Package | Description |
---|---|
org.springframework.security.access |
Core access-control related code, including security metadata related classes, interception code, access control
annotations, EL support and voter-based implementations of the central
AccessDecisionManager interface. |
org.springframework.security.access.annotation |
Support for JSR-250 and Spring Security
@Secured annotations. |
org.springframework.security.access.event |
Authorization event and listener classes.
|
org.springframework.security.access.expression |
Expression handling code to support the use of Spring-EL based expressions in
@PreAuthorize , @PreFilter ,
@PostAuthorize and @PostFilter annotations. |
org.springframework.security.access.expression.method |
Implementation of expression-based method security.
|
org.springframework.security.access.intercept |
Abstract level security interception classes which are responsible for enforcing the
configured security constraints for a secure object.
|
org.springframework.security.access.intercept.aopalliance |
Enforces security for AOP Alliance
MethodInvocation s, such as via Spring AOP. |
org.springframework.security.access.method |
Provides
SecurityMetadataSource implementations for securing Java method invocations via different
AOP libraries. |
org.springframework.security.access.prepost |
Contains the infrastructure classes for handling the
@PreAuthorize , @PreFilter , @PostAuthorize
and @PostFilter annotations. |
org.springframework.security.access.vote |
Implements a vote-based approach to authorization decisions.
|
org.springframework.security.acls |
The Spring Security ACL package which implements instance-based security for domain objects.
|
org.springframework.security.acls.afterinvocation |
After-invocation providers for collection and array filtering.
|
org.springframework.security.config.annotation.method.configuration | |
org.springframework.security.config.http |
Parsing of the <http> namespace element.
|
org.springframework.security.web.access |
Access-control related classes and packages.
|
org.springframework.security.web.access.channel |
Classes that ensure web requests are received over required transport channels.
|
org.springframework.security.web.access.expression |
Implementation of web security expressions.
|
org.springframework.security.web.access.intercept |
Enforcement of security for HTTP requests, typically by the URL requested.
|
org.springframework.security.web.csrf | |
org.springframework.security.web.session |
Session management filters,
HttpSession events and publisher classes. |
Class and Description |
---|
AccessDeniedException
Thrown if an
Authentication object does not hold a
required authority. |
ConfigAttribute
Stores a security system related configuration attribute.
|
Class and Description |
---|
AccessDecisionVoter
Indicates a class is responsible for voting on authorization decisions.
|
ConfigAttribute
Stores a security system related configuration attribute.
|
SecurityConfig
Stores a
ConfigAttribute as a String . |
SecurityMetadataSource
Implemented by classes that store and can identify the
ConfigAttribute s that applies to a given secure object
invocation. |
Class and Description |
---|
AccessDeniedException
Thrown if an
Authentication object does not hold a
required authority. |
ConfigAttribute
Stores a security system related configuration attribute.
|
Class and Description |
---|
PermissionEvaluator
Strategy used in expression evaluation to determine whether a user has a permission or permissions
for a given domain object.
|
Class and Description |
---|
AccessDeniedException
Thrown if an
Authentication object does not hold a
required authority. |
PermissionCacheOptimizer
Allows permissions to be pre-cached when using pre or post filtering with expressions
|
Class and Description |
---|
AccessDecisionManager
Makes a final access control (authorization) decision.
|
AccessDeniedException
Thrown if an
Authentication object does not hold a
required authority. |
AfterInvocationProvider
Indicates a class is responsible for participating in an
AfterInvocationProviderManager decision. |
ConfigAttribute
Stores a security system related configuration attribute.
|
SecurityMetadataSource
Implemented by classes that store and can identify the
ConfigAttribute s that applies to a given secure object
invocation. |
Class and Description |
---|
SecurityMetadataSource
Implemented by classes that store and can identify the
ConfigAttribute s that applies to a given secure object
invocation. |
Class and Description |
---|
ConfigAttribute
Stores a security system related configuration attribute.
|
SecurityMetadataSource
Implemented by classes that store and can identify the
ConfigAttribute s that applies to a given secure object
invocation. |
Class and Description |
---|
AccessDecisionVoter
Indicates a class is responsible for voting on authorization decisions.
|
AccessDeniedException
Thrown if an
Authentication object does not hold a
required authority. |
AfterInvocationProvider
Indicates a class is responsible for participating in an
AfterInvocationProviderManager decision. |
ConfigAttribute
Stores a security system related configuration attribute.
|
SecurityMetadataSource
Implemented by classes that store and can identify the
ConfigAttribute s that applies to a given secure object
invocation. |
Class and Description |
---|
AccessDecisionManager
Makes a final access control (authorization) decision.
|
AccessDecisionVoter
Indicates a class is responsible for voting on authorization decisions.
|
AccessDeniedException
Thrown if an
Authentication object does not hold a
required authority. |
ConfigAttribute
Stores a security system related configuration attribute.
|
Class and Description |
---|
AccessDecisionVoter
Indicates a class is responsible for voting on authorization decisions.
|
ConfigAttribute
Stores a security system related configuration attribute.
|
PermissionCacheOptimizer
Allows permissions to be pre-cached when using pre or post filtering with expressions
|
PermissionEvaluator
Strategy used in expression evaluation to determine whether a user has a permission or permissions
for a given domain object.
|
Class and Description |
---|
AccessDeniedException
Thrown if an
Authentication object does not hold a
required authority. |
AfterInvocationProvider
Indicates a class is responsible for participating in an
AfterInvocationProviderManager decision. |
ConfigAttribute
Stores a security system related configuration attribute.
|
Class and Description |
---|
AccessDecisionManager
Makes a final access control (authorization) decision.
|
PermissionEvaluator
Strategy used in expression evaluation to determine whether a user has a permission or permissions
for a given domain object.
|
Class and Description |
---|
ConfigAttribute
Stores a security system related configuration attribute.
|
Class and Description |
---|
AccessDeniedException
Thrown if an
Authentication object does not hold a
required authority. |
Class and Description |
---|
ConfigAttribute
Stores a security system related configuration attribute.
|
Class and Description |
---|
AccessDecisionVoter
Indicates a class is responsible for voting on authorization decisions.
|
ConfigAttribute
Stores a security system related configuration attribute.
|
SecurityMetadataSource
Implemented by classes that store and can identify the
ConfigAttribute s that applies to a given secure object
invocation. |
Class and Description |
---|
ConfigAttribute
Stores a security system related configuration attribute.
|
SecurityMetadataSource
Implemented by classes that store and can identify the
ConfigAttribute s that applies to a given secure object
invocation. |
Class and Description |
---|
AccessDeniedException
Thrown if an
Authentication object does not hold a
required authority. |
Class and Description |
---|
AccessDeniedException
Thrown if an
Authentication object does not hold a
required authority. |
Copyright © 2019. All rights reserved.