|
||||||||||
| PREV NEXT | FRAMES NO FRAMES | |||||||||
Authentication.
AccessDecisionManager.AclManager.AuthByAdapter implementations.AbstractAdapterAuthentication should be
constructed.
AuthenticationManager.String representation of the Authentication token.BasicAclEntry.FilterInvocationDefinitionSource.MethodDefinitionSource.TicketValidators.AuthenticationProvider that allows subclasses to override and
work with UserDetails objects.Authentication object does not hold a required
authority.AccessDeniedException with the specified
message.
AccessDeniedException with the specified
message and root cause.
AccountExpiredException with the specified
message.
AccountExpiredException with the specified
message and root cause.
MessageSource used by Acegi Security.AcegiSecurityException with the specified
message and root cause.
AcegiSecurityException with the specified
message and no root cause.
AclEntry instances that apply to a particular
domain object instance.AclObjectIdentity information.AclProviders to locate the ACLs that
apply to a given domain object instance.Tag that allows its
body through if some authorizations are granted to the request's principal.ConfigAttribute that is related to the secure object
method.
User.
UserDetails for a given authentication request.
AccessDecisionManager that grants access if any
AccessDecisionVoter returns an affirmative response.AbstractSecurityInterceptor after
the secure object invocation has been complete
Object returned from a secure object invocation,
being able to modify the Object or throw an AccessDeniedException.AfterInvocationProviderManager decision.AfterInvocationManager.AuthenticationProvider implementation that validates AnonymousAuthenticationTokens.Authentication.Authentication object in the
SecurityContextHolder, and populates it with one if needed.AspectJSecurityInterceptor when it wishes for the
AspectJ processing to continue.Authentication
class.AuthenticationProvider implementation that can authenticate an
AuthByAdapter.authenticate method that calls the
abstract method doAuthenticatation to do its work.
Authentication object,
returning a fully populated Authentication object
(including granted authorities) if successful.
AuthenticationManager.authenticate(Authentication).
X509AuthoritiesPopulator to
obtain the user details and authorities for the user identified by the
certificate.
ConfigAttribute.getAttribute() of
IS_AUTHENTICATED_FULLY or
IS_AUTHENTICATED_REMEMBERED or
IS_AUTHENTICATED_ANONYMOUSLY is present.Authentication could not be obtained from the
SecurityContextHolder.Authentication object in the SecurityContext.AuthenticationCredentialsNotFoundException
with the specified message.
AuthenticationCredentialsNotFoundException
with the specified message and root cause.
SecurityEnforcementFilter to commence an authentication
scheme.Authentication
object being invalid for whatever reason.AuthenticationException with the specified
message and root cause.
AuthenticationException with the specified
message and no root cause.
AuthenticationProvider that can process the
request.AuthenticationManager.Authentication request.SecurityEnforcementFilter to commence
authentication via the AuthenticationProcessingFilter.Authentication implementation.AuthenticationServiceException with the
specified message.
AuthenticationServiceException with the
specified message and root cause.
SimpleHttpInvokerRequestExecutor.Tag implementation that allows
convenient access to the current Authentication object.Authentication tokensAuthenticationTrustResolver.AuthorizationServiceException with the
specified message.
AuthorizationServiceException with the
specified message and root cause.
Tag that allows it's
body through if some authorizations are granted to the request's principal.AuthenticationTag, AclTag, AuthorizeTagSecurityContextHolder does
not contain an Authentication and the Acegi Security
system wishes to provide an implementation with an opportunity to
authenticate the request using remember-me capabilities.
BadCredentialsException with the specified
message.
BadCredentialsException with the specified
message and root cause.
BasicAclEntrys
applying to a given ACL object identity.Collection of domain object instances returned from a
secure object invocation, remove any Collection elements the
principal does not have appropriate permission to access as defined by the
AclManager.AclManager.BasicAclEntry objects.EhCacheBasedAclEntryCache to store the array of
BasicAclEntrys in the cache.BasicAclEntryHolder.
AclManager.BasicAclEntrys.SecurityContextHolder.SecurityEnforcementFilter to commence
authentication via the BasicProcessingFilter.Authentication object for the current
secure object invocation, or null if replacement not
required.
CaptchaSecurityContext and using an abstract routine
CaptchaChannelProcessorTemplate.isContextValidConcerningHumanity(CaptchaSecurityContext)
(implemented by sub classes)CaptchaServiceProxy.AuthenticationProvider implementation that integrates with Yale
Central Authentication Service (CAS).Authentication.UserDetails associated with a CAS authenticated
user.SecurityEnforcementFilter to commence
authentication via the Yale Central Authentication Service (CAS).ProxyTicketValidator to validate a service ticket.BasicAclEntry
associated with the specified
AclObjectIdentity and recipient Object.
ChannelDecisionManager.ChannelProcessor to launch a web channel.Subject (phase two) by adding the Acegi
Security Authentication to the Subject's
principals.
ConcurrentSessionControllerImpl if
an attempt is made to login and the user has already exceeded
their maxmimum allowed sessions.AuthenticationManager to integrate with the
concurrent session handling infrastructure.ConcurrentSessionControllerImpl which
prohibits simultaneous logins.ConfigAttributes that are associated with a given
secure object target.ConfigAttributeDefinition from a comma separated list of values.AccessDecisionManager that uses a consensus-based
approach.ConfigAttribute is
contained within this ConfigAttributeDefinition.
WebApplicationContextUtils.getRequiredWebApplicationContext(javax.servlet.ServletContext)
RemoteInvocation that is passed from the client to
the server, which contains the contents of SecurityContextHolder,
being a SecurityContext object.SecurityContextHolder inside the object.
org.springframework.remoting.rmi.RmiProxyFactoryBean when it
wishes to create a remote invocation.AclObjectIdentity to a
String that can be located in the RDBMS.
MethodInvocation for specified
methodName on the passed object.
MethodInvocation for specified
methodName on the passed object, using the
args to locate the method.
MethodInvocation for specified
methodName on the passed class.
MethodInvocation for specified
methodName on the passed class, using the
args to locate the method.
Authentication object.
CredentialsExpiredException with the specified
message.
CredentialsExpiredException with the specified
message and root cause.
AuthenticationProvider implementation that retrieves user details
from an UserDetailsService.UserDetailsService.UserDetailsService.Object, make an access control decision or optionally
modify the returned Object.
FilterInvocation provides the
appropriate level of channel security based on the requested ConfigAttributeDefinition.
FilterInvocation provides the
appropriate level of channel security based on the requested ConfigAttributeDefinition.
AccessDecisionVoters and grants access if any
AccessDecisionVoter voted affirmatively.
AccessDecisionVoters and upon completion determines the consensus of
granted vs denied responses.
AccessDecisionVoters for each ConfigAttribute and grants
access if only grant votes were received.
AclObjectIdentity.
BasicAclEntry associated with the specified
AclObjectIdentity and recipient Object.
String created using BasePasswordEncoder.mergePasswordAndSalt(String,Object,boolean).
SecurityContextHolder.SecurityEnforcementFilter to commence
authentication via the DigestProcessingFilter.DisabledException with the specified message.
DisabledException with the specified message
and root cause.
Authentication object.
Authentication object.BasicAclEntrys using a Spring IoC defined EHCACHE.User objects using a Spring IoC defined EHCACHE.User objects using a Spring IoC defined EHCACHE.java.lang.Object documentation for the
interface contract.
Filter requests to a list of Spring-managed beans.FilterInvocationDefinitionSource.ObjectDefinitionSource implementations
that are designed to perform lookups keyed on FilterInvocations.FilterInvocationDefinitionSource.Filter requests to a Spring-managed bean.response portion of a Digest authentication
header.
AclObjectIdentity for this instance.
BasicAclEntry.
Authentication object
Authentication object.
AclObjectIdentity.
ConfigAttribute can be represented as a
String and that String is sufficient in
precision to be relied upon as a configuration parameter by a RunAsManager, AccessDecisionManager or
AccessDecisionManager delegate, this method should return
such a String.
ConfigAttributeDefinition that applies to a
given secure object.
Authentication request that caused the
event.
AuthenticationManager to indicate the authorities
that the principal has been granted.
GrantedAuthority can be represented as a
String and that String is sufficient in
precision to be relied upon for an access control decision by an AccessDecisionManager (or delegate), this method should return such a
String.
JaasAuthenticationProvider.setAuthorityGranters(AuthorityGranter[]) method, or null if it none
were ever set.
CasAuthenticationToken associated with the
specified ticket.
ConfigAttributeDefinitions defined
by the implementing class.
Iterator over all the
ConfigAttributes defined by this
ConfigAttributeDefinition.
SecurityContext associated with the current
thread of execution.
String
String
filterProcessesUrl for the
implementation.
/j_acegi_cas_security_check.
/j_acegi_security_check.
/j_acegi_security_check.
WebAuthenticationDetails.
BasicAclEntrys from the cache.
null.
Class that generated this event.
AuthByAdapter implementation.
Authentication object, such as a String
or UserDetails instance
BasicAclEntrys.
SecurityContextHolder.
User to obtain the salt.
ServletRequest was received on.
ConcurrentSessionController is returned or the
NullConcurrentSessionController if a specific one has not been
set.
HttpSession id the authentication request was
received from.
sessionId.
javax.net.ssl.trustStore.
UserDetails from the cache.
Authentication (which is a subclass of
Principal), or null if unavailable.
Authentication object.EffectiveAclsResolver.GrantedAuthority.java.lang.Object documentation for the
interface contract.
SecurityContext with the Authentication
obtained from the container's
HttpServletRequest.getUserPrincipal().SecurityContextHolder with information obtained
from the HttpSession.HttpSessionEventPublisher when a HttpSession is
destroyed by the containerHttpSessionEventPublisher when a HttpSession is
created in the container <listener>
<listener-class>org.acegisecurity.ui.session.HttpSessionEventPublisher</listener-class>
</listener>
Publishes HttpSessionApplicationEvents to the Spring
Root WebApplicationContext.LoginModule.
Resource interface.HttpServletRequest.isSecure() responses.InsufficientAuthenticationException with the
specified message.
InsufficientAuthenticationException with the
specified message and root cause.
AbstractSecurityInterceptor subclasses.MethodInvocation.
JoinPoint.
Authentication token
represents an anonymous user.
true.
AbstractSecurityInterceptor whether it
should present the authentication token to the
AuthenticationManager.
true, indicates that SecurityEnforcementFilter is permitted
to store the target URL and exception information in the HttpSession (the
default).
Authentication token
represents user that has been remembered (ie not a user that has been
fully authenticated).
renew parameter should be sent to the
CAS login URL and CAS validation URL.
GrantedAuthority#getAuthority().
JaasAuthenticationProvider.AuthenticationProvider implementation that retrieves user details
from a JAAS login configuration.JaasAuthenticationProvider after successfully logging the user into the
LoginContext, handling all callbacks, and calling all AuthorityGranters.JdbcDaoImpl, which implements BasicAclExtendedDao.LockedException with the specified message.
LockedException with the specified message and
root cause.
Subject (phase one) by extracting the
Acegi Security Authentication from the current
SecurityContext.
Subject.
ConfigAttributeDefinition for the specified
Method which is subject of the method invocation.
ConfigAttributeDefinition for the specified
FilterInvocation.
String.
ConfigAttributeDefinition for each method signature defined
by Commons Attributes.ConfigAttributeDefinition for each method signature defined
in a bean context.ObjectDefinitionSource implementations
that are designed to perform lookups keyed on Methods.MethodDefinitionSource, used to exclude a MethodSecurityInterceptor from public (ie non-secure) methods.MethodDefinitionSource.MethodInvocations usable
within Acegi Security.grantAccess is set to true.validProxies list.AclObjectIdentity.NamedEntityObjectIdentity based on the passed
object instance.
NonceExpiredException with the specified
message.
NonceExpiredException with the specified
message and root cause.
ConcurrentSessionController.NullRememberMeServices that does nothing.RunAsManager that does nothing.ConfigAttributeDefinition that applies to a given secure object
invocation.AclObjectIdentity of a passed
domain object instance.
PlaintextPasswordEncoder.encodePassword(String,
Object)String.
BasicAclProvider.HttpInvoker extension points to
present the principal and credentials located
in the ContextHolder via BASIC authentication.ContextHolder (which should contain an
Authentication request token)
from one JVM to the remote JVM.MethodInvocations, such as via
Spring AOP.JointPoints, delegating secure
object callbacks to the calling aspect.CasAuthenticationProvider.User objects for the DaoAuthenticationProvider.Authentication object.RememberMeAuthenticationTokens.HttpSession.HttpServletRequestWrapper.List of ConfigAttributeDefinitions
associated with different HTTP request URL Apache Ant path-based patterns.PortMapper implementations provide callers with information
about which HTTP ports are associated with which HTTPS ports on the system,
and vice versa.PortMapper that obtains HTTP:HTTPS pairs
from the application context.PortResolver determines the port a web request was received
on.PortResolver that obtains the port from
ServletRequest.getServerPort().Principal compatible Authentication
object.AbstractBasicAclEntry's mask.
Authentication request through a list of AuthenticationProviders.ProviderManager if no AuthenticationProvider
could be found that supports the presented Authentication object.ProviderNotFoundException with the specified
message.
ProviderNotFoundException with the specified
message and root cause.
ProxyUntrustedException with the specified
message.
ProxyUntrustedException with the specified
message and root cause.
JaasAuthenticationFailedEvent.
JaasAuthenticationSuccessEvent.
BasicAclEntrys in the cache.
CasAuthenticationToken to the cache.
UserDetails in the cache.
User object.sessionId so its last request time is
equal to the present date and time.
List of ConfigAttributeDefinitions
associated with different HTTP request URL regular expression patterns.AuthenticationManager when the authentication
was successful.
AuthenticationProvider implementation that validates RememberMeAuthenticationTokens.Authentication.Authentication object in the
SecurityContext, and populates it with a remember-me
authentication token if a RememberMeServices implementation so
requests.RemoteAuthenticationManager cannot validate the
presented authentication request.RemoteAuthenticationException with the
specified message and no root cause.
RemoteAuthenticationManager to
validate an authentication request.sessionId.
StatelessTicketCache.removeTicketFromCache(String).
Authentication object.
UserDetails from
an implementation-specific location, with the option of throwing an
AuthenticationException immediately if the presented
credentials are incorrect (this is especially useful if it is necessary
to bind to a resource as the user in order to obtain or generate a
UserDetails).
ConfigAttribute.getAttribute() starts with a prefix
indicating that it is a role.AuthenticationProvider implementation that can authenticate a
RunAsUserToken.Authentication object for the current secure
object invocation only.RunAsManager.Authentication implementation
that supports RunAsManagerImpl.HttpServletRequest.isSecure() responses.ConfigAttribute as a String.SecurityContext with the current execution
thread and any new threads the current execution thread may spawn.Filter which populates the ServletRequest with
an SecurityContextHolderAwareRequestWrapper.HttpServletRequestWrapper, which uses
the SecurityContext-defined Authentication object
for SecurityContextHolderAwareRequestWrapper.isUserInRole(java.lang.String)
and HttpServletRequestWrapper.getRemoteUser()
responses.SecurityContext.LoginModule that uses an Acegi Security
SecurityContext
to provide authentication.FilterSecurityInterceptor.SessionRegistry implementation if
an attempt is made to create new session information for an existing
sessionId.HttpSessionCreatedEvent to the application context.
HttpSessionDestroyedEvent to the application context.
SessionInformation instances.SessionRegistry which also listens for
HttpSessionDestroyedEvents
published in the Spring application context.AbstractSecurityInterceptor
should ignore the Authentication.isAuthenticated()
property.
Authentication.isAuthenticated() for a full description.
CaptchaProcessingFilter login page can be
found.
SecurityContext with the current thread of
execution.
AclObjectIdentity class that an
attempt should be made to construct if the passed object does not
implement AclObjectIdentityAware.
DaoAuthenticationProvider throws a
BadCredentialsException if a username is not found or
the password is incorrect.
CaptchaEntryPoint.getOriginalRequestUrlParameterName().
AuthenticationProcessingFilter login page
can be found.
CaptchaEntryPoint.commence(ServletRequest, ServletResponse)
method uses the CaptchaEntryPoint.getCaptchaFormUrl() as a complete URL, else it
as a 'inside WebApp' path.
AclProvider objects to be used for ACL determinations.
AuthenticationProvider objects to be used for
authentication.
true), essentially you are ensuring that every secure
object invocation advised by
AbstractSecurityInterceptor has a configuration
attribute defined.
null, the BasicAclProvider.supports(Object) method will only support the indicates class.
ROLE_ to be overriden.
ROLE_ to be overriden.
ConcurrentSessionController to be used for limiting
user's sessions.
true (the default), indicates the #getUsersByUsernameMapping() returns a username in response to a
query.
UserMap to reflect the
Properties instance passed.
BasicAclDao implementations to construct this object
using newInstance().
MethodInvocation.ConfigAttributes defined by this
ConfigAttributeDefinition.
String at the first instance of the delimiter.
Strings, and for each element removes any
instances of removeCharacter, and splits the element based
on the delimiter.
String manipulation methods.Authentication instance returned by the
authentication manager into the secure context.
AccessDecisionManager is able to
process authorization requests presented with the passed
ConfigAttribute.
AccessDecisionManager implementation
is able to provide access control decisions for the indicated secured
object type.
AclProvider can authoritatively
return ACL information for the specified domain object instance.
AfterInvocationProvider is able to
participate in a decision involving the passed
ConfigAttribute.
AfterInvocationProvider is able to
provide "after invocation" processing for the indicated secured object
type.
AfterInvocationProviders and ensures
each can support the presented class.
AfterInvocationManager is able to
process "after invocation" requests presented with the passed
ConfigAttribute.
AfterInvocationManager implementation
is able to provide access control decisions for the indicated secured
object type.
ObjectDefinitionSource implementation
is able to provide ConfigAttributeDefinitions for the
indicated secure object type.
true if this AuthenticationProvider
supports the indicated Authentication object.
RunAsManager is able to process the
passed ConfigAttribute.
RunAsManager implementation is able
to provide run-as replacement for the indicated secure object type.
ChannelDecisionManager is able to
process the passed ConfigAttribute.
ChannelProcessor is able to process
the passed ConfigAttribute.
AccessDecisionVoters and ensures each
can support the presented class.
MethodSecurityInterceptor, because it queries the
presented MethodInvocation.
AccessDecisionVoter is able to vote
on the passed ConfigAttribute.
AccessDecisionVoter implementation is
able to provide access control votes for the indicated secured object
type.
GrantedAuthority used by SwitchUserProcessingFilterString as the salt.AuthenticationProvider implementation for the TestingAuthenticationToken.Authentication implementation that is
designed for use whilst unit testing.AccessDecisionManager that requires all voters to
abstain or grant access.UserDetailsService.User with the details required by DaoAuthenticationProvider.
InMemoryDaoImpl to temporarily store the attributes
associated with a user.UserAttribute from a comma separated
list of values.User objects.DaoAuthenticationProvider.InMemoryDaoImpl to store a list of users and their
corresponding granted authorities.UserMap.UserDetailsService implementation cannot locate a User by its username.UsernameNotFoundException with the specified
message.
UsernameNotFoundException with the specified
message and root cause.
Authentication implementation that is
designed for simple presentation of a username and password.UsernamePasswordAuthenticationToken, as the UsernamePasswordAuthenticationToken.isAuthenticated() will return false.
AuthenticationManager or
AuthenticationProvider implementations that are satisfied
with producing a trusted (ie UsernamePasswordAuthenticationToken.isAuthenticated() =
true) authentication token.
Authentication implementation for X.509 client-certificate authentication.UserDetails associated with the X.509
certificate presented by a client.UserDetails objects for the
X509AuthenticationProvider.
|
||||||||||
| PREV NEXT | FRAMES NO FRAMES | |||||||||