityWebFilterChain...) - Constructor for class org.springframework.security.web.server.WebFilterChainProxy
 
WebFilterChainProxy.DefaultWebFilterChainDecorator - Class in org.springframework.security.web.server

A WebFilterChainProxy.WebFilterChainDecorator that uses the DefaultWebFilterChain

WebFilterChainProxy.WebFilterChainDecorator - Interface in org.springframework.security.web.server

A strategy for decorating the provided filter chain with one that accounts for the
 SecurityFilterChain for a given request.

WebFilterChainServerAuthenticationSuccessHandler - Class in org.springframework.security.web.server.authentication

Success handler that continues the filter chain after authentication success.

WebFilterChainServerAuthenticationSuccessHandler() - Constructor for class org.springframework.security.web.server.authentication.WebFilterChainServerAuthenticationSuccessHandler
 
WebFilterExchange - Class in org.springframework.security.web.server

A composite of the ServerWebExchange and the WebFilterChain.

WebFilterExchange(ServerWebExchange, WebFilterChain) - Constructor for class org.springframework.security.web.server.WebFilterExchange
 
WebInvocationPrivilegeEvaluator - Interface in org.springframework.security.web.access

Allows users to determine whether they have privileges for a given web URI.

WebJackson2Module - Class in org.springframework.security.web.jackson2

Jackson module for spring-security-web.

WebJackson2Module() - Constructor for class org.springframework.security.web.jackson2.WebJackson2Module
 
WebMvcSecurityConfiguration - Class in org.springframework.security.config.annotation.web.servlet.configuration

Deprecated.
This is applied internally using SpringWebMvcImportSelector


WebMvcSecurityConfiguration() - Constructor for class org.springframework.security.config.annotation.web.servlet.configuration.WebMvcSecurityConfiguration

Deprecated.
 
WebSecurity - Class in org.springframework.security.config.annotation.web.builders


 The WebSecurity is created by WebSecurityConfiguration to create the
 FilterChainProxy known as the Spring Security Filter Chain
 (springSecurityFilterChain).

WebSecurity(ObjectPostProcessor<Object>) - Constructor for class org.springframework.security.config.annotation.web.builders.WebSecurity

Creates a new instance

WebSecurity.IgnoredRequestConfigurer - Class in org.springframework.security.config.annotation.web.builders

Allows registering RequestMatcher instances that should be ignored by
 Spring Security.

WebSecurityConfiguration - Class in org.springframework.security.config.annotation.web.configuration

Uses a WebSecurity to create the FilterChainProxy that performs the web
 based security for Spring Security.

WebSecurityConfiguration() - Constructor for class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
 
WebSecurityConfigurer<T extends SecurityBuilder<jakarta.servlet.Filter>> - Interface in org.springframework.security.config.annotation.web

Allows customization to the WebSecurity.

WebSecurityCustomizer - Interface in org.springframework.security.config.annotation.web.configuration

Callback interface for customizing WebSecurity.

webSecurityExpressionHandler() - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
 
WebSecurityExpressionRoot - Class in org.springframework.security.web.access.expression
 
WebSecurityExpressionRoot(Supplier<Authentication>, HttpServletRequest) - Constructor for class org.springframework.security.web.access.expression.WebSecurityExpressionRoot

Creates an instance for the given Supplier of the Authentication
 and HttpServletRequest.

WebSecurityExpressionRoot(Authentication, FilterInvocation) - Constructor for class org.springframework.security.web.access.expression.WebSecurityExpressionRoot
 
WebServerJackson2Module - Class in org.springframework.security.web.server.jackson2

Jackson module for spring-security-web-flux.

WebServerJackson2Module() - Constructor for class org.springframework.security.web.server.jackson2.WebServerJackson2Module
 
WebServletJackson2Module - Class in org.springframework.security.web.jackson2

Jackson module for spring-security-web related to servlet.

WebServletJackson2Module() - Constructor for class org.springframework.security.web.jackson2.WebServletJackson2Module
 
WebSessionOAuth2ServerAuthorizationRequestRepository - Class in org.springframework.security.oauth2.client.web.server

An implementation of an ServerAuthorizationRequestRepository that stores
 OAuth2AuthorizationRequest in the WebSession.

WebSessionOAuth2ServerAuthorizationRequestRepository() - Constructor for class org.springframework.security.oauth2.client.web.server.WebSessionOAuth2ServerAuthorizationRequestRepository
 
WebSessionServerCsrfTokenRepository - Class in org.springframework.security.web.server.csrf

A ServerCsrfTokenRepository that stores the CsrfToken in the
 HttpSession.

WebSessionServerCsrfTokenRepository() - Constructor for class org.springframework.security.web.server.csrf.WebSessionServerCsrfTokenRepository
 
WebSessionServerLogoutHandler - Class in org.springframework.security.web.server.authentication.logout

A ServerLogoutHandler which invalidates the active WebSession.

WebSessionServerLogoutHandler() - Constructor for class org.springframework.security.web.server.authentication.logout.WebSessionServerLogoutHandler
 
WebSessionServerOAuth2AuthorizedClientRepository - Class in org.springframework.security.oauth2.client.web.server

An implementation of an OAuth2AuthorizedClientRepository that stores
 OAuth2AuthorizedClient's in the HttpSession.

WebSessionServerOAuth2AuthorizedClientRepository() - Constructor for class org.springframework.security.oauth2.client.web.server.WebSessionServerOAuth2AuthorizedClientRepository
 
WebSessionServerRequestCache - Class in org.springframework.security.web.server.savedrequest

An implementation of ServerRequestCache that saves the
 ServerHttpRequest in the WebSession.

WebSessionServerRequestCache() - Constructor for class org.springframework.security.web.server.savedrequest.WebSessionServerRequestCache
 
WebSessionServerSecurityContextRepository - Class in org.springframework.security.web.server.context

Stores the SecurityContext in the
 WebSession.

WebSessionServerSecurityContextRepository() - Constructor for class org.springframework.security.web.server.context.WebSessionServerSecurityContextRepository
 
website(String) - Method in class org.springframework.security.oauth2.core.oidc.OidcUserInfo.Builder

Use this website in the resulting OidcUserInfo

WEBSITE - Static variable in class org.springframework.security.oauth2.core.oidc.StandardClaimNames

website - the URL of the user's web page or blog

WEBSOCKET_MESSAGE_BROKER - Static variable in class org.springframework.security.config.Elements
 
WebSocketMessageBrokerSecurityBeanDefinitionParser - Class in org.springframework.security.config.websocket

Parses Spring Security's websocket namespace support.

WebSocketMessageBrokerSecurityBeanDefinitionParser() - Constructor for class org.springframework.security.config.websocket.WebSocketMessageBrokerSecurityBeanDefinitionParser
 
WebSpherePreAuthenticatedProcessingFilter - Class in org.springframework.security.web.authentication.preauth.websphere

This AbstractPreAuthenticatedProcessingFilter implementation is based on WebSphere
 authentication.

WebSpherePreAuthenticatedProcessingFilter() - Constructor for class org.springframework.security.web.authentication.preauth.websphere.WebSpherePreAuthenticatedProcessingFilter

Public constructor which overrides the default AuthenticationDetails class to be
 used.

WebSpherePreAuthenticatedWebAuthenticationDetailsSource - Class in org.springframework.security.web.authentication.preauth.websphere

This AuthenticationDetailsSource implementation will set the pre-authenticated granted
 authorities based on the WebSphere groups for the current WebSphere user, mapped using
 the configured Attributes2GrantedAuthoritiesMapper.

WebSpherePreAuthenticatedWebAuthenticationDetailsSource() - Constructor for class org.springframework.security.web.authentication.preauth.websphere.WebSpherePreAuthenticatedWebAuthenticationDetailsSource
 
WebSpherePreAuthenticatedWebAuthenticationDetailsSource(WASUsernameAndGroupsExtractor) - Constructor for class org.springframework.security.web.authentication.preauth.websphere.WebSpherePreAuthenticatedWebAuthenticationDetailsSource
 
WebTestUtils - Class in org.springframework.security.test.web.support

A utility class for testing spring security

WebXmlMappableAttributesRetriever - Class in org.springframework.security.web.authentication.preauth.j2ee

This MappableAttributesRetriever implementation reads the list of defined J2EE
 roles from a web.xml file and returns these from {
 WebXmlMappableAttributesRetriever.getMappableAttributes().

WebXmlMappableAttributesRetriever() - Constructor for class org.springframework.security.web.authentication.preauth.j2ee.WebXmlMappableAttributesRetriever
 
WellKnownChangePasswordBeanDefinitionParser - Class in org.springframework.security.config.http

The bean definition parser for a Well-Known URL for Changing Passwords.

WellKnownChangePasswordBeanDefinitionParser() - Constructor for class org.springframework.security.config.http.WellKnownChangePasswordBeanDefinitionParser
 
WhiteListedAllowFromStrategy - Class in org.springframework.security.web.header.writers.frameoptions

Deprecated.
ALLOW-FROM is an obsolete directive that no longer works in modern
 browsers. Instead use Content-Security-Policy with the frame-ancestors
 directive.


WhiteListedAllowFromStrategy(Collection<String>) - Constructor for class org.springframework.security.web.header.writers.frameoptions.WhiteListedAllowFromStrategy

Deprecated.
Creates a new instance

with(JwsAlgorithm) - Static method in class org.springframework.security.oauth2.jwt.JwsHeader

Returns a new JwsHeader.Builder, initialized with the provided JwsAlgorithm.

WithAnonymousUser - Annotation Interface in org.springframework.security.test.context.support

When used with WithSecurityContextTestExecutionListener this annotation can be
 added to a test method to emulate running with an anonymous user.

withAssertingPartyDetails(RelyingPartyRegistration.AssertingPartyDetails) - Static method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration
 
withAuthentication(Consumer<Authentication>) - Method in class org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.AuthenticatedMatcher

Allows for any validating the authentication with arbitrary assertions

withAuthentication(Authentication) - Static method in class org.springframework.security.core.context.ReactiveSecurityContextHolder

A shortcut for ReactiveSecurityContextHolder.withSecurityContext(Mono)

withAuthentication(Authentication) - Method in class org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.AuthenticatedMatcher

Specifies the expected Authentication

withAuthenticationName(String) - Method in class org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.AuthenticatedMatcher

Specifies the expected Principal.getName()

withAuthenticationPrincipal(Object) - Method in class org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.AuthenticatedMatcher

Specifies the expected principal

withAuthorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.AuthenticatedMatcher

Specifies the Authentication.getAuthorities()

withAuthorizedClient(OAuth2AuthorizedClient) - Static method in class org.springframework.security.oauth2.client.OAuth2AuthorizationContext

Returns a new OAuth2AuthorizationContext.Builder initialized with the OAuth2AuthorizedClient.

withAuthorizedClient(OAuth2AuthorizedClient) - Static method in class org.springframework.security.oauth2.client.OAuth2AuthorizeRequest

Returns a new OAuth2AuthorizeRequest.Builder initialized with the authorized client.

withClientRegistration(ClientRegistration) - Static method in class org.springframework.security.oauth2.client.OAuth2AuthorizationContext

Returns a new OAuth2AuthorizationContext.Builder initialized with the ClientRegistration.

withClientRegistration(ClientRegistration) - Static method in class org.springframework.security.oauth2.client.registration.ClientRegistration

Returns a new ClientRegistration.Builder, initialized with the provided
 ClientRegistration.

withClientRegistrationId(String) - Static method in class org.springframework.security.oauth2.client.OAuth2AuthorizeRequest

Returns a new OAuth2AuthorizeRequest.Builder initialized with the identifier for the
 client registration.

withDefaultPasswordEncoder() - Static method in class org.springframework.security.core.userdetails.User

Deprecated.
Using this method is not considered safe for production, but is
 acceptable for demos and getting started. For production purposes, ensure the
 password is encoded externally. See the method Javadoc for additional details.
 There are no plans to remove this support. It is deprecated to indicate that this
 is considered insecure for production purposes.


withDefaults() - Static method in interface org.springframework.security.config.Customizer

Returns a Customizer that does not alter the input argument.

withDefaults(Map<String, Converter<Object, ?>>) - Static method in class org.springframework.security.oauth2.jwt.MappedJwtClaimSetConverter

Construct a MappedJwtClaimSetConverter, overriding individual claim
 converters with the provided Map of Converters.

withDefaultSchema() - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer

Populates the default schema that allows users and authorities to be stored.

withEntityDescriptor(EntityDescriptor) - Static method in class org.springframework.security.saml2.provider.service.registration.OpenSamlAssertingPartyDetails

Use this EntityDescriptor to begin building an
 RelyingPartyRegistration.AssertingPartyDetails

withErrors(Saml2Error...) - Static method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutValidatorResult

Construct a Saml2LogoutValidatorResult.Builder, starting with the given
 errors.

withHttpOnlyFalse() - Static method in class org.springframework.security.web.csrf.CookieCsrfTokenRepository

Factory method to conveniently create an instance that has
 CookieCsrfTokenRepository.setCookieHttpOnly(boolean) set to false.

withHttpOnlyFalse() - Static method in class org.springframework.security.web.server.csrf.CookieServerCsrfTokenRepository

Factory method to conveniently create an instance that has
 CookieServerCsrfTokenRepository.setCookieHttpOnly(boolean) set to false.

withJwkSetUri(String) - Static method in class org.springframework.security.oauth2.jwt.NimbusJwtDecoder

Use the given JWK Set
 uri.

withJwkSetUri(String) - Static method in class org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder

Use the given JWK Set
 uri to validate JWTs.

withJwkSource(Function<SignedJWT, Flux<JWK>>) - Static method in class org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder

Use the given Function to validate JWTs

WithMockUser - Annotation Interface in org.springframework.security.test.context.support

When used with WithSecurityContextTestExecutionListener this annotation can be
 added to a test method to emulate running with a mocked user.

withObjectPostProcessor(ObjectPostProcessor<?>) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer

Adds an ObjectPostProcessor for this class.

withObjectPostProcessor(ObjectPostProcessor<?>) - Method in class org.springframework.security.config.annotation.authentication.configurers.userdetails.AbstractDaoAuthenticationConfigurer

Adds an ObjectPostProcessor for this class.

withObjectPostProcessor(ObjectPostProcessor<?>) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer
 
withObjectPostProcessor(ObjectPostProcessor<?>) - Method in class org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry

Adds an ObjectPostProcessor for this class.

withObjectPostProcessor(ObjectPostProcessor<?>) - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.ChannelRequestMatcherRegistry

Adds an ObjectPostProcessor for this class.

withObjectPostProcessor(ObjectPostProcessor<?>) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry

Deprecated.
Adds an ObjectPostProcessor for this class.

withObjectPostProcessor(ObjectPostProcessor<?>) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.StandardInterceptUrlRegistry

Deprecated.
Adds an ObjectPostProcessor for this class.

withObjectPostProcessor(ObjectPostProcessor<?>) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer

Deprecated.
Adds an ObjectPostProcessor for this class.

withPins(Map<String, String>) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.HpkpConfig

Deprecated.

 Sets the value for the pin- directive of the Public-Key-Pins header.

withPkce() - Static method in class org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestCustomizers

Returns a Consumer to be provided the
 OAuth2AuthorizationRequest.Builder that adds the
 code_challenge and, usually,
 code_challenge_method parameters
 to the OAuth 2.0 Authorization Request.

withPublicKey(RSAPublicKey) - Static method in class org.springframework.security.oauth2.jwt.NimbusJwtDecoder

Use the given public key to validate JWTs

withPublicKey(RSAPublicKey) - Static method in class org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder

Use the given public key to validate JWTs

withRegistrationId(String) - Static method in class org.springframework.security.oauth2.client.registration.ClientRegistration

Returns a new ClientRegistration.Builder, initialized with the provided registration
 identifier.

withRegistrationId(String) - Static method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration

Creates a RelyingPartyRegistration RelyingPartyRegistration.Builder with a known
 registrationId

withRelyingPartyRegistration(RelyingPartyRegistration) - Static method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequest

Create a Saml2LogoutRequest.Builder instance from this RelyingPartyRegistration

 Specifically, this will pull the SingleLogoutService
 location and binding from the RelyingPartyRegistration

withRelyingPartyRegistration(RelyingPartyRegistration) - Static method in class org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponse

Create a Saml2LogoutResponse.Builder instance from this RelyingPartyRegistration

 Specifically, this will pull the SingleLogoutService
 response location and binding from the RelyingPartyRegistration

withRelyingPartyRegistration(RelyingPartyRegistration) - Static method in class org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest

Constructs a Saml2PostAuthenticationRequest.Builder from a RelyingPartyRegistration object.

withRelyingPartyRegistration(RelyingPartyRegistration) - Static method in class org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest

Constructs a Saml2PostAuthenticationRequest.Builder from a
 RelyingPartyRegistration object.

withRelyingPartyRegistration(RelyingPartyRegistration) - Static method in class org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration

Creates a RelyingPartyRegistration RelyingPartyRegistration.Builder based on an existing
 object

withResponse(OAuth2AccessTokenResponse) - Static method in class org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse

Returns a new OAuth2AccessTokenResponse.Builder, initialized with the provided response.

withRoles(String...) - Method in class org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.AuthenticatedMatcher

Specifies the Authentication.getAuthorities()

withSecretKey(SecretKey) - Static method in class org.springframework.security.oauth2.jwt.NimbusJwtDecoder

Use the given SecretKey to validate the MAC on a JSON Web Signature (JWS).

withSecretKey(SecretKey) - Static method in class org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder

Use the given SecretKey to validate the MAC on a JSON Web Signature (JWS).

withSecurityContext(SecurityContext) - Method in class org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.AuthenticatedMatcher

Specifies the expected SecurityContext

withSecurityContext(Mono<? extends SecurityContext>) - Static method in class org.springframework.security.core.context.ReactiveSecurityContextHolder

Creates a Reactor Context that contains the Mono<SecurityContext>
 that can be merged into another Context

WithSecurityContext - Annotation Interface in org.springframework.security.test.context.support


 An annotation to determine what SecurityContext to use.

WithSecurityContextFactory<A extends Annotation> - Interface in org.springframework.security.test.context.support

An API that works with WithUserTestExcecutionListener for creating a
 SecurityContext that is populated in the TestSecurityContextHolder.

WithSecurityContextTestExecutionListener - Class in org.springframework.security.test.context.support

A TestExecutionListener that will find annotations that are annotated with
 WithSecurityContext on a test method or at the class level.

WithSecurityContextTestExecutionListener() - Constructor for class org.springframework.security.test.context.support.WithSecurityContextTestExecutionListener
 
withToken(String) - Static method in class org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse

Returns a new OAuth2AccessTokenResponse.Builder, initialized with the provided access token value.

withTokenValue(String) - Static method in class org.springframework.security.oauth2.core.oidc.OidcIdToken

Create a OidcIdToken.Builder based on the given token value

withTokenValue(String) - Static method in class org.springframework.security.oauth2.jwt.Jwt

Return a Jwt.Builder

withUser(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer

Allows adding a user to the UserDetailsManager that is being created.

withUser(User.UserBuilder) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer

Allows adding a user to the UserDetailsManager that is being created.

withUser(UserDetails) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer

Allows adding a user to the UserDetailsManager that is being created.

withUserDetails(UserDetails) - Static method in class org.springframework.security.core.userdetails.User
 
WithUserDetails - Annotation Interface in org.springframework.security.test.context.support

When used with WithSecurityContextTestExecutionListener this annotation can be
 added to a test method to emulate running with a UserDetails returned from the
 UserDetailsService.

withUsername(String) - Static method in class org.springframework.security.core.userdetails.User

Creates a UserBuilder with a specified user name

withUsername(String) - Method in class org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.AuthenticatedMatcher

Specifies the expected username

wrap(Runnable) - Method in class org.springframework.security.scheduling.DelegatingSecurityContextSchedulingTaskExecutor
 
wrap(Callable<T>) - Method in class org.springframework.security.scheduling.DelegatingSecurityContextSchedulingTaskExecutor
 
write - Variable in class org.springframework.security.access.expression.SecurityExpressionRoot
 
write(RelyingPartyRegistration.Builder, MediaType, HttpOutputMessage) - Method in class org.springframework.security.saml2.provider.service.registration.OpenSamlRelyingPartyRegistrationBuilderHttpMessageConverter
 
WRITE - Static variable in class org.springframework.security.acls.domain.BasePermission
 
writeHeaders(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.header.HeaderWriter

Create a Header instance.

writeHeaders(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.header.writers.CacheControlHeadersWriter
 
writeHeaders(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.header.writers.ClearSiteDataHeaderWriter
 
writeHeaders(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.header.writers.CompositeHeaderWriter
 
writeHeaders(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.header.writers.ContentSecurityPolicyHeaderWriter
 
writeHeaders(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.header.writers.CrossOriginEmbedderPolicyHeaderWriter
 
writeHeaders(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.header.writers.CrossOriginOpenerPolicyHeaderWriter
 
writeHeaders(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.header.writers.CrossOriginResourcePolicyHeaderWriter
 
writeHeaders(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.header.writers.DelegatingRequestMatcherHeaderWriter
 
writeHeaders(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.header.writers.FeaturePolicyHeaderWriter
 
writeHeaders(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter

Writes the X-Frame-Options header value, overwritting any previous value.

writeHeaders(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.header.writers.HpkpHeaderWriter

Deprecated.
 
writeHeaders(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.header.writers.HstsHeaderWriter
 
writeHeaders(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.header.writers.PermissionsPolicyHeaderWriter
 
writeHeaders(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter
 
writeHeaders(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.header.writers.StaticHeadersWriter
 
writeHeaders(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.header.writers.XXssProtectionHeaderWriter
 
writeHttpHeaders(ServerWebExchange) - Method in class org.springframework.security.web.server.header.CacheControlServerHttpHeadersWriter
 
writeHttpHeaders(ServerWebExchange) - Method in class org.springframework.security.web.server.header.ClearSiteDataServerHttpHeadersWriter
 
writeHttpHeaders(ServerWebExchange) - Method in class org.springframework.security.web.server.header.CompositeServerHttpHeadersWriter
 
writeHttpHeaders(ServerWebExchange) - Method in class org.springframework.security.web.server.header.ContentSecurityPolicyServerHttpHeadersWriter
 
writeHttpHeaders(ServerWebExchange) - Method in class org.springframework.security.web.server.header.ContentTypeOptionsServerHttpHeadersWriter
 
writeHttpHeaders(ServerWebExchange) - Method in class org.springframework.security.web.server.header.CrossOriginEmbedderPolicyServerHttpHeadersWriter
 
writeHttpHeaders(ServerWebExchange) - Method in class org.springframework.security.web.server.header.CrossOriginOpenerPolicyServerHttpHeadersWriter
 
writeHttpHeaders(ServerWebExchange) - Method in class org.springframework.security.web.server.header.CrossOriginResourcePolicyServerHttpHeadersWriter
 
writeHttpHeaders(ServerWebExchange) - Method in class org.springframework.security.web.server.header.FeaturePolicyServerHttpHeadersWriter
 
writeHttpHeaders(ServerWebExchange) - Method in class org.springframework.security.web.server.header.PermissionsPolicyServerHttpHeadersWriter
 
writeHttpHeaders(ServerWebExchange) - Method in class org.springframework.security.web.server.header.ReferrerPolicyServerHttpHeadersWriter
 
writeHttpHeaders(ServerWebExchange) - Method in interface org.springframework.security.web.server.header.ServerHttpHeadersWriter

Write the headers to the response.

writeHttpHeaders(ServerWebExchange) - Method in class org.springframework.security.web.server.header.ServerWebExchangeDelegatingServerHttpHeadersWriter
 
writeHttpHeaders(ServerWebExchange) - Method in class org.springframework.security.web.server.header.StaticServerHttpHeadersWriter
 
writeHttpHeaders(ServerWebExchange) - Method in class org.springframework.security.web.server.header.StrictTransportSecurityServerHttpHeadersWriter
 
writeHttpHeaders(ServerWebExchange) - Method in class org.springframework.security.web.server.header.XContentTypeOptionsServerHttpHeadersWriter
 
writeHttpHeaders(ServerWebExchange) - Method in class org.springframework.security.web.server.header.XFrameOptionsServerHttpHeadersWriter
 
writeHttpHeaders(ServerWebExchange) - Method in class org.springframework.security.web.server.header.XXssProtectionServerHttpHeadersWriter
 
writeInternal(OAuth2AccessTokenResponse, HttpOutputMessage) - Method in class org.springframework.security.oauth2.core.http.converter.OAuth2AccessTokenResponseHttpMessageConverter
 
writeInternal(OAuth2Error, HttpOutputMessage) - Method in class org.springframework.security.oauth2.core.http.converter.OAuth2ErrorHttpMessageConverter
 
writeMessage(String) - Method in class org.springframework.security.taglibs.authz.AuthenticationTag
 
writer(ServerHttpHeadersWriter) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec

Configures custom headers writer


X

X_CONTENT_OPTIONS - Static variable in class org.springframework.security.web.server.header.ContentTypeOptionsServerHttpHeadersWriter
 
X_CONTENT_OPTIONS - Static variable in class org.springframework.security.web.server.header.XContentTypeOptionsServerHttpHeadersWriter
 
X_FRAME_OPTIONS - Static variable in class org.springframework.security.web.server.header.XFrameOptionsServerHttpHeadersWriter
 
X_XSS_PROTECTION - Static variable in class org.springframework.security.web.server.header.XXssProtectionServerHttpHeadersWriter
 
x509() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity

Configures X509 based pre authentication.

x509() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity

Configures x509 authentication using a certificate provided by a client.

x509() - Static method in class org.springframework.security.converter.RsaKeyConverters

Construct a Converter for converting a PEM-encoded X.509 RSA Public Key or
 X.509 Certificate into a RSAPublicKey.

x509(String) - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors

Finds an X509Cetificate using a resoureName and populates it on the request.

x509(X509Certificate...) - Static method in class org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors

Populates the provided X509Certificate instances on the request.

x509(Customizer<X509Configurer<HttpSecurity>>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity

Configures X509 based pre authentication.

x509(Customizer<ServerHttpSecurity.X509Spec>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity

Configures x509 authentication using a certificate provided by a client.

X509 - Static variable in class org.springframework.security.config.Elements
 
x509AuthenticationFilter(X509AuthenticationFilter) - Method in class org.springframework.security.config.annotation.web.configurers.X509Configurer

Allows specifying the entire X509AuthenticationFilter.

X509AuthenticationFilter - Class in org.springframework.security.web.authentication.preauth.x509
 
X509AuthenticationFilter() - Constructor for class org.springframework.security.web.authentication.preauth.x509.X509AuthenticationFilter
 
x509CertificateChain(List<String>) - Method in class org.springframework.security.oauth2.jwt.JwsHeader.Builder

Sets the X.509 certificate chain that contains the X.509 public key certificate
 or certificate chain corresponding to the key used to digitally sign the JWS or
 encrypt the JWE.

X509Configurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers

Adds X509 based pre authentication to an application.

X509Configurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.X509Configurer

Creates a new instance

x509PrincipalExtractor(X509PrincipalExtractor) - Method in class org.springframework.security.config.annotation.web.configurers.X509Configurer

Specifies the X509PrincipalExtractor

X509PrincipalExtractor - Interface in org.springframework.security.web.authentication.preauth.x509

Obtains the principal from an X509Certificate for use within the framework.

x509SHA1Thumbprint(String) - Method in class org.springframework.security.oauth2.jwt.JwsHeader.Builder

Sets the X.509 certificate SHA-1 thumbprint that is a base64url-encoded SHA-1
 thumbprint (a.k.a.

x509SHA256Thumbprint(String) - Method in class org.springframework.security.oauth2.jwt.JwsHeader.Builder

Sets the X.509 certificate SHA-256 thumbprint that is a base64url-encoded
 SHA-256 thumbprint (a.k.a.

x509Url(String) - Method in class org.springframework.security.oauth2.jwt.JwsHeader.Builder

Sets the X.509 URL that refers to the resource for the X.509 public key
 certificate or certificate chain corresponding to the key used to digitally
 sign the JWS or encrypt the JWE.

X5C - Static variable in class org.springframework.security.oauth2.jwt.JoseHeaderNames

x5c - the X.509 certificate chain header contains the X.509 public key
 certificate or certificate chain corresponding to the key used to digitally sign a
 JWS or encrypt a JWE

X5T - Static variable in class org.springframework.security.oauth2.jwt.JoseHeaderNames

x5t - the X.509 certificate SHA-1 thumbprint header is a base64url-encoded
 SHA-1 thumbprint (a.k.a.

X5T_S256 - Static variable in class org.springframework.security.oauth2.jwt.JoseHeaderNames

x5t#S256 - the X.509 certificate SHA-256 thumbprint header is a
 base64url-encoded SHA-256 thumbprint (a.k.a.

X5U - Static variable in class org.springframework.security.oauth2.jwt.JoseHeaderNames

x5u - the X.509 URL header is a URI that refers to a resource for the X.509
 public key certificate or certificate chain corresponding to the key used to
 digitally sign a JWS or encrypt a JWE

XContentTypeOptionsHeaderWriter - Class in org.springframework.security.web.header.writers

A StaticHeadersWriter that inserts headers to prevent content sniffing.

XContentTypeOptionsHeaderWriter() - Constructor for class org.springframework.security.web.header.writers.XContentTypeOptionsHeaderWriter

Creates a new instance

XContentTypeOptionsServerHttpHeadersWriter - Class in org.springframework.security.web.server.header

Adds X-Content-Type-Options: nosniff

XContentTypeOptionsServerHttpHeadersWriter() - Constructor for class org.springframework.security.web.server.header.XContentTypeOptionsServerHttpHeadersWriter
 
XFRAME_OPTIONS_HEADER - Static variable in class org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter
 
XFrameOptionsHeaderWriter - Class in org.springframework.security.web.header.writers.frameoptions

HeaderWriter implementation for the X-Frame-Options headers.

XFrameOptionsHeaderWriter() - Constructor for class org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter

Creates an instance with XFrameOptionsHeaderWriter.XFrameOptionsMode.DENY

XFrameOptionsHeaderWriter(AllowFromStrategy) - Constructor for class org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter

Deprecated.
ALLOW-FROM is an obsolete directive that no longer works in modern
 browsers. Instead use Content-Security-Policy with the frame-ancestors
 directive.


XFrameOptionsHeaderWriter(XFrameOptionsHeaderWriter.XFrameOptionsMode) - Constructor for class org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter

Creates a new instance

XFrameOptionsHeaderWriter.XFrameOptionsMode - Enum Class in org.springframework.security.web.header.writers.frameoptions

The possible values for the X-Frame-Options header.

XFrameOptionsServerHttpHeadersWriter - Class in org.springframework.security.web.server.header

ServerHttpHeadersWriter implementation for the X-Frame-Options headers.

XFrameOptionsServerHttpHeadersWriter() - Constructor for class org.springframework.security.web.server.header.XFrameOptionsServerHttpHeadersWriter
 
XFrameOptionsServerHttpHeadersWriter.Mode - Enum Class in org.springframework.security.web.server.header

The X-Frame-Options values.

XorCsrfChannelInterceptor - Class in org.springframework.security.messaging.web.csrf

ChannelInterceptor that validates a CSRF token masked by the
 XorCsrfTokenRequestAttributeHandler in
 the header of any SimpMessageType.CONNECT message.

XorCsrfChannelInterceptor() - Constructor for class org.springframework.security.messaging.web.csrf.XorCsrfChannelInterceptor
 
XorCsrfTokenRequestAttributeHandler - Class in org.springframework.security.web.csrf

An implementation of the CsrfTokenRequestHandler interface that is capable of
 masking the value of the CsrfToken on each request and resolving the raw token
 value from the masked value as either a header or parameter value of the request.

XorCsrfTokenRequestAttributeHandler() - Constructor for class org.springframework.security.web.csrf.XorCsrfTokenRequestAttributeHandler
 
XorServerCsrfTokenRequestAttributeHandler - Class in org.springframework.security.web.server.csrf

An implementation of the ServerCsrfTokenRequestAttributeHandler and
 ServerCsrfTokenRequestResolver interfaces that is capable of masking the value
 of the CsrfToken on each request and resolving the raw token value from the
 masked value as either a form data value or header of the request.

XorServerCsrfTokenRequestAttributeHandler() - Constructor for class org.springframework.security.web.server.csrf.XorServerCsrfTokenRequestAttributeHandler
 
xssProtection() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer

Note this is not comprehensive XSS protection!

xssProtection() - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec

Configures x-xss-protection response header.

xssProtection(Customizer<HeadersConfigurer.XXssConfig>) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer

Note this is not comprehensive XSS protection!

xssProtection(Customizer<ServerHttpSecurity.HeaderSpec.XssProtectionSpec>) - Method in class org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec

Configures x-xss-protection response header.

XXssProtectionHeaderWriter - Class in org.springframework.security.web.header.writers

Renders the X-XSS-Protection header.

XXssProtectionHeaderWriter() - Constructor for class org.springframework.security.web.header.writers.XXssProtectionHeaderWriter

Create a new instance

XXssProtectionHeaderWriter.HeaderValue - Enum Class in org.springframework.security.web.header.writers

The value of the x-xss-protection header.

XXssProtectionServerHttpHeadersWriter - Class in org.springframework.security.web.server.header

Add the x-xss-protection header.

XXssProtectionServerHttpHeadersWriter() - Constructor for class org.springframework.security.web.server.header.XXssProtectionServerHttpHeadersWriter

Creates a new instance

XXssProtectionServerHttpHeadersWriter.HeaderValue - Enum Class in org.springframework.security.web.server.header

The value of the x-xss-protection header.


Z

zoneinfo(String) - Method in class org.springframework.security.oauth2.core.oidc.OidcUserInfo.Builder

Use this zoneinfo in the resulting OidcUserInfo

ZONEINFO - Static variable in class org.springframework.security.oauth2.core.oidc.StandardClaimNames

zoneinfo - the user's time zone


_

_this() - Method in class org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest.Builder

Casting the return as the generic subtype, when returning itself


$ A B C D E F G H I J K L M N O P Q R S T U V W X Z _ 
All Classes and Interfaces|All Packages|Constant Field Values|Serialized Form