All Classes and Interfaces
Class
Description
An access control interceptor verifies that the access to a resource is authorized.
Base implemenation for authentication error interceptors.
An HTTP authentication error interceptor that implements RFC 7617 The 'Basic' HTTP Authentication Scheme.
A credentials extractor that extracts
basic login credentials as defined by RFC 7617 Section 2.
A credentials extractor that extracts a token credentials from a bearer in the
authorization HTTP header as defined by RFC
6750 Section 2.1.
A credentials extractor that extracts a token credentials stored in an HTTP cookie.
A login success handler that sets a token cookie in the response using the token value specified in the token authentication resulting from the login authentication.
A logout success handler that removes the token cookie.
A security interceptor that implements Cross-origin resource sharing (CORS) as defined by HTTP CORS protocol.
A CORS interceptor builder.
Represents an origin composed of a scheme, a host and a port.
A credentials extractor is used to extract credentials from an exchange, typically the request.
A security interceptor that protects against Cross-site request forgery attack using the double submit cookie technique.
A CSRF double submit cookie interceptor builder.
An HTTP authentication error interceptor that implements RFC 7616 HTTP Digest Access Authentication.
HTTP Digest specific credentials as defined by RFC 7616 Section 3.4.
A credentials extractor that extracts
digest credentials as defined by RFC 7616 Section 3.4.
A credentials matcher used to verify digest credentials as defined by RFC 7616.
A password that uses HTTP Digest function to encode password as defined by RFC 7616 Section 3.4.2.
Thrown by a
DigestCredentialsMatcher to indicate that the provided nonce has expired.
An authentication error interceptor that redirects (302) the client to a login page.
A credentials extractor that extracts login credentials provided by a user in a form (
application/x-www-form-urlencoded) submitted in an HTTP POST request.
An exhange handler that serves a whitelabel login HTML page.
An authentication error interceptor that implements RFC 7235 HTTP authentication.
An intercepting security exchange context used by security interceptors to populate the security context.
An exchange handler that authenticates login credentials and delegates further processing to success and failure handlers.
Handles failed authentication in a
LoginActionHandler.
Handles successful authentication in a
LoginActionHandler.
An exchange handler that logs out a logged in entity and delegates further processing to a success handler.
Handles successful logout in a
LogoutActionHandler.
Thrown by a
CredentialsExtractor to indicate that malformed credentials have been sent.
A login failure handler implementation that redirects the client (302) after a failed login authentication.
A login success handler implementation that redirects the client (302) after a successful login authentication.
A logout success handler implementation that redirects the client (302) after a successful logout.
The security exchange context which exposes
Authentication, Identity and AccessController in the exchange context.
The security interceptor extracts the credentials send by a requester, authenticates them and creates the security context in the exchange.