spring-security-config
A B C D E F G H I J K L M N O P R S T U V W X 

A

AbstractAuthenticationFilterConfigurer<B extends HttpSecurityBuilder<B>,T extends AbstractAuthenticationFilterConfigurer<B,T,F>,F extends org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter> - Class in org.springframework.security.config.annotation.web.configurers
Base class for confuring AbstractAuthenticationFilterConfigurer.
AbstractAuthenticationFilterConfigurer(F, String) - Constructor for class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Creates a new instance
AbstractConfigAttributeRequestMatcherRegistry<C> - Class in org.springframework.security.config.annotation.web.configurers
A base class for registering RequestMatcher's.
AbstractConfigAttributeRequestMatcherRegistry() - Constructor for class org.springframework.security.config.annotation.web.configurers.AbstractConfigAttributeRequestMatcherRegistry
 
AbstractConfiguredSecurityBuilder<O,B extends SecurityBuilder<O>> - Class in org.springframework.security.config.annotation
A base SecurityBuilder that allows SecurityConfigurer to be applied to it.
AbstractConfiguredSecurityBuilder(ObjectPostProcessor<Object>) - Constructor for class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Creates a new instance with the provided ObjectPostProcessor.
AbstractConfiguredSecurityBuilder(ObjectPostProcessor<Object>, boolean) - Constructor for class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Creates a new instance with the provided ObjectPostProcessor.
AbstractRequestMatcherRegistry<C> - Class in org.springframework.security.config.annotation.web
A base class for registering RequestMatcher's.
AbstractRequestMatcherRegistry() - Constructor for class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
 
AbstractSecurityBuilder<O> - Class in org.springframework.security.config.annotation
A base SecurityBuilder that ensures the object being built is only built one time.
AbstractSecurityBuilder() - Constructor for class org.springframework.security.config.annotation.AbstractSecurityBuilder
 
AbstractSecurityWebSocketMessageBrokerConfigurer - Class in org.springframework.security.config.annotation.web.socket
Allows configuring WebSocket Authorization.
AbstractSecurityWebSocketMessageBrokerConfigurer() - Constructor for class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
 
AbstractUserDetailsServiceBeanDefinitionParser - Class in org.springframework.security.config.authentication
 
AbstractUserDetailsServiceBeanDefinitionParser() - Constructor for class org.springframework.security.config.authentication.AbstractUserDetailsServiceBeanDefinitionParser
 
access(String) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
Allows specifying that URLs are secured by an arbitrary expression
access(String...) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.AuthorizedUrl
Specifies that the user must have the specified ConfigAttribute's
access(String) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
Allows specifying that Messages are secured by an arbitrary expression
ACCESS_DENIED_HANDLER - Static variable in class org.springframework.security.config.Elements
 
accessDecisionManager() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
Allows subclasses to provide a custom AccessDecisionManager.
accessDeniedHandler(AccessDeniedHandler) - Method in class org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer
Specifies the AccessDeniedHandler to be used
accessDeniedPage(String) - Method in class org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer
Shortcut to specify the AccessDeniedHandler to be used is a specific error page
accountExpired(boolean) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
Defines if the account is expired or not.
accountLocked(boolean) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
Defines if the account is locked or not.
addArgumentResolvers(List<HandlerMethodArgumentResolver>) - Method in class org.springframework.security.config.annotation.web.servlet.configuration.WebMvcSecurityConfiguration
 
addFilter(Filter) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
 
addFilter(Filter) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder
Adds a Filter that must be an instance of or extend one of the Filters provided within the Security framework.
addFilterAfter(Filter, Class<? extends Filter>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
 
addFilterAfter(Filter, Class<? extends Filter>) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder
Allows adding a Filter after one of the known Filter classes.
addFilterBefore(Filter, Class<? extends Filter>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
 
addFilterBefore(Filter, Class<? extends Filter>) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder
Allows adding a Filter before one of the known Filter classes.
addHeaderWriter(HeaderWriter) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
Adds a HeaderWriter instance
addLogoutHandler(LogoutHandler) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
Adds a LogoutHandler.
addObjectPostProcessor(ObjectPostProcessor<?>) - Method in class org.springframework.security.config.annotation.SecurityConfigurerAdapter
Adds an ObjectPostProcessor to be used for this SecurityConfigurerAdapter.
addSecurityFilterChainBuilder(SecurityBuilder<? extends SecurityFilterChain>) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
Adds builders to create SecurityFilterChain instances.
AFTER_INVOCATION_PROVIDER - Static variable in class org.springframework.security.config.Elements
 
afterInvocationManager() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
Provide a custom AfterInvocationManager for the default implementation of GlobalMethodSecurityConfiguration.methodSecurityInterceptor().
AlreadyBuiltException - Exception in org.springframework.security.config.annotation
Thrown when AbstractSecurityBuilder.build() is two or more times.
AlreadyBuiltException(String) - Constructor for exception org.springframework.security.config.annotation.AlreadyBuiltException
 
and() - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.ContextSourceBuilder
Gets the LdapAuthenticationProviderConfigurer for further customizations
and() - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.PasswordCompareConfigurer
Allows obtaining a reference to the LdapAuthenticationProviderConfigurer for further customizations
and() - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
Returns the UserDetailsManagerRegistry for method chaining (i.e.
and() - Method in class org.springframework.security.config.annotation.SecurityConfigurerAdapter
Return the SecurityBuilder when done using the SecurityConfigurer.
and() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity.RequestMatcherConfigurer
Return the HttpSecurity for further customizations
and() - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity.IgnoredRequestConfigurer
Returns the WebSecurity to be returned for chaining.
and() - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.ChannelRequestMatcherRegistry
Return the SecurityBuilder when done using the SecurityConfigurer.
and() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry
 
and() - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer.AttributeExchangeConfigurer
Get the OpenIDLoginConfigurer to customize the OpenID configuration further
and() - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer.AttributeExchangeConfigurer.AttributeConfigurer
Gets the OpenIDLoginConfigurer.AttributeExchangeConfigurer for further customization of the attributes
and() - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.ConcurrencyControlConfigurer
Used to chain back to the SessionManagementConfigurer
and() - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.StandardInterceptUrlRegistry
 
anonymous() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Allows configuring how an anonymous user is represented.
anonymous() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
Specify that URLs are allowed by anonymous users.
anonymous() - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.AuthorizedUrl
Specifies that an anonymous user is allowed access
anonymous() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
Specify that Messages are allowed by anonymous users.
ANONYMOUS - Static variable in class org.springframework.security.config.Elements
 
AnonymousConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Configures Anonymous authentication (i.e.
AnonymousConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
Creates a new instance
antMatcher(String) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Allows configuring the HttpSecurity to only be invoked when matching the provided ant pattern.
antMatchers(HttpMethod, String...) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
Maps a List of AntPathRequestMatcher instances.
antMatchers(String...) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
Maps a List of AntPathRequestMatcher instances that do not care which HttpMethod is used.
anyMessage() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry
Maps any Message to a security expression.
anyRequest() - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
Maps any request.
apply(C) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
apply(C) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Applies a SecurityConfigurer to this SecurityBuilder overriding any SecurityConfigurer of the exact same class.
ATT_GROUP_ROLE_ATTRIBUTE - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
ATT_GROUP_SEARCH_BASE - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
ATT_GROUP_SEARCH_FILTER - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
ATT_HASH - Static variable in class org.springframework.security.config.authentication.PasswordEncoderParser
 
ATT_LDIF_FILE - Static variable in class org.springframework.security.config.ldap.LdapServerBeanDefinitionParser
Optionally defines an ldif resource to be loaded.
ATT_PORT - Static variable in class org.springframework.security.config.ldap.LdapServerBeanDefinitionParser
Defines the port the LDAP_PROVIDER server should run on
ATT_ROOT_SUFFIX - Static variable in class org.springframework.security.config.ldap.LdapServerBeanDefinitionParser
sets the configuration suffix (default is "dc=springframework,dc=org").
ATT_SERVER - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
ATT_USER_SEARCH_BASE - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
ATT_USER_SEARCH_FILTER - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
attribute(OpenIDAttribute) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer.AttributeExchangeConfigurer
Adds an OpenIDAttribute to be obtained for the configured OpenID pattern.
attribute(String) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer.AttributeExchangeConfigurer
Adds an OpenIDAttribute with the given name
attributeExchange(String) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer
Sets up OpenID attribute exchange for OpenID's matching the specified pattern.
authenticate(Authentication) - Method in class org.springframework.security.config.authentication.AuthenticationManagerBeanDefinitionParser.NullAuthenticationProvider
 
authenticated() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
Specify that URLs are allowed by any authenticated user.
authenticated() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
Specify that Messages are allowed by any authenticated user.
authenticatedUserDetailsService(AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken>) - Method in class org.springframework.security.config.annotation.web.configurers.JeeConfigurer
Specifies the AuthenticationUserDetailsService that is used with the PreAuthenticatedAuthenticationProvider.
AUTHENTICATION_MANAGER - Static variable in class org.springframework.security.config.BeanIds
The "global" AuthenticationManager instance, registered by the <authentication-manager> element
AUTHENTICATION_MANAGER - Static variable in class org.springframework.security.config.Elements
 
AUTHENTICATION_PROVIDER - Static variable in class org.springframework.security.config.Elements
 
AuthenticationConfiguration - Class in org.springframework.security.config.annotation.authentication.configuration
Exports the authentication Configuration
AuthenticationConfiguration() - Constructor for class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
 
authenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Specifies a custom AuthenticationDetailsSource.
authenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?>) - Method in class org.springframework.security.config.annotation.web.configurers.HttpBasicConfigurer
Specifies a custom AuthenticationDetailsSource to use for basic authentication.
authenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails>) - Method in class org.springframework.security.config.annotation.web.configurers.X509Configurer
Specifies the AuthenticationDetailsSource
authenticationEntryPoint(AuthenticationEntryPoint) - Method in class org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer
Sets the AuthenticationEntryPoint to be used.
authenticationEntryPoint(AuthenticationEntryPoint) - Method in class org.springframework.security.config.annotation.web.configurers.HttpBasicConfigurer
The AuthenticationEntryPoint to be populated on BasicAuthenticationFilter in the event that authentication fails.
authenticationEventPublisher(AuthenticationEventPublisher) - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
Sets the AuthenticationEventPublisher
authenticationFilter(AnonymousAuthenticationFilter) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
Sets the AnonymousAuthenticationFilter used to populate an anonymous user.
authenticationManager() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
Allows providing a custom AuthenticationManager.
authenticationManager() - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
Gets the AuthenticationManager to use.
authenticationManagerBean() - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
Override this method to expose the AuthenticationManager from WebSecurityConfigurerAdapter.configure(AuthenticationManagerBuilder) to be exposed as a Bean.
AuthenticationManagerBeanDefinitionParser - Class in org.springframework.security.config.authentication
Registers the central ProviderManager used by the namespace configuration, and allows the configuration of an alias, allowing users to reference it in their beans and clearly see where the name is coming from.
AuthenticationManagerBeanDefinitionParser() - Constructor for class org.springframework.security.config.authentication.AuthenticationManagerBeanDefinitionParser
 
AuthenticationManagerBeanDefinitionParser.NullAuthenticationProvider - Class in org.springframework.security.config.authentication
Provider which doesn't provide any service.
AuthenticationManagerBeanDefinitionParser.NullAuthenticationProvider() - Constructor for class org.springframework.security.config.authentication.AuthenticationManagerBeanDefinitionParser.NullAuthenticationProvider
 
AuthenticationManagerBuilder - Class in org.springframework.security.config.annotation.authentication.builders
SecurityBuilder used to create an AuthenticationManager.
AuthenticationManagerBuilder(ObjectPostProcessor<Object>) - Constructor for class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
Creates a new instance
authenticationManagerBuilder(ObjectPostProcessor<Object>) - Method in class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
 
AuthenticationManagerFactoryBean - Class in org.springframework.security.config.authentication
Factory bean for the namespace AuthenticationManager, which allows a more meaningful error message to be reported in the NoSuchBeanDefinitionException, if the user has forgotten to declare the <authentication-manager> element.
AuthenticationManagerFactoryBean() - Constructor for class org.springframework.security.config.authentication.AuthenticationManagerFactoryBean
 
authenticationProvider(AuthenticationProvider) - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
Add authentication based upon the custom AuthenticationProvider that is passed in.
authenticationProvider(AuthenticationProvider) - Method in interface org.springframework.security.config.annotation.authentication.ProviderManagerBuilder
Add authentication based upon the custom AuthenticationProvider that is passed in.
authenticationProvider(AuthenticationProvider) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
 
authenticationProvider(AuthenticationProvider) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
Sets the AuthenticationProvider used to validate an anonymous user.
authenticationProvider(AuthenticationProvider) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder
Allows adding an additional AuthenticationProvider to be used
AuthenticationProviderBeanDefinitionParser - Class in org.springframework.security.config.authentication
Wraps a UserDetailsService bean with a DaoAuthenticationProvider and registers the latter with the ProviderManager.
AuthenticationProviderBeanDefinitionParser() - Constructor for class org.springframework.security.config.authentication.AuthenticationProviderBeanDefinitionParser
 
authenticationSuccessHandler(AuthenticationSuccessHandler) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
Allows control over the destination a remembered user is sent to when they are successfully authenticated.
authenticationUserDetailsService(AuthenticationUserDetailsService<OpenIDAuthenticationToken>) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer
The AuthenticationUserDetailsService to use.
authenticationUserDetailsService(AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken>) - Method in class org.springframework.security.config.annotation.web.configurers.X509Configurer
Specifies the AuthenticationUserDetailsService to use.
authorities(GrantedAuthority...) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
Populates the authorities.
authorities(List<? extends GrantedAuthority>) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
Populates the authorities.
authorities(String...) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
Populates the authorities.
authorities(List<GrantedAuthority>) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
Sets the Authentication.getAuthorities() for anonymous users
authorities(String...) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
Sets the Authentication.getAuthorities() for anonymous users
authoritiesByUsernameQuery(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
Sets the query to be used for finding a user's authorities by their username.
authorizeRequests() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Allows restricting access based upon the HttpServletRequest using
autowiredWebSecurityConfigurersIgnoreParents(ConfigurableListableBeanFactory) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
 

B

BASIC_AUTH - Static variable in class org.springframework.security.config.Elements
 
BeanIds - Class in org.springframework.security.config
Contains globally used default Bean IDs for beans created by the namespace support in Spring Security 2.
BeanIds() - Constructor for class org.springframework.security.config.BeanIds
 
beforeConfigure() - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Invoked prior to invoking each SecurityConfigurer.configure(SecurityBuilder) method.
beforeConfigure() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
 
beforeInit() - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Invoked prior to invoking each SecurityConfigurer.init(SecurityBuilder) method.
build() - Method in class org.springframework.security.config.annotation.AbstractSecurityBuilder
 
build() - Method in interface org.springframework.security.config.annotation.SecurityBuilder
Builds the object and returns it or null.

C

cacheControl() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
Adds CacheControlHeadersWriter.
CACHING_SUFFIX - Static variable in class org.springframework.security.config.authentication.AbstractUserDetailsServiceBeanDefinitionParser
 
CachingUserDetailsService - Class in org.springframework.security.config.authentication
 
chainRequestMatchers(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
Subclasses should implement this method for returning the object that is chained to the creation of the RequestMatcher instances.
chainRequestMatchers(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity.RequestMatcherConfigurer
 
chainRequestMatchers(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity.IgnoredRequestConfigurer
 
chainRequestMatchers(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractConfigAttributeRequestMatcherRegistry
Marks the RequestMatcher's as unmapped and then calls AbstractConfigAttributeRequestMatcherRegistry.chainRequestMatchersInternal(List).
chainRequestMatchersInternal(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractConfigAttributeRequestMatcherRegistry
Subclasses should implement this method for returning the object that is chained to the creation of the RequestMatcher instances.
chainRequestMatchersInternal(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.ChannelRequestMatcherRegistry
 
chainRequestMatchersInternal(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry
 
chainRequestMatchersInternal(List<RequestMatcher>) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.StandardInterceptUrlRegistry
 
changeSessionId() - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.SessionFixationConfigurer
Specifies that the Servlet container-provided session fixation protection should be used.
ChannelAttributeFactory - Class in org.springframework.security.config.http
Used as a factory bean to create config attribute values for the requires-channel attribute.
ChannelAttributeFactory() - Constructor for class org.springframework.security.config.http.ChannelAttributeFactory
 
channelProcessors(List<ChannelProcessor>) - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.ChannelRequestMatcherRegistry
Sets the ChannelProcessor instances to use in ChannelDecisionManagerImpl
channelSecurity() - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
 
ChannelSecurityConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Adds channel security (i.e.
ChannelSecurityConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer
Creates a new instance
ChannelSecurityConfigurer.ChannelRequestMatcherRegistry - Class in org.springframework.security.config.annotation.web.configurers
 
ChannelSecurityConfigurer.RequiresChannelUrl - Class in org.springframework.security.config.annotation.web.configurers
 
CONCURRENT_SESSIONS - Static variable in class org.springframework.security.config.Elements
 
configure(AuthenticationManagerBuilder) - Method in class org.springframework.security.config.annotation.authentication.configurers.GlobalAuthenticationConfigurerAdapter
 
configure(B) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
 
configure(B) - Method in class org.springframework.security.config.annotation.authentication.configurers.userdetails.UserDetailsServiceConfigurer
 
configure(AuthenticationManagerBuilder) - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
Sub classes can override this method to register different types of authentication.
configure(B) - Method in interface org.springframework.security.config.annotation.SecurityConfigurer
Configure the SecurityBuilder by setting the necessary properties on the SecurityBuilder.
configure(B) - Method in class org.springframework.security.config.annotation.SecurityConfigurerAdapter
 
configure(AuthenticationManagerBuilder) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
Used by the default implementation of WebSecurityConfigurerAdapter.authenticationManager() to attempt to obtain an AuthenticationManager.
configure(WebSecurity) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
Override this method to configure WebSecurity.
configure(HttpSecurity) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
Override this method to configure the HttpSecurity.
configure(B) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.CsrfConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.DefaultLoginPageConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
 
configure(B) - Method in class org.springframework.security.config.annotation.web.configurers.HttpBasicConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.JeeConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.RequestCacheConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.SecurityContextConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.ServletApiConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
 
configure(H) - Method in class org.springframework.security.config.annotation.web.configurers.X509Configurer
 
configure(MessageSecurityMetadataSourceRegistry) - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
 
configureClientInboundChannel(ChannelRegistration) - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
 
configureClientOutboundChannel(ChannelRegistration) - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
 
consumer(OpenIDConsumer) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer
Allows specifying the OpenIDConsumer to be used.
consumerManager(ConsumerManager) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer
Allows specifying the ConsumerManager to be used.
contentTypeOptions() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
Adds XContentTypeOptionsHeaderWriter which inserts the X-Content-Type-Options:
CONTEXT_SOURCE - Static variable in class org.springframework.security.config.BeanIds
 
CONTEXT_SOURCE_SETTING_POST_PROCESSOR - Static variable in class org.springframework.security.config.BeanIds
 
contextSource(BaseLdapPathContextSource) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
Specifies the BaseLdapPathContextSource to be used.
contextSource() - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
Allows easily configuring of a BaseLdapPathContextSource with defaults pointing to an embedded LDAP server that is created.
count(int) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer.AttributeExchangeConfigurer.AttributeConfigurer
Specifies the number of attribute values to request.
createChannelAttributes(String) - Static method in class org.springframework.security.config.http.ChannelAttributeFactory
 
createExpressionHandler() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
Provide a MethodSecurityExpressionHandler that is registered with the ExpressionBasedPreInvocationAdvice.
createLoginProcessingUrlMatcher(String) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Create the RequestMatcher given a loginProcessingUrl
createLoginProcessingUrlMatcher(String) - Method in class org.springframework.security.config.annotation.web.configurers.FormLoginConfigurer
 
createLoginProcessingUrlMatcher(String) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer
 
createMatcher(String, String) - Method in enum org.springframework.security.config.http.MatcherType
 
createMetadataSource() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry
Allows subclasses to create creating a MessageSecurityMetadataSource.
createPasswordEncoderBeanDefinition(String, boolean) - Static method in class org.springframework.security.config.authentication.PasswordEncoderParser
 
credentialsExpired(boolean) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
Defines if the credentials are expired or not.
csrf() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Adds CSRF support.
CSRF - Static variable in class org.springframework.security.config.Elements
 
CsrfBeanDefinitionParser - Class in org.springframework.security.config.http
Parser for the CsrfFilter.
CsrfBeanDefinitionParser() - Constructor for class org.springframework.security.config.http.CsrfBeanDefinitionParser
 
CsrfConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Adds CSRF protection for the methods as specified by CsrfConfigurer.requireCsrfProtectionMatcher(RequestMatcher).
CsrfConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.CsrfConfigurer
Creates a new instance
csrfTokenRepository(CsrfTokenRepository) - Method in class org.springframework.security.config.annotation.web.configurers.CsrfConfigurer
Specify the CsrfTokenRepository to use.
CUSTOM_FILTER - Static variable in class org.springframework.security.config.Elements
 
customMethodSecurityMetadataSource() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
Provides a custom MethodSecurityMetadataSource that is registered with the GlobalMethodSecurityConfiguration.methodSecurityMetadataSource().

D

DaoAuthenticationConfigurer<B extends ProviderManagerBuilder<B>,U extends org.springframework.security.core.userdetails.UserDetailsService> - Class in org.springframework.security.config.annotation.authentication.configurers.userdetails
Allows configuring a DaoAuthenticationProvider
DaoAuthenticationConfigurer(U) - Constructor for class org.springframework.security.config.annotation.authentication.configurers.userdetails.DaoAuthenticationConfigurer
Creates a new instance
dataSource(DataSource) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
Populates the DataSource to be used.
debug(boolean) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
Controls debugging support for Spring Security.
DEBUG - Static variable in class org.springframework.security.config.Elements
 
DEBUG_FILTER - Static variable in class org.springframework.security.config.BeanIds
 
DebugBeanDefinitionParser - Class in org.springframework.security.config
 
DebugBeanDefinitionParser() - Constructor for class org.springframework.security.config.DebugBeanDefinitionParser
 
decorate(Node, BeanDefinitionHolder, ParserContext) - Method in class org.springframework.security.config.http.FilterChainMapBeanDefinitionDecorator
 
decorate(Node, BeanDefinitionHolder, ParserContext) - Method in class org.springframework.security.config.method.InterceptMethodsBeanDefinitionDecorator
 
decorate(Node, BeanDefinitionHolder, ParserContext) - Method in class org.springframework.security.config.SecurityNamespaceHandler
 
DEF_GROUP_SEARCH_BASE - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
DEF_GROUP_SEARCH_FILTER - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
DEF_USER_SEARCH_BASE - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
defaultAuthenticationEntryPointFor(AuthenticationEntryPoint, RequestMatcher) - Method in class org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer
Sets a default AuthenticationEntryPoint to be used which prefers being invoked for the provided RequestMatcher.
DefaultFilterChainValidator - Class in org.springframework.security.config.http
 
DefaultFilterChainValidator() - Constructor for class org.springframework.security.config.http.DefaultFilterChainValidator
 
DefaultLoginPageConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Adds a Filter that will generate a login page if one is not specified otherwise when using WebSecurityConfigurerAdapter.
DefaultLoginPageConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.DefaultLoginPageConfigurer
 
defaultSuccessUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Specifies where users will go after authenticating successfully if they have not visited a secured page prior to authenticating.
defaultSuccessUrl(String, boolean) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Specifies where users will go after authenticating successfully if they have not visited a secured page prior to authenticating or alwaysUse is true.
deleteCookies(String...) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
Allows specifying the names of cookies to be removed on logout success.
denyAll() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
Specify that URLs are not allowed by anyone.
denyAll() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
Specify that Messages are not allowed by anyone.
destinationMatchers(String...) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry
Maps a List of SimpDestinationMessageMatcher instances.
disabled(boolean) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
Defines if the account is disabled or not.
doBuild() - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Executes the build using the SecurityConfigurer's that have been applied using the following steps: Invokes AbstractConfiguredSecurityBuilder.beforeInit() for any subclass to hook into Invokes SecurityConfigurer.init(SecurityBuilder) for any SecurityConfigurer that was applied to this builder. Invokes AbstractConfiguredSecurityBuilder.beforeConfigure() for any subclass to hook into Invokes AbstractConfiguredSecurityBuilder.performBuild() which actually builds the Object
doBuild() - Method in class org.springframework.security.config.annotation.AbstractSecurityBuilder
Subclasses should implement this to perform the build.
doParse(Element, ParserContext, BeanDefinitionBuilder) - Method in class org.springframework.security.config.authentication.AbstractUserDetailsServiceBeanDefinitionParser
 
doParse(Element, ParserContext, BeanDefinitionBuilder) - Method in class org.springframework.security.config.authentication.JdbcUserServiceBeanDefinitionParser
 
doParse(Element, ParserContext, BeanDefinitionBuilder) - Method in class org.springframework.security.config.authentication.UserServiceBeanDefinitionParser
 
doParse(Element, ParserContext, BeanDefinitionBuilder) - Method in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 

E

Elements - Class in org.springframework.security.config
Contains all the element names used by Spring Security 3 namespace support.
Elements() - Constructor for class org.springframework.security.config.Elements
 
EMBEDDED_APACHE_DS - Static variable in class org.springframework.security.config.BeanIds
 
EnableGlobalAuthentication - Annotation Type in org.springframework.security.config.annotation.authentication.configuration
The EnableGlobalAuthentication annotation signals that the annotated class can be used to configure a global instance of AuthenticationManagerBuilder.
enableGlobalAuthenticationAutowiredConfigurer(ApplicationContext) - Method in class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
 
EnableGlobalMethodSecurity - Annotation Type in org.springframework.security.config.annotation.method.configuration
Enables Spring Security global method security similar to the xml support.
enableSessionUrlRewriting(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
If set to true, allows HTTP sessions to be rewritten in the URLs when using HttpServletResponse.encodeRedirectURL(String) or HttpServletResponse.encodeURL(String), otherwise disallows HTTP sessions to be included in the URL.
EnableWebMvcSecurity - Annotation Type in org.springframework.security.config.annotation.web.servlet.configuration
Add this annotation to an @Configuration class to have the Spring Security configuration integrate with Spring MVC.
EnableWebSecurity - Annotation Type in org.springframework.security.config.annotation.web.configuration
Add this annotation to an @Configuration class to have the Spring Security configuration defined in any WebSecurityConfigurer or more likely by extending the WebSecurityConfigurerAdapter base class and overriding individual methods:
 @Configuration
 @EnableWebSecurity
 public class MyWebSecurityConfiguration extends WebSecurityConfigurerAdapter {

    @Override
    public void configure(WebSecurity web) throws Exception {
        web
            .ignoring()
                // Spring Security should completely ignore URLs starting with /resources/
                .antMatchers("/resources/**");
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .authorizeRequests()
                .antMatchers("/public/**").permitAll()
                .anyRequest().hasRole("USER")
                .and()
            // Possibly more configuration ...
eraseCredentials(boolean) - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
 
exceptionHandling() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Allows configuring exception handling.
ExceptionHandlingConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Adds exception handling for Spring Security related exceptions to an application.
ExceptionHandlingConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer
Creates a new instance
expiredUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.ConcurrencyControlConfigurer
The URL to redirect to if a user tries to access a resource and their session has been expired due to too many sessions for the current user.
EXPRESSION_HANDLER - Static variable in class org.springframework.security.config.Elements
 
expressionHandler(SecurityExpressionHandler<FilterInvocation>) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
Set the SecurityExpressionHandler to be used.
expressionHandler(SecurityExpressionHandler<FilterInvocation>) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry
Allows customization of the SecurityExpressionHandler to be used.
ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Adds URL based authorization based upon SpEL expressions to an application.
ExpressionUrlAuthorizationConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer
Creates a new instance
ExpressionUrlAuthorizationConfigurer.AuthorizedUrl - Class in org.springframework.security.config.annotation.web.configurers
 
ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry - Class in org.springframework.security.config.annotation.web.configurers
 
ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry() - Constructor for class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry
 

F

failureHandler(AuthenticationFailureHandler) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Specifies the AuthenticationFailureHandler to use when authentication fails.
failureUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
The URL to send users if authentication fails.
FILTER_CHAIN - Static variable in class org.springframework.security.config.Elements
 
FILTER_CHAIN_MAP - Static variable in class org.springframework.security.config.Elements
 
FILTER_CHAIN_PROXY - Static variable in class org.springframework.security.config.BeanIds
 
FILTER_CHAINS - Static variable in class org.springframework.security.config.BeanIds
 
FILTER_INVOCATION_DEFINITION_SOURCE - Static variable in class org.springframework.security.config.Elements
Deprecated.
FILTER_SECURITY_METADATA_SOURCE - Static variable in class org.springframework.security.config.Elements
 
FilterChainBeanDefinitionParser - Class in org.springframework.security.config.http
 
FilterChainBeanDefinitionParser() - Constructor for class org.springframework.security.config.http.FilterChainBeanDefinitionParser
 
FilterChainMapBeanDefinitionDecorator - Class in org.springframework.security.config.http
Sets the filter chain Map for a FilterChainProxy bean declaration.
FilterChainMapBeanDefinitionDecorator() - Constructor for class org.springframework.security.config.http.FilterChainMapBeanDefinitionDecorator
 
FilterInvocationSecurityMetadataSourceParser - Class in org.springframework.security.config.http
Allows for convenient creation of a FilterInvocationSecurityMetadataSource bean for use with a FilterSecurityInterceptor.
FilterInvocationSecurityMetadataSourceParser() - Constructor for class org.springframework.security.config.http.FilterInvocationSecurityMetadataSourceParser
 
FORM_LOGIN - Static variable in class org.springframework.security.config.Elements
 
formLogin() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Specifies to support form based authentication.
FormLoginBeanDefinitionParser - Class in org.springframework.security.config.http
 
FormLoginConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Adds form based authentication.
FormLoginConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.FormLoginConfigurer
Creates a new instance
frameOptions() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
Adds XFrameOptionsHeaderWriter with all the default settings.
fullyAuthenticated() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
Specify that URLs are allowed by users who have authenticated and were not "remembered".
fullyAuthenticated() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
Specify that Messages are allowed by users who have authenticated and were not "remembered".

G

getAuthenticationFilter() - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Gets the Authentication Filter
getAuthenticationManager() - Method in class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
 
getBeanClassName(Element) - Method in class org.springframework.security.config.authentication.AbstractUserDetailsServiceBeanDefinitionParser
 
getBeanClassName(Element) - Method in class org.springframework.security.config.authentication.JdbcUserServiceBeanDefinitionParser
 
getBeanClassName(Element) - Method in class org.springframework.security.config.authentication.UserServiceBeanDefinitionParser
 
getBeanClassName(Element) - Method in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
getBuilder() - Method in class org.springframework.security.config.annotation.SecurityConfigurerAdapter
Gets the SecurityBuilder.
getConfigurer(Class<C>) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Gets the SecurityConfigurer by its class name or null if not found.
getConfigurer(Class<C>) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder
Gets the SecurityConfigurer by its class name or null if not found.
getConfigurers(Class<C>) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Gets all the SecurityConfigurer instances by its class name or an empty List if not found.
getDatabasePopulator() - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
 
getDefaultUserDetailsService() - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
Gets the default UserDetailsService for the AuthenticationManagerBuilder.
getExpressionHandler() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
Gets the MethodSecurityExpressionHandler or creates it using GlobalMethodSecurityConfiguration.expressionHandler.
getExpressionHandler() - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
Gets the SecurityExpressionHandler to be used.
getFailureUrl() - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Gets the URL to send users to if authentication fails
getHttp() - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
Creates the HttpSecurity or returns the current instance
getLoginPage() - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Gets the login page
getLoginProcessingUrl() - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Gets the URL to submit an authentication request to (i.e.
getObject() - Method in class org.springframework.security.config.annotation.AbstractSecurityBuilder
Gets the object that was built.
getObject() - Method in class org.springframework.security.config.authentication.AuthenticationManagerFactoryBean
 
getObjectType() - Method in class org.springframework.security.config.authentication.AuthenticationManagerFactoryBean
 
getOrBuild() - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Similar to AbstractSecurityBuilder.build() and AbstractSecurityBuilder.getObject() but checks the state to determine if AbstractSecurityBuilder.build() needs to be called first.
getPasswordEncoder() - Method in class org.springframework.security.config.authentication.PasswordEncoderParser
 
getPrivilegeEvaluator() - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
Gets the WebInvocationPrivilegeEvaluator to be used.
getRegistry() - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer
 
getRegistry() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer
 
getRegistry() - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer
The StandardInterceptUrlRegistry is what users will interact with after applying the UrlAuthorizationConfigurer.
getSaltSource() - Method in class org.springframework.security.config.authentication.PasswordEncoderParser
 
getSharedObject(Class<C>) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Gets a shared Object.
getSharedObject(Class<C>) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder
Gets a shared Object.
getSharedObjects() - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Gets the shared objects
getUserCache() - Method in class org.springframework.security.config.authentication.CachingUserDetailsService
 
getUserDetailsService() - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
 
getUserDetailsService() - Method in class org.springframework.security.config.annotation.authentication.configurers.userdetails.UserDetailsAwareConfigurer
Gets the UserDetailsService or null if it is not available
GLOBAL_METHOD_SECURITY - Static variable in class org.springframework.security.config.Elements
 
GlobalAuthenticationConfigurerAdapter - Class in org.springframework.security.config.annotation.authentication.configurers
A SecurityConfigurer that can be exposed as a bean to configure the global AuthenticationManagerBuilder.
GlobalAuthenticationConfigurerAdapter() - Constructor for class org.springframework.security.config.annotation.authentication.configurers.GlobalAuthenticationConfigurerAdapter
 
GlobalMethodSecurityBeanDefinitionParser - Class in org.springframework.security.config.method
Processes the top-level "global-method-security" element.
GlobalMethodSecurityBeanDefinitionParser() - Constructor for class org.springframework.security.config.method.GlobalMethodSecurityBeanDefinitionParser
 
GlobalMethodSecurityConfiguration - Class in org.springframework.security.config.annotation.method.configuration
Base Configuration for enabling global method security.
GlobalMethodSecurityConfiguration() - Constructor for class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
 
groupAuthoritiesByUsername(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
An SQL statement to query user's group authorities given a username.
groupRoleAttribute(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
Specifies the attribute name which contains the role name.
groupSearchBase(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
The search base for group membership searches.
groupSearchFilter(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
The LDAP filter to search for groups.

H

hasAnyAuthority(String...) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
Specify that URLs requires any of a number authorities.
hasAnyAuthority(String...) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.AuthorizedUrl
Specifies that a user requires one of many authorities
hasAnyAuthority(String...) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
Specify that Message instances requires any of a number authorities.
hasAnyRole(String...) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
Shortcut for specifying URLs require any of a number of roles.
hasAnyRole(String...) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.AuthorizedUrl
Specifies that a user requires one of many roles.
hasAnyRole(String...) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
Shortcut for specifying Message instances require any of a number of roles.
hasAuthority(String) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
Specify that URLs require a particular authority.
hasAuthority(String) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.AuthorizedUrl
Specifies a user requires an authority.
hasAuthority(String) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
Specify that Message instances require a particular authority.
hasIpAddress(String) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
Specify that URLs requires a specific IP Address or subnet.
hasRole(String) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
Shortcut for specifying URLs require a particular role.
hasRole(String) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.AuthorizedUrl
Specifies a user requires a role.
hasRole(String) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
Shortcut for specifying Message instances require a particular role.
headers() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Adds the Security headers to the response.
HEADERS - Static variable in class org.springframework.security.config.Elements
 
HeadersBeanDefinitionParser - Class in org.springframework.security.config.http
Parser for the HeadersFilter.
HeadersBeanDefinitionParser() - Constructor for class org.springframework.security.config.http.HeadersBeanDefinitionParser
 
HeadersConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Adds the Security headers to the response.
HeadersConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
Creates a new instance
http(int) - Method in class org.springframework.security.config.annotation.web.configurers.PortMapperConfigurer
Adds a port mapping
HTTP - Static variable in class org.springframework.security.config.Elements
 
HTTP_FIREWALL - Static variable in class org.springframework.security.config.Elements
 
httpBasic() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Configures HTTP Basic authentication.
HttpBasicConfigurer<B extends HttpSecurityBuilder<B>> - Class in org.springframework.security.config.annotation.web.configurers
Adds HTTP basic based authentication.
HttpBasicConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.HttpBasicConfigurer
Creates a new instance
httpFirewall(HttpFirewall) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
Allows customizing the HttpFirewall.
HttpFirewallBeanDefinitionParser - Class in org.springframework.security.config.http
Injects the supplied HttpFirewall bean reference into the FilterChainProxy.
HttpFirewallBeanDefinitionParser() - Constructor for class org.springframework.security.config.http.HttpFirewallBeanDefinitionParser
 
HttpSecurity - Class in org.springframework.security.config.annotation.web.builders
A HttpSecurity is similar to Spring Security's XML element in the namespace configuration.
HttpSecurity(ObjectPostProcessor<Object>, AuthenticationManagerBuilder, Map<Class<Object>, Object>) - Constructor for class org.springframework.security.config.annotation.web.builders.HttpSecurity
Creates a new instance
HttpSecurity.RequestMatcherConfigurer - Class in org.springframework.security.config.annotation.web.builders
Allows mapping HTTP requests that this HttpSecurity will be used for
HttpSecurityBeanDefinitionParser - Class in org.springframework.security.config.http
Sets up HTTP security: filter stack and protected URLs.
HttpSecurityBeanDefinitionParser() - Constructor for class org.springframework.security.config.http.HttpSecurityBeanDefinitionParser
 
HttpSecurityBuilder<H extends HttpSecurityBuilder<H>> - Interface in org.springframework.security.config.annotation.web
 
httpStrictTransportSecurity() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
Adds HstsHeaderWriter which provides support for HTTP Strict Transport Security (HSTS).

I

ignoring() - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
Allows adding RequestMatcher instances that should that Spring Security should ignore.
INET_ORG_PERSON_MAPPER_CLASS - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
init(AuthenticationManagerBuilder) - Method in class org.springframework.security.config.annotation.authentication.configurers.GlobalAuthenticationConfigurerAdapter
 
init(B) - Method in interface org.springframework.security.config.annotation.SecurityConfigurer
Initialize the SecurityBuilder.
init(B) - Method in class org.springframework.security.config.annotation.SecurityConfigurerAdapter
 
init(WebSecurity) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
 
init(B) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
 
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
 
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.DefaultLoginPageConfigurer
 
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.FormLoginConfigurer
 
init(B) - Method in class org.springframework.security.config.annotation.web.configurers.HttpBasicConfigurer
 
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.JeeConfigurer
Populates a PreAuthenticatedAuthenticationProvider into HttpSecurity.authenticationProvider(org.springframework.security.authentication.AuthenticationProvider) and a Http403ForbiddenEntryPoint into HttpSecurity#authenticationEntryPoint(org.springframework.security.web.AuthenticationEntryPoint)
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
 
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer
 
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.PortMapperConfigurer
 
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
 
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.RequestCacheConfigurer
 
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
 
init(H) - Method in class org.springframework.security.config.annotation.web.configurers.X509Configurer
 
init() - Method in class org.springframework.security.config.SecurityNamespaceHandler
 
initUserDetailsService() - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
 
initUserDetailsService() - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer
Populates the users that have been added.
initUserDetailsService() - Method in class org.springframework.security.config.annotation.authentication.configurers.userdetails.UserDetailsServiceConfigurer
Allows subclasses to initialize the UserDetailsService.
inMemoryAuthentication() - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
Add in memory authentication to the AuthenticationManagerBuilder and return a InMemoryUserDetailsManagerConfigurer to allow customization of the in memory authentication.
InMemoryUserDetailsManagerConfigurer<B extends ProviderManagerBuilder<B>> - Class in org.springframework.security.config.annotation.authentication.configurers.provisioning
Configures an AuthenticationManagerBuilder to have in memory authentication.
InMemoryUserDetailsManagerConfigurer() - Constructor for class org.springframework.security.config.annotation.authentication.configurers.provisioning.InMemoryUserDetailsManagerConfigurer
Creates a new instance
INTERCEPT_METHODS - Static variable in class org.springframework.security.config.Elements
 
INTERCEPT_URL - Static variable in class org.springframework.security.config.Elements
 
InterceptMethodsBeanDefinitionDecorator - Class in org.springframework.security.config.method
 
InterceptMethodsBeanDefinitionDecorator() - Constructor for class org.springframework.security.config.method.InterceptMethodsBeanDefinitionDecorator
 
invalidateHttpSession(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
Configures SecurityContextLogoutHandler to invalidate the HttpSession at the time of logout.
invalidSessionUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
Setting this attribute will inject the SessionManagementFilter with a SimpleRedirectInvalidSessionStrategy configured with the attribute value.
INVOCATION_ATTRIBUTE_FACTORY - Static variable in class org.springframework.security.config.Elements
 
INVOCATION_HANDLING - Static variable in class org.springframework.security.config.Elements
 
isConfigured() - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
Determines if the AuthenticationManagerBuilder is configured to build a non null AuthenticationManager.
isCustomLoginPage() - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
 
isSingleton() - Method in class org.springframework.security.config.authentication.AuthenticationManagerFactoryBean
 

J

j2eePreAuthenticatedProcessingFilter(J2eePreAuthenticatedProcessingFilter) - Method in class org.springframework.security.config.annotation.web.configurers.JeeConfigurer
Allows specifying the J2eePreAuthenticatedProcessingFilter to use.
JDBC_USER_SERVICE - Static variable in class org.springframework.security.config.Elements
 
jdbcAuthentication() - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
Add JDBC authentication to the AuthenticationManagerBuilder and return a JdbcUserDetailsManagerConfigurer to allow customization of the JDBC authentication.
JdbcUserDetailsManagerConfigurer<B extends ProviderManagerBuilder<B>> - Class in org.springframework.security.config.annotation.authentication.configurers.provisioning
Configures an AuthenticationManagerBuilder to have JDBC authentication.
JdbcUserDetailsManagerConfigurer(JdbcUserDetailsManager) - Constructor for class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
 
JdbcUserDetailsManagerConfigurer() - Constructor for class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
 
JdbcUserServiceBeanDefinitionParser - Class in org.springframework.security.config.authentication
 
JdbcUserServiceBeanDefinitionParser() - Constructor for class org.springframework.security.config.authentication.JdbcUserServiceBeanDefinitionParser
 
jee() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Configures container based based pre authentication.
JEE - Static variable in class org.springframework.security.config.Elements
 
JeeConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Adds support for J2EE pre authentication.
JeeConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.JeeConfigurer
Creates a new instance

K

key(String) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
Sets the key to identify tokens created for anonymous authentication.
key(String) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
Sets the key to identify tokens created for remember me authentication.

L

LDAP_AUTHORITIES_POPULATOR_CLASS - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
LDAP_PASSWORD_COMPARE - Static variable in class org.springframework.security.config.Elements
 
LDAP_PROVIDER - Static variable in class org.springframework.security.config.Elements
 
LDAP_SEARCH_CLASS - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
LDAP_SERVER - Static variable in class org.springframework.security.config.Elements
 
LDAP_USER_MAPPER_CLASS - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
LDAP_USER_SERVICE - Static variable in class org.springframework.security.config.Elements
 
ldapAuthentication() - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
Add LDAP authentication to the AuthenticationManagerBuilder and return a LdapAuthenticationProviderConfigurer to allow customization of the LDAP authentication.
LdapAuthenticationProviderConfigurer<B extends ProviderManagerBuilder<B>> - Class in org.springframework.security.config.annotation.authentication.configurers.ldap
Configures LDAP AuthenticationProvider in the ProviderManagerBuilder.
LdapAuthenticationProviderConfigurer() - Constructor for class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
 
LdapAuthenticationProviderConfigurer.ContextSourceBuilder - Class in org.springframework.security.config.annotation.authentication.configurers.ldap
Allows building a BaseLdapPathContextSource and optionally creating an embedded LDAP instance.
LdapAuthenticationProviderConfigurer.PasswordCompareConfigurer - Class in org.springframework.security.config.annotation.authentication.configurers.ldap
Sets up Password based comparison
ldapAuthoritiesPopulator(LdapAuthoritiesPopulator) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
Specifies the LdapAuthoritiesPopulator.
LdapProviderBeanDefinitionParser - Class in org.springframework.security.config.ldap
Ldap authentication provider namespace configuration.
LdapProviderBeanDefinitionParser() - Constructor for class org.springframework.security.config.ldap.LdapProviderBeanDefinitionParser
 
LdapServerBeanDefinitionParser - Class in org.springframework.security.config.ldap
 
LdapServerBeanDefinitionParser() - Constructor for class org.springframework.security.config.ldap.LdapServerBeanDefinitionParser
 
LdapUserServiceBeanDefinitionParser - Class in org.springframework.security.config.ldap
 
LdapUserServiceBeanDefinitionParser() - Constructor for class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
ldif(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.ContextSourceBuilder
Specifies an ldif to load at startup for an embedded LDAP server.
loadUserByUsername(String) - Method in class org.springframework.security.config.authentication.CachingUserDetailsService
 
logger - Variable in class org.springframework.security.config.http.FormLoginBeanDefinitionParser
 
loginPage(String) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Specifies the URL to send users to if login is required.
loginPage(String) - Method in class org.springframework.security.config.annotation.web.configurers.FormLoginConfigurer
Specifies the URL to send users to if login is required.
loginPage(String) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer
Specifies the URL to send users to if login is required.
loginProcessingUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Specifies the URL to validate the credentials.
loginProcessingUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer
Specifies the URL used to authenticate OpenID requests.
logout() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Provides logout support.
LOGOUT - Static variable in class org.springframework.security.config.Elements
 
LogoutConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Adds logout support.
LogoutConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
Creates a new instance
logoutRequestMatcher(RequestMatcher) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
The RequestMatcher that triggers log out to occur.
logoutSuccessHandler(LogoutSuccessHandler) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
Sets the LogoutSuccessHandler to use.
logoutSuccessUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
The URL to redirect to after logout has occurred.
logoutUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
The URL that triggers log out to occur (default is "/logout").

M

managerDn(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.ContextSourceBuilder
Username (DN) of the "manager" user identity (i.e.
managerPassword(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.ContextSourceBuilder
The password for the manager DN.
mappableAuthorities(String...) - Method in class org.springframework.security.config.annotation.web.configurers.JeeConfigurer
Specifies roles to use map from the HttpServletRequest to the UserDetails.
mappableAuthorities(Set<String>) - Method in class org.springframework.security.config.annotation.web.configurers.JeeConfigurer
Specifies roles to use map from the HttpServletRequest to the UserDetails.
mappableRoles(String...) - Method in class org.springframework.security.config.annotation.web.configurers.JeeConfigurer
Specifies roles to use map from the HttpServletRequest to the UserDetails and automatically prefixes it with "ROLE_".
mapsTo(int) - Method in class org.springframework.security.config.annotation.web.configurers.PortMapperConfigurer.HttpPortMapping
Maps the given HTTP port to the provided HTTPS port and vice versa.
matchers(MessageMatcher<?>...) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry
Maps a List of MessageMatcher instances to a security expression.
MatcherType - Enum in org.springframework.security.config.http
Defines the RequestMatcher types supported by the namespace.
maximumSessions(int) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
Controls the maximum number of sessions for a user.
maxSessionsPreventsLogin(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.ConcurrencyControlConfigurer
If true, prevents a user from authenticating when the SessionManagementConfigurer.maximumSessions(int) has been reached.
MessageSecurityMetadataSourceRegistry - Class in org.springframework.security.config.annotation.web.messaging
Allows mapping security constraints using MessageMatcher to the security expressions.
MessageSecurityMetadataSourceRegistry() - Constructor for class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry
 
MessageSecurityMetadataSourceRegistry.Constraint - Class in org.springframework.security.config.annotation.web.messaging
Represents the security constraint to be applied to the MessageMatcher instances.
metadataSource() - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
 
metaDataSourceAdvisor() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
Obtains the MethodSecurityMetadataSourceAdvisor to be used.
METHOD_ACCESS_MANAGER - Static variable in class org.springframework.security.config.BeanIds
 
METHOD_SECURITY_METADATA_SOURCE - Static variable in class org.springframework.security.config.Elements
 
METHOD_SECURITY_METADATA_SOURCE_ADVISOR - Static variable in class org.springframework.security.config.BeanIds
 
methodSecurityInterceptor() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
Creates the default MethodInterceptor which is a MethodSecurityInterceptor using the following methods to construct it.
methodSecurityMetadataSource() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
Provides the default MethodSecurityMetadataSource that will be used.
MethodSecurityMetadataSourceBeanDefinitionParser - Class in org.springframework.security.config.method
 
MethodSecurityMetadataSourceBeanDefinitionParser() - Constructor for class org.springframework.security.config.method.MethodSecurityMetadataSourceBeanDefinitionParser
 
migrateSession() - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.SessionFixationConfigurer
Specifies that a new session should be created and the session attributes from the original HttpSession should be retained.
MISSING_BEAN_ERROR_MESSAGE - Static variable in class org.springframework.security.config.authentication.AuthenticationManagerFactoryBean
 

N

newSession() - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.SessionFixationConfigurer
Specifies that a new session should be created, but the session attributes from the original HttpSession should not be retained.
none() - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.SessionFixationConfigurer
Specifies that no session fixation protection should be enabled.
not() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
Negates the following expression.

O

objectPostProcessor(ObjectPostProcessor<Object>) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Specifies the ObjectPostProcessor to use.
objectPostProcessor(AutowireCapableBeanFactory) - Method in class org.springframework.security.config.annotation.configuration.ObjectPostProcessorConfiguration
 
ObjectPostProcessor<T> - Interface in org.springframework.security.config.annotation
Allows initialization of Objects.
ObjectPostProcessorConfiguration - Class in org.springframework.security.config.annotation.configuration
Spring Configuration that exports the default ObjectPostProcessor.
ObjectPostProcessorConfiguration() - Constructor for class org.springframework.security.config.annotation.configuration.ObjectPostProcessorConfiguration
 
OPENID_ATTRIBUTE - Static variable in class org.springframework.security.config.Elements
 
OPENID_ATTRIBUTE_EXCHANGE - Static variable in class org.springframework.security.config.Elements
 
OPENID_LOGIN - Static variable in class org.springframework.security.config.Elements
 
openidLogin() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Allows configuring OpenID based authentication.
OpenIDLoginConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers.openid
Adds support for OpenID based authentication.
OpenIDLoginConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer
Creates a new instance
OpenIDLoginConfigurer.AttributeExchangeConfigurer - Class in org.springframework.security.config.annotation.web.configurers.openid
A class used to add OpenID attributes to look up
OpenIDLoginConfigurer.AttributeExchangeConfigurer.AttributeConfigurer - Class in org.springframework.security.config.annotation.web.configurers.openid
Configures an OpenIDAttribute
OPT_DEFAULT_PORT - Static variable in class org.springframework.security.config.ldap.LdapServerBeanDefinitionParser
 
org.springframework.security.config - package org.springframework.security.config
Support classes for the Spring Security namespace.
org.springframework.security.config.annotation - package org.springframework.security.config.annotation
 
org.springframework.security.config.annotation.authentication - package org.springframework.security.config.annotation.authentication
 
org.springframework.security.config.annotation.authentication.builders - package org.springframework.security.config.annotation.authentication.builders
 
org.springframework.security.config.annotation.authentication.configuration - package org.springframework.security.config.annotation.authentication.configuration
 
org.springframework.security.config.annotation.authentication.configurers - package org.springframework.security.config.annotation.authentication.configurers
 
org.springframework.security.config.annotation.authentication.configurers.ldap - package org.springframework.security.config.annotation.authentication.configurers.ldap
 
org.springframework.security.config.annotation.authentication.configurers.provisioning - package org.springframework.security.config.annotation.authentication.configurers.provisioning
 
org.springframework.security.config.annotation.authentication.configurers.userdetails - package org.springframework.security.config.annotation.authentication.configurers.userdetails
 
org.springframework.security.config.annotation.configuration - package org.springframework.security.config.annotation.configuration
 
org.springframework.security.config.annotation.method.configuration - package org.springframework.security.config.annotation.method.configuration
 
org.springframework.security.config.annotation.web - package org.springframework.security.config.annotation.web
 
org.springframework.security.config.annotation.web.builders - package org.springframework.security.config.annotation.web.builders
 
org.springframework.security.config.annotation.web.configuration - package org.springframework.security.config.annotation.web.configuration
 
org.springframework.security.config.annotation.web.configurers - package org.springframework.security.config.annotation.web.configurers
 
org.springframework.security.config.annotation.web.configurers.openid - package org.springframework.security.config.annotation.web.configurers.openid
 
org.springframework.security.config.annotation.web.messaging - package org.springframework.security.config.annotation.web.messaging
 
org.springframework.security.config.annotation.web.servlet.configuration - package org.springframework.security.config.annotation.web.servlet.configuration
 
org.springframework.security.config.annotation.web.socket - package org.springframework.security.config.annotation.web.socket
 
org.springframework.security.config.authentication - package org.springframework.security.config.authentication
Parsing of <authentication-manager> and related elements.
org.springframework.security.config.debug - package org.springframework.security.config.debug
 
org.springframework.security.config.http - package org.springframework.security.config.http
Parsing of the <http> namespace element.
org.springframework.security.config.ldap - package org.springframework.security.config.ldap
Security namespace support for LDAP authentication.
org.springframework.security.config.method - package org.springframework.security.config.method
Support for parsing of the <global-method-security> and <intercept-methods> elements.

P

parentAuthenticationManager(AuthenticationManager) - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
Allows providing a parent AuthenticationManager that will be tried if this AuthenticationManager was unable to attempt to authenticate the provided Authentication.
parse(Element, ParserContext) - Method in class org.springframework.security.config.authentication.AbstractUserDetailsServiceBeanDefinitionParser
 
parse(Element, ParserContext) - Method in class org.springframework.security.config.authentication.AuthenticationManagerBeanDefinitionParser
 
parse(Element, ParserContext) - Method in class org.springframework.security.config.authentication.AuthenticationProviderBeanDefinitionParser
 
parse(Element, ParserContext) - Method in class org.springframework.security.config.DebugBeanDefinitionParser
 
parse(Element, ParserContext) - Method in class org.springframework.security.config.http.CsrfBeanDefinitionParser
 
parse(Element, ParserContext) - Method in class org.springframework.security.config.http.FilterChainBeanDefinitionParser
 
parse(Element, ParserContext) - Method in class org.springframework.security.config.http.FilterInvocationSecurityMetadataSourceParser
 
parse(Element, ParserContext) - Method in class org.springframework.security.config.http.FormLoginBeanDefinitionParser
 
parse(Element, ParserContext) - Method in class org.springframework.security.config.http.HeadersBeanDefinitionParser
 
parse(Element, ParserContext) - Method in class org.springframework.security.config.http.HttpFirewallBeanDefinitionParser
 
parse(Element, ParserContext) - Method in class org.springframework.security.config.http.HttpSecurityBeanDefinitionParser
The aim of this method is to build the list of filters which have been defined by the namespace elements and attributes within the <http> configuration, along with any custom-filter's linked to user-defined filter beans.
parse(Element, ParserContext) - Method in class org.springframework.security.config.ldap.LdapProviderBeanDefinitionParser
 
parse(Element, ParserContext) - Method in class org.springframework.security.config.ldap.LdapServerBeanDefinitionParser
 
parse(Element, ParserContext) - Method in class org.springframework.security.config.method.GlobalMethodSecurityBeanDefinitionParser
 
parse(Element, ParserContext) - Method in class org.springframework.security.config.SecurityNamespaceHandler
 
parseInternal(Element, ParserContext) - Method in class org.springframework.security.config.method.MethodSecurityMetadataSourceBeanDefinitionParser
 
password(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
Populates the password.
PASSWORD_ENCODER - Static variable in class org.springframework.security.config.Elements
 
passwordAttribute(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.PasswordCompareConfigurer
The attribute in the directory which contains the user password.
passwordCompare() - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
 
passwordEncoder(PasswordEncoder) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.PasswordCompareConfigurer
Allows specifying the PasswordEncoder to use.
passwordEncoder(PasswordEncoder) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
passwordEncoder(PasswordEncoder) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
Specifies the PasswordEncoder to be used when authenticating with password comparison.
PasswordEncoderParser - Class in org.springframework.security.config.authentication
Stateful parser for the element.
PasswordEncoderParser(Element, ParserContext) - Constructor for class org.springframework.security.config.authentication.PasswordEncoderParser
 
passwordParameter(String) - Method in class org.springframework.security.config.annotation.web.configurers.FormLoginConfigurer
The HTTP parameter to look for the password when performing authentication.
pathMatcher(PathMatcher) - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry
performBuild() - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Subclasses must implement this method to build the object that is being returned.
performBuild() - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
 
performBuild() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
 
performBuild() - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
 
permitAll() - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Equivalent of invoking permitAll(true)
permitAll(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Ensures the urls for AbstractAuthenticationFilterConfigurer.failureUrl(String) and #authenticationUrls(String) are granted access to any user.
permitAll() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
Specify that URLs are allowed by anyone.
permitAll() - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
A shortcut for LogoutConfigurer.permitAll(boolean) with true as an argument.
permitAll(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.LogoutConfigurer
permitAll() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
Specify that Messages are allowed by anyone.
PERSON_MAPPER_CLASS - Static variable in class org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser
 
port(int) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.ContextSourceBuilder
The port to connect to LDAP to (the default is 33389 or random available port if unavailable).
PORT_MAPPING - Static variable in class org.springframework.security.config.Elements
 
PORT_MAPPINGS - Static variable in class org.springframework.security.config.Elements
 
portMapper() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Allows configuring a PortMapper that is available from AbstractConfiguredSecurityBuilder.getSharedObject(Class).
portMapper(PortMapper) - Method in class org.springframework.security.config.annotation.web.configurers.PortMapperConfigurer
Allows specifying the PortMapper instance.
PortMapperConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Allows configuring a shared PortMapper instance used to determine the ports when redirecting between HTTP and HTTPS.
PortMapperConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.PortMapperConfigurer
Creates a new instance
PortMapperConfigurer.HttpPortMapping - Class in org.springframework.security.config.annotation.web.configurers
Allows specifying the HTTPS port for a given HTTP port when redirecting between HTTP and HTTPS.
POST_INVOCATION_ADVICE - Static variable in class org.springframework.security.config.Elements
 
postBuildAction(Runnable) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
Executes the Runnable immediately after the build takes place
postProcess(P) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Performs post processing of an object.
postProcess(O) - Method in interface org.springframework.security.config.annotation.ObjectPostProcessor
Initialize the object possibly returning a modified instance that should be used instead.
postProcess(T) - Method in class org.springframework.security.config.annotation.SecurityConfigurerAdapter
Performs post processing of an object.
postProcessBeanDefinitionRegistry(BeanDefinitionRegistry) - Method in class org.springframework.security.config.debug.SecurityDebugBeanFactoryPostProcessor
 
postProcessBeanFactory(ConfigurableListableBeanFactory) - Method in class org.springframework.security.config.debug.SecurityDebugBeanFactoryPostProcessor
 
PRE_INVOCATION_ADVICE - Static variable in class org.springframework.security.config.Elements
 
preInvocationAuthorizationAdvice() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
Creates the PreInvocationAuthorizationAdvice to be used.
principal(Object) - Method in class org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer
Sets the principal for Authentication objects of anonymous users
privilegeEvaluator(WebInvocationPrivilegeEvaluator) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
Set the WebInvocationPrivilegeEvaluator to be used.
privilegeEvaluator() - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
Creates the WebInvocationPrivilegeEvaluator that is necessary for the JSP tag support.
PROTECT - Static variable in class org.springframework.security.config.Elements
 
PROTECT_POINTCUT - Static variable in class org.springframework.security.config.Elements
 
ProviderManagerBuilder<B extends ProviderManagerBuilder<B>> - Interface in org.springframework.security.config.annotation.authentication
Interface for operating on a SecurityBuilder that creates a ProviderManager

R

realmName(String) - Method in class org.springframework.security.config.annotation.web.configurers.HttpBasicConfigurer
Allows easily changing the realm, but leaving the remaining defaults in place.
regexMatcher(String) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Allows configuring the HttpSecurity to only be invoked when matching the provided regex pattern.
regexMatchers(HttpMethod, String...) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
Maps a List of RegexRequestMatcher instances.
regexMatchers(String...) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
Create a List of RegexRequestMatcher instances that do not specify an HttpMethod.
registerStompEndpoints(StompEndpointRegistry) - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
 
REMEMBER_ME - Static variable in class org.springframework.security.config.Elements
 
rememberMe() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Allows configuring of Remember Me authentication.
rememberMe() - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
Specify that URLs are allowed by users that have been remembered.
rememberMe() - Method in class org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
Specify that Messages are allowed by users that have been remembered.
RememberMeConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Configures Remember Me authentication.
RememberMeConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
Creates a new instance
rememberMeServices(RememberMeServices) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
Specify the RememberMeServices to use.
removeConfigurer(Class<C>) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Removes and returns the SecurityConfigurer by its class name or null if not found.
removeConfigurer(Class<C>) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder
Removes the SecurityConfigurer by its class name or null if not found.
removeConfigurers(Class<C>) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Removes all the SecurityConfigurer instances by its class name or an empty List if not found.
REQUEST_CACHE - Static variable in class org.springframework.security.config.Elements
 
requestCache() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Allows configuring the Request Cache.
requestCache(RequestCache) - Method in class org.springframework.security.config.annotation.web.configurers.RequestCacheConfigurer
Allows explicit configuration of the RequestCache to be used.
RequestCacheConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Adds request cache for Spring Security.
RequestCacheConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.RequestCacheConfigurer
 
requestDataValueProcessor() - Method in class org.springframework.security.config.annotation.web.servlet.configuration.WebMvcSecurityConfiguration
 
requestMatcher(RequestMatcher) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Allows configuring the HttpSecurity to only be invoked when matching the provided RequestMatcher.
requestMatchers(RequestMatcher...) - Method in class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry
Associates a list of RequestMatcher instances with the AbstractConfigAttributeRequestMatcherRegistry
requestMatchers() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Allows specifying which HttpServletRequest instances this HttpSecurity will be invoked on.
requireCsrfProtectionMatcher(RequestMatcher) - Method in class org.springframework.security.config.annotation.web.configurers.CsrfConfigurer
Specify the RequestMatcher to use for determining when CSRF should be applied.
required(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer.AttributeExchangeConfigurer.AttributeConfigurer
Specifies that this attribute is required.
requires(String) - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.RequiresChannelUrl
 
requiresChannel() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Configures channel security.
requiresInsecure() - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.RequiresChannelUrl
 
requiresSecure() - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.RequiresChannelUrl
 
rolePrefix(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
A non-empty string prefix that will be added as a prefix to the existing roles.
rolePrefix(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
A non-empty string prefix that will be added to role strings loaded from persistent storage (default is "").
rolePrefix(String) - Method in class org.springframework.security.config.annotation.web.configurers.ServletApiConfigurer
 
roles(String...) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer.UserDetailsBuilder
Populates the roles.
root(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.ContextSourceBuilder
Optional root suffix for the embedded LDAP server.
runAsManager() - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
Provide a custom RunAsManager for the default implementation of GlobalMethodSecurityConfiguration.methodSecurityInterceptor().

S

SALT_SOURCE - Static variable in class org.springframework.security.config.Elements
 
SecurityBuilder<O> - Interface in org.springframework.security.config.annotation
Interface for building an Object
SecurityConfigurer<O,B extends SecurityBuilder<O>> - Interface in org.springframework.security.config.annotation
Allows for configuring a SecurityBuilder.
SecurityConfigurerAdapter<O,B extends SecurityBuilder<O>> - Class in org.springframework.security.config.annotation
A base class for SecurityConfigurer that allows subclasses to only implement the methods they are interested in.
SecurityConfigurerAdapter() - Constructor for class org.springframework.security.config.annotation.SecurityConfigurerAdapter
 
securityContext() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Sets up management of the SecurityContext on the SecurityContextHolder between HttpServletRequest's.
securityContextChannelInterceptor() - Method in class org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
 
SecurityContextConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Allows persisting and restoring of the SecurityContext found on the SecurityContextHolder for each request by configuring the SecurityContextPersistenceFilter.
SecurityContextConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.SecurityContextConfigurer
Creates a new instance
securityContextRepository(SecurityContextRepository) - Method in class org.springframework.security.config.annotation.web.configurers.SecurityContextConfigurer
Specifies the shared SecurityContextRepository that is to be used
SecurityDebugBeanFactoryPostProcessor - Class in org.springframework.security.config.debug
 
SecurityDebugBeanFactoryPostProcessor() - Constructor for class org.springframework.security.config.debug.SecurityDebugBeanFactoryPostProcessor
 
securityInterceptor(FilterSecurityInterceptor) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
Sets the FilterSecurityInterceptor.
SecurityNamespaceHandler - Class in org.springframework.security.config
Parses elements from the "security" namespace (http://www.springframework.org/schema/security).
SecurityNamespaceHandler() - Constructor for class org.springframework.security.config.SecurityNamespaceHandler
 
servletApi() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Integrates the HttpServletRequest methods with the values found on the SecurityContext.
ServletApiConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Implements select methods from the HttpServletRequest using the SecurityContext from the SecurityContextHolder.
ServletApiConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.ServletApiConfigurer
Creates a new instance
SESSION_MANAGEMENT - Static variable in class org.springframework.security.config.Elements
 
sessionAuthenticationErrorUrl(String) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
Defines the URL of the error page which should be shown when the SessionAuthenticationStrategy raises an exception.
sessionAuthenticationStrategy(SessionAuthenticationStrategy) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
Allows explicitly specifying the SessionAuthenticationStrategy.
sessionCreationPolicy(SessionCreationPolicy) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
Allows specifying the SessionCreationPolicy
SessionCreationPolicy - Enum in org.springframework.security.config.http
Specifies the various session creation policies for Spring Security.
sessionFixation() - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
 
sessionManagement() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Allows configuring of Session Management.
SessionManagementConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Allows configuring session management.
SessionManagementConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
Creates a new instance
SessionManagementConfigurer.ConcurrencyControlConfigurer - Class in org.springframework.security.config.annotation.web.configurers
Allows configuring controlling of multiple sessions.
SessionManagementConfigurer.SessionFixationConfigurer - Class in org.springframework.security.config.annotation.web.configurers
Allows configuring SessionFixation protection
SessionManagementConfigurer.SessionFixationConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.SessionFixationConfigurer
 
sessionRegistry(SessionRegistry) - Method in class org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.ConcurrencyControlConfigurer
Controls the SessionRegistry implementation used.
setApplicationContext(ApplicationContext) - Method in class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
 
setApplicationContext(ApplicationContext) - Method in class org.springframework.security.config.annotation.web.builders.WebSecurity
 
setApplicationContext(ApplicationContext) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
 
setApplicationContext(ApplicationContext) - Method in class org.springframework.security.config.http.UserDetailsServiceFactoryBean
 
setAuthenticationConfiguration(AuthenticationConfiguration) - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
 
setAuthenticationConfiguration(AuthenticationConfiguration) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
 
setAuthenticationTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
 
setBeanClassLoader(ClassLoader) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
 
setBeanFactory(BeanFactory) - Method in class org.springframework.security.config.authentication.AuthenticationManagerFactoryBean
 
setBuilder(B) - Method in class org.springframework.security.config.annotation.SecurityConfigurerAdapter
Sets the SecurityBuilder to be used.
setContentNegotationStrategy(ContentNegotiationStrategy) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
 
setFilterChainProxySecurityConfigurer(ObjectPostProcessor<Object>, List<SecurityConfigurer<Filter, WebSecurity>>) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
Sets the <SecurityConfigurer<FilterChainProxy, WebSecurityBuilder> instances used to create the web configuration.
setGlobalAuthenticationConfigurers(List<GlobalAuthenticationConfigurerAdapter>) - Method in class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
 
setImportMetadata(AnnotationMetadata) - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
Obtains the attributes from EnableGlobalMethodSecurity if this class was imported using the EnableGlobalMethodSecurity annotation.
setImportMetadata(AnnotationMetadata) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
 
setObjectPostProcessor(ObjectPostProcessor<Object>) - Method in class org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
 
setObjectPostProcessor(ObjectPostProcessor<Object>) - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
 
setObjectPostProcessor(ObjectPostProcessor<Object>) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
 
setPermissionEvaluator(List<PermissionEvaluator>) - Method in class org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
 
setSharedObject(Class<C>, C) - Method in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
Sets an object that is shared by multiple SecurityConfigurer.
setSharedObject(Class<C>, C) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder
Sets an object that is shared by multiple SecurityConfigurer.
setTrustResolver(AuthenticationTrustResolver) - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
 
setUserCache(UserCache) - Method in class org.springframework.security.config.authentication.CachingUserDetailsService
 
SPRING_SECURITY_FILTER_CHAIN - Static variable in class org.springframework.security.config.BeanIds
External alias for FilterChainProxy bean, for use in web.xml files
springSecurityFilterChain() - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
Creates the Spring Security Filter Chain
subjectPrincipalRegex(String) - Method in class org.springframework.security.config.annotation.web.configurers.X509Configurer
Specifies the regex to extract the principal from the certificate.
successHandler(AuthenticationSuccessHandler) - Method in class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
Specifies the AuthenticationSuccessHandler to be used.
supports(Class<?>) - Method in class org.springframework.security.config.authentication.AuthenticationManagerBeanDefinitionParser.NullAuthenticationProvider
 

T

tokenRepository(PersistentTokenRepository) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
Specifies the PersistentTokenRepository to use.
tokenValiditySeconds(int) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
Allows specifying how long (in seconds) a token is valid for
type(String) - Method in class org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer.AttributeExchangeConfigurer.AttributeConfigurer
The OpenID attribute type.

U

url(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer.ContextSourceBuilder
Specifies the ldap server URL when not using the embedded LDAP server.
UrlAuthorizationConfigurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Adds URL based authorization using DefaultFilterInvocationSecurityMetadataSource.
UrlAuthorizationConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer
 
UrlAuthorizationConfigurer.AuthorizedUrl - Class in org.springframework.security.config.annotation.web.configurers
Maps the specified RequestMatcher instances to ConfigAttribute instances.
UrlAuthorizationConfigurer.StandardInterceptUrlRegistry - Class in org.springframework.security.config.annotation.web.configurers
 
UrlAuthorizationConfigurer.StandardInterceptUrlRegistry() - Constructor for class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.StandardInterceptUrlRegistry
 
USER_DETAILS_SERVICE - Static variable in class org.springframework.security.config.BeanIds
 
USER_DETAILS_SERVICE_FACTORY - Static variable in class org.springframework.security.config.BeanIds
 
USER_SERVICE - Static variable in class org.springframework.security.config.Elements
 
userCache(UserCache) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
Defines the UserCache to use
UserDetailsAwareConfigurer<B extends ProviderManagerBuilder<B>,U extends org.springframework.security.core.userdetails.UserDetailsService> - Class in org.springframework.security.config.annotation.authentication.configurers.userdetails
Base class that allows access to the UserDetailsService for using as a default value with AuthenticationManagerBuilder.
UserDetailsAwareConfigurer() - Constructor for class org.springframework.security.config.annotation.authentication.configurers.userdetails.UserDetailsAwareConfigurer
 
userDetailsContextMapper(UserDetailsContextMapper) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
Allows explicit customization of the loaded user object by specifying a UserDetailsContextMapper bean which will be called with the context information from the user's directory entry.
UserDetailsManagerConfigurer<B extends ProviderManagerBuilder<B>,C extends UserDetailsManagerConfigurer<B,C>> - Class in org.springframework.security.config.annotation.authentication.configurers.provisioning
Base class for populating an AuthenticationManagerBuilder with a UserDetailsManager.
UserDetailsManagerConfigurer(UserDetailsManager) - Constructor for class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer
 
UserDetailsManagerConfigurer.UserDetailsBuilder - Class in org.springframework.security.config.annotation.authentication.configurers.provisioning
Builds the user to be added.
userDetailsService(T) - Method in class org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
Add authentication based upon the custom UserDetailsService that is passed in.
userDetailsService(UserDetailsService) - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
 
userDetailsService() - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
Allows modifying and accessing the UserDetailsService from WebSecurityConfigurerAdapter.userDetailsServiceBean()() without interacting with the ApplicationContext.
userDetailsService(UserDetailsService) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
Specifies the UserDetailsService used to look up the UserDetails when a remember me token is valid.
userDetailsService(UserDetailsService) - Method in class org.springframework.security.config.annotation.web.configurers.X509Configurer
Shortcut for invoking X509Configurer.authenticationUserDetailsService(AuthenticationUserDetailsService) with a UserDetailsByNameServiceWrapper.
userDetailsService(UserDetailsService) - Method in interface org.springframework.security.config.annotation.web.HttpSecurityBuilder
Allows adding an additional UserDetailsService to be used
userDetailsServiceBean() - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
Override this method to expose a UserDetailsService created from WebSecurityConfigurerAdapter.configure(AuthenticationManagerBuilder) as a bean.
UserDetailsServiceConfigurer<B extends ProviderManagerBuilder<B>,C extends UserDetailsServiceConfigurer<B,C,U>,U extends org.springframework.security.core.userdetails.UserDetailsService> - Class in org.springframework.security.config.annotation.authentication.configurers.userdetails
Allows configuring a UserDetailsService within a AuthenticationManagerBuilder.
UserDetailsServiceConfigurer(U) - Constructor for class org.springframework.security.config.annotation.authentication.configurers.userdetails.UserDetailsServiceConfigurer
Creates a new instance
UserDetailsServiceFactoryBean - Class in org.springframework.security.config.http
Bean used to lookup a named UserDetailsService or AuthenticationUserDetailsService.
UserDetailsServiceFactoryBean() - Constructor for class org.springframework.security.config.http.UserDetailsServiceFactoryBean
 
userDnPatterns(String...) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
If your users are at a fixed location in the directory (i.e.
usernameParameter(String) - Method in class org.springframework.security.config.annotation.web.configurers.FormLoginConfigurer
The HTTP parameter to look for the username when performing authentication.
usersByUsernameQuery(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
Sets the query to be used for finding a user by their username.
userSearchBase(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
Search base for user searches.
userSearchFilter(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
The LDAP filter used to search for users (optional).
UserServiceBeanDefinitionParser - Class in org.springframework.security.config.authentication
 
UserServiceBeanDefinitionParser() - Constructor for class org.springframework.security.config.authentication.UserServiceBeanDefinitionParser
 
useSecureCookie(boolean) - Method in class org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer
Whether the cookie should be flagged as secure or not.

V

validate(FilterChainProxy) - Method in class org.springframework.security.config.http.DefaultFilterChainValidator
 
valueOf(String) - Static method in enum org.springframework.security.config.http.MatcherType
Returns the enum constant of this type with the specified name.
valueOf(String) - Static method in enum org.springframework.security.config.http.SessionCreationPolicy
Returns the enum constant of this type with the specified name.
values() - Static method in enum org.springframework.security.config.http.MatcherType
Returns an array containing the constants of this enum type, in the order they are declared.
values() - Static method in enum org.springframework.security.config.http.SessionCreationPolicy
Returns an array containing the constants of this enum type, in the order they are declared.

W

WebMvcSecurityConfiguration - Class in org.springframework.security.config.annotation.web.servlet.configuration
Used to add a RequestDataValueProcessor for Spring MVC and Spring Security CSRF integration.
WebMvcSecurityConfiguration() - Constructor for class org.springframework.security.config.annotation.web.servlet.configuration.WebMvcSecurityConfiguration
 
WebSecurity - Class in org.springframework.security.config.annotation.web.builders
The WebSecurity is created by WebSecurityConfiguration to create the FilterChainProxy known as the Spring Security Filter Chain (springSecurityFilterChain).
WebSecurity(ObjectPostProcessor<Object>) - Constructor for class org.springframework.security.config.annotation.web.builders.WebSecurity
Creates a new instance
WebSecurity.IgnoredRequestConfigurer - Class in org.springframework.security.config.annotation.web.builders
Allows registering RequestMatcher instances that should be ignored by Spring Security.
WebSecurityConfiguration - Class in org.springframework.security.config.annotation.web.configuration
Uses a WebSecurity to create the FilterChainProxy that performs the web based security for Spring Security.
WebSecurityConfiguration() - Constructor for class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
 
WebSecurityConfigurer<T extends SecurityBuilder<javax.servlet.Filter>> - Interface in org.springframework.security.config.annotation.web
Allows customization to the WebSecurity.
WebSecurityConfigurerAdapter - Class in org.springframework.security.config.annotation.web.configuration
Provides a convenient base class for creating a WebSecurityConfigurer instance.
WebSecurityConfigurerAdapter() - Constructor for class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
Creates an instance with the default configuration enabled.
WebSecurityConfigurerAdapter(boolean) - Constructor for class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
Creates an instance which allows specifying if the default configuration should be enabled.
webSecurityExpressionHandler() - Method in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
 
withDefaultSchema() - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer
Populates the default schema that allows users and authorities to be stored.
withObjectPostProcessor(ObjectPostProcessor<?>) - Method in class org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer
Adds an ObjectPostProcessor for this class.
withObjectPostProcessor(ObjectPostProcessor<?>) - Method in class org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer.ChannelRequestMatcherRegistry
Adds an ObjectPostProcessor for this class.
withObjectPostProcessor(ObjectPostProcessor<?>) - Method in class org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry
Adds an ObjectPostProcessor for this class.
withObjectPostProcessor(ObjectPostProcessor<?>) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.StandardInterceptUrlRegistry
Adds an ObjectPostProcessor for this class.
withObjectPostProcessor(ObjectPostProcessor<?>) - Method in class org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer
Adds an ObjectPostProcessor for this class.
withUser(String) - Method in class org.springframework.security.config.annotation.authentication.configurers.provisioning.UserDetailsManagerConfigurer
Allows adding a user to the UserDetailsManager that is being created.

X

x509() - Method in class org.springframework.security.config.annotation.web.builders.HttpSecurity
Configures X509 based pre authentication.
X509 - Static variable in class org.springframework.security.config.Elements
 
x509AuthenticationFilter(X509AuthenticationFilter) - Method in class org.springframework.security.config.annotation.web.configurers.X509Configurer
Allows specifying the entire X509AuthenticationFilter.
X509Configurer<H extends HttpSecurityBuilder<H>> - Class in org.springframework.security.config.annotation.web.configurers
Adds X509 based pre authentication to an application.
X509Configurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.X509Configurer
Creates a new instance
xssProtection() - Method in class org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
Note this is not comprehensive XSS protection! Adds XXssProtectionHeaderWriter which adds the X-XSS-Protection header
A B C D E F G H I J K L M N O P R S T U V W X 
spring-security-config