|
|||||||||
| PREV NEXT | FRAMES NO FRAMES | ||||||||
Authentication.
AccessDecisionManager.AfterInvocationProvider which provides commonly-used ACL-related services.Authentication object as part of the contract.Authentication objects.MethodSecurityMetadataSource that supports both Spring AOP and AspectJ and
performs attribute resolution from: 1.AuthenticationProvider implementation that retrieves user details from a JAAS login configuration.LdapAuthenticationProvider and the
ActiveDirectoryLdapAuthenticationProvider.ContextSource provided.
Permission implementations.AuthenticationProvider that allows subclasses to override and work with UserDetails objects.AccessDeniedException in the request for rendering.
Acl.AccessControlEntry.Tag that allows its body through if some authorizations are granted to the request's
principal.Authentication object does not hold a
required authority.AccessDeniedException with the specified
message.
AccessDeniedException with the specified
message and root cause.
ExceptionTranslationFilter to handle an
AccessDeniedException.AccessDeniedHandler.AccountExpiredException with the specified
message.
AccountExpiredException with the specified
message and root cause.
AclImpl to determine whether a principal is permitted to call
adminstrative methods on the AclImpl.AclAuthorizationStrategy.JdbcAclService.AclDataAccessException with the specified
message and root cause.
AclDataAccessException with the specified
message and no root cause.
Collection of domain object instances returned from a secure object invocation, remove
any Collection elements the principal does not have appropriate permission to access as defined by the
AclService.AclService.AclService.Acl.MutableAclService.createAcl(ObjectIdentity).
PermissionGrantingStrategy argument instead.
Acl instances.AuthenticationException when attempting to authenticate against
Active Directory using ActiveDirectoryLdapAuthenticationProvider.UserDetails
for a given authentication request.
AccessDecisionManager that grants access if any
AccessDecisionVoter returns an affirmative response.Object returned from a secure object invocation,
being able to modify the Object or throw an AccessDeniedException.AfterInvocationProviderManager decision.AfterInvocationManager.Token.
Acl entry already exists for the object.AlreadyExistsException with the specified message.
AlreadyExistsException with the specified message
and root cause.
ConfigAttributes for
securing a method.Authentication object in the SecurityContextHolder, and
populates it with one if needed.AuthenticationProvider implementation that validates AnonymousAuthenticationTokens.Authentication.servletPath + pathInfo) of an HttpServletRequest.AspectJMethodSecurityInterceptor when it wishes for the
AspectJ processing to continue.JoinPoint security interceptor which wraps the JoinPoint in a MethodInvocation
adapter to make it compatible with security infrastructure classes which only support MethodInvocations.GrantedAuthoritys.AclImpl to log audit events.Authentication object, returning a fully populated
Authentication object (including granted authorities) if successful.
AuthenticationManager.authenticate(Authentication).
Authentication object.
ConfigAttribute.getAttribute() of IS_AUTHENTICATED_FULLY or
IS_AUTHENTICATED_REMEMBERED or IS_AUTHENTICATED_ANONYMOUSLY is present.AuthenticationManager.authenticate(Authentication) method.Authentication could not be obtained from
the SecurityContextHolder.Authentication object in the SecurityContext.AuthenticationCredentialsNotFoundException
with the specified message.
AuthenticationCredentialsNotFoundException
with the specified message and root cause.
Authentication.getDetails() object for
a given web request.ExceptionTranslationFilter to commence an authentication scheme.Authentication object being invalid for whatever
reason.AuthenticationException with the specified message and root cause.
AuthenticationException with the specified message and no root cause.
AuthenticationProvider that can process the request.AuthenticationManager.Authentication request.Authentication implementation.AuthenticationServiceException with the
specified message.
AuthenticationServiceException with the
specified message and root cause.
SimpleHttpInvokerRequestExecutor.Tag implementation that allows convenient access to the current
Authentication object.Authentication tokensAuthenticationTrustResolver.AuthorizationServiceException with the
specified message.
AuthorizationServiceException with the
specified message and root cause.
SecurityContextHolder does not contain an
Authentication object and Spring Security wishes to provide an implementation with an
opportunity to authenticate the request using remember-me capabilities.
BadCredentialsException with the specified
message.
BadCredentialsException with the specified
message and root cause.
ExceptionTraslationFilter to commence authentication via the BasicAuthenticationFilter.SecurityContextHolder.AuthenticationManager
and which will ignore failed authentication attempts, allowing the request to proceed down the filter chain.
AuthenticationManager and
use the supplied AuthenticationEntryPoint to handle authentication failures.
PermissionGrantingStrategy argument instead.
BaseLdapPathContextSource provided.
CumulativePermission or BasePermission representing the
active bits in the passed mask.
Authentication object for the current secure object invocation, or
null if replacement not required.
ExceptionTranslationFilter to commence authentication via the JA-SIG Central
Authentication Service (CAS).AuthenticationProvider implementation that integrates with JA-SIG Central Authentication Service
(CAS).Authentication.ChannelDecisionManager.ChannelProcessor to launch a web channel.Acl cannot be deleted because children Acls exist.ChildrenExistException with the specified
message.
ChildrenExistException with the specified
message and root cause.
Subject (phase two) by adding the Spring Security
Authentication to the Subject's principals.
AccessDecisionManager that uses a
consensus-based approach.AuditLogger.RemoteInvocation that is passed from the client to the server.org.springframework.remoting.rmi.RmiProxyFactoryBean when it
wishes to create a remote invocation.DelegatingSecurityContextCallable and with the given Callable and
SecurityContext, but if the securityContext is null will defaults to the current SecurityContext
on the SecurityContextHolder
DelegatingSecurityContextRunnable.
MethodInvocation for specified methodName on the passed object,
using the args to locate the method.
Acl object in the database.
StandardEvaluationContext and SecurityExpressionRoot
objects.
StandardEvaluationContext.
MethodSecurityEvaluationContext as the EvaluationContext implementation.
EvaluationContext to be customized for variable lookup etc.
MethodInvocation for the specified methodName on the passed class.
MethodInvocation for specified methodName on the passed class,
using the args to locate the method.
DefaultJaasAuthenticationProvider.setConfiguration(Configuration).
acl_class, creating a new row if needed and the
allowCreate property is true.
Authentication object.
Authentication object which will be returned from the authenticate method.
eraseCredentials method.CredentialsExpiredException with the specified
message.
CredentialsExpiredException with the specified
message and root cause.
Permission that is constructed at runtime from other permissions.AuthenticationProvider implementation that retrieves user details from a UserDetailsService.Object, make an
access control decision or optionally modify the returned Object.
AccessDecisionVoters and grants access
if any AccessDecisionVoter voted affirmatively.
AccessDecisionVoters and upon
completion determines the consensus of granted against denied responses.
AccessDecisionVoters for each ConfigAttribute and grants access if only grant (or abstain) votes were received.
FilterInvocation provides the appropriate level of channel
security based on the requested list of ConfigAttributes.
FilterInvocation provides the appropriate level of channel
security based on the requested list of ConfigAttributes.
Throwable instances.
servletPath and
pathInfo, which do not contain path parameters (as defined in
RFC 2396).MethodSecurityExpressionHandler.PermissionFactory.HttpServletRequest.SecurityFilterChain.Token.AuthenticationEntryPoint which selects a concrete AuthenticationEntryPoint based on a
RequestMatcher evaluation.AsyncTaskExecutor which wraps each Runnable in a DelegatingSecurityContextRunnable and each
Callable in a DelegatingSecurityContextCallable.DelegatingSecurityContextAsyncTaskExecutor that uses the specified SecurityContext.
DelegatingSecurityContextAsyncTaskExecutor that uses the current SecurityContext.
Callable with logic for setting up a SecurityContext before invoking the delegate
Callable and then removing the SecurityContext after the delegate has completed.DelegatingSecurityContextCallable with a specific SecurityContext.
DelegatingSecurityContextCallable with the SecurityContext from the
SecurityContextHolder.
Executor which wraps each Runnable in a DelegatingSecurityContextRunnable.DelegatingSecurityContextExecutor that uses the specified SecurityContext.
DelegatingSecurityContextExecutor that uses the current SecurityContext from the
SecurityContextHolder at the time the task is submitted.
ExecutorService which wraps each Runnable in a DelegatingSecurityContextRunnable and each
Callable in a DelegatingSecurityContextCallable.DelegatingSecurityContextExecutorService that uses the specified SecurityContext.
DelegatingSecurityContextExecutorService that uses the current SecurityContext from
the SecurityContextHolder.
Runnable with logic for setting up a SecurityContext before invoking the delegate
Runnable and then removing the SecurityContext after the delegate has completed.DelegatingSecurityContextRunnable with a specific SecurityContext.
DelegatingSecurityContextRunnable with the SecurityContext from the
SecurityContextHolder.
ScheduledExecutorService which wraps each Runnable in a DelegatingSecurityContextRunnable
and each Callable in a DelegatingSecurityContextCallable.DelegatingSecurityContextScheduledExecutorService that uses the specified
SecurityContext.
DelegatingSecurityContextScheduledExecutorService that uses the current
SecurityContext from the SecurityContextHolder.
SchedulingTaskExecutor which wraps each Runnable in a DelegatingSecurityContextRunnable and each
Callable in a DelegatingSecurityContextCallable.DelegatingSecurityContextSchedulingTaskExecutor that uses the specified SecurityContext.
DelegatingSecurityContextSchedulingTaskExecutor that uses the current SecurityContext.
TaskExecutor which wraps each Runnable in a DelegatingSecurityContextRunnable.DelegatingSecurityContextTaskExecutor that uses the specified SecurityContext.
DelegatingSecurityContextTaskExecutor that uses the current SecurityContext from
the SecurityContextHolder.
String created using
BasePasswordEncoder.mergePasswordAndSalt(String,Object,boolean).
Throwable.
SecurityEnforcementFilter to commence authentication via the DigestAuthenticationFilter.SecurityContextHolder.DisabledException with the specified message.
DisabledException with the specified message
and root cause.
DefaultSavedRequest.
requiresAuthentication
method to determine whether the request is for authentication and should be handled by this filter.
Subject using
JaasApiIntegrationFilter.obtainSubject(ServletRequest).
AbstractAuthorizeTag.authorize() method to
decide if the body of the tag should be skipped or not.
AclCache that delegates to EH-CACHE.User objects using a Spring IoC defined EHCACHE.Enumeration around a Java 2 collection Iterator.java.lang.Object documentation for the interface contract.
true if the supplied object is a User instance with the
same username value.
credentials, principal and details objects, invoking the
eraseCredentials method on any which implement CredentialsContainer.
AccessDeniedException and AuthenticationException thrown within the
filter chain.PrePostInvocationAttributeFactory which interprets the annotation value as
an expression to be evaluated at runtime.FilterInvocationSecurityMetadataSource.Throwable.
filterTarget object (which must be either a collection or an array), by evaluating the
supplied expression.
Filter requests to a list of Spring-managed filter beans.SecurityMetadataSource implementations
that are designed to perform lookups keyed on FilterInvocations.FilterInvocationSecurityMetadataSource bean for use with a FilterSecurityInterceptor.HttpFirewall interface.flushBuffer()
getDateHeader().
SecurityContextHolder.createEmptyContext() to obtain a new context (there should be
no context present in the holder when this method is called).
ConfigAttributes defined by the implementing class.
SessionRegistry.
ConfigAttribute can be represented as a String and that
String is sufficient in precision to be relied upon as a configuration parameter by a RunAsManager, AccessDecisionManager or AccessDecisionManager delegate, this method should
return such a String.
ConfigAttributes that apply to a given secure object.
Authentication request that caused the event.
AuthenticationManager to indicate the authorities that the principal has been
granted.
GrantedAuthority can be represented as a String and that
String is sufficient in precision to be relied upon for an access control decision by an AccessDecisionManager (or delegate), this method should return such a String.
CasAuthenticationToken associated with the
specified ticket.
SecurityContext.
String
String
alwaysUseDefaultTargetUrl property is set to true.
SecurityFilterChains instead
Class that generated this event.
SecurityContextHolderStrategy.
NoOpPasswordEncoder.
getOutputStream().close() or
getOutputStream().flush()
String representing this permission.
credentialsRequestHeader is set, this
will be read and used as the credentials value.
principalRequestHeader from the request.
Authentication object, such as a String or UserDetails instance
SecurityContextHolder.
User to obtain the salt.
SecurityContext instances which were associated with the destroyed session.
ServletRequest was received on.
HttpSession id the authentication request was received from.
sessionId.
UserDetailsContextMapper strategy for use by subclasses.
UserDetails from the cache.
Authentication (which is a subclass of Principal), or
null if unavailable.
getWriter().close() or
getWriter().flush()
Authentication object.Authentication object.GrantedAuthoritys for a user by reading a list of attributes that were returned as
part of the CAS response.SimpleGrantedAuthority or implement your own.GrantedAuthority as a Sid.RedirectStrategy with the URL returned by the determineTargetUrl method.
LoginContext.logout() for any which contain a JaasAuthenticationToken.
java.lang.Object documentation for the interface contract.
username.
HttpFirewall bean reference into the FilterChainProxy.SecurityContextRepository.loadContext(HttpRequestResponseHolder),
allowing the method to swap the request for a wrapped version, as well as returning the SecurityContext
value.HttpSessionEventPublisher when an HttpSession is created by the containerHttpSessionEventPublisher when a HttpSession is created in the containerRequestCache which stores the SavedRequest in the HttpSession.SecurityContextRepository implementation which stores the security context in the HttpSession
between requests.IdentityUnavailableException with the specified message.
IdentityUnavailableException with the specified message
and root cause.
Throwables and ThrowableCauseExtractors.
LoginModule.
AppConfigurationEntrys.
AppConfigurationEntrys along with a default configuration that
will be used if no mapping is found for the given login context name.
Resource interface.UserDetailsManager which is backed by an in-memory map.HttpServletRequest.isSecure() responses.InsufficientAuthenticationException with the
specified message.
InsufficientAuthenticationException with the
specified message and root cause.
AbstractSecurityInterceptor subclasses.SessionManagementFilter when an invalid session Id is submitted and
detected in the SessionManagementFilter.InvocationTargetException instances.
MethodInvocation.
Authentication token represents an anonymous user.
AbstractSecurityInterceptor whether it should present the
authentication token to the AuthenticationManager.
saveContext() because of this wrapper.
Acl.getParentAcl() should flow down into the current
Acl.
PermissionGrantingStrategy.
Acl grants access
based on the supplied list of permissions and sids.
Authentication token represents user that has been remembered
(i.e.
renew parameter should be sent to the CAS login URL and CAS
validation URL.
GrantedAuthority.getAuthority().
HttpServletRequest.isUserInRole(String)) into GrantedAuthoritys and stores these in the authentication
details object.MappableAttributesRetriever
Filter which attempts to obtain a JAAS Subject
and continue the FilterChain running as that
Subject.JaasAuthenticationProvider.AuthenticationProvider implementation that retrieves user details from a JAAS login configuration.JaasAuthenticationProvider
after successfully logging the user into the LoginContext, handling all callbacks, and calling all
AuthorityGranters.GrantedAuthority which, in addition to the assigned role, holds the principal that an
AuthorityGranter used as a reason to grant this authority.AclService.MutableAclService.Tag implementation of AbstractAuthorizeTag.TokenService that is compatible with clusters and across machine restarts,
without requiring database persistence.AuthenticationProvider implementation that authenticates
against an LDAP server.ShaPasswordEncoder which supports Ldap SHA and SSHA (salted-SHA) encodings.LdapUserSearch
and an LdapAuthoritiesPopulator.memberOf attribute obtained from the user's
Active Directory entry.
UserDetails via the supplied CAS
assertion.
LockedException with the specified message.
LockedException with the specified message and
root cause.
Subject (phase one) by extracting the Spring Security
Authentication from the current SecurityContext.
ExceptionTranslationFilter to commence a form login
authentication via the UsernamePasswordAuthenticationFilter.Subject.
LogoutHandler.
LogoutFilter, to handle redirection or
forwarding to the appropriate destination.AclService.RequestMatcher types supported by the namespace.servletPath + pathInfo + queryString) against
the compiled pattern.
String.
MethodInvocation instances.MethodInvocations usable within Spring Security.SecurityMetadataSource implementations
that are designed to perform lookups keyed on Methods.MethodSecurityMetadataSource, used to exclude a MethodSecurityInterceptor from
public (non-secure) methods.Acl instances.NonceExpiredException with the specified
message.
NonceExpiredException with the specified
message and root cause.
NotFoundException with the specified message.
NotFoundException with the specified message
and root cause.
NullRememberMeServices that does nothing.StatelessTicketCache that has no backing cache.ObjectIdentity from an object identifier (such as a primary key)
and type information.ObjectIdentity.ObjectIdentityImpl based on the passed
object instance.
ObjectIdentity
will be returned for a particular domain objectObjectIdentityRetrievalStrategy and ObjectIdentityGenerator
that uses the constructors of ObjectIdentityImpl to create the ObjectIdentity.HttpServletRequest.
PlaintextPasswordEncoder.encodePassword(String, Object)String.
Subject to run as or null if no
Subject is available.
defaultFailureUrl if set, otherwise returns a 401 error code.
handle() method to forward or redirect to the target URL, and
then calls clearAuthenticationAttributes() to remove any leftover session data.
RememberMeServices
autoLogin method and the AuthenticationManager.
AuthenticationManager rejects the authentication object returned from the
RememberMeServices autoLogin method.
AxFetchListFactory version instead.
AccessDecisionManager interface.@Secured annotations.@PreAuthorize, @PreFilter,
@PostAuthorize and @PostFilter annotations.MethodInvocations, such as via Spring AOP.JointPoints, delegating secure object callbacks to the calling aspect.SecurityMetadataSource implementations for securing Java method invocations via different
AOP libraries.@PreAuthorize, @PreFilter, @PostAuthorize
and @PostFilter annotations.AuthenticationProvider which relies upon a data access object.Authentication object.AuthenticationProvider that can process CAS service tickets and proxy tickets.GrantedAuthority interface.GrantedAuthoritys.org.springframework.security.core.session.SessionInformation
SessionInformation class.UserCache.org.springframework.security.core.userdetails.UserDetailsService UserDetailsService.LdapUserSearch implementations.UserDetails implementations which map from a ubset of the data
contained in some of the standard LDAP types (such as InetOrgPerson).HttpInvoker extension points to
present the principal and credentials located
in the ContextHolder via BASIC authentication.SecurityContextHolder (which
should contain an Authentication request token) from one JVM to the remote JVM.