- AbstractAuthenticationFilterConfigurer<B extends HttpSecurityBuilder<B>,T extends AbstractAuthenticationFilterConfigurer<B,T,F>,F extends org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter> - Class in org.springframework.security.config.annotation.web.configurers
-
- AbstractAuthenticationFilterConfigurer(F, String) - Constructor for class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
-
Creates a new instance
- AbstractConfigAttributeRequestMatcherRegistry<C> - Class in org.springframework.security.config.annotation.web.configurers
-
A base class for registering RequestMatcher
's.
- AbstractConfigAttributeRequestMatcherRegistry() - Constructor for class org.springframework.security.config.annotation.web.configurers.AbstractConfigAttributeRequestMatcherRegistry
-
- AbstractConfiguredSecurityBuilder<O,B extends SecurityBuilder<O>> - Class in org.springframework.security.config.annotation
-
- AbstractConfiguredSecurityBuilder(ObjectPostProcessor<Object>) - Constructor for class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
-
- AbstractConfiguredSecurityBuilder(ObjectPostProcessor<Object>, boolean) - Constructor for class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
-
- AbstractRequestMatcherRegistry<C> - Class in org.springframework.security.config.annotation.web
-
A base class for registering RequestMatcher
's.
- AbstractRequestMatcherRegistry() - Constructor for class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
-
- AbstractSecurityBuilder<O> - Class in org.springframework.security.config.annotation
-
A base
SecurityBuilder
that ensures the object being built is only
built one time.
- AbstractSecurityBuilder() - Constructor for class org.springframework.security.config.annotation.AbstractSecurityBuilder
-
- AbstractSecurityWebSocketMessageBrokerConfigurer - Class in org.springframework.security.config.annotation.web.socket
-
Allows configuring WebSocket Authorization.
- AbstractSecurityWebSocketMessageBrokerConfigurer() - Constructor for class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
-
- AbstractUserDetailsServiceBeanDefinitionParser - Class in org.springframework.security.config.authentication
-
- AbstractUserDetailsServiceBeanDefinitionParser() - Constructor for class org.springframework.security.config.authentication.AbstractUserDetailsServiceBeanDefinitionParser
-
- access(String) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
-
Allows specifying that URLs are secured by an arbitrary expression
- access(String...) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.AuthorizedUrl
-
Specifies that the user must have the specified ConfigAttribute
's
- access(String) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
-
Allows specifying that Messages are secured by an arbitrary expression
- ACCESS_DENIED_HANDLER - Static variable in class org.springframework.security.config.Elements
-
- accessDecisionManager() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
-
Allows subclasses to provide a custom AccessDecisionManager
.
- accessDeniedHandler(AccessDeniedHandler) - Method in class org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer
-
Specifies the AccessDeniedHandler
to be used
- accessDeniedPage(String) - Method in class org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer
-
Shortcut to specify the AccessDeniedHandler
to be used is a specific error page
- accountExpired(boolean) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
-
Defines if the account is expired or not.
- accountLocked(boolean) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
-
Defines if the account is locked or not.
- addArgumentResolvers(List<HandlerMethodArgumentResolver>) - Method in class org.springframework.security.config.annotation.web.servlet.configuration.WebMvcSecurityConfiguration
-
- addFilter(Filter) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
-
- addFilter(Filter) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder
-
Adds a Filter
that must be an instance of or extend one of the
Filters provided within the Security framework.
- addFilterAfter(Filter, Class<? extends Filter>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
-
- addFilterAfter(Filter, Class<? extends Filter>) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder
-
Allows adding a Filter
after one of the known Filter
classes.
- addFilterBefore(Filter, Class<? extends Filter>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
-
- addFilterBefore(Filter, Class<? extends Filter>) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder
-
Allows adding a Filter
before one of the known Filter
classes.
- addHeaderWriter(HeaderWriter) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
-
Adds a HeaderWriter
instance
- addLogoutHandler(LogoutHandler) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
-
Adds a LogoutHandler
.
- addObjectPostProcessor(ObjectPostProcessor<?>) - Method in class org.springframework.security.config.annotation.SecurityConfigurerAdapter
-
- addSecurityFilterChainBuilder(SecurityBuilder<? extends SecurityFilterChain>) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
-
Adds builders to create SecurityFilterChain
instances.
- AFTER_INVOCATION_PROVIDER - Static variable in class org.springframework.security.config.Elements
-
- afterInvocationManager() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
-
- AlreadyBuiltException - Exception in org.springframework.security.config.annotation
-
- AlreadyBuiltException(String) - Constructor for exception org.springframework.security.config.annotation.AlreadyBuiltException
-
- and() - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.ContextSourceBuilder
-
- and() - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.PasswordCompareConfigurer
-
- and() - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
-
Returns the UserDetailsManagerRegistry
for method chaining (i.e.
- and() - Method in class org.springframework.security.config.annotation.SecurityConfigurerAdapter
-
- and() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity.RequestMatcherConfigurer
-
- and() - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity.IgnoredRequestConfigurer
-
- and() - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.ChannelRequestMatcherRegistry
-
- and() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry
-
- and() - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer.AttributeExchangeConfigurer
-
- and() - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer.AttributeExchangeConfigurer.AttributeConfigurer
-
- and() - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.ConcurrencyControlConfigurer
-
- and() - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.StandardInterceptUrlRegistry
-
- anonymous() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
-
Allows configuring how an anonymous user is represented.
- anonymous() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
-
Specify that URLs are allowed by anonymous users.
- anonymous() - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.AuthorizedUrl
-
Specifies that an anonymous user is allowed access
- anonymous() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
-
Specify that Messages are allowed by anonymous users.
- ANONYMOUS - Static variable in class org.springframework.security.config.Elements
-
- AnonymousConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
-
Configures Anonymous authentication (i.e.
- AnonymousConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
-
Creates a new instance
- antMatcher(String) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
-
Allows configuring the
HttpSecurity
to only be invoked when
matching the provided ant pattern.
- antMatchers(HttpMethod, String...) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
-
Maps a
List
of
AntPathRequestMatcher
instances.
- antMatchers(String...) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
-
Maps a
List
of
AntPathRequestMatcher
instances that do
not care which
HttpMethod
is used.
- anyMessage() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry
-
Maps any Message
to a security expression.
- anyRequest() - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
-
Maps any request.
- apply(C) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
-
- apply(C) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
-
- ATT_GROUP_ROLE_ATTRIBUTE - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
-
- ATT_GROUP_SEARCH_BASE - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
-
- ATT_GROUP_SEARCH_FILTER - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
-
- ATT_HASH - Static variable in class org.springframework.security.config.authentication.PasswordEncoderParser
-
- ATT_LDIF_FILE - Static variable in class org.springframework.security.config.ldap.LdapServerBeanDefinitionParser
-
Optionally defines an ldif resource to be loaded.
- ATT_PORT - Static variable in class org.springframework.security.config.ldap.LdapServerBeanDefinitionParser
-
Defines the port the LDAP_PROVIDER server should run on
- ATT_ROOT_SUFFIX - Static variable in class org.springframework.security.config.ldap.LdapServerBeanDefinitionParser
-
sets the configuration suffix (default is "dc=springframework,dc=org").
- ATT_SERVER - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
-
- ATT_USER_SEARCH_BASE - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
-
- ATT_USER_SEARCH_FILTER - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
-
- attribute(OpenIDAttribute) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer.AttributeExchangeConfigurer
-
Adds an OpenIDAttribute
to be obtained for the configured OpenID pattern.
- attribute(String) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer.AttributeExchangeConfigurer
-
Adds an OpenIDAttribute
with the given name
- attributeExchange(String) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer
-
Sets up OpenID attribute exchange for OpenID's matching the specified
pattern.
- authenticate(Authentication) - Method in class org.springframework.security.config.authentication.AuthenticationManagerBeanDefinitionParser.NullAuthenticationProvider
-
- authenticated() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
-
Specify that URLs are allowed by any authenticated user.
- authenticated() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
-
Specify that Messages are allowed by any authenticated user.
- authenticatedUserDetailsService(AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken>) - Method in class org.springframework.security.config.annotation.web.configurers.JeeConfigurer
-
Specifies the AuthenticationUserDetailsService
that is used with
the PreAuthenticatedAuthenticationProvider
.
- AUTHENTICATION_MANAGER - Static variable in class org.springframework.security.config.BeanIds
-
The "global" AuthenticationManager instance, registered by the <authentication-manager> element
- AUTHENTICATION_MANAGER - Static variable in class org.springframework.security.config.Elements
-
- AUTHENTICATION_PROVIDER - Static variable in class org.springframework.security.config.Elements
-
- AuthenticationConfiguration - Class in org.springframework.security.config.annotation.authentication.configuration
-
- AuthenticationConfiguration() - Constructor for class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
-
- authenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
-
Specifies a custom AuthenticationDetailsSource
.
- authenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.config.annotation.web.configurers.HttpBasicConfigurer
-
Specifies a custom AuthenticationDetailsSource
to use for basic
authentication.
- authenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails>) - Method in class org.springframework.security.config.annotation.web.configurers.X509Configurer
-
Specifies the AuthenticationDetailsSource
- authenticationEntryPoint(AuthenticationEntryPoint) - Method in class org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer
-
Sets the AuthenticationEntryPoint
to be used.
- authenticationEntryPoint(AuthenticationEntryPoint) - Method in class org.springframework.security.config.annotation.web.configurers.HttpBasicConfigurer
-
The AuthenticationEntryPoint
to be populated on
BasicAuthenticationFilter
in the event that authentication fails.
- authenticationEventPublisher(AuthenticationEventPublisher) - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
-
Sets the AuthenticationEventPublisher
- authenticationFilter(AnonymousAuthenticationFilter) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
-
Sets the AnonymousAuthenticationFilter
used to populate an anonymous user.
- authenticationManager() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
-
Allows providing a custom AuthenticationManager
.
- authenticationManager() - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
-
Gets the AuthenticationManager
to use.
- authenticationManagerBean() - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
-
- AuthenticationManagerBeanDefinitionParser - Class in org.springframework.security.config.authentication
-
Registers the central ProviderManager used by the namespace configuration, and allows the configuration of an
alias, allowing users to reference it in their beans and clearly see where the name is
coming from.
- AuthenticationManagerBeanDefinitionParser() - Constructor for class org.springframework.security.config.authentication.AuthenticationManagerBeanDefinitionParser
-
- AuthenticationManagerBeanDefinitionParser.NullAuthenticationProvider - Class in org.springframework.security.config.authentication
-
Provider which doesn't provide any service.
- AuthenticationManagerBeanDefinitionParser.NullAuthenticationProvider() - Constructor for class org.springframework.security.config.authentication.AuthenticationManagerBeanDefinitionParser.NullAuthenticationProvider
-
- AuthenticationManagerBuilder - Class in org.springframework.security.config.annotation.authentication.builders
-
- AuthenticationManagerBuilder(ObjectPostProcessor<Object>) - Constructor for class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
-
Creates a new instance
- authenticationManagerBuilder(ObjectPostProcessor<Object>) - Method in class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
-
- AuthenticationManagerFactoryBean - Class in org.springframework.security.config.authentication
-
Factory bean for the namespace AuthenticationManager, which allows a more meaningful error message
to be reported in the NoSuchBeanDefinitionException, if the user has forgotten to declare
the <authentication-manager> element.
- AuthenticationManagerFactoryBean() - Constructor for class org.springframework.security.config.authentication.AuthenticationManagerFactoryBean
-
- authenticationProvider(AuthenticationProvider) - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
-
Add authentication based upon the custom AuthenticationProvider
that is passed in.
- authenticationProvider(AuthenticationProvider) - Method in interface org.springframework.security.config.annotation.authentication.ProviderManagerBuilder
-
Add authentication based upon the custom AuthenticationProvider
that is passed in.
- authenticationProvider(AuthenticationProvider) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
-
- authenticationProvider(AuthenticationProvider) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
-
Sets the AuthenticationProvider
used to validate an anonymous user.
- authenticationProvider(AuthenticationProvider) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder
-
Allows adding an additional AuthenticationProvider
to be used
- AuthenticationProviderBeanDefinitionParser - Class in org.springframework.security.config.authentication
-
Wraps a UserDetailsService bean with a DaoAuthenticationProvider and registers the latter with the
ProviderManager.
- AuthenticationProviderBeanDefinitionParser() - Constructor for class org.springframework.security.config.authentication.AuthenticationProviderBeanDefinitionParser
-
- authenticationSuccessHandler(AuthenticationSuccessHandler) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
-
Allows control over the destination a remembered user is sent to when they are successfully authenticated.
- authenticationUserDetailsService(AuthenticationUserDetailsService<OpenIDAuthenticationToken>) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer
-
The AuthenticationUserDetailsService
to use.
- authenticationUserDetailsService(AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken>) - Method in class org.springframework.security.config.annotation.web.configurers.X509Configurer
-
Specifies the AuthenticationUserDetailsService
to use.
- authorities(GrantedAuthority...) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
-
Populates the authorities.
- authorities(List<? extends GrantedAuthority>) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
-
Populates the authorities.
- authorities(String...) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
-
Populates the authorities.
- authorities(List<GrantedAuthority>) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
-
Sets the Authentication.getAuthorities()
for anonymous users
- authorities(String...) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
-
Sets the Authentication.getAuthorities()
for anonymous users
- authoritiesByUsernameQuery(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
-
Sets the query to be used for finding a user's authorities by their username.
- authorizeRequests() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
-
Allows restricting access based upon the HttpServletRequest
using
- autowiredWebSecurityConfigurersIgnoreParents(ConfigurableListableBeanFactory) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
-
- cacheControl() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
-
Adds CacheControlHeadersWriter
.
- CACHING_SUFFIX - Static variable in class org.springframework.security.config.authentication.AbstractUserDetailsServiceBeanDefinitionParser
-
- CachingUserDetailsService - Class in org.springframework.security.config.authentication
-
- chainRequestMatchers(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
-
Subclasses should implement this method for returning the object that is chained to the creation of the
RequestMatcher
instances.
- chainRequestMatchers(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity.RequestMatcherConfigurer
-
- chainRequestMatchers(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity.IgnoredRequestConfigurer
-
- chainRequestMatchers(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractConfigAttributeRequestMatcherRegistry
-
- chainRequestMatchersInternal(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractConfigAttributeRequestMatcherRegistry
-
Subclasses should implement this method for returning the object that is chained to the creation of the
RequestMatcher
instances.
- chainRequestMatchersInternal(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.ChannelRequestMatcherRegistry
-
- chainRequestMatchersInternal(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry
-
- chainRequestMatchersInternal(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.StandardInterceptUrlRegistry
-
- changeSessionId() - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.SessionFixationConfigurer
-
Specifies that the Servlet container-provided session fixation
protection should be used.
- ChannelAttributeFactory - Class in org.springframework.security.config.http
-
Used as a factory bean to create config attribute values for the requires-channel attribute.
- ChannelAttributeFactory() - Constructor for class org.springframework.security.config.http.ChannelAttributeFactory
-
- channelProcessors(List<ChannelProcessor>) - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.ChannelRequestMatcherRegistry
-
Sets the ChannelProcessor
instances to use in ChannelDecisionManagerImpl
- channelSecurity() - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
-
- ChannelSecurityConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
-
Adds channel security (i.e.
- ChannelSecurityConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer
-
Creates a new instance
- ChannelSecurityConfigurer.ChannelRequestMatcherRegistry - Class in org.springframework.security.config.annotation.web.configurers
-
- ChannelSecurityConfigurer.RequiresChannelUrl - Class in org.springframework.security.config.annotation.web.configurers
-
- CONCURRENT_SESSIONS - Static variable in class org.springframework.security.config.Elements
-
- configure(AuthenticationManagerBuilder) - Method in class org.springframework.security.config.annotation.authentication.configurers.GlobalAuthenticationConfigurerAdapter
-
- configure(B) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
-
- configure(B) - Method in class org.springframework.security.config.annotation.authentication.configurers.userdetails.UserDetailsServiceConfigurer
-
- configure(AuthenticationManagerBuilder) - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
-
Sub classes can override this method to register different types of authentication.
- configure(B) - Method in interface org.springframework.security.config.annotation.SecurityConfigurer
-
- configure(B) - Method in class org.springframework.security.config.annotation.SecurityConfigurerAdapter
-
- configure(AuthenticationManagerBuilder) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
-
- configure(WebSecurity) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
-
- configure(HttpSecurity) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
-
- configure(B) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
-
- configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
-
- configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer
-
- configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.CsrfConfigurer
-
- configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.DefaultLoginPageConfigurer
-
- configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer
-
- configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
-
- configure(B) - Method in class org.springframework.security.config.annotation.web.configurers.HttpBasicConfigurer
-
- configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.JeeConfigurer
-
- configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
-
- configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer
-
- configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
-
- configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.RequestCacheConfigurer
-
- configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.SecurityContextConfigurer
-
- configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.ServletApiConfigurer
-
- configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
-
- configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.X509Configurer
-
- configure(MessageSecurityMetadataSourceRegistry) - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
-
- configureClientInboundChannel(ChannelRegistration) - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
-
- configureClientOutboundChannel(ChannelRegistration) - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
-
- consumer(OpenIDConsumer) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer
-
Allows specifying the OpenIDConsumer
to be used.
- consumerManager(ConsumerManager) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer
-
Allows specifying the ConsumerManager
to be used.
- contentTypeOptions() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
-
- CONTEXT_SOURCE - Static variable in class org.springframework.security.config.BeanIds
-
- CONTEXT_SOURCE_SETTING_POST_PROCESSOR - Static variable in class org.springframework.security.config.BeanIds
-
- contextSource(BaseLdapPathContextSource) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
-
- contextSource() - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
-
- count(int) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer.AttributeExchangeConfigurer.AttributeConfigurer
-
Specifies the number of attribute values to request.
- createChannelAttributes(String) - Static method in class org.springframework.security.config.http.ChannelAttributeFactory
-
- createExpressionHandler() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
-
Provide a MethodSecurityExpressionHandler
that is registered with
the ExpressionBasedPreInvocationAdvice
.
- createLoginProcessingUrlMatcher(String) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
-
Create the RequestMatcher
given a loginProcessingUrl
- createLoginProcessingUrlMatcher(String) - Method in class org.springframework.security.config.annotation.web.configurers.FormLoginConfigurer
-
- createLoginProcessingUrlMatcher(String) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer
-
- createMatcher(String, String) - Method in enum org.springframework.security.config.http.MatcherType
-
- createMetadataSource() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry
-
Allows subclasses to create creating a MessageSecurityMetadataSource
.
- createPasswordEncoderBeanDefinition(String, boolean) - Static method in class org.springframework.security.config.authentication.PasswordEncoderParser
-
- credentialsExpired(boolean) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
-
Defines if the credentials are expired or not.
- csrf() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
-
Adds CSRF support.
- CSRF - Static variable in class org.springframework.security.config.Elements
-
- CsrfBeanDefinitionParser - Class in org.springframework.security.config.http
-
Parser for the CsrfFilter
.
- CsrfBeanDefinitionParser() - Constructor for class org.springframework.security.config.http.CsrfBeanDefinitionParser
-
- CsrfConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
-
- CsrfConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.CsrfConfigurer
-
Creates a new instance
- csrfTokenRepository(CsrfTokenRepository) - Method in class org.springframework.security.config.annotation.web.configurers.CsrfConfigurer
-
Specify the CsrfTokenRepository
to use.
- CUSTOM_FILTER - Static variable in class org.springframework.security.config.Elements
-
- customMethodSecurityMetadataSource() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
-
- hasAnyAuthority(String...) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
-
Specify that URLs requires any of a number authorities.
- hasAnyAuthority(String...) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.AuthorizedUrl
-
Specifies that a user requires one of many authorities
- hasAnyAuthority(String...) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
-
Specify that Message
instances requires any of a number authorities.
- hasAnyRole(String...) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
-
Shortcut for specifying URLs require any of a number of roles.
- hasAnyRole(String...) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.AuthorizedUrl
-
Specifies that a user requires one of many roles.
- hasAnyRole(String...) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
-
Shortcut for specifying Message
instances require any of a number of roles.
- hasAuthority(String) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
-
Specify that URLs require a particular authority.
- hasAuthority(String) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.AuthorizedUrl
-
Specifies a user requires an authority.
- hasAuthority(String) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
-
Specify that Message
instances require a particular authority.
- hasIpAddress(String) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
-
Specify that URLs requires a specific IP Address or
subnet.
- hasRole(String) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
-
Shortcut for specifying URLs require a particular role.
- hasRole(String) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.AuthorizedUrl
-
Specifies a user requires a role.
- hasRole(String) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
-
Shortcut for specifying Message
instances require a particular role.
- headers() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
-
Adds the Security headers to the response.
- HEADERS - Static variable in class org.springframework.security.config.Elements
-
- HeadersBeanDefinitionParser - Class in org.springframework.security.config.http
-
Parser for the HeadersFilter
.
- HeadersBeanDefinitionParser() - Constructor for class org.springframework.security.config.http.HeadersBeanDefinitionParser
-
- HeadersConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
-
Adds the Security headers to the response.
- HeadersConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
-
Creates a new instance
- http(int) - Method in class org.springframework.security.config.annotation.web.configurers.PortMapperConfigurer
-
Adds a port mapping
- HTTP - Static variable in class org.springframework.security.config.Elements
-
- HTTP_FIREWALL - Static variable in class org.springframework.security.config.Elements
-
- httpBasic() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
-
Configures HTTP Basic authentication.
- HttpBasicConfigurer<B extends HttpSecurityBuilder<B>> - Class in org.springframework.security.config.annotation.web.configurers
-
Adds HTTP basic based authentication.
- HttpBasicConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.HttpBasicConfigurer
-
Creates a new instance
- httpFirewall(HttpFirewall) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
-
Allows customizing the HttpFirewall
.
- HttpFirewallBeanDefinitionParser - Class in org.springframework.security.config.http
-
Injects the supplied HttpFirewall
bean reference into the FilterChainProxy
.
- HttpFirewallBeanDefinitionParser() - Constructor for class org.springframework.security.config.http.HttpFirewallBeanDefinitionParser
-
- HttpSecurity - Class in org.springframework.security.config.annotation.web.builders
-
A
HttpSecurity
is similar to Spring Security's XML
element in the namespace
configuration.
- HttpSecurity(ObjectPostProcessor<Object>, AuthenticationManagerBuilder, Map<Class<Object>, Object>) - Constructor for class org.springframework.security.config.annotation.web.builders.HttpSecurity
-
Creates a new instance
- HttpSecurity.RequestMatcherConfigurer - Class in org.springframework.security.config.annotation.web.builders
-
Allows mapping HTTP requests that this
HttpSecurity
will be used for
- HttpSecurityBeanDefinitionParser - Class in org.springframework.security.config.http
-
Sets up HTTP security: filter stack and protected URLs.
- HttpSecurityBeanDefinitionParser() - Constructor for class org.springframework.security.config.http.HttpSecurityBeanDefinitionParser
-
- HttpSecurityBuilder<H extends HttpSecurityBuilder<H>> - Interface in org.springframework.security.config.annotation.web
-
- httpStrictTransportSecurity() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
-
- managerDn(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.ContextSourceBuilder
-
Username (DN) of the "manager" user identity (i.e.
- managerPassword(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.ContextSourceBuilder
-
The password for the manager DN.
- mappableAuthorities(String...) - Method in class org.springframework.security.config.annotation.web.configurers.JeeConfigurer
-
Specifies roles to use map from the HttpServletRequest
to the
UserDetails
.
- mappableAuthorities(Set<String>) - Method in class org.springframework.security.config.annotation.web.configurers.JeeConfigurer
-
Specifies roles to use map from the HttpServletRequest
to the
UserDetails
.
- mappableRoles(String...) - Method in class org.springframework.security.config.annotation.web.configurers.JeeConfigurer
-
Specifies roles to use map from the HttpServletRequest
to the
UserDetails
and automatically prefixes it with "ROLE_".
- mapsTo(int) - Method in class org.springframework.security.config.annotation.web.configurers.PortMapperConfigurer.HttpPortMapping
-
Maps the given HTTP port to the provided HTTPS port and vice versa.
- matchers(MessageMatcher<?>...) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry
-
Maps a
List
of
MessageMatcher
instances to a security expression.
- MatcherType - Enum in org.springframework.security.config.http
-
Defines the RequestMatcher
types supported by the namespace.
- maximumSessions(int) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
-
Controls the maximum number of sessions for a user.
- maxSessionsPreventsLogin(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.ConcurrencyControlConfigurer
-
- MessageSecurityMetadataSourceRegistry - Class in org.springframework.security.config.annotation.web.messaging
-
Allows mapping security constraints using MessageMatcher
to the security expressions.
- MessageSecurityMetadataSourceRegistry() - Constructor for class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry
-
- MessageSecurityMetadataSourceRegistry.Constraint - Class in org.springframework.security.config.annotation.web.messaging
-
Represents the security constraint to be applied to the MessageMatcher
instances.
- metadataSource() - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
-
- metaDataSourceAdvisor() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
-
Obtains the MethodSecurityMetadataSourceAdvisor
to be used.
- METHOD_ACCESS_MANAGER - Static variable in class org.springframework.security.config.BeanIds
-
- METHOD_SECURITY_METADATA_SOURCE - Static variable in class org.springframework.security.config.Elements
-
- METHOD_SECURITY_METADATA_SOURCE_ADVISOR - Static variable in class org.springframework.security.config.BeanIds
-
- methodSecurityInterceptor() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
-
Creates the default MethodInterceptor which is a MethodSecurityInterceptor using the following methods to
construct it.
- methodSecurityMetadataSource() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
-
Provides the default MethodSecurityMetadataSource
that will be
used.
- MethodSecurityMetadataSourceBeanDefinitionParser - Class in org.springframework.security.config.method
-
- MethodSecurityMetadataSourceBeanDefinitionParser() - Constructor for class org.springframework.security.config.method.MethodSecurityMetadataSourceBeanDefinitionParser
-
- migrateSession() - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.SessionFixationConfigurer
-
Specifies that a new session should be created and the session
attributes from the original HttpSession
should be
retained.
- MISSING_BEAN_ERROR_MESSAGE - Static variable in class org.springframework.security.config.authentication.AuthenticationManagerFactoryBean
-
- parentAuthenticationManager(AuthenticationManager) - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
-
Allows providing a parent AuthenticationManager
that will be
tried if this AuthenticationManager
was unable to attempt to
authenticate the provided Authentication
.
- parse(Element, ParserContext) - Method in class org.springframework.security.config.authentication.AbstractUserDetailsServiceBeanDefinitionParser
-
- parse(Element, ParserContext) - Method in class org.springframework.security.config.authentication.AuthenticationManagerBeanDefinitionParser
-
- parse(Element, ParserContext) - Method in class org.springframework.security.config.authentication.AuthenticationProviderBeanDefinitionParser
-
- parse(Element, ParserContext) - Method in class org.springframework.security.config.DebugBeanDefinitionParser
-
- parse(Element, ParserContext) - Method in class org.springframework.security.config.http.CsrfBeanDefinitionParser
-
- parse(Element, ParserContext) - Method in class org.springframework.security.config.http.FilterChainBeanDefinitionParser
-
- parse(Element, ParserContext) - Method in class org.springframework.security.config.http.FilterInvocationSecurityMetadataSourceParser
-
- parse(Element, ParserContext) - Method in class org.springframework.security.config.http.FormLoginBeanDefinitionParser
-
- parse(Element, ParserContext) - Method in class org.springframework.security.config.http.HeadersBeanDefinitionParser
-
- parse(Element, ParserContext) - Method in class org.springframework.security.config.http.HttpFirewallBeanDefinitionParser
-
- parse(Element, ParserContext) - Method in class org.springframework.security.config.http.HttpSecurityBeanDefinitionParser
-
The aim of this method is to build the list of filters which have been defined by the namespace elements
and attributes within the <http> configuration, along with any custom-filter's linked to user-defined
filter beans.
- parse(Element, ParserContext) - Method in class org.springframework.security.config.ldap.LdapProviderBeanDefinitionParser
-
- parse(Element, ParserContext) - Method in class org.springframework.security.config.ldap.LdapServerBeanDefinitionParser
-
- parse(Element, ParserContext) - Method in class org.springframework.security.config.method.GlobalMethodSecurityBeanDefinitionParser
-
- parse(Element, ParserContext) - Method in class org.springframework.security.config.SecurityNamespaceHandler
-
- parseInternal(Element, ParserContext) - Method in class org.springframework.security.config.method.MethodSecurityMetadataSourceBeanDefinitionParser
-
- password(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
-
Populates the password.
- PASSWORD_ENCODER - Static variable in class org.springframework.security.config.Elements
-
- passwordAttribute(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.PasswordCompareConfigurer
-
The attribute in the directory which contains the user password.
- passwordCompare() - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
-
- passwordEncoder(PasswordEncoder) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.PasswordCompareConfigurer
-
Allows specifying the PasswordEncoder
to use.
- passwordEncoder(PasswordEncoder) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
-
- passwordEncoder(PasswordEncoder) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
-
Specifies the PasswordEncoder
to be used when authenticating with
password comparison.
- PasswordEncoderParser - Class in org.springframework.security.config.authentication
-
Stateful parser for the
element.
- PasswordEncoderParser(Element, ParserContext) - Constructor for class org.springframework.security.config.authentication.PasswordEncoderParser
-
- passwordParameter(String) - Method in class org.springframework.security.config.annotation.web.configurers.FormLoginConfigurer
-
The HTTP parameter to look for the password when performing
authentication.
- pathMatcher(PathMatcher) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry
-
- performBuild() - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
-
Subclasses must implement this method to build the object that is being returned.
- performBuild() - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
-
- performBuild() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
-
- performBuild() - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
-
- permitAll() - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
-
Equivalent of invoking permitAll(true)
- permitAll(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
-
- permitAll() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
-
Specify that URLs are allowed by anyone.
- permitAll() - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
-
- permitAll(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
-
- permitAll() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
-
Specify that Messages are allowed by anyone.
- PERSON_MAPPER_CLASS - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
-
- port(int) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.ContextSourceBuilder
-
The port to connect to LDAP to (the default is 33389 or random available port if unavailable).
- PORT_MAPPING - Static variable in class org.springframework.security.config.Elements
-
- PORT_MAPPINGS - Static variable in class org.springframework.security.config.Elements
-
- portMapper() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
-
- portMapper(PortMapper) - Method in class org.springframework.security.config.annotation.web.configurers.PortMapperConfigurer
-
Allows specifying the PortMapper
instance.
- PortMapperConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
-
Allows configuring a shared PortMapper
instance used to determine the
ports when redirecting between HTTP and HTTPS.
- PortMapperConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.PortMapperConfigurer
-
Creates a new instance
- PortMapperConfigurer.HttpPortMapping - Class in org.springframework.security.config.annotation.web.configurers
-
Allows specifying the HTTPS port for a given HTTP port when redirecting
between HTTP and HTTPS.
- POST_INVOCATION_ADVICE - Static variable in class org.springframework.security.config.Elements
-
- postBuildAction(Runnable) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
-
Executes the Runnable immediately after the build takes place
- postProcess(P) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
-
Performs post processing of an object.
- postProcess(O) - Method in interface org.springframework.security.config.annotation.ObjectPostProcessor
-
Initialize the object possibly returning a modified instance that should
be used instead.
- postProcess(T) - Method in class org.springframework.security.config.annotation.SecurityConfigurerAdapter
-
Performs post processing of an object.
- postProcessBeanDefinitionRegistry(BeanDefinitionRegistry) - Method in class org.springframework.security.config.debug.SecurityDebugBeanFactoryPostProcessor
-
- postProcessBeanFactory(ConfigurableListableBeanFactory) - Method in class org.springframework.security.config.debug.SecurityDebugBeanFactoryPostProcessor
-
- PRE_INVOCATION_ADVICE - Static variable in class org.springframework.security.config.Elements
-
- preInvocationAuthorizationAdvice() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
-
Creates the PreInvocationAuthorizationAdvice
to be used.
- principal(Object) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
-
Sets the principal for Authentication
objects of anonymous users
- privilegeEvaluator(WebInvocationPrivilegeEvaluator) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
-
Set the WebInvocationPrivilegeEvaluator
to be used.
- privilegeEvaluator() - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
-
Creates the WebInvocationPrivilegeEvaluator
that is necessary for the JSP tag support.
- PROTECT - Static variable in class org.springframework.security.config.Elements
-
- PROTECT_POINTCUT - Static variable in class org.springframework.security.config.Elements
-
- ProviderManagerBuilder<B extends ProviderManagerBuilder<B>> - Interface in org.springframework.security.config.annotation.authentication
-
Interface for operating on a SecurityBuilder that creates a ProviderManager
- realmName(String) - Method in class org.springframework.security.config.annotation.web.configurers.HttpBasicConfigurer
-
Allows easily changing the realm, but leaving the remaining defaults in
place.
- regexMatcher(String) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
-
Allows configuring the
HttpSecurity
to only be invoked when
matching the provided regex pattern.
- regexMatchers(HttpMethod, String...) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
-
Maps a
List
of
RegexRequestMatcher
instances.
- regexMatchers(String...) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
-
Create a
List
of
RegexRequestMatcher
instances that do not
specify an
HttpMethod
.
- registerStompEndpoints(StompEndpointRegistry) - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
-
- REMEMBER_ME - Static variable in class org.springframework.security.config.Elements
-
- rememberMe() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
-
Allows configuring of Remember Me authentication.
- rememberMe() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
-
Specify that URLs are allowed by users that have been remembered.
- rememberMe() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
-
Specify that Messages are allowed by users that have been remembered.
- RememberMeConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
-
Configures Remember Me authentication.
- RememberMeConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
-
Creates a new instance
- rememberMeServices(RememberMeServices) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
-
Specify the RememberMeServices
to use.
- removeConfigurer(Class<C>) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
-
- removeConfigurer(Class<C>) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder
-
- removeConfigurers(Class<C>) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
-
Removes all the
SecurityConfigurer
instances by its class name or an
empty List if not found.
- REQUEST_CACHE - Static variable in class org.springframework.security.config.Elements
-
- requestCache() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
-
Allows configuring the Request Cache.
- requestCache(RequestCache) - Method in class org.springframework.security.config.annotation.web.configurers.RequestCacheConfigurer
-
Allows explicit configuration of the RequestCache
to be used.
- RequestCacheConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
-
Adds request cache for Spring Security.
- RequestCacheConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.RequestCacheConfigurer
-
- requestDataValueProcessor() - Method in class org.springframework.security.config.annotation.web.servlet.configuration.WebMvcSecurityConfiguration
-
- requestMatcher(RequestMatcher) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
-
Allows configuring the
HttpSecurity
to only be invoked when
matching the provided
RequestMatcher
.
- requestMatchers(RequestMatcher...) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
-
- requestMatchers() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
-
Allows specifying which
HttpServletRequest
instances this
HttpSecurity
will be invoked on.
- requireCsrfProtectionMatcher(RequestMatcher) - Method in class org.springframework.security.config.annotation.web.configurers.CsrfConfigurer
-
Specify the RequestMatcher
to use for determining when CSRF
should be applied.
- required(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer.AttributeExchangeConfigurer.AttributeConfigurer
-
Specifies that this attribute is required.
- requires(String) - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.RequiresChannelUrl
-
- requiresChannel() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
-
Configures channel security.
- requiresInsecure() - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.RequiresChannelUrl
-
- requiresSecure() - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.RequiresChannelUrl
-
- rolePrefix(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
-
A non-empty string prefix that will be added as a prefix to the existing
roles.
- rolePrefix(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
-
A non-empty string prefix that will be added to role strings loaded from persistent storage (default is "").
- rolePrefix(String) - Method in class org.springframework.security.config.annotation.web.configurers.ServletApiConfigurer
-
- roles(String...) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
-
Populates the roles.
- root(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.ContextSourceBuilder
-
Optional root suffix for the embedded LDAP server.
- runAsManager() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
-
- SALT_SOURCE - Static variable in class org.springframework.security.config.Elements
-
- SecurityBuilder<O> - Interface in org.springframework.security.config.annotation
-
Interface for building an Object
- SecurityConfigurer<O,B extends SecurityBuilder<O>> - Interface in org.springframework.security.config.annotation
-
- SecurityConfigurerAdapter<O,B extends SecurityBuilder<O>> - Class in org.springframework.security.config.annotation
-
A base class for
SecurityConfigurer
that allows subclasses to only
implement the methods they are interested in.
- SecurityConfigurerAdapter() - Constructor for class org.springframework.security.config.annotation.SecurityConfigurerAdapter
-
- securityContext() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
-
Sets up management of the SecurityContext
on the
SecurityContextHolder
between HttpServletRequest
's.
- securityContextChannelInterceptor() - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
-
- SecurityContextConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
-
Allows persisting and restoring of the SecurityContext
found on the
SecurityContextHolder
for each request by configuring the
SecurityContextPersistenceFilter
.
- SecurityContextConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.SecurityContextConfigurer
-
Creates a new instance
- securityContextRepository(SecurityContextRepository) - Method in class org.springframework.security.config.annotation.web.configurers.SecurityContextConfigurer
-
Specifies the shared SecurityContextRepository
that is to be used
- SecurityDebugBeanFactoryPostProcessor - Class in org.springframework.security.config.debug
-
- SecurityDebugBeanFactoryPostProcessor() - Constructor for class org.springframework.security.config.debug.SecurityDebugBeanFactoryPostProcessor
-
- securityInterceptor(FilterSecurityInterceptor) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
-
Sets the FilterSecurityInterceptor
.
- SecurityNamespaceHandler - Class in org.springframework.security.config
-
Parses elements from the "security" namespace (http://www.springframework.org/schema/security).
- SecurityNamespaceHandler() - Constructor for class org.springframework.security.config.SecurityNamespaceHandler
-
- servletApi() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
-
Integrates the HttpServletRequest
methods with the values found
on the SecurityContext
.
- ServletApiConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
-
Implements select methods from the HttpServletRequest
using the SecurityContext
from the SecurityContextHolder
.
- ServletApiConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.ServletApiConfigurer
-
Creates a new instance
- SESSION_MANAGEMENT - Static variable in class org.springframework.security.config.Elements
-
- sessionAuthenticationErrorUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
-
Defines the URL of the error page which should be shown when the
SessionAuthenticationStrategy raises an exception.
- sessionAuthenticationStrategy(SessionAuthenticationStrategy) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
-
Allows explicitly specifying the SessionAuthenticationStrategy
.
- sessionCreationPolicy(SessionCreationPolicy) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
-
- SessionCreationPolicy - Enum in org.springframework.security.config.http
-
Specifies the various session creation policies for Spring Security.
- sessionFixation() - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
-
- sessionManagement() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
-
Allows configuring of Session Management.
- SessionManagementConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
-
Allows configuring session management.
- SessionManagementConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
-
Creates a new instance
- SessionManagementConfigurer.ConcurrencyControlConfigurer - Class in org.springframework.security.config.annotation.web.configurers
-
Allows configuring controlling of multiple sessions.
- SessionManagementConfigurer.SessionFixationConfigurer - Class in org.springframework.security.config.annotation.web.configurers
-
Allows configuring SessionFixation protection
- SessionManagementConfigurer.SessionFixationConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.SessionFixationConfigurer
-
- sessionRegistry(SessionRegistry) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.ConcurrencyControlConfigurer
-
Controls the SessionRegistry
implementation used.
- setApplicationContext(ApplicationContext) - Method in class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
-
- setApplicationContext(ApplicationContext) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
-
- setApplicationContext(ApplicationContext) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
-
- setApplicationContext(ApplicationContext) - Method in class org.springframework.security.config.http.UserDetailsServiceFactoryBean
-
- setAuthenticationConfiguration(AuthenticationConfiguration) - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
-
- setAuthenticationConfiguration(AuthenticationConfiguration) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
-
- setAuthenticationTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
-
- setBeanClassLoader(ClassLoader) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
-
- setBeanFactory(BeanFactory) - Method in class org.springframework.security.config.authentication.AuthenticationManagerFactoryBean
-
- setBuilder(B) - Method in class org.springframework.security.config.annotation.SecurityConfigurerAdapter
-
- setContentNegotationStrategy(ContentNegotiationStrategy) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
-
- setFilterChainProxySecurityConfigurer(ObjectPostProcessor<Object>, List<SecurityConfigurer<Filter, WebSecurity>>) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
-
Sets the <SecurityConfigurer<FilterChainProxy, WebSecurityBuilder>
instances used to create the web configuration.
- setGlobalAuthenticationConfigurers(List<GlobalAuthenticationConfigurerAdapter>) - Method in class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
-
- setImportMetadata(AnnotationMetadata) - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
-
- setImportMetadata(AnnotationMetadata) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
-
- setObjectPostProcessor(ObjectPostProcessor<Object>) - Method in class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
-
- setObjectPostProcessor(ObjectPostProcessor<Object>) - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
-
- setObjectPostProcessor(ObjectPostProcessor<Object>) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
-
- setPermissionEvaluator(List<PermissionEvaluator>) - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
-
- setSharedObject(Class<C>, C) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
-
- setSharedObject(Class<C>, C) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder
-
- setTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
-
- setUserCache(UserCache) - Method in class org.springframework.security.config.authentication.CachingUserDetailsService
-
- SPRING_SECURITY_FILTER_CHAIN - Static variable in class org.springframework.security.config.BeanIds
-
External alias for FilterChainProxy bean, for use in web.xml files
- springSecurityFilterChain() - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
-
Creates the Spring Security Filter Chain
- subjectPrincipalRegex(String) - Method in class org.springframework.security.config.annotation.web.configurers.X509Configurer
-
Specifies the regex to extract the principal from the certificate.
- successHandler(AuthenticationSuccessHandler) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
-
Specifies the AuthenticationSuccessHandler
to be used.
- supports(Class<?>) - Method in class org.springframework.security.config.authentication.AuthenticationManagerBeanDefinitionParser.NullAuthenticationProvider
-
- url(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.ContextSourceBuilder
-
Specifies the ldap server URL when not using the embedded LDAP
server.
- UrlAuthorizationConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
-
Adds URL based authorization using
DefaultFilterInvocationSecurityMetadataSource
.
- UrlAuthorizationConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer
-
- UrlAuthorizationConfigurer.AuthorizedUrl - Class in org.springframework.security.config.annotation.web.configurers
-
Maps the specified RequestMatcher
instances to ConfigAttribute
instances.
- UrlAuthorizationConfigurer.StandardInterceptUrlRegistry - Class in org.springframework.security.config.annotation.web.configurers
-
- UrlAuthorizationConfigurer.StandardInterceptUrlRegistry() - Constructor for class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.StandardInterceptUrlRegistry
-
- USER_DETAILS_SERVICE - Static variable in class org.springframework.security.config.BeanIds
-
- USER_DETAILS_SERVICE_FACTORY - Static variable in class org.springframework.security.config.BeanIds
-
- USER_SERVICE - Static variable in class org.springframework.security.config.Elements
-
- userCache(UserCache) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
-
Defines the UserCache
to use
- UserDetailsAwareConfigurer<B extends ProviderManagerBuilder<B>,U extends org.springframework.security.core.userdetails.UserDetailsService> - Class in org.springframework.security.config.annotation.authentication.configurers.userdetails
-
- UserDetailsAwareConfigurer() - Constructor for class org.springframework.security.config.annotation.authentication.configurers.userdetails.UserDetailsAwareConfigurer
-
- userDetailsContextMapper(UserDetailsContextMapper) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
-
Allows explicit customization of the loaded user object by specifying a
UserDetailsContextMapper bean which will be called with the context
information from the user's directory entry.
- UserDetailsManagerConfigurer<B extends ProviderManagerBuilder<B>,C extends UserDetailsManagerConfigurer<B,C>> - Class in org.springframework.security.config.annotation.authentication.configurers.provisioning
-
- UserDetailsManagerConfigurer(UserDetailsManager) - Constructor for class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer
-
- UserDetailsManagerConfigurer.UserDetailsBuilder - Class in org.springframework.security.config.annotation.authentication.configurers.provisioning
-
Builds the user to be added.
- userDetailsService(T) - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
-
Add authentication based upon the custom UserDetailsService
that
is passed in.
- userDetailsService(UserDetailsService) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
-
- userDetailsService() - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
-
- userDetailsService(UserDetailsService) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
-
Specifies the UserDetailsService
used to look up the
UserDetails
when a remember me token is valid.
- userDetailsService(UserDetailsService) - Method in class org.springframework.security.config.annotation.web.configurers.X509Configurer
-
- userDetailsService(UserDetailsService) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder
-
Allows adding an additional UserDetailsService
to be used
- userDetailsServiceBean() - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
-
- UserDetailsServiceConfigurer<B extends ProviderManagerBuilder<B>,C extends UserDetailsServiceConfigurer<B,C,U>,U extends org.springframework.security.core.userdetails.UserDetailsService> - Class in org.springframework.security.config.annotation.authentication.configurers.userdetails
-
- UserDetailsServiceConfigurer(U) - Constructor for class org.springframework.security.config.annotation.authentication.configurers.userdetails.UserDetailsServiceConfigurer
-
Creates a new instance
- UserDetailsServiceFactoryBean - Class in org.springframework.security.config.http
-
Bean used to lookup a named UserDetailsService or AuthenticationUserDetailsService.
- UserDetailsServiceFactoryBean() - Constructor for class org.springframework.security.config.http.UserDetailsServiceFactoryBean
-
- userDnPatterns(String...) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
-
If your users are at a fixed location in the directory (i.e.
- usernameParameter(String) - Method in class org.springframework.security.config.annotation.web.configurers.FormLoginConfigurer
-
The HTTP parameter to look for the username when performing
authentication.
- usersByUsernameQuery(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
-
Sets the query to be used for finding a user by their username.
- userSearchBase(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
-
Search base for user searches.
- userSearchFilter(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
-
The LDAP filter used to search for users (optional).
- UserServiceBeanDefinitionParser - Class in org.springframework.security.config.authentication
-
- UserServiceBeanDefinitionParser() - Constructor for class org.springframework.security.config.authentication.UserServiceBeanDefinitionParser
-
- useSecureCookie(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
-
Whether the cookie should be flagged as secure or not.