- AbstractAuthenticationProcessingFilter - Class in org.springframework.security.web.authentication
-
Abstract processor of browser-based HTTP-based authentication requests.
- AbstractAuthenticationProcessingFilter(String) - Constructor for class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
-
- AbstractAuthenticationProcessingFilter(RequestMatcher) - Constructor for class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
-
Creates a new instance
- AbstractAuthenticationTargetUrlRequestHandler - Class in org.springframework.security.web.authentication
-
Base class containing the logic used by strategies which handle redirection to a URL and
are passed an Authentication
object as part of the contract.
- AbstractAuthenticationTargetUrlRequestHandler() - Constructor for class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
-
- AbstractPreAuthenticatedProcessingFilter - Class in org.springframework.security.web.authentication.preauth
-
Base class for processing filters that handle pre-authenticated authentication requests, where it is assumed
that the principal has already been authenticated by an external system.
- AbstractPreAuthenticatedProcessingFilter() - Constructor for class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
-
- AbstractRememberMeServices - Class in org.springframework.security.web.authentication.rememberme
-
Base class for RememberMeServices implementations.
- AbstractRememberMeServices() - Constructor for class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
-
Deprecated.
Use constructor injection
- AbstractRememberMeServices(String, UserDetailsService) - Constructor for class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
-
- AbstractRetryEntryPoint - Class in org.springframework.security.web.access.channel
-
- AbstractRetryEntryPoint(String, int) - Constructor for class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
-
- AbstractSecurityWebApplicationInitializer - Class in org.springframework.security.web.context
-
Registers the
DelegatingFilterProxy
to use the
springSecurityFilterChain before any other registered
Filter
.
- AbstractSecurityWebApplicationInitializer() - Constructor for class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
-
Creates a new instance that assumes the Spring Security configuration is
loaded by some other means than this class.
- AbstractSecurityWebApplicationInitializer(Class<?>...) - Constructor for class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
-
- ACCESS_DENIED_403 - Static variable in class org.springframework.security.web.WebAttributes
-
Used to cache an AccessDeniedException
in the request for rendering.
- AccessDeniedHandler - Interface in org.springframework.security.web.access
-
- AccessDeniedHandlerImpl - Class in org.springframework.security.web.access
-
- AccessDeniedHandlerImpl() - Constructor for class org.springframework.security.web.access.AccessDeniedHandlerImpl
-
- afterPropertiesSet() - Method in class org.springframework.security.web.access.channel.ChannelDecisionManagerImpl
-
- afterPropertiesSet() - Method in class org.springframework.security.web.access.channel.ChannelProcessingFilter
-
- afterPropertiesSet() - Method in class org.springframework.security.web.access.channel.InsecureChannelProcessor
-
- afterPropertiesSet() - Method in class org.springframework.security.web.access.channel.SecureChannelProcessor
-
- afterPropertiesSet() - Method in class org.springframework.security.web.access.ExceptionTranslationFilter
-
- afterPropertiesSet() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
-
- afterPropertiesSet() - Method in class org.springframework.security.web.authentication.AnonymousAuthenticationFilter
-
- afterPropertiesSet() - Method in class org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint
-
- afterPropertiesSet() - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
-
- afterPropertiesSet() - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
-
Check whether all required properties have been set.
- afterPropertiesSet() - Method in class org.springframework.security.web.authentication.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource
-
Check that all required properties have been set.
- afterPropertiesSet() - Method in class org.springframework.security.web.authentication.preauth.j2ee.WebXmlMappableAttributesRetriever
-
Loads the web.xml file using the configured ResourceLoader and
parses the role-name elements from it, using these as the set of mappableAttributes.
- afterPropertiesSet() - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider
-
Check whether all required properties have been set.
- afterPropertiesSet() - Method in class org.springframework.security.web.authentication.preauth.websphere.WebSpherePreAuthenticatedAuthenticationDetailsSource
-
Deprecated.
Check that all required properties have been set.
- afterPropertiesSet() - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
-
- afterPropertiesSet() - Method in class org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter
-
- afterPropertiesSet() - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
-
- afterPropertiesSet() - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint
-
- afterPropertiesSet() - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
-
- afterPropertiesSet() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
-
- afterPropertiesSet() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
-
- afterPropertiesSet() - Method in class org.springframework.security.web.FilterChainProxy
-
- afterPropertiesSet() - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter
-
- afterPropertiesSet() - Method in class org.springframework.security.web.session.ConcurrentSessionFilter
-
- afterSpringSecurityFilterChain(ServletContext) - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
-
Invoked after the springSecurityFilterChain is added.
- allowableSessionsExceeded(List<SessionInformation>, int, SessionRegistry) - Method in class org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy
-
Allows subclasses to customise behaviour when too many sessions are detected.
- allowableSessionsExceeded(List<SessionInformation>, int, SessionRegistry) - Method in class org.springframework.security.web.authentication.session.ConcurrentSessionControlStrategy
-
Deprecated.
Allows subclasses to customise behaviour when too many sessions are detected.
- allowed(String) - Method in class org.springframework.security.web.header.writers.frameoptions.RegExpAllowFromStrategy
-
- allowed(String) - Method in class org.springframework.security.web.header.writers.frameoptions.WhiteListedAllowFromStrategy
-
- AllowFromStrategy - Interface in org.springframework.security.web.header.writers.frameoptions
-
Strategy interfaces used by the FrameOptionsHeaderWriter
to determine the actual value to use for the
X-Frame-Options header when using the ALLOW-FROM directive.
- AndRequestMatcher - Class in org.springframework.security.web.util.matcher
-
- AndRequestMatcher(List<RequestMatcher>) - Constructor for class org.springframework.security.web.util.matcher.AndRequestMatcher
-
Creates a new instance
- AndRequestMatcher(RequestMatcher...) - Constructor for class org.springframework.security.web.util.matcher.AndRequestMatcher
-
Creates a new instance
- AnonymousAuthenticationFilter - Class in org.springframework.security.web.authentication
-
Detects if there is no Authentication
object in the SecurityContextHolder
, and
populates it with one if needed.
- AnonymousAuthenticationFilter() - Constructor for class org.springframework.security.web.authentication.AnonymousAuthenticationFilter
-
Deprecated.
Use constructor injection version
- AnonymousAuthenticationFilter(String) - Constructor for class org.springframework.security.web.authentication.AnonymousAuthenticationFilter
-
Creates a filter with a principal named "anonymousUser" and the single authority "ROLE_ANONYMOUS".
- AnonymousAuthenticationFilter(String, Object, List<GrantedAuthority>) - Constructor for class org.springframework.security.web.authentication.AnonymousAuthenticationFilter
-
- AntPathRequestMatcher - Class in org.springframework.security.web.util
-
- AntPathRequestMatcher(String) - Constructor for class org.springframework.security.web.util.AntPathRequestMatcher
-
Deprecated.
Creates a matcher with the specific pattern which will match all HTTP
methods in a case insensitive manner.
- AntPathRequestMatcher(String, String) - Constructor for class org.springframework.security.web.util.AntPathRequestMatcher
-
Deprecated.
Creates a matcher with the supplied pattern and HTTP method in a case
insensitive manner.
- AntPathRequestMatcher(String, String, boolean) - Constructor for class org.springframework.security.web.util.AntPathRequestMatcher
-
Deprecated.
Creates a matcher with the supplied pattern which will match the
specified Http method
- AntPathRequestMatcher - Class in org.springframework.security.web.util.matcher
-
Matcher which compares a pre-defined ant-style pattern against the URL
(servletPath + pathInfo
) of an HttpServletRequest
.
- AntPathRequestMatcher(String) - Constructor for class org.springframework.security.web.util.matcher.AntPathRequestMatcher
-
Creates a matcher with the specific pattern which will match all HTTP
methods in a case insensitive manner.
- AntPathRequestMatcher(String, String) - Constructor for class org.springframework.security.web.util.matcher.AntPathRequestMatcher
-
Creates a matcher with the supplied pattern and HTTP method in a case
insensitive manner.
- AntPathRequestMatcher(String, String, boolean) - Constructor for class org.springframework.security.web.util.matcher.AntPathRequestMatcher
-
Creates a matcher with the supplied pattern which will match the
specified Http method
- ANY_CHANNEL - Static variable in class org.springframework.security.web.access.channel.ChannelDecisionManagerImpl
-
- AnyRequestMatcher - Class in org.springframework.security.web.util
-
Deprecated.
use org.springframework.security.web.util.matcher.AnyRequestMatcher.INSTANCE instead
- AnyRequestMatcher() - Constructor for class org.springframework.security.web.util.AnyRequestMatcher
-
Deprecated.
- AnyRequestMatcher - Class in org.springframework.security.web.util.matcher
-
Matches any supplied request.
- appendFilters(ServletContext, Filter...) - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
-
- applyAnonymousForThisRequest(HttpServletRequest) - Method in class org.springframework.security.web.authentication.AnonymousAuthenticationFilter
-
Deprecated.
no obvious use case and can easily be achieved by other means
- attemptAuthentication(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
-
Performs actual authentication.
- attemptAuthentication(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
-
- attemptExitUser(HttpServletRequest) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
-
Attempt to exit from an already switched user.
- attemptSwitchUser(HttpServletRequest) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
-
Attempt to switch to another user.
- authenticate(Authentication) - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider
-
Authenticate the given PreAuthenticatedAuthenticationToken.
- AUTHENTICATION_EXCEPTION - Static variable in class org.springframework.security.web.WebAttributes
-
Used to cache an authentication-failure exception in the session.
- authenticationDetailsSource - Variable in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
-
- AuthenticationEntryPoint - Interface in org.springframework.security.web
-
- AuthenticationFailureHandler - Interface in org.springframework.security.web.authentication
-
Strategy used to handle a failed authentication attempt.
- AuthenticationPrincipal - Annotation Type in org.springframework.security.web.bind.annotation
-
Annotation that binds a method parameter or method return value to the
Authentication.getPrincipal()
.
- AuthenticationPrincipalArgumentResolver - Class in org.springframework.security.web.bind.support
-
- AuthenticationPrincipalArgumentResolver() - Constructor for class org.springframework.security.web.bind.support.AuthenticationPrincipalArgumentResolver
-
- AuthenticationSuccessHandler - Interface in org.springframework.security.web.authentication
-
Strategy used to handle a successful user authentication.
- AuthenticationSwitchUserEvent - Class in org.springframework.security.web.authentication.switchuser
-
Application event which indicates that a user context switch.
- AuthenticationSwitchUserEvent(Authentication, UserDetails) - Constructor for class org.springframework.security.web.authentication.switchuser.AuthenticationSwitchUserEvent
-
Switch user context event constructor
- autoLogin(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.NullRememberMeServices
-
- autoLogin(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
-
Template implementation which locates the Spring Security cookie, decodes it into
a delimited array of tokens and submits it to subclasses for processing
via the processAutoLoginCookie method.
- autoLogin(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.authentication.RememberMeServices
-
This method will be called whenever the SecurityContextHolder
does not contain an
Authentication
object and Spring Security wishes to provide an implementation with an
opportunity to authenticate the request using remember-me capabilities.
- generateNewContext() - Method in class org.springframework.security.web.context.HttpSessionSecurityContextRepository
-
By default, calls SecurityContextHolder.createEmptyContext()
to obtain a new context (there should be
no context present in the holder when this method is called).
- generateSeriesData() - Method in class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices
-
- generateToken(HttpServletRequest) - Method in interface org.springframework.security.web.csrf.CsrfTokenRepository
-
- generateToken(HttpServletRequest) - Method in class org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository
-
- generateTokenData() - Method in class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices
-
- getAllConfigAttributes() - Method in class org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource
-
- getAllowFromValue(HttpServletRequest) - Method in interface org.springframework.security.web.header.writers.frameoptions.AllowFromStrategy
-
Gets the value for ALLOW-FROM excluding the ALLOW-FROM.
- getAllowFromValue(HttpServletRequest) - Method in class org.springframework.security.web.header.writers.frameoptions.StaticAllowFromStrategy
-
- getAllowSessionCreation() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
-
- getAttributes(Object) - Method in class org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource
-
- getAuthenticationDetailsSource() - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
-
- getAuthenticationDetailsSource() - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
-
- getAuthenticationEntryPoint() - Method in class org.springframework.security.web.access.ExceptionTranslationFilter
-
- getAuthenticationEntryPoint() - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
-
- getAuthenticationEntryPoint() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
-
- getAuthenticationManager() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
-
- getAuthenticationManager() - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
-
- getAuthenticationTrustResolver() - Method in class org.springframework.security.web.access.ExceptionTranslationFilter
-
- getAuthorities() - Method in class org.springframework.security.web.authentication.AnonymousAuthenticationFilter
-
- getAuthority() - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority
-
- getChain() - Method in class org.springframework.security.web.FilterInvocation
-
- getChannelDecisionManager() - Method in class org.springframework.security.web.access.channel.ChannelProcessingFilter
-
- getChannelProcessors() - Method in class org.springframework.security.web.access.channel.ChannelDecisionManagerImpl
-
- getComment() - Method in class org.springframework.security.web.savedrequest.SavedCookie
-
- getContextPath() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
-
- getCookie() - Method in class org.springframework.security.web.savedrequest.SavedCookie
-
- getCookieName() - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
-
- getCookies() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
-
- getCookies() - Method in interface org.springframework.security.web.savedrequest.SavedRequest
-
- getCredentials() - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken
-
Get the credentials
- getCredentialsCharset(HttpServletRequest) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
-
- getCurrentDate() - Static method in class org.springframework.security.web.savedrequest.FastHttpDateFormat
-
Gets the current date in HTTP format.
- getDate() - Method in class org.springframework.security.web.authentication.rememberme.PersistentRememberMeToken
-
- getDefaultTargetUrl() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
-
Supplies the default target Url that will be used if no saved request is found or the
alwaysUseDefaultTargetUrl
property is set to true.
- getDispatcherWebApplicationContextSuffix() - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
-
- getDomain() - Method in class org.springframework.security.web.savedrequest.SavedCookie
-
- getEntryPoint() - Method in class org.springframework.security.web.access.channel.InsecureChannelProcessor
-
- getEntryPoint() - Method in class org.springframework.security.web.access.channel.SecureChannelProcessor
-
- getExtraHiddenFields(HttpServletRequest) - Method in class org.springframework.security.web.servlet.support.csrf.CsrfRequestDataValueProcessor
-
- getFailureHandler() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
-
- getFilterChainMap() - Method in class org.springframework.security.web.FilterChainProxy
-
- getFilterChains() - Method in class org.springframework.security.web.FilterChainProxy
-
- getFilterProcessesUrl() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
-
Deprecated.
- getFilterProcessesUrl() - Method in class org.springframework.security.web.authentication.logout.LogoutFilter
-
Deprecated.
- getFilters() - Method in class org.springframework.security.web.DefaultSecurityFilterChain
-
- getFilters(String) - Method in class org.springframework.security.web.FilterChainProxy
-
Convenience method, mainly for testing.
- getFilters() - Method in interface org.springframework.security.web.SecurityFilterChain
-
- getFirewalledRequest(HttpServletRequest) - Method in class org.springframework.security.web.firewall.DefaultHttpFirewall
-
- getFirewalledRequest(HttpServletRequest) - Method in interface org.springframework.security.web.firewall.HttpFirewall
-
Provides the request object which will be passed through the filter chain.
- getFirewalledResponse(HttpServletResponse) - Method in class org.springframework.security.web.firewall.DefaultHttpFirewall
-
- getFirewalledResponse(HttpServletResponse) - Method in interface org.springframework.security.web.firewall.HttpFirewall
-
Provides the response which will be passed through the filter chain.
- getFirstThrowableOfType(Class<? extends Throwable>, Throwable[]) - Method in class org.springframework.security.web.util.ThrowableAnalyzer
-
Returns the first throwable from the passed in array that is assignable to the provided type.
- getFullRequestUrl() - Method in class org.springframework.security.web.FilterInvocation
-
Indicates the URL that the user agent used for this request.
- getGrantedAuthorities() - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesAuthenticationDetails
-
Deprecated.
- getGrantedAuthorities() - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails
-
- getHeaderName() - Method in interface org.springframework.security.web.csrf.CsrfToken
-
Gets the HTTP header that the CSRF is populated on the response and can
be placed on requests instead of the parameter.
- getHeaderName() - Method in class org.springframework.security.web.csrf.DefaultCsrfToken
-
- getHeaderNames() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
-
- getHeaderNames() - Method in interface org.springframework.security.web.savedrequest.SavedRequest
-
- getHeaderValues(String) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
-
- getHeaderValues(String) - Method in interface org.springframework.security.web.savedrequest.SavedRequest
-
- getHttpMethod() - Method in class org.springframework.security.web.util.AntPathRequestMatcher
-
Deprecated.
- getHttpRequest() - Method in class org.springframework.security.web.FilterInvocation
-
- getHttpResponse() - Method in class org.springframework.security.web.FilterInvocation
-
- getId() - Method in class org.springframework.security.web.session.HttpSessionDestroyedEvent
-
- getInsecureKeyword() - Method in class org.springframework.security.web.access.channel.InsecureChannelProcessor
-
- getKey() - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
-
- getKey() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
-
- getLocales() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
-
- getLocales() - Method in interface org.springframework.security.web.savedrequest.SavedRequest
-
- getLoginFormUrl() - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
-
- getLoginPageUrl() - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
-
- getMappableAttributes() - Method in class org.springframework.security.web.authentication.preauth.j2ee.WebXmlMappableAttributesRetriever
-
- getMappedPort(Integer) - Method in class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
-
- getMappedPort(Integer) - Method in class org.springframework.security.web.access.channel.RetryWithHttpEntryPoint
-
- getMappedPort(Integer) - Method in class org.springframework.security.web.access.channel.RetryWithHttpsEntryPoint
-
- getMatchingRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.HttpSessionRequestCache
-
- getMatchingRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.NullRequestCache
-
- getMatchingRequest(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.savedrequest.RequestCache
-
Returns a wrapper around the saved request, if it matches the current request.
- getMatchingRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.RequestCacheAdapter
-
- getMaxAge() - Method in class org.springframework.security.web.savedrequest.SavedCookie
-
- getMaximumSessionsForThisUser(Authentication) - Method in class org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy
-
Method intended for use by subclasses to override the maximum number of sessions that are permitted for
a particular authentication.
- getMaximumSessionsForThisUser(Authentication) - Method in class org.springframework.security.web.authentication.session.ConcurrentSessionControlStrategy
-
Deprecated.
Method intended for use by subclasses to override the maximum number of sessions that are permitted for
a particular authentication.
- getMethod() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
-
- getMethod() - Method in interface org.springframework.security.web.savedrequest.SavedRequest
-
- getName() - Method in class org.springframework.security.web.header.Header
-
Gets the name of the header.
- getName() - Method in class org.springframework.security.web.savedrequest.SavedCookie
-
- getNewSessionId() - Method in class org.springframework.security.web.authentication.session.SessionFixationProtectionEvent
-
Getter for the session ID after it was changed.
- getNonceValiditySeconds() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
-
- getOldSessionId() - Method in class org.springframework.security.web.authentication.session.SessionFixationProtectionEvent
-
Getter for the session ID before it was changed.
- getOrder() - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider
-
- getOrder() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
-
- getOutputStream() - Method in class org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper
-
Makes sure the context is stored before calling getOutputStream().close()
or
getOutputStream().flush()
- getParameter() - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
-
- getParameterMap() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
-
- getParameterMap() - Method in interface org.springframework.security.web.savedrequest.SavedRequest
-
- getParameterName() - Method in interface org.springframework.security.web.csrf.CsrfToken
-
Gets the HTTP parameter name that should contain the token.
- getParameterName() - Method in class org.springframework.security.web.csrf.DefaultCsrfToken
-
- getParameterNames() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
-
- getParameterValues(String) - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
-
- getParameterValues(String) - Method in interface org.springframework.security.web.savedrequest.SavedRequest
-
- getPasswordParameter() - Method in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
-
- getPath() - Method in class org.springframework.security.web.savedrequest.SavedCookie
-
- getPathInfo() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
-
- getPattern() - Method in class org.springframework.security.web.util.AntPathRequestMatcher
-
Deprecated.
- getPattern() - Method in class org.springframework.security.web.util.matcher.AntPathRequestMatcher
-
- getPortMapper() - Method in class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
-
- getPortMapper() - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
-
- getPortMapper() - Method in class org.springframework.security.web.PortResolverImpl
-
- getPortResolver() - Method in class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
-
- getPortResolver() - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
-
- getPreAuthenticatedCredentials(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
-
Override to extract the credentials (if applicable) from the current request.
- getPreAuthenticatedCredentials(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.j2ee.J2eePreAuthenticatedProcessingFilter
-
For J2EE container-based authentication there is no generic way to
retrieve the credentials, as such this method returns a fixed dummy
value.
- getPreAuthenticatedCredentials(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter
-
Credentials aren't usually applicable, but if a credentialsRequestHeader
is set, this
will be read and used as the credentials value.
- getPreAuthenticatedCredentials(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.websphere.WebSpherePreAuthenticatedProcessingFilter
-
For J2EE container-based authentication there is no generic way to
retrieve the credentials, as such this method returns a fixed dummy
value.
- getPreAuthenticatedCredentials(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.x509.X509AuthenticationFilter
-
- getPreAuthenticatedPrincipal(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
-
Override to extract the principal information from the current request
- getPreAuthenticatedPrincipal(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.j2ee.J2eePreAuthenticatedProcessingFilter
-
Return the J2EE user name.
- getPreAuthenticatedPrincipal(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter
-
Read and returns the header named by principalRequestHeader
from the request.
- getPreAuthenticatedPrincipal(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.websphere.WebSpherePreAuthenticatedProcessingFilter
-
Return the WebSphere user name.
- getPreAuthenticatedPrincipal(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.x509.X509AuthenticationFilter
-
- getPrincipal() - Method in class org.springframework.security.web.authentication.AnonymousAuthenticationFilter
-
- getPrincipal() - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken
-
Get the principal
- getQueryString() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
-
- getRealmName() - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint
-
- getRealmName() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
-
- getRedirectStrategy() - Method in class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
-
- getRedirectStrategy() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
-
- getRedirectStrategy() - Method in class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
-
- getRedirectUrl() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
-
Indicates the URL that the user agent used for this request.
- getRedirectUrl() - Method in interface org.springframework.security.web.savedrequest.SavedRequest
-
- getRememberMeServices() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
-
- getRememberMeServices() - Method in class org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter
-
- getRemoteAddress() - Method in class org.springframework.security.web.authentication.WebAuthenticationDetails
-
Indicates the TCP/IP address the authentication request was received from.
- getRemoteUser() - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestWrapper
-
Returns the principal's name, as obtained from the SecurityContextHolder
.
- getRequest() - Method in class org.springframework.security.web.context.HttpRequestResponseHolder
-
- getRequest() - Method in class org.springframework.security.web.FilterInvocation
-
- getRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.HttpSessionRequestCache
-
- getRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.NullRequestCache
-
- getRequest(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.savedrequest.RequestCache
-
Returns the saved request, leaving it cached.
- getRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.RequestCacheAdapter
-
- getRequestMatcher() - Method in class org.springframework.security.web.DefaultSecurityFilterChain
-
- getRequestURI() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
-
- getRequestUrl() - Method in class org.springframework.security.web.FilterInvocation
-
Obtains the web application-specific fragment of the URL.
- getRequestURL() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
-
- getResponse() - Method in class org.springframework.security.web.context.HttpRequestResponseHolder
-
- getResponse() - Method in class org.springframework.security.web.FilterInvocation
-
- getScheme() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
-
- getSecureKeyword() - Method in class org.springframework.security.web.access.channel.SecureChannelProcessor
-
- getSecureObjectClass() - Method in class org.springframework.security.web.access.intercept.FilterSecurityInterceptor
-
- getSecurityContexts() - Method in class org.springframework.security.web.session.HttpSessionDestroyedEvent
-
- getSecurityDispatcherTypes() - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
-
Get the DispatcherType
for the springSecurityFilterChain.
- getSecurityMetadataSource() - Method in class org.springframework.security.web.access.channel.ChannelProcessingFilter
-
- getSecurityMetadataSource() - Method in class org.springframework.security.web.access.intercept.FilterSecurityInterceptor
-
- getSeries() - Method in class org.springframework.security.web.authentication.rememberme.PersistentRememberMeToken
-
- getServerName() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
-
- getServerPort(ServletRequest) - Method in interface org.springframework.security.web.PortResolver
-
Indicates the port the ServletRequest
was received on.
- getServerPort(ServletRequest) - Method in class org.springframework.security.web.PortResolverImpl
-
- getServerPort() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
-
- getServletPath() - Method in class org.springframework.security.web.savedrequest.DefaultSavedRequest
-
- getSession() - Method in class org.springframework.security.web.session.HttpSessionCreatedEvent
-
- getSession() - Method in class org.springframework.security.web.session.HttpSessionDestroyedEvent
-
- getSessionId() - Method in class org.springframework.security.web.authentication.WebAuthenticationDetails
-
Indicates the HttpSession
id the authentication request was received from.
- getSessionTrackingModes() - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
-
Determines how a session should be tracked.
- getSource() - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority
-
Returns the original user associated with a successful user switch.
- getSuccessHandler() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
-
- getTargetUrlParameter() - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
-
- getTargetUser() - Method in class org.springframework.security.web.authentication.switchuser.AuthenticationSwitchUserEvent
-
- getToken() - Method in interface org.springframework.security.web.csrf.CsrfToken
-
Gets the token value.
- getToken() - Method in class org.springframework.security.web.csrf.DefaultCsrfToken
-
- getTokenForSeries(String) - Method in class org.springframework.security.web.authentication.rememberme.InMemoryTokenRepositoryImpl
-
- getTokenForSeries(String) - Method in class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl
-
Loads the token data for the supplied series identifier.
- getTokenForSeries(String) - Method in interface org.springframework.security.web.authentication.rememberme.PersistentTokenRepository
-
- getTokenValiditySeconds() - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
-
- getTokenValue() - Method in class org.springframework.security.web.authentication.rememberme.PersistentRememberMeToken
-
- getTranslatedPortMappings() - Method in class org.springframework.security.web.PortMapperImpl
-
Returns the translated (Integer -> Integer) version of the original port mapping specified via
setHttpsPortMapping()
- getUrl() - Method in class org.springframework.security.web.util.RedirectUrlBuilder
-
- getUserCache() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
-
- getUserDetailsService() - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
-
- getUserDetailsService() - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
-
- getUsername() - Method in class org.springframework.security.web.authentication.rememberme.PersistentRememberMeToken
-
- getUsernameParameter() - Method in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
-
- getUserPrincipal() - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestWrapper
-
Returns the Authentication
(which is a subclass of Principal
), or
null
if unavailable.
- getUserRoles(HttpServletRequest) - Method in class org.springframework.security.web.authentication.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource
-
Obtains the list of user roles based on the current user's JEE roles.
- getValue() - Method in class org.springframework.security.web.savedrequest.SavedCookie
-
- getValues() - Method in class org.springframework.security.web.header.Header
-
Gets the values of the header.
- getVersion() - Method in class org.springframework.security.web.savedrequest.SavedCookie
-
- getWriter() - Method in class org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper
-
Makes sure the context is stored before calling getWriter().close()
or
getWriter().flush()
- gmtZone - Static variable in class org.springframework.security.web.savedrequest.FastHttpDateFormat
-
GMT time zone - all HTTP dates are on GMT
- obtainPassword(HttpServletRequest) - Method in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
-
Enables subclasses to override the composition of the password, such as by including additional values
and a separator.
- obtainSecurityMetadataSource() - Method in class org.springframework.security.web.access.intercept.FilterSecurityInterceptor
-
- obtainSubject(ServletRequest) - Method in class org.springframework.security.web.jaasapi.JaasApiIntegrationFilter
-
Obtains the Subject
to run as or null
if no
Subject
is available.
- obtainUsername(HttpServletRequest) - Method in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
-
Enables subclasses to override the composition of the username, such as by including additional values
and a separator.
- onAuthentication(Authentication, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.session.CompositeSessionAuthenticationStrategy
-
- onAuthentication(Authentication, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy
-
In addition to the steps from the superclass, the sessionRegistry will be updated with the new session information.
- onAuthentication(Authentication, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.session.ConcurrentSessionControlStrategy
-
Deprecated.
In addition to the steps from the superclass, the sessionRegistry will be updated with the new session information.
- onAuthentication(Authentication, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.session.NullAuthenticatedSessionStrategy
-
- onAuthentication(Authentication, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy
-
In addition to the steps from the superclass, the sessionRegistry will be updated with the new session information.
- onAuthentication(Authentication, HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.authentication.session.SessionAuthenticationStrategy
-
Performs Http session-related functionality when a new authentication occurs.
- onAuthentication(Authentication, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.csrf.CsrfAuthenticationStrategy
-
- onAuthenticationFailure(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in interface org.springframework.security.web.authentication.AuthenticationFailureHandler
-
Called when an authentication attempt fails.
- onAuthenticationFailure(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler
-
- onAuthenticationFailure(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
-
Performs the redirect or forward to the defaultFailureUrl
if set, otherwise returns a 401 error code.
- onAuthenticationSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in interface org.springframework.security.web.authentication.AuthenticationSuccessHandler
-
Called when a user has been successfully authenticated.
- onAuthenticationSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler
-
- onAuthenticationSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler
-
Calls the parent class handle()
method to forward or redirect to the target URL, and
then calls clearAuthenticationAttributes()
to remove any leftover session data.
- onInvalidSessionDetected(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.session.InvalidSessionStrategy
-
- onInvalidSessionDetected(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.session.SimpleRedirectInvalidSessionStrategy
-
- onLoginFail(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
-
- onLoginSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
-
Called from loginSuccess when a remember-me login has been requested.
- onLoginSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices
-
Creates a new persistent login token with a new series number, stores the data in the
persistent token repository and adds the corresponding cookie to the response.
- onLoginSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices
-
- onLogoutSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in interface org.springframework.security.web.authentication.logout.LogoutSuccessHandler
-
- onLogoutSuccess(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler
-
- onStartup(ServletContext) - Method in class org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer
-
- onSuccessfulAuthentication(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter
-
Called if a remember-me token is presented and successfully authenticated by the RememberMeServices
autoLogin
method and the AuthenticationManager
.
- onSuccessfulAuthentication(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
-
- onUnsuccessfulAuthentication(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter
-
Called if the AuthenticationManager
rejects the authentication object returned from the
RememberMeServices
autoLogin
method.
- onUnsuccessfulAuthentication(HttpServletRequest, HttpServletResponse, AuthenticationException) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
-
- org.springframework.security.web - package org.springframework.security.web
-
Spring Security's web security module.
- org.springframework.security.web.access - package org.springframework.security.web.access
-
Access-control related classes and packages.
- org.springframework.security.web.access.channel - package org.springframework.security.web.access.channel
-
Classes that ensure web requests are received over required transport channels.
- org.springframework.security.web.access.expression - package org.springframework.security.web.access.expression
-
Implementation of web security expressions.
- org.springframework.security.web.access.intercept - package org.springframework.security.web.access.intercept
-
Enforcement of security for HTTP requests, typically by the URL requested.
- org.springframework.security.web.authentication - package org.springframework.security.web.authentication
-
Authentication processing mechanisms, which respond to the submission of authentication
credentials using various protocols (eg BASIC, CAS, form login etc).
- org.springframework.security.web.authentication.logout - package org.springframework.security.web.authentication.logout
-
Logout functionality based around a filter which handles a specific logout URL.
- org.springframework.security.web.authentication.preauth - package org.springframework.security.web.authentication.preauth
-
Support for "pre-authenticated" scenarios, where Spring Security assumes the incoming request has already been
authenticated by some externally configured system.
- org.springframework.security.web.authentication.preauth.j2ee - package org.springframework.security.web.authentication.preauth.j2ee
-
Pre-authentication support for container-authenticated requests.
- org.springframework.security.web.authentication.preauth.websphere - package org.springframework.security.web.authentication.preauth.websphere
-
Websphere-specific pre-authentication classes.
- org.springframework.security.web.authentication.preauth.x509 - package org.springframework.security.web.authentication.preauth.x509
-
X.509 client certificate authentication support.
- org.springframework.security.web.authentication.rememberme - package org.springframework.security.web.authentication.rememberme
-
Support for remembering a user between different web sessions.
- org.springframework.security.web.authentication.session - package org.springframework.security.web.authentication.session
-
Strategy interface and implementations for handling session-related behaviour for a newly authenticated user.
- org.springframework.security.web.authentication.switchuser - package org.springframework.security.web.authentication.switchuser
-
Provides HTTP-based "switch user" (su) capabilities.
- org.springframework.security.web.authentication.ui - package org.springframework.security.web.authentication.ui
-
Authentication user-interface rendering code.
- org.springframework.security.web.authentication.www - package org.springframework.security.web.authentication.www
-
WWW-Authenticate based authentication mechanism implementations: Basic and Digest authentication.
- org.springframework.security.web.bind.annotation - package org.springframework.security.web.bind.annotation
-
- org.springframework.security.web.bind.support - package org.springframework.security.web.bind.support
-
- org.springframework.security.web.context - package org.springframework.security.web.context
-
Classes which are responsible for maintaining the security context between HTTP requests.
- org.springframework.security.web.context.request.async - package org.springframework.security.web.context.request.async
-
- org.springframework.security.web.csrf - package org.springframework.security.web.csrf
-
- org.springframework.security.web.debug - package org.springframework.security.web.debug
-
- org.springframework.security.web.firewall - package org.springframework.security.web.firewall
-
- org.springframework.security.web.header - package org.springframework.security.web.header
-
- org.springframework.security.web.header.writers - package org.springframework.security.web.header.writers
-
- org.springframework.security.web.header.writers.frameoptions - package org.springframework.security.web.header.writers.frameoptions
-
- org.springframework.security.web.jaasapi - package org.springframework.security.web.jaasapi
-
Makes a JAAS Subject available as the current Subject.
- org.springframework.security.web.savedrequest - package org.springframework.security.web.savedrequest
-
Classes related to the caching of an HttpServletRequest
which requires authentication.
- org.springframework.security.web.servlet.support.csrf - package org.springframework.security.web.servlet.support.csrf
-
- org.springframework.security.web.servletapi - package org.springframework.security.web.servletapi
-
Populates a Servlet request with a new Spring Security compliant HttpServletRequestWrapper
.
- org.springframework.security.web.session - package org.springframework.security.web.session
-
Session management filters, HttpSession
events and publisher classes.
- org.springframework.security.web.util - package org.springframework.security.web.util
-
Web utility classes.
- org.springframework.security.web.util.matcher - package org.springframework.security.web.util.matcher
-
- OrRequestMatcher - Class in org.springframework.security.web.util.matcher
-
- OrRequestMatcher(List<RequestMatcher>) - Constructor for class org.springframework.security.web.util.matcher.OrRequestMatcher
-
Creates a new instance
- OrRequestMatcher(RequestMatcher...) - Constructor for class org.springframework.security.web.util.matcher.OrRequestMatcher
-
Creates a new instance
- RedirectStrategy - Interface in org.springframework.security.web
-
Encapsulates the redirection logic for all classes in the framework which perform redirects.
- RedirectUrlBuilder - Class in org.springframework.security.web.util
-
Internal class for building redirect URLs.
- RedirectUrlBuilder() - Constructor for class org.springframework.security.web.util.RedirectUrlBuilder
-
- RegExpAllowFromStrategy - Class in org.springframework.security.web.header.writers.frameoptions
-
Implementation which uses a regular expression to validate the supplied
origin.
- RegExpAllowFromStrategy(String) - Constructor for class org.springframework.security.web.header.writers.frameoptions.RegExpAllowFromStrategy
-
Creates a new instance
- RegexRequestMatcher - Class in org.springframework.security.web.util.matcher
-
Uses a regular expression to decide whether a supplied the URL of a supplied HttpServletRequest
.
- RegexRequestMatcher(String, String) - Constructor for class org.springframework.security.web.util.matcher.RegexRequestMatcher
-
Creates a case-sensitive Pattern
instance to match against the request.
- RegexRequestMatcher(String, String, boolean) - Constructor for class org.springframework.security.web.util.matcher.RegexRequestMatcher
-
As above, but allows setting of whether case-insensitive matching should be used.
- RegexRequestMatcher - Class in org.springframework.security.web.util
-
- RegexRequestMatcher(String, String) - Constructor for class org.springframework.security.web.util.RegexRequestMatcher
-
Deprecated.
Creates a case-sensitive Pattern
instance to match against the request.
- RegexRequestMatcher(String, String, boolean) - Constructor for class org.springframework.security.web.util.RegexRequestMatcher
-
Deprecated.
As above, but allows setting of whether case-insensitive matching should be used.
- registerExtractor(Class<? extends Throwable>, ThrowableCauseExtractor) - Method in class org.springframework.security.web.util.ThrowableAnalyzer
-
Registers a ThrowableCauseExtractor
for the specified type.
- RegisterSessionAuthenticationStrategy - Class in org.springframework.security.web.authentication.session
-
Strategy used to register a user with the SessionRegistry
after
successful Authentication
.
- RegisterSessionAuthenticationStrategy(SessionRegistry) - Constructor for class org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy
-
- RememberMeAuthenticationException - Exception in org.springframework.security.web.authentication.rememberme
-
This exception is thrown when an Authentication
exception occurs while
using the remember-me authentication.
- RememberMeAuthenticationException(String, Throwable) - Constructor for exception org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationException
-
Constructs a RememberMeAuthenticationException
with the specified message and root cause.
- RememberMeAuthenticationException(String) - Constructor for exception org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationException
-
Constructs an RememberMeAuthenticationException
with the specified message and no root cause.
- RememberMeAuthenticationFilter - Class in org.springframework.security.web.authentication.rememberme
-
Detects if there is no
Authentication
object in the
SecurityContext
, and populates the context with
a remember-me authentication token if a
RememberMeServices
implementation so requests.
- RememberMeAuthenticationFilter() - Constructor for class org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter
-
Deprecated.
Use constructor injection
- RememberMeAuthenticationFilter(AuthenticationManager, RememberMeServices) - Constructor for class org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter
-
- rememberMeRequested(HttpServletRequest, String) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
-
Allows customization of whether a remember-me login has been requested.
- RememberMeServices - Interface in org.springframework.security.web.authentication
-
Implement by a class that is capable of providing a remember-me service.
- removeRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.HttpSessionRequestCache
-
- removeRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.NullRequestCache
-
- removeRequest(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.savedrequest.RequestCache
-
Removes the cached request.
- removeRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.RequestCacheAdapter
-
- removeUserTokens(String) - Method in class org.springframework.security.web.authentication.rememberme.InMemoryTokenRepositoryImpl
-
- removeUserTokens(String) - Method in class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl
-
- removeUserTokens(String) - Method in interface org.springframework.security.web.authentication.rememberme.PersistentTokenRepository
-
- request - Variable in class org.springframework.security.web.access.expression.WebSecurityExpressionRoot
-
Allows direct access to the request object
- RequestCache - Interface in org.springframework.security.web.savedrequest
-
Implements "saved request" logic, allowing a single request to be retrieved and restarted after redirecting to
an authentication mechanism.
- RequestCacheAdapter - Class in org.springframework.security.web.savedrequest
-
- RequestCacheAdapter() - Constructor for class org.springframework.security.web.savedrequest.RequestCacheAdapter
-
- RequestCacheAdapter(RequestCache) - Constructor for class org.springframework.security.web.savedrequest.RequestCacheAdapter
-
- RequestCacheAwareFilter - Class in org.springframework.security.web.savedrequest
-
Responsible for reconstituting the saved request if one is cached and it matches the current request.
- RequestCacheAwareFilter() - Constructor for class org.springframework.security.web.savedrequest.RequestCacheAwareFilter
-
- RequestCacheAwareFilter(RequestCache) - Constructor for class org.springframework.security.web.savedrequest.RequestCacheAwareFilter
-
- RequestHeaderAuthenticationFilter - Class in org.springframework.security.web.authentication.preauth
-
A simple pre-authenticated filter which obtains the username from a request header, for use with systems such as
CA Siteminder.
- RequestHeaderAuthenticationFilter() - Constructor for class org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter
-
- RequestHeaderRequestMatcher - Class in org.springframework.security.web.util.matcher
-
A
RequestMatcher
that can be used to match request that contain a
header with an expected header name and an expected value.
- RequestHeaderRequestMatcher(String) - Constructor for class org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher
-
- RequestHeaderRequestMatcher(String, String) - Constructor for class org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher
-
- RequestKey - Class in org.springframework.security.web.access.intercept
-
- RequestKey(String) - Constructor for class org.springframework.security.web.access.intercept.RequestKey
-
- RequestKey(String, String) - Constructor for class org.springframework.security.web.access.intercept.RequestKey
-
- RequestMatcher - Interface in org.springframework.security.web.util.matcher
-
Simple strategy to match an HttpServletRequest.
- RequestMatcher - Interface in org.springframework.security.web.util
-
- RequestMatcherEditor - Class in org.springframework.security.web.util.matcher
-
PropertyEditor which creates ELRequestMatcher instances from Strings
This allows to use a String in a BeanDefinition instead of an (inner) bean
if a RequestMatcher is required, e.g.
- RequestMatcherEditor() - Constructor for class org.springframework.security.web.util.matcher.RequestMatcherEditor
-
- RequestMatcherEditor - Class in org.springframework.security.web.util
-
- RequestMatcherEditor() - Constructor for class org.springframework.security.web.util.RequestMatcherEditor
-
Deprecated.
- RequestRejectedException - Exception in org.springframework.security.web.firewall
-
- RequestRejectedException(String) - Constructor for exception org.springframework.security.web.firewall.RequestRejectedException
-
- requiresAuthentication(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
-
- requiresExitUser(HttpServletRequest) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
-
Checks the request URI for the presence of exitUserUrl.
- requiresLogout(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.logout.LogoutFilter
-
Allow subclasses to modify when a logout should take place.
- requiresSwitchUser(HttpServletRequest) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
-
Checks the request URI for the presence of switchUserUrl.
- reset() - Method in class org.springframework.security.web.firewall.FirewalledRequest
-
This method will be called once the request has passed through the
security filter chain, when it is about to proceed to the application
proper.
- resolveArgument(MethodParameter, ModelAndViewContainer, NativeWebRequest, WebDataBinderFactory) - Method in class org.springframework.security.web.bind.support.AuthenticationPrincipalArgumentResolver
-
- retrievePassword(Authentication) - Method in class org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices
-
- retrieveUserName(Authentication) - Method in class org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices
-
- RetryWithHttpEntryPoint - Class in org.springframework.security.web.access.channel
-
Commences an insecure channel by retrying the original request using HTTP.
- RetryWithHttpEntryPoint() - Constructor for class org.springframework.security.web.access.channel.RetryWithHttpEntryPoint
-
- RetryWithHttpsEntryPoint - Class in org.springframework.security.web.access.channel
-
Commences a secure channel by retrying the original request using HTTPS.
- RetryWithHttpsEntryPoint() - Constructor for class org.springframework.security.web.access.channel.RetryWithHttpsEntryPoint
-
- ROLE_PREVIOUS_ADMINISTRATOR - Static variable in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
-
- saveContext(SecurityContext, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.context.HttpSessionSecurityContextRepository
-
- saveContext(SecurityContext, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.context.NullSecurityContextRepository
-
- saveContext(SecurityContext) - Method in class org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper
-
Implements the logic for storing the security context.
- saveContext(SecurityContext, HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.context.SecurityContextRepository
-
Stores the security context on completion of a request.
- SaveContextOnUpdateOrErrorResponseWrapper - Class in org.springframework.security.web.context
-
Base class for response wrappers which encapsulate the logic for storing a security context and which store the
SecurityContext
when a
sendError()
,
sendRedirect
,
getOutputStream().close()
,
getOutputStream().flush()
,
getWriter().close()
, or
getWriter().flush()
happens on the same thread that this
SaveContextOnUpdateOrErrorResponseWrapper
was created.
- SaveContextOnUpdateOrErrorResponseWrapper(HttpServletResponse, boolean) - Constructor for class org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper
-
- SavedCookie - Class in org.springframework.security.web.savedrequest
-
Stores off the values of a cookie in a serializable holder
- SavedCookie(String, String, String, String, int, String, boolean, int) - Constructor for class org.springframework.security.web.savedrequest.SavedCookie
-
- SavedCookie(Cookie) - Constructor for class org.springframework.security.web.savedrequest.SavedCookie
-
- SavedRequest - Interface in org.springframework.security.web.savedrequest
-
Encapsulates the functionality required of a cached request for both an authentication mechanism (typically
form-based login) to redirect to the original URL and for a RequestCache to build a wrapped request,
reproducing the original request data.
- SavedRequestAwareAuthenticationSuccessHandler - Class in org.springframework.security.web.authentication
-
- SavedRequestAwareAuthenticationSuccessHandler() - Constructor for class org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler
-
- saveException(HttpServletRequest, AuthenticationException) - Method in class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
-
Caches the AuthenticationException
for use in view rendering.
- saveRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.HttpSessionRequestCache
-
Stores the current request, provided the configuration properties allow it.
- saveRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.NullRequestCache
-
- saveRequest(HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.savedrequest.RequestCache
-
Caches the current request for later retrieval, once authentication has taken place.
- saveRequest(HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.savedrequest.RequestCacheAdapter
-
- saveToken(CsrfToken, HttpServletRequest, HttpServletResponse) - Method in interface org.springframework.security.web.csrf.CsrfTokenRepository
-
Saves the
CsrfToken
using the
HttpServletRequest
and
HttpServletResponse
.
- saveToken(CsrfToken, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository
-
- SecureChannelProcessor - Class in org.springframework.security.web.access.channel
-
Ensures channel security is active by review of HttpServletRequest.isSecure()
responses.
- SecureChannelProcessor() - Constructor for class org.springframework.security.web.access.channel.SecureChannelProcessor
-
- SecurityContextCallableProcessingInterceptor - Class in org.springframework.security.web.context.request.async
-
Allows for integration with Spring MVC's
Callable
support.
- SecurityContextCallableProcessingInterceptor() - Constructor for class org.springframework.security.web.context.request.async.SecurityContextCallableProcessingInterceptor
-
- SecurityContextCallableProcessingInterceptor(SecurityContext) - Constructor for class org.springframework.security.web.context.request.async.SecurityContextCallableProcessingInterceptor
-
- SecurityContextHolderAwareRequestFilter - Class in org.springframework.security.web.servletapi
-
A Filter
which populates the ServletRequest
with a request wrapper
which implements the servlet API security methods.
- SecurityContextHolderAwareRequestFilter() - Constructor for class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter
-
- SecurityContextHolderAwareRequestWrapper - Class in org.springframework.security.web.servletapi
-
- SecurityContextHolderAwareRequestWrapper(HttpServletRequest, String) - Constructor for class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestWrapper
-
Creates a new instance with AuthenticationTrustResolverImpl
.
- SecurityContextHolderAwareRequestWrapper(HttpServletRequest, AuthenticationTrustResolver, String) - Constructor for class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestWrapper
-
Creates a new instance
- SecurityContextLogoutHandler - Class in org.springframework.security.web.authentication.logout
-
Performs a logout by modifying the SecurityContextHolder
.
- SecurityContextLogoutHandler() - Constructor for class org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler
-
- SecurityContextPersistenceFilter - Class in org.springframework.security.web.context
-
Populates the
SecurityContextHolder
with information obtained from
the configured
SecurityContextRepository
prior to the request and stores it back in the repository
once the request has completed and clearing the context holder.
- SecurityContextPersistenceFilter() - Constructor for class org.springframework.security.web.context.SecurityContextPersistenceFilter
-
- SecurityContextPersistenceFilter(SecurityContextRepository) - Constructor for class org.springframework.security.web.context.SecurityContextPersistenceFilter
-
- SecurityContextRepository - Interface in org.springframework.security.web.context
-
Strategy used for persisting a SecurityContext
between requests.
- SecurityFilterChain - Interface in org.springframework.security.web
-
Defines a filter chain which is capable of being matched against an HttpServletRequest
.
- sendError(int) - Method in class org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper
-
Makes sure the session is updated before calling the
superclass sendError()
- sendError(int, String) - Method in class org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper
-
Makes sure the session is updated before calling the
superclass sendError()
- sendRedirect(String) - Method in class org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper
-
Makes sure the context is stored before calling the
superclass sendRedirect()
- sendRedirect(HttpServletRequest, HttpServletResponse, String) - Method in class org.springframework.security.web.DefaultRedirectStrategy
-
Redirects the response to the supplied URL.
- sendRedirect(HttpServletRequest, HttpServletResponse, String) - Method in interface org.springframework.security.web.RedirectStrategy
-
Performs a redirect to the supplied URL
- sendStartAuthentication(HttpServletRequest, HttpServletResponse, FilterChain, AuthenticationException) - Method in class org.springframework.security.web.access.ExceptionTranslationFilter
-
- serialVersionUID - Static variable in class org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesAuthenticationDetails
-
Deprecated.
- SessionAuthenticationException - Exception in org.springframework.security.web.authentication.session
-
Thrown by an SessionAuthenticationStrategy to indicate that an authentication object is not valid for
the current session, typically because the same user has exceeded the number of sessions they are allowed to have
concurrently.
- SessionAuthenticationException(String) - Constructor for exception org.springframework.security.web.authentication.session.SessionAuthenticationException
-
- SessionAuthenticationStrategy - Interface in org.springframework.security.web.authentication.session
-
Allows pluggable support for HttpSession-related behaviour when an authentication occurs.
- sessionCreated(HttpSessionEvent) - Method in class org.springframework.security.web.session.HttpSessionEventPublisher
-
- sessionDestroyed(HttpSessionEvent) - Method in class org.springframework.security.web.session.HttpSessionEventPublisher
-
- SessionFixationProtectionEvent - Class in org.springframework.security.web.authentication.session
-
Indicates a session ID was changed for the purposes of session fixation protection.
- SessionFixationProtectionEvent(Authentication, String, String) - Constructor for class org.springframework.security.web.authentication.session.SessionFixationProtectionEvent
-
Constructs a new session fixation protection event.
- SessionFixationProtectionStrategy - Class in org.springframework.security.web.authentication.session
-
- SessionFixationProtectionStrategy() - Constructor for class org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy
-
- SessionManagementFilter - Class in org.springframework.security.web.session
-
Detects that a user has been authenticated since the start of the request and, if they have, calls the
configured
SessionAuthenticationStrategy
to perform any session-related activity such as
activating session-fixation protection mechanisms or checking for multiple concurrent logins.
- SessionManagementFilter(SecurityContextRepository) - Constructor for class org.springframework.security.web.session.SessionManagementFilter
-
- SessionManagementFilter(SecurityContextRepository, SessionAuthenticationStrategy) - Constructor for class org.springframework.security.web.session.SessionManagementFilter
-
- setAccessDeniedHandler(AccessDeniedHandler) - Method in class org.springframework.security.web.access.ExceptionTranslationFilter
-
- setAccessDeniedHandler(AccessDeniedHandler) - Method in class org.springframework.security.web.csrf.CsrfFilter
-
- setAllowSessionCreation(boolean) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
-
- setAllowSessionCreation(boolean) - Method in class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
-
- setAllowSessionCreation(boolean) - Method in class org.springframework.security.web.context.HttpSessionSecurityContextRepository
-
If set to true (the default), a session will be created (if required) to store the security context if it is
determined that its contents are different from the default empty context value.
- setAlwaysCreateSession(boolean) - Method in class org.springframework.security.web.authentication.session.ConcurrentSessionControlStrategy
-
Deprecated.
- setAlwaysRemember(boolean) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
-
- setAlwaysUseDefaultTargetUrl(boolean) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
-
If true
, will always redirect to the value of defaultTargetUrl
(defaults to false
).
- setApplicationEventPublisher(ApplicationEventPublisher) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
-
- setApplicationEventPublisher(ApplicationEventPublisher) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
-
- setApplicationEventPublisher(ApplicationEventPublisher) - Method in class org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter
-
- setApplicationEventPublisher(ApplicationEventPublisher) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
-
- setAsText(String) - Method in class org.springframework.security.web.util.matcher.RequestMatcherEditor
-
- setAsText(String) - Method in class org.springframework.security.web.util.RequestMatcherEditor
-
Deprecated.
- setAuthenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
-
- setAuthenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.web.authentication.AnonymousAuthenticationFilter
-
- setAuthenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
-
- setAuthenticationDetailsSource(AuthenticationDetailsSource<?, ?>) - Method in class org.springframework.security.web.authentication.preauth.websphere.WebSphere2SpringSecurityPropagationInterceptor
-
Deprecated.
- setAuthenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
-
- setAuthenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
-
- setAuthenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
-
- setAuthenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
-
- setAuthenticationEntryPoint(AuthenticationEntryPoint) - Method in class org.springframework.security.web.access.ExceptionTranslationFilter
-
Deprecated.
Use constructor
- setAuthenticationEntryPoint(AuthenticationEntryPoint) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
-
Deprecated.
Use constructor injection
- setAuthenticationEntryPoint(DigestAuthenticationEntryPoint) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
-
- setAuthenticationEntryPoint(AuthenticationEntryPoint) - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter
-
- setAuthenticationFailureHandler(AuthenticationFailureHandler) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
-
- setAuthenticationFailureHandler(AuthenticationFailureHandler) - Method in class org.springframework.security.web.session.SessionManagementFilter
-
The handler which will be invoked if the AuthenticatedSessionStrategy raises a
SessionAuthenticationException, indicating that the user is not allowed to be authenticated for this
session (typically because they already have too many sessions open).
- setAuthenticationManager(AuthenticationManager) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
-
- setAuthenticationManager(AuthenticationManager) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
-
- setAuthenticationManager(AuthenticationManager) - Method in class org.springframework.security.web.authentication.preauth.websphere.WebSphere2SpringSecurityPropagationInterceptor
-
Deprecated.
- setAuthenticationManager(AuthenticationManager) - Method in class org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter
-
Deprecated.
Use constructor injection
- setAuthenticationManager(AuthenticationManager) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
-
Deprecated.
Use constructor injection
- setAuthenticationManager(AuthenticationManager) - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter
-
Sets the AuthenticationManager
used when integrating HttpServletRequest
with Servlet 3 APIs.
- setAuthenticationSuccessHandler(AuthenticationSuccessHandler) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
-
Sets the strategy used to handle a successful authentication.
- setAuthenticationSuccessHandler(AuthenticationSuccessHandler) - Method in class org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter
-
Allows control over the destination a remembered user is sent to when they are successfully authenticated.
- setAuthenticationTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.web.access.ExceptionTranslationFilter
-
- setAuthenticationUrl(String) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
-
- setAuthoritiesMapper(GrantedAuthoritiesMapper) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
-
- setBlock(boolean) - Method in class org.springframework.security.web.header.writers.XXssProtectionHeaderWriter
-
If false, will not specify the mode as blocked.
- setChannelDecisionManager(ChannelDecisionManager) - Method in class org.springframework.security.web.access.channel.ChannelProcessingFilter
-
- setChannelProcessors(List<?>) - Method in class org.springframework.security.web.access.channel.ChannelDecisionManagerImpl
-
- setCheckForPrincipalChanges(boolean) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
-
If set, the pre-authenticated principal will be checked on each request and compared
against the name of the current Authentication object.
- setClearAuthentication(boolean) - Method in class org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler
-
If true, removes the Authentication
from the SecurityContext
to prevent issues with concurrent
requests.
- setContextPath(String) - Method in class org.springframework.security.web.util.RedirectUrlBuilder
-
- setContextRelative(boolean) - Method in class org.springframework.security.web.DefaultRedirectStrategy
-
If true, causes any redirection URLs to be calculated minus the protocol
and context path (defaults to false).
- setContinueChainBeforeSuccessfulAuthentication(boolean) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
-
- setContinueFilterChainOnUnsuccessfulAuthentication(boolean) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
-
If set to true
, any AuthenticationException
raised by the AuthenticationManager
will be
swallowed, and the request will be allowed to proceed, potentially using alternative authentication mechanisms.
- setCookie(String[], int, HttpServletRequest, HttpServletResponse) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
-
Sets the cookie on the response.
- setCookieName(String) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
-
- setCreateAuthenticatedToken(boolean) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
-
If you set this property, the Authentication object, which is
created after the successful digest authentication will be marked
as authenticated and filled with the authorities loaded by
the UserDetailsService.
- setCreateEmptySubject(boolean) - Method in class org.springframework.security.web.jaasapi.JaasApiIntegrationFilter
-
Sets createEmptySubject
.
- setCreateNewSession(boolean) - Method in class org.springframework.security.web.session.SimpleRedirectInvalidSessionStrategy
-
Determines whether a new session should be created before redirecting (to avoid possible looping issues where
the same session ID is sent with the redirected request).
- setCreateSessionAllowed(boolean) - Method in class org.springframework.security.web.savedrequest.HttpSessionRequestCache
-
If true
, indicates that it is permitted to store the target
URL and exception information in a new HttpSession
(the default).
- setCreateTableOnStartup(boolean) - Method in class org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl
-
Intended for convenience in debugging.
- setCredentialsCharset(String) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
-
- setCredentialsRequestHeader(String) - Method in class org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter
-
- setDefaultEntryPoint(AuthenticationEntryPoint) - Method in class org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint
-
EntryPoint which is used when no RequestMatcher returned true
- setDefaultFailureUrl(String) - Method in class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
-
The URL which will be used as the failure destination.
- setDefaultTargetUrl(String) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
-
Supplies the default target Url that will be used if no saved request is found in the session, or the
alwaysUseDefaultTargetUrl
property is set to true.
- setDetails(HttpServletRequest, UsernamePasswordAuthenticationToken) - Method in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
-
Provided so that subclasses may configure what is put into the authentication request's details
property.
- setDisableUrlRewriting(boolean) - Method in class org.springframework.security.web.context.HttpSessionSecurityContextRepository
-
Allows the use of session identifiers in URLs to be disabled.
- setEnabled(boolean) - Method in class org.springframework.security.web.header.writers.XXssProtectionHeaderWriter
-
If true, will contain a value of 1.
- setEntryPoint(ChannelEntryPoint) - Method in class org.springframework.security.web.access.channel.InsecureChannelProcessor
-
- setEntryPoint(ChannelEntryPoint) - Method in class org.springframework.security.web.access.channel.SecureChannelProcessor
-
- setErrorPage(String) - Method in class org.springframework.security.web.access.AccessDeniedHandlerImpl
-
The error page to use.
- setExceptionIfHeaderMissing(boolean) - Method in class org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter
-
Defines whether an exception should be raised if the principal header is missing.
- setExceptionIfMaximumExceeded(boolean) - Method in class org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy
-
Sets the exceptionIfMaximumExceeded property, which determines
whether the user should be prevented from opening more sessions than
allowed.
- setExceptionIfMaximumExceeded(boolean) - Method in class org.springframework.security.web.authentication.session.ConcurrentSessionControlStrategy
-
Deprecated.
Sets the exceptionIfMaximumExceeded property, which determines whether the user should be prevented
from opening more sessions than allowed.
- setExceptionMappings(Map<?, ?>) - Method in class org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler
-
Sets the map of exception types (by name) to URLs.
- setExitUserUrl(String) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
-
Set the URL to respond to exit user processing.
- setExpiredUrl(String) - Method in class org.springframework.security.web.session.ConcurrentSessionFilter
-
Deprecated.
use constructor injection instead
- setExpressionHandler(SecurityExpressionHandler<FilterInvocation>) - Method in class org.springframework.security.web.access.expression.WebExpressionVoter
-
- setFailureHandler(AuthenticationFailureHandler) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
-
Used to define custom behaviour when a switch fails.
- setFailureUrl(String) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
-
- setFilterChainMap(Map<RequestMatcher, List<Filter>>) - Method in class org.springframework.security.web.FilterChainProxy
-
Deprecated.
Use the constructor which takes a List<SecurityFilterChain>
instead.
- setFilterChainValidator(FilterChainProxy.FilterChainValidator) - Method in class org.springframework.security.web.FilterChainProxy
-
Used (internally) to specify a validation strategy for the filters in each configured chain.
- setFilterProcessesUrl(String) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
-
- setFilterProcessesUrl(String) - Method in class org.springframework.security.web.authentication.logout.LogoutFilter
-
Deprecated.
- setFirewall(HttpFirewall) - Method in class org.springframework.security.web.FilterChainProxy
-
Sets the "firewall" implementation which will be used to validate and wrap (or potentially reject) the
incoming requests.
- setForceEagerSessionCreation(boolean) - Method in class org.springframework.security.web.context.SecurityContextPersistenceFilter
-
- setForceHttps(boolean) - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
-
Set to true to force login form access to be via https.
- setFormLoginEnabled(boolean) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
-
- setGrantedAuthorities(Collection<? extends GrantedAuthority>) - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesAuthenticationDetails
-
Deprecated.
- setHeaderName(String) - Method in class org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository
-
Sets the header name that the
CsrfToken
is expected to appear on
and the header that the response will contain the
CsrfToken
.
- setIgnoredMediaTypes(Set<MediaType>) - Method in class org.springframework.security.web.util.matcher.MediaTypeRequestMatcher
-
- setIgnoreFailure(boolean) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
-
Deprecated.
Use the constructor which takes a single AuthenticationManager parameter
- setIncludeSubDomains(boolean) - Method in class org.springframework.security.web.header.writers.HstsHeaderWriter
-
If true, subdomains should be considered HSTS Hosts too.
- setInsecureKeyword(String) - Method in class org.springframework.security.web.access.channel.InsecureChannelProcessor
-
- setInvalidateHttpSession(boolean) - Method in class org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler
-
Causes the
HttpSession
to be invalidated when this
LogoutHandler
is invoked.
- setInvalidateSessionOnPrincipalChange(boolean) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
-
If checkForPrincipalChanges is set, and a change of principal is detected, determines whether
any existing session should be invalidated before proceeding to authenticate the new principal.
- setInvalidSessionStrategy(InvalidSessionStrategy) - Method in class org.springframework.security.web.session.SessionManagementFilter
-
Sets the strategy which will be invoked instead of allowing the filter chain to prceed, if the user agent
requests an invalid session Id.
- setKey(String) - Method in class org.springframework.security.web.authentication.AnonymousAuthenticationFilter
-
Deprecated.
use constructor injection instead
- setKey(String) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
-
Deprecated.
Use constructor injection
- setKey(String) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
-
- setLoginFormUrl(String) - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
-
Deprecated.
use constructor injection
- setLoginPageUrl(String) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
-
- setLogoutHandlers(List<LogoutHandler>) - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter
-
Sets the
LogoutHandler
s used when integrating with
HttpServletRequest
with Servlet 3 APIs.
- setLogoutHandlers(LogoutHandler[]) - Method in class org.springframework.security.web.session.ConcurrentSessionFilter
-
- setLogoutRequestMatcher(RequestMatcher) - Method in class org.springframework.security.web.authentication.logout.LogoutFilter
-
- setLogoutSuccessUrl(String) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
-
- setMappableRolesRetriever(MappableAttributesRetriever) - Method in class org.springframework.security.web.authentication.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource
-
- setMaxAgeInSeconds(long) - Method in class org.springframework.security.web.header.writers.HstsHeaderWriter
-
Sets the value (in seconds) for the max-age directive of the
Strict-Transport-Security header.
- setMaximumSessions(int) - Method in class org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy
-
Sets the maxSessions property.
- setMaximumSessions(int) - Method in class org.springframework.security.web.authentication.session.ConcurrentSessionControlStrategy
-
Deprecated.
Sets the maxSessions property.
- setMessageSource(MessageSource) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
-
- setMessageSource(MessageSource) - Method in class org.springframework.security.web.authentication.preauth.x509.SubjectDnX509PrincipalExtractor
-
- setMessageSource(MessageSource) - Method in class org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy
-
Sets the
MessageSource
used for reporting errors back to the user
when the user has exceeded the maximum number of authentications.
- setMessageSource(MessageSource) - Method in class org.springframework.security.web.authentication.session.ConcurrentSessionControlStrategy
-
Deprecated.
- setMessageSource(MessageSource) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
-
- setMessageSource(MessageSource) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
-
- setMigrateSessionAttributes(boolean) - Method in class org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy
-
Defines whether attributes should be migrated to a new session or not.
- setNonceValiditySeconds(int) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
-
- setObserveOncePerRequest(boolean) - Method in class org.springframework.security.web.access.intercept.FilterSecurityInterceptor
-
- setOpenIDauthenticationUrl(String) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
-
- setOpenIdEnabled(boolean) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
-
- setOpenIDusernameParameter(String) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
-
- setOrder(int) - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider
-
- setOrder(int) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
-
- setParameter(String) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
-
Sets the name of the parameter which should be checked for to see if a remember-me has been requested
during a login request.
- setParameterName(String) - Method in class org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository
-
Sets the
HttpServletRequest
parameter name that the
CsrfToken
is expected to appear on
- setPasswordAlreadyEncoded(boolean) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
-
- setPasswordParameter(String) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
-
- setPasswordParameter(String) - Method in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
-
Sets the parameter name which will be used to obtain the password from the login request..
- setPathInfo(String) - Method in class org.springframework.security.web.util.RedirectUrlBuilder
-
- setPort(int) - Method in class org.springframework.security.web.util.RedirectUrlBuilder
-
- setPortMapper(PortMapper) - Method in class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
-
- setPortMapper(PortMapper) - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
-
- setPortMapper(PortMapper) - Method in class org.springframework.security.web.PortResolverImpl
-
- setPortMappings(Map<String, String>) - Method in class org.springframework.security.web.PortMapperImpl
-
Set to override the default HTTP port to HTTPS port mappings of 80:443, and 8080:8443.
- setPortResolver(PortResolver) - Method in class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
-
- setPortResolver(PortResolver) - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
-
- setPortResolver(PortResolver) - Method in class org.springframework.security.web.savedrequest.HttpSessionRequestCache
-
- setPostOnly(boolean) - Method in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
-
Defines whether only HTTP POST requests will be allowed by this filter.
- setPreAuthenticatedUserDetailsService(AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken>) - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider
-
Set the AuthenticatedUserDetailsService to be used to load the UserDetails
for the authenticated user.
- setPrincipalExtractor(X509PrincipalExtractor) - Method in class org.springframework.security.web.authentication.preauth.x509.X509AuthenticationFilter
-
- setPrincipalRequestHeader(String) - Method in class org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter
-
- setQuery(String) - Method in class org.springframework.security.web.util.RedirectUrlBuilder
-
- setRealmName(String) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint
-
- setRealmName(String) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationEntryPoint
-
- setRedirectStrategy(RedirectStrategy) - Method in class org.springframework.security.web.access.channel.AbstractRetryEntryPoint
-
Sets the strategy to be used for redirecting to the required channel URL.
- setRedirectStrategy(RedirectStrategy) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
-
Allows overriding of the behaviour when redirecting to a target URL.
- setRedirectStrategy(RedirectStrategy) - Method in class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
-
Allows overriding of the behaviour when redirecting to a target URL.
- setRedirectStrategy(RedirectStrategy) - Method in class org.springframework.security.web.session.ConcurrentSessionFilter
-
- setRememberMeParameter(String) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
-
- setRememberMeServices(RememberMeServices) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
-
- setRememberMeServices(RememberMeServices) - Method in class org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter
-
Deprecated.
Use constructor injection
- setRememberMeServices(RememberMeServices) - Method in class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
-
- setRequest(HttpServletRequest) - Method in class org.springframework.security.web.context.HttpRequestResponseHolder
-
- setRequestCache(RequestCache) - Method in class org.springframework.security.web.access.ExceptionTranslationFilter
-
Deprecated.
Use constructor
- setRequestCache(RequestCache) - Method in class org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler
-
- setRequestCache(RequestCache) - Method in class org.springframework.security.web.savedrequest.RequestCacheAwareFilter
-
Deprecated.
Use constructor injection
- setRequestMatcher(RequestMatcher) - Method in class org.springframework.security.web.header.writers.HstsHeaderWriter
-
Sets the
RequestMatcher
used to determine if the
"Strict-Transport-Security" should be added.
- setRequestMatcher(RequestMatcher) - Method in class org.springframework.security.web.savedrequest.HttpSessionRequestCache
-
Allows selective use of saved requests for a subset of requests.
- setRequireCsrfProtectionMatcher(RequestMatcher) - Method in class org.springframework.security.web.csrf.CsrfFilter
-
Specifies a
RequestMatcher
that is used to determine if CSRF
protection should be applied.
- setRequiresAuthenticationRequestMatcher(RequestMatcher) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
-
- setResourceLoader(ResourceLoader) - Method in class org.springframework.security.web.authentication.preauth.j2ee.WebXmlMappableAttributesRetriever
-
- setResponse(HttpServletResponse) - Method in class org.springframework.security.web.context.HttpRequestResponseHolder
-
- setRetainedAttributes(List<String>) - Method in class org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy
-
Deprecated.
Override the extractAttributes
method instead
- setRolePrefix(String) - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter
-
- setScheme(String) - Method in class org.springframework.security.web.util.RedirectUrlBuilder
-
- setSecureKeyword(String) - Method in class org.springframework.security.web.access.channel.SecureChannelProcessor
-
- setSecurityContextRepository(SecurityContextRepository) - Method in class org.springframework.security.web.context.SecurityContextPersistenceFilter
-
Deprecated.
Use constructor injection
- setSecurityMetadataSource(FilterInvocationSecurityMetadataSource) - Method in class org.springframework.security.web.access.channel.ChannelProcessingFilter
-
- setSecurityMetadataSource(FilterInvocationSecurityMetadataSource) - Method in class org.springframework.security.web.access.intercept.FilterSecurityInterceptor
-
- setSeriesLength(int) - Method in class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices
-
- setServerName(String) - Method in class org.springframework.security.web.util.RedirectUrlBuilder
-
- setServletPath(String) - Method in class org.springframework.security.web.util.RedirectUrlBuilder
-
- setSessionAttributeName(String) - Method in class org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository
-
Sets the
HttpSession
attribute name that the
CsrfToken
is stored in
- setSessionAuthenticationStrategy(SessionAuthenticationStrategy) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
-
The session handling strategy which will be invoked immediately after an authentication request is
successfully processed by the AuthenticationManager.
- setSessionAuthenticationStrategy(SessionAuthenticationStrategy) - Method in class org.springframework.security.web.session.SessionManagementFilter
-
Deprecated.
Use constructor injection
- setSessionRegistry(SessionRegistry) - Method in class org.springframework.security.web.session.ConcurrentSessionFilter
-
Deprecated.
use constructor injection instead
- setSpringSecurityContextKey(String) - Method in class org.springframework.security.web.context.HttpSessionSecurityContextRepository
-
Allows the session attribute name to be customized for this repository instance.
- setSubjectDnRegex(String) - Method in class org.springframework.security.web.authentication.preauth.x509.SubjectDnX509PrincipalExtractor
-
Sets the regular expression which will by used to extract the user name from the certificate's Subject
DN.
- setSuccessHandler(AuthenticationSuccessHandler) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
-
Used to define custom behaviour on a successful switch or exit user.
- setSwitchFailureUrl(String) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
-
Sets the URL to which a user should be redirected if the switch fails.
- setSwitchUserAuthorityChanger(SwitchUserAuthorityChanger) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
-
- setSwitchUserUrl(String) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
-
Set the URL to respond to switch user processing.
- setTargetUrl(String) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
-
Sets the URL to go to after a successful switch / exit user request.
- setTargetUrlParameter(String) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
-
If this property is set, the current request will be checked for this a parameter with this name
and the value used as the target URL if present.
- setThrowableAnalyzer(ThrowableAnalyzer) - Method in class org.springframework.security.web.access.ExceptionTranslationFilter
-
- setThrowExceptionWhenTokenRejected(boolean) - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider
-
If true, causes the provider to throw a BadCredentialsException if the presented authentication
request is invalid (contains a null principal or credentials).
- setTokenLength(int) - Method in class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices
-
- setTokenRepository(PersistentTokenRepository) - Method in class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices
-
Deprecated.
Use constructor injection
- setTokenValiditySeconds(int) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
-
- setTokenValiditySeconds(int) - Method in class org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices
-
- setTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler
-
Sets the AuthenticationTrustResolver
to be used.
- setTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.web.context.HttpSessionSecurityContextRepository
-
Sets the AuthenticationTrustResolver
to be used.
- setTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter
-
Sets the AuthenticationTrustResolver
to be used.
- setTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.web.session.SessionManagementFilter
-
Sets the AuthenticationTrustResolver
to be used.
- setUseEquals(boolean) - Method in class org.springframework.security.web.util.matcher.MediaTypeRequestMatcher
-
- setUseForward(boolean) - Method in class org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
-
Tells if we are to do a forward to the loginFormUrl
using the RequestDispatcher
,
instead of a 302 redirect.
- setUseForward(boolean) - Method in class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
-
If set to true, performs a forward to the failure destination URL instead of a redirect.
- setUserAttribute(UserAttribute) - Method in class org.springframework.security.web.authentication.AnonymousAuthenticationFilter
-
Deprecated.
use constructor injection instead
- setUserCache(UserCache) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
-
- setUserDetailsChecker(UserDetailsChecker) - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider
-
Sets the strategy which will be used to validate the loaded UserDetails object
for the user.
- setUserDetailsChecker(UserDetailsChecker) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
-
Sets the strategy to be used to validate the UserDetails
object obtained for
the user when processing a remember-me cookie to automatically log in a user.
- setUserDetailsChecker(UserDetailsChecker) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
-
- setUserDetailsService(UserDetailsService) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
-
Deprecated.
Use constructor injection
- setUserDetailsService(UserDetailsService) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
-
Sets the authentication data access object.
- setUserDetailsService(UserDetailsService) - Method in class org.springframework.security.web.authentication.www.DigestAuthenticationFilter
-
- setUseReferer(boolean) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
-
If set to true
the Referer
header will be used (if available).
- setUsernameParameter(String) - Method in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
-
Allows the parameter containing the username to be customized.
- setUsernameParameter(String) - Method in class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
-
- setUsernameParameter(String) - Method in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
-
Sets the parameter name which will be used to obtain the username from the login request.
- setUserRoles2GrantedAuthoritiesMapper(Attributes2GrantedAuthoritiesMapper) - Method in class org.springframework.security.web.authentication.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource
-
- setUseSecureCookie(boolean) - Method in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
-
Whether the cookie should be flagged as secure or not.
- setWebSphereGroups2GrantedAuthoritiesMapper(Attributes2GrantedAuthoritiesMapper) - Method in class org.springframework.security.web.authentication.preauth.websphere.WebSpherePreAuthenticatedAuthenticationDetailsSource
-
Deprecated.
- setWebSphereGroups2GrantedAuthoritiesMapper(Attributes2GrantedAuthoritiesMapper) - Method in class org.springframework.security.web.authentication.preauth.websphere.WebSpherePreAuthenticatedWebAuthenticationDetailsSource
-
- SimpleRedirectInvalidSessionStrategy - Class in org.springframework.security.web.session
-
Performs a redirect to a fixed URL when an invalid requested session is detected by the SessionManagementFilter
.
- SimpleRedirectInvalidSessionStrategy(String) - Constructor for class org.springframework.security.web.session.SimpleRedirectInvalidSessionStrategy
-
- SimpleUrlAuthenticationFailureHandler - Class in org.springframework.security.web.authentication
-
AuthenticationFailureHandler which performs a redirect to the value of the
defaultFailureUrl
property when the
onAuthenticationFailure method is called.
- SimpleUrlAuthenticationFailureHandler() - Constructor for class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
-
- SimpleUrlAuthenticationFailureHandler(String) - Constructor for class org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
-
- SimpleUrlAuthenticationSuccessHandler - Class in org.springframework.security.web.authentication
-
AuthenticationSuccessHandler which can be configured with a default URL which users should be
sent to upon successful authentication.
- SimpleUrlAuthenticationSuccessHandler() - Constructor for class org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler
-
- SimpleUrlAuthenticationSuccessHandler(String) - Constructor for class org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler
-
Constructor which sets the defaultTargetUrl property of the base class.
- SimpleUrlLogoutSuccessHandler - Class in org.springframework.security.web.authentication.logout
-
- SimpleUrlLogoutSuccessHandler() - Constructor for class org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler
-
- SPRING_SECURITY_CONTEXT_KEY - Static variable in class org.springframework.security.web.context.HttpSessionSecurityContextRepository
-
The default key under which the security context will be stored in the session.
- SPRING_SECURITY_FORM_PASSWORD_KEY - Static variable in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
-
- SPRING_SECURITY_FORM_USERNAME_KEY - Static variable in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
-
- SPRING_SECURITY_LAST_EXCEPTION_KEY - Static variable in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
-
- SPRING_SECURITY_LAST_USERNAME_KEY - Static variable in class org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
-
Deprecated.
If you want to retain the username, cache it in a customized AuthenticationFailureHandler
- SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY - Static variable in class org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
-
- SPRING_SECURITY_SWITCH_USERNAME_KEY - Static variable in class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
-
- StaticAllowFromStrategy - Class in org.springframework.security.web.header.writers.frameoptions
-
Simple implementation of the AllowFromStrategy
- StaticAllowFromStrategy(URI) - Constructor for class org.springframework.security.web.header.writers.frameoptions.StaticAllowFromStrategy
-
- StaticHeadersWriter - Class in org.springframework.security.web.header.writers
-
HeaderWriter
implementation which writes the same Header
instance.
- StaticHeadersWriter(List<Header>) - Constructor for class org.springframework.security.web.header.writers.StaticHeadersWriter
-
Creates a new instance
- StaticHeadersWriter(String, String...) - Constructor for class org.springframework.security.web.header.writers.StaticHeadersWriter
-
Creates a new instance with a single header
- SubjectDnX509PrincipalExtractor - Class in org.springframework.security.web.authentication.preauth.x509
-
Obtains the principal from a certificate using a regular expression match against the Subject (as returned by a call
to
X509Certificate.getSubjectDN()
).
- SubjectDnX509PrincipalExtractor() - Constructor for class org.springframework.security.web.authentication.preauth.x509.SubjectDnX509PrincipalExtractor
-
- successfulAuthentication(HttpServletRequest, HttpServletResponse, FilterChain, Authentication) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
-
Default behaviour for successful authentication.
- successfulAuthentication(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
-
- successfulAuthentication(HttpServletRequest, HttpServletResponse, Authentication) - Method in class org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
-
Puts the Authentication
instance returned by the
authentication manager into the secure context.
- supports(ConfigAttribute) - Method in interface org.springframework.security.web.access.channel.ChannelDecisionManager
-
Indicates whether this ChannelDecisionManager
is able to process the passed
ConfigAttribute
.
- supports(ConfigAttribute) - Method in class org.springframework.security.web.access.channel.ChannelDecisionManagerImpl
-
- supports(ConfigAttribute) - Method in interface org.springframework.security.web.access.channel.ChannelProcessor
-
Indicates whether this ChannelProcessor
is able to process the passed
ConfigAttribute
.
- supports(ConfigAttribute) - Method in class org.springframework.security.web.access.channel.InsecureChannelProcessor
-
- supports(ConfigAttribute) - Method in class org.springframework.security.web.access.channel.SecureChannelProcessor
-
- supports(ConfigAttribute) - Method in class org.springframework.security.web.access.expression.WebExpressionVoter
-
- supports(Class<?>) - Method in class org.springframework.security.web.access.expression.WebExpressionVoter
-
- supports(Class<?>) - Method in class org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource
-
- supports(Class<?>) - Method in class org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider
-
Indicate that this provider only supports PreAuthenticatedAuthenticationToken (sub)classes.
- supportsParameter(MethodParameter) - Method in class org.springframework.security.web.bind.support.AuthenticationPrincipalArgumentResolver
-
- SwitchUserAuthorityChanger - Interface in org.springframework.security.web.authentication.switchuser
-
Allows subclasses to modify the GrantedAuthority
list that will be assigned to the principal
when they assume the identity of a different principal.
- SwitchUserFilter - Class in org.springframework.security.web.authentication.switchuser
-
Switch User processing filter responsible for user context switching.
- SwitchUserFilter() - Constructor for class org.springframework.security.web.authentication.switchuser.SwitchUserFilter
-
- SwitchUserGrantedAuthority - Class in org.springframework.security.web.authentication.switchuser
-
- SwitchUserGrantedAuthority(String, Authentication) - Constructor for class org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority
-