Package org.springframework.security.access

package org.springframework.security.access

Core access-control related code, including security metadata related classes, interception code, access control annotations, EL support and voter-based implementations of the central AccessDecisionManager interface.

Related Packages

Package	Description
org.springframework.security.access.annotation	Support for JSR-250 and Spring Security @Secured annotations.
org.springframework.security.access.event	Authorization event and listener classes.
org.springframework.security.access.expression	Expression handling code to support the use of Spring-EL based expressions in @PreAuthorize, @PreFilter, @PostAuthorize and @PostFilter annotations.
org.springframework.security.access.hierarchicalroles	Role hierarchy implementation.
org.springframework.security.access.intercept	Abstract level security interception classes which are responsible for enforcing the configured security constraints for a secure object.
org.springframework.security.access.method	Provides SecurityMetadataSource implementations for securing Java method invocations via different AOP libraries.
org.springframework.security.access.prepost	Contains the infrastructure classes for handling the @PreAuthorize, @PreFilter, @PostAuthorize and @PostFilter annotations.
org.springframework.security.access.vote	Implements a vote-based approach to authorization decisions.

Class	Description
AccessDecisionManager	Deprecated. Use AuthorizationManager instead
AccessDecisionVoter<S>	Deprecated. Use AuthorizationManager instead
AccessDeniedException	Thrown if an Authentication object does not hold a required authority.
AfterInvocationProvider	Deprecated. Use delegation with AuthorizationManager
AuthorizationServiceException	Thrown if an authorization request could not be processed due to a system problem.
ConfigAttribute	Stores a security system related configuration attribute.
PermissionCacheOptimizer	Allows permissions to be pre-cached when using pre or post filtering with expressions
PermissionEvaluator	Strategy used in expression evaluation to determine whether a user has a permission or permissions for a given domain object.
SecurityConfig	Stores a ConfigAttribute as a String.
SecurityMetadataSource	Implemented by classes that store and can identify the ConfigAttributes that applies to a given secure object invocation.