org.springframework.security.access |
Core access-control related code, including security metadata related classes, interception code, access control
annotations, EL support and voter-based implementations of the central
AccessDecisionManager interface. |
org.springframework.security.access.annotation |
Support for JSR-250 and Spring Security @Secured annotations. |
org.springframework.security.access.event |
Authorization event and listener classes. |
org.springframework.security.access.expression |
Expression handling code to support the use of Spring-EL based expressions in @PreAuthorize , @PreFilter ,
@PostAuthorize and @PostFilter annotations. |
org.springframework.security.access.expression.method |
Implementation of expression-based method security. |
org.springframework.security.access.hierarchicalroles |
Role hierarchy implementation. |
org.springframework.security.access.intercept |
Abstract level security interception classes which are responsible for enforcing the
configured security constraints for a secure object. |
org.springframework.security.access.intercept.aopalliance |
Enforces security for AOP Alliance MethodInvocation s, such as via Spring AOP. |
org.springframework.security.access.intercept.aspectj |
Enforces security for AspectJ JointPoint s, delegating secure object callbacks to the calling aspect. |
org.springframework.security.access.method |
Provides SecurityMetadataSource implementations for securing Java method invocations via different
AOP libraries. |
org.springframework.security.access.prepost |
Contains the infrastructure classes for handling the @PreAuthorize , @PreFilter , @PostAuthorize
and @PostFilter annotations. |
org.springframework.security.access.vote |
Implements a vote-based approach to authorization decisions. |
org.springframework.security.acls |
The Spring Security ACL package which implements instance-based security for domain objects. |
org.springframework.security.acls.afterinvocation |
After-invocation providers for collection and array filtering. |
org.springframework.security.acls.domain |
Basic implementation of access control lists (ACLs) interfaces. |
org.springframework.security.acls.jdbc |
JDBC-based persistence of ACL information
|
org.springframework.security.acls.model |
Interfaces and shared classes to manage access control lists (ACLs) for domain object instances. |
org.springframework.security.authentication |
Core classes and interfaces related to user authentication, which are used throughout Spring Security. |
org.springframework.security.authentication.dao |
An AuthenticationProvider which relies upon a data access object. |
org.springframework.security.authentication.encoding |
Password encoding implementations. |
org.springframework.security.authentication.event |
Authentication success and failure events which can be published to the Spring application context. |
org.springframework.security.authentication.jaas |
An authentication provider for JAAS. |
org.springframework.security.authentication.jaas.event |
JAAS authentication events which can be published to the Spring application context by the JAAS authentication
provider. |
org.springframework.security.authentication.jaas.memory |
An in memory JAAS implementation. |
org.springframework.security.authentication.rcp |
Allows remote clients to authenticate and obtain a populated Authentication object. |
org.springframework.security.cas |
Spring Security support for Jasig's Central Authentication Service (CAS). |
org.springframework.security.cas.authentication |
An AuthenticationProvider that can process CAS service tickets and proxy tickets. |
org.springframework.security.cas.userdetails |
|
org.springframework.security.cas.web |
Authenticates standard web browser users via CAS. |
org.springframework.security.cas.web.authentication |
Authentication processing mechanisms which respond to the submission of authentication
credentials using CAS. |
org.springframework.security.config |
Support classes for the Spring Security namespace. |
org.springframework.security.config.authentication |
Parsing of <authentication-manager> and related elements. |
org.springframework.security.config.debug |
|
org.springframework.security.config.http |
Parsing of the <http> namespace element. |
org.springframework.security.config.ldap |
Security namespace support for LDAP authentication. |
org.springframework.security.config.method |
Support for parsing of the <global-method-security> and <intercept-methods> elements. |
org.springframework.security.core |
Core classes and interfaces related to user authentication and authorization, as well as the maintenance of
a security context. |
org.springframework.security.core.authority |
The default implementation of the GrantedAuthority interface. |
org.springframework.security.core.authority.mapping |
Strategies for mapping a list of attributes (such as roles or LDAP groups) to a list of
GrantedAuthority s. |
org.springframework.security.core.context |
Classes related to the establishment of a security context for the duration of a request (such as
an HTTP or RMI invocation). |
org.springframework.security.core.session |
Session abstraction which is provided by the org.springframework.security.core.session.SessionInformation
SessionInformation class. |
org.springframework.security.core.token |
A service for building secure random tokens. |
org.springframework.security.core.userdetails |
The standard interfaces for implementing user data DAOs. |
org.springframework.security.core.userdetails.cache |
Implementations of UserCache . |
org.springframework.security.core.userdetails.jdbc |
Exposes a JDBC-based authentication repository, implementing
org.springframework.security.core.userdetails.UserDetailsService UserDetailsService . |
org.springframework.security.core.userdetails.memory |
Exposes an in-memory authentication repository. |
org.springframework.security.crypto.bcrypt |
|
org.springframework.security.crypto.codec |
Internal codec classes. |
org.springframework.security.crypto.encrypt |
|
org.springframework.security.crypto.keygen |
|
org.springframework.security.crypto.password |
|
org.springframework.security.crypto.util |
|
org.springframework.security.ldap |
Spring Security's LDAP module. |
org.springframework.security.ldap.authentication |
The LDAP authentication provider package. |
org.springframework.security.ldap.authentication.ad |
|
org.springframework.security.ldap.ppolicy |
Implementation of password policy functionality based on the
Password Policy for LDAP Directories. |
org.springframework.security.ldap.search |
LdapUserSearch implementations. |
org.springframework.security.ldap.server |
Embedded Apache Directory Server implementation, as used by the configuration namespace. |
org.springframework.security.ldap.userdetails |
LDAP-focused UserDetails implementations which map from a ubset of the data
contained in some of the standard LDAP types (such as InetOrgPerson ). |
org.springframework.security.openid |
Authenticates standard web browser users via OpenID. |
org.springframework.security.provisioning |
Contains simple user and authority group account provisioning interfaces together with a a
JDBC-based implementation. |
org.springframework.security.remoting.dns |
DNS resolution. |
org.springframework.security.remoting.httpinvoker |
Enables use of Spring's HttpInvoker extension points to
present the principal and credentials located
in the ContextHolder via BASIC authentication. |
org.springframework.security.remoting.rmi |
Enables use of Spring's RMI remoting extension points to propagate the SecurityContextHolder (which
should contain an Authentication request token) from one JVM to the remote JVM. |
org.springframework.security.taglibs |
Security related tag libraries that can be used in JSPs and templates. |
org.springframework.security.taglibs.authz |
JSP Security tag library implementation. |
org.springframework.security.taglibs.velocity |
|
org.springframework.security.util |
General utility classes used throughout the Spring Security framework. |
org.springframework.security.web |
Spring Security's web security module. |
org.springframework.security.web.access |
Access-control related classes and packages. |
org.springframework.security.web.access.channel |
Classes that ensure web requests are received over required transport channels. |
org.springframework.security.web.access.expression |
Implementation of web security expressions. |
org.springframework.security.web.access.intercept |
Enforcement of security for HTTP requests, typically by the URL requested. |
org.springframework.security.web.authentication |
Authentication processing mechanisms, which respond to the submission of authentication
credentials using various protocols (eg BASIC, CAS, form login etc). |
org.springframework.security.web.authentication.logout |
Logout functionality based around a filter which handles a specific logout URL. |
org.springframework.security.web.authentication.preauth |
Support for "pre-authenticated" scenarios, where Spring Security assumes the incoming request has already been
authenticated by some externally configured system. |
org.springframework.security.web.authentication.preauth.j2ee |
Pre-authentication support for container-authenticated requests. |
org.springframework.security.web.authentication.preauth.websphere |
Websphere-specific pre-authentication classes. |
org.springframework.security.web.authentication.preauth.x509 |
X.509 client certificate authentication support. |
org.springframework.security.web.authentication.rememberme |
Support for remembering a user between different web sessions. |
org.springframework.security.web.authentication.session |
Strategy interface and implementations for handling session-related behaviour for a newly authenticated user. |
org.springframework.security.web.authentication.switchuser |
Provides HTTP-based "switch user" (su) capabilities. |
org.springframework.security.web.authentication.ui |
Authentication user-interface rendering code. |
org.springframework.security.web.authentication.www |
WWW-Authenticate based authentication mechanism implementations: Basic and Digest authentication. |
org.springframework.security.web.context |
Classes which are responsible for maintaining the security context between HTTP requests. |
org.springframework.security.web.firewall |
|
org.springframework.security.web.jaasapi |
Makes a JAAS Subject available as the current Subject. |
org.springframework.security.web.savedrequest |
Classes related to the caching of an HttpServletRequest which requires authentication. |
org.springframework.security.web.servletapi |
Populates a Servlet request with a new Spring Security compliant HttpServletRequestWrapper . |
org.springframework.security.web.session |
Session management filters, HttpSession events and publisher classes. |
org.springframework.security.web.util |
Web utility classes. |