Package | Description |
---|---|
org.springframework.security.access |
Core access-control related code, including security metadata related classes, interception code, access control
annotations, EL support and voter-based implementations of the central
AccessDecisionManager interface. |
org.springframework.security.access.annotation |
Support for JSR-250 and Spring Security
@Secured annotations. |
org.springframework.security.access.event |
Authorization event and listener classes.
|
org.springframework.security.access.intercept |
Abstract level security interception classes which are responsible for enforcing the
configured security constraints for a secure object.
|
org.springframework.security.access.method |
Provides
SecurityMetadataSource implementations for securing Java method invocations via different
AOP libraries. |
org.springframework.security.access.prepost |
Contains the infrastructure classes for handling the
@PreAuthorize , @PreFilter , @PostAuthorize
and @PostFilter annotations. |
org.springframework.security.access.vote |
Implements a vote-based approach to authorization decisions.
|
org.springframework.security.acls |
The Spring Security ACL package which implements instance-based security for domain objects.
|
org.springframework.security.acls.afterinvocation |
After-invocation providers for collection and array filtering.
|
org.springframework.security.config.http |
Parsing of the <http> namespace element.
|
org.springframework.security.web.access.channel |
Classes that ensure web requests are received over required transport channels.
|
org.springframework.security.web.access.expression |
Implementation of web security expressions.
|
org.springframework.security.web.access.intercept |
Enforcement of security for HTTP requests, typically by the URL requested.
|
Modifier and Type | Class and Description |
---|---|
class |
SecurityConfig
Stores a
ConfigAttribute as a String . |
Modifier and Type | Method and Description |
---|---|
static List<ConfigAttribute> |
SecurityConfig.createList(String... attributeNames) |
static List<ConfigAttribute> |
SecurityConfig.createListFromCommaDelimitedString(String access) |
static List<ConfigAttribute> |
SecurityConfig.createSingleAttributeList(String access)
Deprecated.
Use createList instead
|
Collection<ConfigAttribute> |
SecurityMetadataSource.getAllConfigAttributes()
If available, returns all of the
ConfigAttribute s defined by the implementing class. |
Collection<ConfigAttribute> |
SecurityMetadataSource.getAttributes(Object object)
Accesses the
ConfigAttribute s that apply to a given secure object. |
Modifier and Type | Method and Description |
---|---|
boolean |
AccessDecisionManager.supports(ConfigAttribute attribute)
Indicates whether this
AccessDecisionManager is able to process authorization requests
presented with the passed ConfigAttribute . |
boolean |
AccessDecisionVoter.supports(ConfigAttribute attribute)
Indicates whether this
AccessDecisionVoter is able to vote on the passed ConfigAttribute . |
boolean |
AfterInvocationProvider.supports(ConfigAttribute attribute)
Indicates whether this
AfterInvocationProvider is able to participate in a decision
involving the passed ConfigAttribute . |
Modifier and Type | Method and Description |
---|---|
void |
AccessDecisionManager.decide(Authentication authentication,
Object object,
Collection<ConfigAttribute> configAttributes)
Resolves an access control decision for the passed parameters.
|
Object |
AfterInvocationProvider.decide(Authentication authentication,
Object object,
Collection<ConfigAttribute> attributes,
Object returnedObject) |
int |
AccessDecisionVoter.vote(Authentication authentication,
S object,
Collection<ConfigAttribute> attributes)
Indicates whether or not access is granted.
|
Modifier and Type | Class and Description |
---|---|
class |
Jsr250SecurityConfig
Security config applicable as a JSR 250 annotation attribute.
|
Modifier and Type | Method and Description |
---|---|
Collection<? extends ConfigAttribute> |
AnnotationMetadataExtractor.extractAttributes(A securityAnnotation) |
protected Collection<ConfigAttribute> |
SecuredAnnotationSecurityMetadataSource.findAttributes(Class<?> clazz) |
protected Collection<ConfigAttribute> |
Jsr250MethodSecurityMetadataSource.findAttributes(Class<?> clazz) |
protected Collection<ConfigAttribute> |
SecuredAnnotationSecurityMetadataSource.findAttributes(Method method,
Class<?> targetClass) |
protected Collection<ConfigAttribute> |
Jsr250MethodSecurityMetadataSource.findAttributes(Method method,
Class<?> targetClass) |
Collection<ConfigAttribute> |
SecuredAnnotationSecurityMetadataSource.getAllConfigAttributes() |
Collection<ConfigAttribute> |
Jsr250MethodSecurityMetadataSource.getAllConfigAttributes() |
Modifier and Type | Method and Description |
---|---|
boolean |
Jsr250Voter.supports(ConfigAttribute configAttribute)
The specified config attribute is supported if its an instance of a
Jsr250SecurityConfig . |
Modifier and Type | Method and Description |
---|---|
int |
Jsr250Voter.vote(Authentication authentication,
Object object,
Collection<ConfigAttribute> definition)
Votes according to JSR 250.
|
Modifier and Type | Method and Description |
---|---|
Collection<ConfigAttribute> |
AuthorizedEvent.getConfigAttributes() |
Collection<ConfigAttribute> |
AuthenticationCredentialsNotFoundEvent.getConfigAttributes() |
Collection<ConfigAttribute> |
AuthorizationFailureEvent.getConfigAttributes() |
Constructor and Description |
---|
AuthenticationCredentialsNotFoundEvent(Object secureObject,
Collection<ConfigAttribute> attributes,
AuthenticationCredentialsNotFoundException credentialsNotFoundException)
Construct the event.
|
AuthorizationFailureEvent(Object secureObject,
Collection<ConfigAttribute> attributes,
Authentication authentication,
AccessDeniedException accessDeniedException)
Construct the event.
|
AuthorizedEvent(Object secureObject,
Collection<ConfigAttribute> attributes,
Authentication authentication)
Construct the event.
|
Modifier and Type | Method and Description |
---|---|
Collection<ConfigAttribute> |
InterceptorStatusToken.getAttributes() |
Modifier and Type | Method and Description |
---|---|
boolean |
AfterInvocationProviderManager.supports(ConfigAttribute attribute) |
boolean |
RunAsManagerImpl.supports(ConfigAttribute attribute) |
boolean |
RunAsManager.supports(ConfigAttribute attribute)
Indicates whether this
RunAsManager is able to process the passed
ConfigAttribute . |
boolean |
AfterInvocationManager.supports(ConfigAttribute attribute)
Indicates whether this
AfterInvocationManager is able to process "after invocation"
requests presented with the passed ConfigAttribute . |
Modifier and Type | Method and Description |
---|---|
Authentication |
RunAsManagerImpl.buildRunAs(Authentication authentication,
Object object,
Collection<ConfigAttribute> attributes) |
Authentication |
RunAsManager.buildRunAs(Authentication authentication,
Object object,
Collection<ConfigAttribute> attributes)
Returns a replacement
Authentication object for the current secure object invocation, or
null if replacement not required. |
Object |
AfterInvocationProviderManager.decide(Authentication authentication,
Object object,
Collection<ConfigAttribute> config,
Object returnedObject) |
Object |
AfterInvocationManager.decide(Authentication authentication,
Object object,
Collection<ConfigAttribute> attributes,
Object returnedObject)
Given the details of a secure object invocation including its returned
Object , make an
access control decision or optionally modify the returned Object . |
Constructor and Description |
---|
InterceptorStatusToken(SecurityContext securityContext,
boolean contextHolderRefreshRequired,
Collection<ConfigAttribute> attributes,
Object secureObject) |
Modifier and Type | Field and Description |
---|---|
protected Map<org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource.RegisteredMethod,List<ConfigAttribute>> |
MapBasedMethodSecurityMetadataSource.methodMap
Map from RegisteredMethod to ConfigAttribute list
|
Modifier and Type | Method and Description |
---|---|
protected abstract Collection<ConfigAttribute> |
AbstractFallbackMethodSecurityMetadataSource.findAttributes(Class<?> clazz)
Obtains the security metadata registered against the specified class.
|
protected Collection<ConfigAttribute> |
MapBasedMethodSecurityMetadataSource.findAttributes(Class<?> clazz)
Implementation does not support class-level attributes.
|
protected abstract Collection<ConfigAttribute> |
AbstractFallbackMethodSecurityMetadataSource.findAttributes(Method method,
Class<?> targetClass)
Obtains the security metadata applicable to the specified method invocation.
|
protected Collection<ConfigAttribute> |
MapBasedMethodSecurityMetadataSource.findAttributes(Method method,
Class<?> targetClass)
Will walk the method inheritance tree to find the most specific declaration applicable.
|
Collection<ConfigAttribute> |
DelegatingMethodSecurityMetadataSource.getAllConfigAttributes() |
Collection<ConfigAttribute> |
MapBasedMethodSecurityMetadataSource.getAllConfigAttributes()
Obtains the configuration attributes explicitly defined against this bean.
|
Collection<ConfigAttribute> |
MethodSecurityMetadataSource.getAttributes(Method method,
Class<?> targetClass) |
Collection<ConfigAttribute> |
AbstractFallbackMethodSecurityMetadataSource.getAttributes(Method method,
Class<?> targetClass) |
Collection<ConfigAttribute> |
DelegatingMethodSecurityMetadataSource.getAttributes(Method method,
Class<?> targetClass) |
Collection<ConfigAttribute> |
AbstractMethodSecurityMetadataSource.getAttributes(Object object) |
Modifier and Type | Method and Description |
---|---|
void |
MapBasedMethodSecurityMetadataSource.addSecureMethod(Class<?> javaType,
Method method,
List<ConfigAttribute> attr)
Adds configuration attributes for a specific method, for example where the method has been
matched using a pointcut expression.
|
void |
MapBasedMethodSecurityMetadataSource.addSecureMethod(Class<?> javaType,
String mappedName,
List<ConfigAttribute> attr)
Add configuration attributes for a secure method.
|
Constructor and Description |
---|
MapBasedMethodSecurityMetadataSource(Map<String,List<ConfigAttribute>> methodMap)
Creates the MapBasedMethodSecurityMetadataSource from a
|
Modifier and Type | Interface and Description |
---|---|
interface |
PostInvocationAttribute
Marker interface for attributes which are created from combined @PostFilter and @PostAuthorize annotations.
|
interface |
PreInvocationAttribute
Marker interface for attributes which are created from combined @PreFilter and @PreAuthorize annotations.
|
Modifier and Type | Method and Description |
---|---|
Collection<ConfigAttribute> |
PrePostAnnotationSecurityMetadataSource.getAllConfigAttributes() |
Collection<ConfigAttribute> |
PrePostAnnotationSecurityMetadataSource.getAttributes(Method method,
Class<?> targetClass) |
Modifier and Type | Method and Description |
---|---|
boolean |
PostInvocationAdviceProvider.supports(ConfigAttribute attribute) |
boolean |
PreInvocationAuthorizationAdviceVoter.supports(ConfigAttribute attribute) |
Modifier and Type | Method and Description |
---|---|
Object |
PostInvocationAdviceProvider.decide(Authentication authentication,
Object object,
Collection<ConfigAttribute> config,
Object returnedObject) |
int |
PreInvocationAuthorizationAdviceVoter.vote(Authentication authentication,
org.aopalliance.intercept.MethodInvocation method,
Collection<ConfigAttribute> attributes) |
Modifier and Type | Method and Description |
---|---|
boolean |
AuthenticatedVoter.supports(ConfigAttribute attribute) |
boolean |
AbstractAccessDecisionManager.supports(ConfigAttribute attribute) |
boolean |
RoleVoter.supports(ConfigAttribute attribute) |
Modifier and Type | Method and Description |
---|---|
void |
UnanimousBased.decide(Authentication authentication,
Object object,
Collection<ConfigAttribute> attributes)
This concrete implementation polls all configured
AccessDecisionVoter s for each ConfigAttribute and grants access if only grant (or abstain) votes were received. |
void |
AffirmativeBased.decide(Authentication authentication,
Object object,
Collection<ConfigAttribute> configAttributes)
This concrete implementation simply polls all configured
AccessDecisionVoter s and grants access
if any AccessDecisionVoter voted affirmatively. |
void |
ConsensusBased.decide(Authentication authentication,
Object object,
Collection<ConfigAttribute> configAttributes)
This concrete implementation simply polls all configured
AccessDecisionVoter s and upon
completion determines the consensus of granted against denied responses. |
int |
AuthenticatedVoter.vote(Authentication authentication,
Object object,
Collection<ConfigAttribute> attributes) |
int |
RoleVoter.vote(Authentication authentication,
Object object,
Collection<ConfigAttribute> attributes) |
Modifier and Type | Method and Description |
---|---|
boolean |
AclEntryVoter.supports(ConfigAttribute attribute) |
Modifier and Type | Method and Description |
---|---|
int |
AclEntryVoter.vote(Authentication authentication,
org.aopalliance.intercept.MethodInvocation object,
Collection<ConfigAttribute> attributes) |
Modifier and Type | Method and Description |
---|---|
boolean |
AbstractAclProvider.supports(ConfigAttribute attribute) |
Modifier and Type | Method and Description |
---|---|
Object |
AclEntryAfterInvocationCollectionFilteringProvider.decide(Authentication authentication,
Object object,
Collection<ConfigAttribute> config,
Object returnedObject) |
Object |
AclEntryAfterInvocationProvider.decide(Authentication authentication,
Object object,
Collection<ConfigAttribute> config,
Object returnedObject) |
Modifier and Type | Method and Description |
---|---|
static List<ConfigAttribute> |
ChannelAttributeFactory.createChannelAttributes(String requiredChannel) |
Modifier and Type | Method and Description |
---|---|
boolean |
SecureChannelProcessor.supports(ConfigAttribute attribute) |
boolean |
ChannelDecisionManagerImpl.supports(ConfigAttribute attribute) |
boolean |
InsecureChannelProcessor.supports(ConfigAttribute attribute) |
boolean |
ChannelDecisionManager.supports(ConfigAttribute attribute)
Indicates whether this
ChannelDecisionManager is able to process the passed
ConfigAttribute . |
boolean |
ChannelProcessor.supports(ConfigAttribute attribute)
Indicates whether this
ChannelProcessor is able to process the passed
ConfigAttribute . |
Modifier and Type | Method and Description |
---|---|
void |
SecureChannelProcessor.decide(FilterInvocation invocation,
Collection<ConfigAttribute> config) |
void |
ChannelDecisionManagerImpl.decide(FilterInvocation invocation,
Collection<ConfigAttribute> config) |
void |
InsecureChannelProcessor.decide(FilterInvocation invocation,
Collection<ConfigAttribute> config) |
void |
ChannelDecisionManager.decide(FilterInvocation invocation,
Collection<ConfigAttribute> config)
Decided whether the presented
FilterInvocation provides the appropriate level of channel
security based on the requested list of ConfigAttributes. |
void |
ChannelProcessor.decide(FilterInvocation invocation,
Collection<ConfigAttribute> config)
Decided whether the presented
FilterInvocation provides the appropriate level of channel
security based on the requested list of ConfigAttributes. |
Modifier and Type | Method and Description |
---|---|
boolean |
WebExpressionVoter.supports(ConfigAttribute attribute) |
Modifier and Type | Method and Description |
---|---|
int |
WebExpressionVoter.vote(Authentication authentication,
FilterInvocation fi,
Collection<ConfigAttribute> attributes) |
Constructor and Description |
---|
ExpressionBasedFilterInvocationSecurityMetadataSource(LinkedHashMap<RequestMatcher,Collection<ConfigAttribute>> requestMap,
SecurityExpressionHandler<FilterInvocation> expressionHandler) |
Modifier and Type | Method and Description |
---|---|
Collection<ConfigAttribute> |
DefaultFilterInvocationSecurityMetadataSource.getAllConfigAttributes() |
Collection<ConfigAttribute> |
DefaultFilterInvocationSecurityMetadataSource.getAttributes(Object object) |
Constructor and Description |
---|
DefaultFilterInvocationSecurityMetadataSource(LinkedHashMap<RequestMatcher,Collection<ConfigAttribute>> requestMap)
Sets the internal request map from the supplied map.
|
Copyright © 2015. All rights reserved.