Index
All Classes and Interfaces|All Packages|Constant Field Values|Serialized Form
A
- AccessControlInterceptor<A,
B, - Class in io.inverno.mod.security.httpC, D> -
An access control interceptor verifies that the access to a resource is authorized.
- ALGORITHM_MD5 - Static variable in class io.inverno.mod.security.http.digest.DigestAuthenticationErrorInterceptor
-
MD5 algorithm (default).
- ALGORITHM_SHA_256 - Static variable in class io.inverno.mod.security.http.digest.DigestAuthenticationErrorInterceptor
-
SHA-256 algorithm.
- ALGORITHM_SHA_512_256 - Static variable in class io.inverno.mod.security.http.digest.DigestAuthenticationErrorInterceptor
-
SHA-512-256 algorithm.
- allowCredentials - Variable in class io.inverno.mod.security.http.cors.CORSInterceptor
-
Flag indicating whether credentials must be allowed.
- allowCredentials - Variable in class io.inverno.mod.security.http.cors.CORSInterceptor.Builder
-
The allow credentials flag.
- allowCredentials(boolean) - Method in class io.inverno.mod.security.http.cors.CORSInterceptor.Builder
-
Sepcifies the allow credentials flag.
- allowedHeaders - Variable in class io.inverno.mod.security.http.cors.CORSInterceptor
-
The allowed headers.
- allowedHeaders - Variable in class io.inverno.mod.security.http.cors.CORSInterceptor.Builder
-
The set of allowed headers.
- allowedMethods - Variable in class io.inverno.mod.security.http.cors.CORSInterceptor
-
The allowed methods.
- allowedMethods - Variable in class io.inverno.mod.security.http.cors.CORSInterceptor.Builder
-
The set of allowed methods.
- allowedOrigins - Variable in class io.inverno.mod.security.http.cors.CORSInterceptor
-
The set of allowed origins.
- allowedOrigins - Variable in class io.inverno.mod.security.http.cors.CORSInterceptor.Builder
-
The set of allowed origins.
- allowedOriginsPattern - Variable in class io.inverno.mod.security.http.cors.CORSInterceptor
-
The set of allowed origins patterns.
- allowedOriginsPattern - Variable in class io.inverno.mod.security.http.cors.CORSInterceptor.Builder
-
The set of allowed origins patterns.
- allowHeader(String) - Method in class io.inverno.mod.security.http.cors.CORSInterceptor.Builder
-
Specifies an allowed header.
- allowMethod(Method) - Method in class io.inverno.mod.security.http.cors.CORSInterceptor.Builder
-
Specifies an allowed method.
- allowOrigin(String) - Method in class io.inverno.mod.security.http.cors.CORSInterceptor.Builder
-
Specifies an allowed origin.
- allowOriginPattern(String) - Method in class io.inverno.mod.security.http.cors.CORSInterceptor.Builder
-
Specifies an allowed origin pattern.
- allowPrivateNetwork - Variable in class io.inverno.mod.security.http.cors.CORSInterceptor
-
Flag indicating whether private netword must be allowed.
- allowPrivateNetwork - Variable in class io.inverno.mod.security.http.cors.CORSInterceptor.Builder
-
The allow private network flag.
- allowPrivateNetwork(boolean) - Method in class io.inverno.mod.security.http.cors.CORSInterceptor.Builder
-
Specifies the allow private network flag.
- andThen(LoginFailureHandler<? super A, ? super B>) - Method in interface io.inverno.mod.security.http.login.LoginFailureHandler
-
Invokes this login failure handler and then invokes the specified login failure handler.
- andThen(LoginSuccessHandler<? super A, ? super B, ? super C>) - Method in interface io.inverno.mod.security.http.login.LoginSuccessHandler
-
Invokes this login success handler and then invokes the specified login success handler.
- andThen(LogoutSuccessHandler<? super A, ? super B, ? super C, ? super D, ? super E>) - Method in interface io.inverno.mod.security.http.login.LogoutSuccessHandler
-
Invokes this logout success handler and then invokes the specified logout success handler.
- anonymous() - Static method in class io.inverno.mod.security.http.AccessControlInterceptor
-
Returns an access control interceptor that verifies the requester is anonymous (i.e. not authenticated).
- authenticated() - Static method in class io.inverno.mod.security.http.AccessControlInterceptor
-
Returns an access control interceptor that verifies the requester is authenticated.
- AuthenticationErrorInterceptor<A,
B> - Class in io.inverno.mod.security.http -
Base implemenation for authentication error interceptors.
- AuthenticationErrorInterceptor() - Constructor for class io.inverno.mod.security.http.AuthenticationErrorInterceptor
-
Creates a non-terminating authentication error interceptor.
- AuthenticationErrorInterceptor(boolean) - Constructor for class io.inverno.mod.security.http.AuthenticationErrorInterceptor
-
Creates an authentication error interceptor.
B
- BasicAuthenticationErrorInterceptor<A,
B> - Class in io.inverno.mod.security.http.basic -
An HTTP authentication error interceptor that implements RFC 7617 The 'Basic' HTTP Authentication Scheme.
- BasicAuthenticationErrorInterceptor(String) - Constructor for class io.inverno.mod.security.http.basic.BasicAuthenticationErrorInterceptor
-
Creates a basic authentication error interceptor.
- BasicCredentialsExtractor - Class in io.inverno.mod.security.http.basic
-
A credentials extractor that extracts
basiclogin credentials as defined by RFC 7617 Section 2. - BasicCredentialsExtractor() - Constructor for class io.inverno.mod.security.http.basic.BasicCredentialsExtractor
- BearerTokenCredentialsExtractor - Class in io.inverno.mod.security.http.token
-
A credentials extractor that extracts a token credentials from a bearer in the
authorizationHTTP header as defined by RFC 6750 Section 2.1. - BearerTokenCredentialsExtractor() - Constructor for class io.inverno.mod.security.http.token.BearerTokenCredentialsExtractor
- build() - Method in class io.inverno.mod.security.http.cors.CORSInterceptor.Builder
-
Builds and returns a CORS interceptor.
- build() - Method in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor.Builder
-
Builds a CSRF double submit cookie interceptor.
- builder() - Static method in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor
-
Creates a CSRF double submit cookie interceptor builder.
- builder(String...) - Static method in class io.inverno.mod.security.http.cors.CORSInterceptor
-
Returns a CORS interceptor builder for the specified allowed origins.
- Builder() - Constructor for class io.inverno.mod.security.http.cors.CORSInterceptor.Builder
-
Creates a CORS interceptor builder.
- Builder() - Constructor for class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor.Builder
-
Creates a CSRF double submit cookie interceptor builder.
- bytebuf() - Static method in class io.inverno.mod.security.http.form.LoginView
- bytebuf(Supplier<ByteBuf>) - Static method in class io.inverno.mod.security.http.form.LoginView
C
- checkOrigin(CORSInterceptor.Origin) - Method in class io.inverno.mod.security.http.cors.CORSInterceptor
-
Determines whether the origin is a valid origin.
- compose(LoginFailureHandler<? super A, ? super B>) - Method in interface io.inverno.mod.security.http.login.LoginFailureHandler
-
Invokes the specified login failure handler and then invokes this login failure handler.
- compose(LoginSuccessHandler<? super A, ? super B, ? super C>) - Method in interface io.inverno.mod.security.http.login.LoginSuccessHandler
-
Invokes the specified login success handler and then invokes this login success handler.
- compose(LogoutSuccessHandler<? super A, ? super B, ? super C, ? super D, ? super E>) - Method in interface io.inverno.mod.security.http.login.LogoutSuccessHandler
-
Invokes the specified logout success handler and then invokes this logout success handler.
- cookieName - Variable in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor.Builder
-
The cookie name.
- cookieName - Variable in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor
-
The cookie name.
- cookieName(String) - Method in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor.Builder
-
Specifies the name of the CSRF token cookie.
- CookieTokenCredentialsExtractor - Class in io.inverno.mod.security.http.token
-
A credentials extractor that extracts a token credentials stored in an HTTP cookie.
- CookieTokenCredentialsExtractor() - Constructor for class io.inverno.mod.security.http.token.CookieTokenCredentialsExtractor
-
Creates a cookie token credentials extractor with the default token cookie name.
- CookieTokenCredentialsExtractor(String) - Constructor for class io.inverno.mod.security.http.token.CookieTokenCredentialsExtractor
-
Creates a cookie token credentials extractor with the specified token cookie name.
- CookieTokenLoginSuccessHandler<A,
B, - Class in io.inverno.mod.security.http.tokenC> -
A login success handler that sets a token cookie in the response using the token value specified in the token authentication resulting from the login authentication.
- CookieTokenLoginSuccessHandler() - Constructor for class io.inverno.mod.security.http.token.CookieTokenLoginSuccessHandler
-
Creates a cookie token login success handler with default path and token cookie name.
- CookieTokenLoginSuccessHandler(String) - Constructor for class io.inverno.mod.security.http.token.CookieTokenLoginSuccessHandler
-
Creates a cookie token login success handler with the specified path and the default token cookie name.
- CookieTokenLoginSuccessHandler(String, String) - Constructor for class io.inverno.mod.security.http.token.CookieTokenLoginSuccessHandler
-
Creates a cookie token login success handler with specified path and token cookie name.
- CookieTokenLogoutSuccessHandler<A,
B, - Class in io.inverno.mod.security.http.tokenC, D, E> -
A logout success handler that removes the token cookie.
- CookieTokenLogoutSuccessHandler() - Constructor for class io.inverno.mod.security.http.token.CookieTokenLogoutSuccessHandler
-
Creates a cookie token logout success handler with default path and token cookie name.
- CookieTokenLogoutSuccessHandler(String) - Constructor for class io.inverno.mod.security.http.token.CookieTokenLogoutSuccessHandler
-
Creates a cookie token logout success handler with the specified path and the default token cookie name.
- CookieTokenLogoutSuccessHandler(String, String) - Constructor for class io.inverno.mod.security.http.token.CookieTokenLogoutSuccessHandler
-
Creates a cookie token logout success handler with specified path and token cookie name.
- CORSInterceptor<A,
B> - Class in io.inverno.mod.security.http.cors -
A security interceptor that implements Cross-origin resource sharing (CORS) as defined by HTTP CORS protocol.
- CORSInterceptor(Set<CORSInterceptor.Origin>, Set<Pattern>, boolean, Set<String>, Set<Method>, Set<String>, Integer, boolean) - Constructor for class io.inverno.mod.security.http.cors.CORSInterceptor
-
Creates a CORS interceptor.
- CORSInterceptor.Builder - Class in io.inverno.mod.security.http.cors
-
A CORS interceptor builder.
- CORSInterceptor.Origin - Class in io.inverno.mod.security.http.cors
-
Represents an origin composed of a scheme, a host and a port.
- createChallenge(SecurityException) - Method in class io.inverno.mod.security.http.basic.BasicAuthenticationErrorInterceptor
- createChallenge(SecurityException) - Method in class io.inverno.mod.security.http.digest.DigestAuthenticationErrorInterceptor
- createChallenge(SecurityException) - Method in class io.inverno.mod.security.http.HttpAuthenticationErrorInterceptor
-
Creates the challenge to send to the requester.
- CredentialsExtractor<A> - Interface in io.inverno.mod.security.http
-
A credentials extractor is used to extract credentials from an exchange, typically the request.
- CSRFDoubleSubmitCookieInterceptor<A,
B> - Class in io.inverno.mod.security.http.csrf -
A security interceptor that protects against Cross-site request forgery attack using the double submit cookie technique.
- CSRFDoubleSubmitCookieInterceptor(String, String, String, Integer, String, String, Boolean, Boolean) - Constructor for class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor
-
Creates a CSRF double submit cookie interceptor.
- CSRFDoubleSubmitCookieInterceptor.Builder - Class in io.inverno.mod.security.http.csrf
-
A CSRF double submit cookie interceptor builder.
D
- DEFAULT_COOKIE_NAME - Static variable in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor
-
The default cookie name:
XSRF-TOKEN. - DEFAULT_COOKIE_NAME - Static variable in class io.inverno.mod.security.http.token.CookieTokenCredentialsExtractor
-
The default token cookie name:
AUTH-TOKEN. - DEFAULT_HEADER_NAME - Static variable in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor
-
The default header name:
X-CSRF-TOKEN. - DEFAULT_LOGIN_ACTION_URI - Static variable in class io.inverno.mod.security.http.form.FormLoginPageHandler
-
The default login action URI:
/login. - DEFAULT_LOGIN_FAILURE_URI - Static variable in class io.inverno.mod.security.http.form.RedirectLoginFailureHandler
-
The default login failure URI:
/login. - DEFAULT_LOGIN_PAGE_URI - Static variable in class io.inverno.mod.security.http.form.FormAuthenticationErrorInterceptor
-
The default login page URI:
/login. - DEFAULT_LOGIN_SUCCESS_URI - Static variable in class io.inverno.mod.security.http.form.RedirectLoginSuccessHandler
-
The default login success URI:
/. - DEFAULT_LOGOUT_SUCCESS_URI - Static variable in class io.inverno.mod.security.http.form.RedirectLogoutSuccessHandler
-
The default logout success URI:
/. - DEFAULT_NONCE_VALIDITY_SECONDS - Static variable in class io.inverno.mod.security.http.digest.DigestAuthenticationErrorInterceptor
-
The default nonce validity period in seconds.
- DEFAULT_PARAMETER_NAME - Static variable in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor
-
The default parameter name:
_csrf_token. - DEFAULT_PARAMETER_PASSWORD - Static variable in class io.inverno.mod.security.http.form.FormCredentialsExtractor
-
The default password parameter name.
- DEFAULT_PARAMETER_USERNAME - Static variable in class io.inverno.mod.security.http.form.FormCredentialsExtractor
-
The default username parameter name.
- DEFAULT_PATH - Static variable in class io.inverno.mod.security.http.token.CookieTokenLoginSuccessHandler
-
The default token cookie path:
/. - defer(D) - Method in class io.inverno.mod.security.http.login.LoginActionHandler
- defer(E) - Method in class io.inverno.mod.security.http.login.LogoutActionHandler
- DigestAuthenticationErrorInterceptor<A,
B> - Class in io.inverno.mod.security.http.digest -
An HTTP authentication error interceptor that implements RFC 7616 HTTP Digest Access Authentication.
- DigestAuthenticationErrorInterceptor(String, String) - Constructor for class io.inverno.mod.security.http.digest.DigestAuthenticationErrorInterceptor
-
Creates a digest authentication error interceptor with the specified realm and secret.
- DigestAuthenticationErrorInterceptor(String, String, String) - Constructor for class io.inverno.mod.security.http.digest.DigestAuthenticationErrorInterceptor
-
Creates a digest authentication error interceptor with the specified realm, secret and algorithm.
- DigestCredentials - Class in io.inverno.mod.security.http.digest
-
HTTP Digest specific credentials as defined by RFC 7616 Section 3.4.
- DigestCredentials(String, String, String, String, boolean, String, String, String, String, String, String) - Constructor for class io.inverno.mod.security.http.digest.DigestCredentials
-
Creates digest credentials.
- DigestCredentialsExtractor - Class in io.inverno.mod.security.http.digest
-
A credentials extractor that extracts
digestcredentials as defined by RFC 7616 Section 3.4. - DigestCredentialsExtractor() - Constructor for class io.inverno.mod.security.http.digest.DigestCredentialsExtractor
- DigestCredentialsMatcher<A> - Class in io.inverno.mod.security.http.digest
-
A credentials matcher used to verify digest credentials as defined by RFC 7616.
- DigestCredentialsMatcher(String) - Constructor for class io.inverno.mod.security.http.digest.DigestCredentialsMatcher
-
Creates a digest credentials matcher with the specified secret.
- DigestPassword - Class in io.inverno.mod.security.http.digest
-
A password that uses HTTP Digest function to encode password as defined by RFC 7616 Section 3.4.2.
- DigestPassword(String, DigestPassword.Encoder) - Constructor for class io.inverno.mod.security.http.digest.DigestPassword
-
Creates a Digest password with the specified value and encoder.
- DigestPassword.Encoder - Class in io.inverno.mod.security.http.digest
-
An HTTP Digest password encoder implementation as defined by RFC 7616 Section 3.4.2.
- domain - Variable in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor.Builder
-
The CSRF token cookie domain parameter.
- domain - Variable in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor
-
The domain of the CSRF token cookie.
- domain(String) - Method in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor.Builder
-
Specifies the domain of the CSRF token cookie.
E
- encode(String) - Method in class io.inverno.mod.security.http.digest.DigestPassword.Encoder
- Encoder(String, String, String) - Constructor for class io.inverno.mod.security.http.digest.DigestPassword.Encoder
-
Creates a digest password encoder with the specified algorithm, username and realm.
- equals(Object) - Method in class io.inverno.mod.security.http.cors.CORSInterceptor.Origin
- ExpiredNonceException - Exception Class in io.inverno.mod.security.http.digest
-
Thrown by a
DigestCredentialsMatcherto indicate that the provided nonce has expired. - ExpiredNonceException() - Constructor for exception class io.inverno.mod.security.http.digest.ExpiredNonceException
-
Creates an expired nonce exception.
- ExpiredNonceException(String) - Constructor for exception class io.inverno.mod.security.http.digest.ExpiredNonceException
-
Creates an expired nonce exception with the specified message.
- ExpiredNonceException(String, Throwable) - Constructor for exception class io.inverno.mod.security.http.digest.ExpiredNonceException
-
Creates an expired nonce exception with the specified message and cause.
- ExpiredNonceException(String, Throwable, boolean, boolean) - Constructor for exception class io.inverno.mod.security.http.digest.ExpiredNonceException
-
Creates an expired nonce exception with the specified message, cause, suppression enabled or disabled and writable stack trace enabled or disabled.
- ExpiredNonceException(Throwable) - Constructor for exception class io.inverno.mod.security.http.digest.ExpiredNonceException
-
Creates an expired nonce exception with the specified cause.
- exposedHeaders - Variable in class io.inverno.mod.security.http.cors.CORSInterceptor.Builder
-
The set of exposed headers.
- exposedHeaders - Variable in class io.inverno.mod.security.http.cors.CORSInterceptor
-
The exposed headers.
- exposeHeader(String) - Method in class io.inverno.mod.security.http.cors.CORSInterceptor.Builder
-
Specifies a header to expose.
- extract(Exchange<?>) - Method in class io.inverno.mod.security.http.basic.BasicCredentialsExtractor
- extract(Exchange<?>) - Method in interface io.inverno.mod.security.http.CredentialsExtractor
-
Extracts credentials from the specified exchange.
- extract(Exchange<?>) - Method in class io.inverno.mod.security.http.digest.DigestCredentialsExtractor
- extract(Exchange<?>) - Method in class io.inverno.mod.security.http.form.FormCredentialsExtractor
- extract(Exchange<?>) - Method in class io.inverno.mod.security.http.token.BearerTokenCredentialsExtractor
- extract(Exchange<?>) - Method in class io.inverno.mod.security.http.token.CookieTokenCredentialsExtractor
F
- FormAuthenticationErrorInterceptor<A,
B> - Class in io.inverno.mod.security.http.form -
An authentication error interceptor that redirects (302) the client to a login page.
- FormAuthenticationErrorInterceptor() - Constructor for class io.inverno.mod.security.http.form.FormAuthenticationErrorInterceptor
-
Creates a form authentication error interceptor that redirects the client to the default login page URI.
- FormAuthenticationErrorInterceptor(String) - Constructor for class io.inverno.mod.security.http.form.FormAuthenticationErrorInterceptor
-
Creates a form authentication error interceptor that redirects the client to the specified login page URI.
- FormCredentialsExtractor - Class in io.inverno.mod.security.http.form
-
A credentials extractor that extracts login credentials provided by a user in a form (
application/x-www-form-urlencoded) submitted in an HTTPPOSTrequest. - FormCredentialsExtractor() - Constructor for class io.inverno.mod.security.http.form.FormCredentialsExtractor
-
Creates a form credentials extractor with default username and password parameter names.
- FormCredentialsExtractor(String, String) - Constructor for class io.inverno.mod.security.http.form.FormCredentialsExtractor
-
Creates a form credentials extractor with specified username and password parameter names.
- FormLoginPageHandler<A,
B> - Class in io.inverno.mod.security.http.form -
An exhange handler that serves a whitelabel login HTML page.
- FormLoginPageHandler() - Constructor for class io.inverno.mod.security.http.form.FormLoginPageHandler
-
Creates a form login page handler targeting the default login action URI.
- FormLoginPageHandler(String) - Constructor for class io.inverno.mod.security.http.form.FormLoginPageHandler
-
Creates a form login page handler targeting the specified login action URI.
G
- generateToken() - Method in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor
-
Generates the CSRF token.
- getAccessController() - Method in interface io.inverno.mod.security.http.context.InterceptingSecurityContext
- getAlgorithm() - Method in class io.inverno.mod.security.http.digest.DigestAuthenticationErrorInterceptor
-
Returns the algorithm.
- getAlgorithm() - Method in class io.inverno.mod.security.http.digest.DigestPassword.Encoder
-
Returns the algorithm.
- getAuthentication() - Method in interface io.inverno.mod.security.http.context.InterceptingSecurityContext
- getAuthenticationReleaser() - Method in class io.inverno.mod.security.http.login.LogoutActionHandler
-
Returns the authentication releaser.
- getAuthenticator() - Method in class io.inverno.mod.security.http.login.LoginActionHandler
-
Returns the authenticator.
- getCnonce() - Method in class io.inverno.mod.security.http.digest.DigestCredentials
-
Returns the client nonce.
- getCookieName() - Method in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor
-
Returns the CSRF token cookie name.
- getCredentialsExtractor() - Method in class io.inverno.mod.security.http.login.LoginActionHandler
-
Returns the credentials extractor.
- getDefaultPort(String) - Static method in class io.inverno.mod.security.http.cors.CORSInterceptor.Origin
-
Returns the default port from the specified scheme.
- getDigest() - Method in class io.inverno.mod.security.http.digest.DigestCredentials
-
Returns the message digest.
- getHeaderName() - Method in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor
-
Returns the CSRF token header name.
- getIdentity() - Method in interface io.inverno.mod.security.http.context.InterceptingSecurityContext
- getLoginActionUri() - Method in class io.inverno.mod.security.http.form.FormLoginPageHandler
-
Returns the login action URI targeted by the login form.
- getLoginFailureHandler() - Method in class io.inverno.mod.security.http.login.LoginActionHandler
-
Returns the login failure handler.
- getLoginFailureUri() - Method in class io.inverno.mod.security.http.form.RedirectLoginFailureHandler
-
Returns the URI where the client is redirected after a failed login authentication.
- getLoginSuccessHandler() - Method in class io.inverno.mod.security.http.login.LoginActionHandler
-
Returns the login success handler.
- getLoginSuccessUri() - Method in class io.inverno.mod.security.http.form.RedirectLoginSuccessHandler
-
Returns the URI where the client is redirected after a successful login authentication.
- getLoginUri() - Method in class io.inverno.mod.security.http.form.FormAuthenticationErrorInterceptor
-
Returns the login page URI.
- getLogoutSuccessHandler() - Method in class io.inverno.mod.security.http.login.LogoutActionHandler
-
Returns the logout success handler.
- getLogoutSuccessUri() - Method in class io.inverno.mod.security.http.form.RedirectLogoutSuccessHandler
-
Returns the URI where the client is redirected after a successful logout.
- getMethod() - Method in class io.inverno.mod.security.http.digest.DigestCredentials
-
Returns the HTTP method.
- getNc() - Method in class io.inverno.mod.security.http.digest.DigestCredentials
-
Returns the nonce count.
- getNonce() - Method in class io.inverno.mod.security.http.digest.DigestCredentials
-
Returns the server nonce.
- getNonceExpire() - Method in class io.inverno.mod.security.http.digest.DigestCredentials
-
Returns the server nonce expire timestamp.
- getNonceHash() - Method in class io.inverno.mod.security.http.digest.DigestCredentials
-
Returns the server nonce hash.
- getNonceValiditySeconds() - Method in class io.inverno.mod.security.http.digest.DigestAuthenticationErrorInterceptor
-
Returns the nonce validity period in seconds.
- getParameterName() - Method in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor
-
Returns the CSRF token parameter name.
- getPasswordParameter() - Method in class io.inverno.mod.security.http.form.FormCredentialsExtractor
-
Returns the password parameter name.
- getPath() - Method in class io.inverno.mod.security.http.token.CookieTokenLoginSuccessHandler
-
Returns the token cookie path.
- getPath() - Method in class io.inverno.mod.security.http.token.CookieTokenLogoutSuccessHandler
-
Returns the token cookie path.
- getQop() - Method in class io.inverno.mod.security.http.digest.DigestCredentials
-
Returns the quality of protection.
- getRealm() - Method in class io.inverno.mod.security.http.basic.BasicAuthenticationErrorInterceptor
-
Returns the realm.
- getRealm() - Method in class io.inverno.mod.security.http.digest.DigestAuthenticationErrorInterceptor
-
Returns the realm.
- getRealm() - Method in class io.inverno.mod.security.http.digest.DigestCredentials
-
Returns the realm.
- getRealm() - Method in class io.inverno.mod.security.http.digest.DigestPassword.Encoder
-
Returns the realm.
- getResponse() - Method in class io.inverno.mod.security.http.digest.DigestCredentials
-
Returns the digest response
- getSecurityContext() - Method in interface io.inverno.mod.security.http.context.InterceptingSecurityContext
-
Returns the underlying security context.
- getTokenCookie() - Method in class io.inverno.mod.security.http.token.CookieTokenCredentialsExtractor
-
Returns the token credentials cookie name.
- getTokenCookie() - Method in class io.inverno.mod.security.http.token.CookieTokenLoginSuccessHandler
-
Returns the token cookie name.
- getTokenCookie() - Method in class io.inverno.mod.security.http.token.CookieTokenLogoutSuccessHandler
-
Returns the token cookie name.
- getUri() - Method in class io.inverno.mod.security.http.digest.DigestCredentials
-
Returns the URI.
- getUsername() - Method in class io.inverno.mod.security.http.digest.DigestCredentials
- getUsername() - Method in class io.inverno.mod.security.http.digest.DigestPassword.Encoder
-
Returns the username.
- getUsernameParameter() - Method in class io.inverno.mod.security.http.form.FormCredentialsExtractor
-
Returns the username parameter name.
H
- handle(B) - Method in class io.inverno.mod.security.http.form.FormLoginPageHandler
- handle(D) - Method in class io.inverno.mod.security.http.login.LoginActionHandler
- handle(E) - Method in class io.inverno.mod.security.http.login.LogoutActionHandler
- handleLoginFailure(B, SecurityException) - Method in class io.inverno.mod.security.http.form.RedirectLoginFailureHandler
- handleLoginFailure(B, SecurityException) - Method in interface io.inverno.mod.security.http.login.LoginFailureHandler
-
Handles failed authentication.
- handleLoginSuccess(C, A) - Method in class io.inverno.mod.security.http.form.RedirectLoginSuccessHandler
- handleLoginSuccess(C, A) - Method in interface io.inverno.mod.security.http.login.LoginSuccessHandler
-
Handles successful authentication.
- handleLoginSuccess(C, A) - Method in class io.inverno.mod.security.http.token.CookieTokenLoginSuccessHandler
- handleLogoutSuccess(E, A) - Method in class io.inverno.mod.security.http.form.RedirectLogoutSuccessHandler
- handleLogoutSuccess(E, A) - Method in interface io.inverno.mod.security.http.login.LogoutSuccessHandler
-
Handles successful logout.
- handleLogoutSuccess(E, A) - Method in class io.inverno.mod.security.http.token.CookieTokenLogoutSuccessHandler
- hashCode() - Method in class io.inverno.mod.security.http.cors.CORSInterceptor.Origin
- headerName - Variable in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor.Builder
-
The header name.
- headerName - Variable in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor
-
The header name.
- headerName(String) - Method in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor.Builder
-
Specifies the name of the CSRF token header.
- host - Variable in class io.inverno.mod.security.http.cors.CORSInterceptor.Origin
-
The host.
- HttpAuthenticationErrorInterceptor<A,
B> - Class in io.inverno.mod.security.http -
An authentication error interceptor that implements RFC 7235 HTTP authentication.
- HttpAuthenticationErrorInterceptor() - Constructor for class io.inverno.mod.security.http.HttpAuthenticationErrorInterceptor
- httpOnly - Variable in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor.Builder
-
The CSRF token cookie httpOnly parameter.
- httpOnly - Variable in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor
-
Flag indicating whether the token cookie should be HTTP only.
- httpOnly(boolean) - Method in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor.Builder
-
Specifies the
httpOnlyflag of the CSRF token cookie.
I
- intercept(B) - Method in class io.inverno.mod.security.http.AuthenticationErrorInterceptor
- intercept(B) - Method in class io.inverno.mod.security.http.cors.CORSInterceptor
- intercept(B) - Method in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor
- intercept(B) - Method in class io.inverno.mod.security.http.form.FormAuthenticationErrorInterceptor
- intercept(D) - Method in class io.inverno.mod.security.http.AccessControlInterceptor
- InterceptingSecurityContext<A,
B> - Interface in io.inverno.mod.security.http.context -
An intercepting security exchange context used by security interceptors to populate the security context.
- interceptUnauthorized(B) - Method in class io.inverno.mod.security.http.AuthenticationErrorInterceptor
-
Intercepts an unauthorized exchange.
- interceptUnauthorized(B) - Method in class io.inverno.mod.security.http.form.FormAuthenticationErrorInterceptor
- interceptUnauthorized(B) - Method in class io.inverno.mod.security.http.HttpAuthenticationErrorInterceptor
- io.inverno.mod.security.http - module io.inverno.mod.security.http
-
The Inverno framework HTTP security module provides support for securing access to HTTP endpoints.
- io.inverno.mod.security.http - package io.inverno.mod.security.http
- io.inverno.mod.security.http.basic - package io.inverno.mod.security.http.basic
- io.inverno.mod.security.http.context - package io.inverno.mod.security.http.context
- io.inverno.mod.security.http.cors - package io.inverno.mod.security.http.cors
- io.inverno.mod.security.http.csrf - package io.inverno.mod.security.http.csrf
- io.inverno.mod.security.http.digest - package io.inverno.mod.security.http.digest
- io.inverno.mod.security.http.form - package io.inverno.mod.security.http.form
- io.inverno.mod.security.http.login - package io.inverno.mod.security.http.login
- io.inverno.mod.security.http.token - package io.inverno.mod.security.http.token
- isSameOrigin(B, CORSInterceptor.Origin) - Method in class io.inverno.mod.security.http.cors.CORSInterceptor
-
Determines whether the request was issued from the same origin.
- isStatic - Variable in class io.inverno.mod.security.http.cors.CORSInterceptor
-
Flag indicating whether the interceptor is a static interceptor (allow one static origin).
- isUserhash() - Method in class io.inverno.mod.security.http.digest.DigestCredentials
-
Returns the user hash.
- isWildcard - Variable in class io.inverno.mod.security.http.cors.CORSInterceptor
-
Flag indicating whether the interceptor is a wildcard interceptor (allow all origins).
L
- LoginActionHandler<A,
B, - Class in io.inverno.mod.security.http.loginC, D> -
An exchange handler that authenticates login credentials and delegates further processing to success and failure handlers.
- LoginActionHandler(CredentialsExtractor<A>, Authenticator<A, B>) - Constructor for class io.inverno.mod.security.http.login.LoginActionHandler
-
Creates a login action handler with the specified credentials extractor and authenticator.
- LoginActionHandler(CredentialsExtractor<A>, Authenticator<A, B>, LoginSuccessHandler<B, C, D>, LoginFailureHandler<C, D>) - Constructor for class io.inverno.mod.security.http.login.LoginActionHandler
-
Creates a login action handler with the specified credentials extractor, authenticator, login success handler and login failure handler.
- LoginFailureHandler<A,
B> - Interface in io.inverno.mod.security.http.login -
Handles failed authentication in a
LoginActionHandler. - LoginSuccessHandler<A,
B, - Interface in io.inverno.mod.security.http.loginC> -
Handles successful authentication in a
LoginActionHandler. - LoginView - Class in io.inverno.mod.security.http.form
- LoginView() - Constructor for class io.inverno.mod.security.http.form.LoginView
- LoginView.BytebufTemplateSet - Interface in io.inverno.mod.security.http.form
- LoginView.BytesTemplateSet - Interface in io.inverno.mod.security.http.form
- LoginView.Renderer<T> - Interface in io.inverno.mod.security.http.form
- LoginView.StringTemplateSet - Interface in io.inverno.mod.security.http.form
- LogoutActionHandler<A,
B, - Class in io.inverno.mod.security.http.loginC, D, E> -
An exchange handler that logs out a logged in entity and delegates further processing to a success handler.
- LogoutActionHandler(AuthenticationReleaser<A>) - Constructor for class io.inverno.mod.security.http.login.LogoutActionHandler
-
Creates a logout action handler with the specified authentication releaser.
- LogoutActionHandler(AuthenticationReleaser<A>, LogoutSuccessHandler<A, B, C, D, E>) - Constructor for class io.inverno.mod.security.http.login.LogoutActionHandler
-
Creates a logout action handler with the specified authentication releaser and logout success handler.
- LogoutSuccessHandler<A,
B, - Interface in io.inverno.mod.security.http.loginC, D, E> -
Handles successful logout in a
LogoutActionHandler.
M
- MalformedCredentialsException - Exception Class in io.inverno.mod.security.http
-
Thrown by a
CredentialsExtractorto indicate that malformed credentials have been sent. - MalformedCredentialsException() - Constructor for exception class io.inverno.mod.security.http.MalformedCredentialsException
-
Creates a malformed credentials exception.
- MalformedCredentialsException(String) - Constructor for exception class io.inverno.mod.security.http.MalformedCredentialsException
-
Creates a malformed credentials exception with the specified message.
- MalformedCredentialsException(String, Throwable) - Constructor for exception class io.inverno.mod.security.http.MalformedCredentialsException
-
Creates a malformed credentials exception with the specified message and cause.
- MalformedCredentialsException(String, Throwable, boolean, boolean) - Constructor for exception class io.inverno.mod.security.http.MalformedCredentialsException
-
Creates a malformed credentials exception with the specified message, cause, suppression enabled or disabled and writable stack trace enabled or disabled.
- MalformedCredentialsException(Throwable) - Constructor for exception class io.inverno.mod.security.http.MalformedCredentialsException
-
Creates a malformed credentials exception with the specified cause.
- matches(DigestCredentials, A) - Method in class io.inverno.mod.security.http.digest.DigestCredentialsMatcher
- matches(String, String) - Method in class io.inverno.mod.security.http.digest.DigestPassword.Encoder
- maxAge - Variable in class io.inverno.mod.security.http.cors.CORSInterceptor.Builder
-
The max age in seconds.
- maxAge - Variable in class io.inverno.mod.security.http.cors.CORSInterceptor
-
The max age in seconds for CORS information cache.
- maxAge - Variable in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor.Builder
-
The CSRF token cookie max age parameter.
- maxAge - Variable in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor
-
The max age of the CSRF token cookie.
- maxAge(int) - Method in class io.inverno.mod.security.http.cors.CORSInterceptor.Builder
-
Specifies the max age for CORS information cache.
- maxAge(int) - Method in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor.Builder
-
Specifies the max age of the CSRF token cookie.
O
- of(CredentialsExtractor<? extends A>, Authenticator<? super A, ? extends B>) - Static method in interface io.inverno.mod.security.http.SecurityInterceptor
-
Creates a security interceptor with the specified credentials extractor and authenticator.
- of(CredentialsExtractor<? extends A>, Authenticator<? super A, ? extends B>, AccessControllerResolver<? super B, ? extends D>) - Static method in interface io.inverno.mod.security.http.SecurityInterceptor
-
Creates a security interceptor with the specified credentials extractor, authenticator and access controller resolver.
- of(CredentialsExtractor<? extends A>, Authenticator<? super A, ? extends B>, IdentityResolver<? super B, ? extends C>) - Static method in interface io.inverno.mod.security.http.SecurityInterceptor
-
Creates a security interceptor with the specified credentials extractor, authenticator and identity resolver.
- of(CredentialsExtractor<? extends A>, Authenticator<? super A, ? extends B>, IdentityResolver<? super B, ? extends C>, AccessControllerResolver<? super B, ? extends D>) - Static method in interface io.inverno.mod.security.http.SecurityInterceptor
-
Creates a security interceptor with the specified credentials extractor, authenticator, identity resolver and access controller resolver.
- of(LoginFailureHandler<? super A, ? super B>...) - Static method in interface io.inverno.mod.security.http.login.LoginFailureHandler
-
Returns a composed login failure handler that invokes the specified handlers in sequence.
- of(LoginSuccessHandler<? super A, ? super B, ? super C>...) - Static method in interface io.inverno.mod.security.http.login.LoginSuccessHandler
-
Returns a composed login success handler that invokes the specified handlers in sequence.
- of(LogoutSuccessHandler<? super A, ? super B, ? super C, ? super D, ? super E>...) - Static method in interface io.inverno.mod.security.http.login.LogoutSuccessHandler
-
Returns a composed logout success handler that invokes the specified handlers in sequence.
- or(CredentialsExtractor<? extends A>) - Method in interface io.inverno.mod.security.http.CredentialsExtractor
-
Returns a composed credentials extractor which first invokes this extractor and, if no credentials could have been extracted, invokes the specified extractor.
- Origin(String) - Constructor for class io.inverno.mod.security.http.cors.CORSInterceptor.Origin
-
Creates an origin by parsing the specified origin string.
- Origin(String, String, Integer) - Constructor for class io.inverno.mod.security.http.cors.CORSInterceptor.Origin
-
Creates an origin with the specified scheme, host and port.
P
- PARAMETER_ERROR - Static variable in class io.inverno.mod.security.http.form.FormLoginPageHandler
-
The error query parameter name.
- PARAMETER_REDIRECT_URI - Static variable in class io.inverno.mod.security.http.form.FormLoginPageHandler
-
The redirect URI query parameter name.
- parameterName - Variable in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor.Builder
-
The parameter name.
- parameterName - Variable in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor
-
The paramerer name.
- parameterName(String) - Method in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor.Builder
-
Specifies the name of the CSRF token parameter.
- path - Variable in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor.Builder
-
The CSRF token cookie path parameter.
- path - Variable in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor
-
The path of the CSRF token cookie.
- path(String) - Method in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor.Builder
-
Specifies the path of the CSRF token cookie.
- port - Variable in class io.inverno.mod.security.http.cors.CORSInterceptor.Origin
-
The port.
- publisherByteBuf() - Static method in class io.inverno.mod.security.http.form.LoginView
- publisherString() - Static method in class io.inverno.mod.security.http.form.LoginView
R
- recover(String) - Method in class io.inverno.mod.security.http.digest.DigestPassword.Encoder
- RedirectLoginFailureHandler<A,
B> - Class in io.inverno.mod.security.http.form -
A login failure handler implementation that redirects the client (302) after a failed login authentication.
- RedirectLoginFailureHandler() - Constructor for class io.inverno.mod.security.http.form.RedirectLoginFailureHandler
-
Creates a redirect login failure handler which redirects the client to the default login failure URI.
- RedirectLoginFailureHandler(String) - Constructor for class io.inverno.mod.security.http.form.RedirectLoginFailureHandler
-
Creates a redirect login failure handler which redirects the client to the specified login failure URI.
- RedirectLoginSuccessHandler<A,
B, - Class in io.inverno.mod.security.http.formC> -
A login success handler implementation that redirects the client (302) after a successful login authentication.
- RedirectLoginSuccessHandler() - Constructor for class io.inverno.mod.security.http.form.RedirectLoginSuccessHandler
-
Creates a redirect login success handler which redirects the client to the default login success URI.
- RedirectLoginSuccessHandler(String) - Constructor for class io.inverno.mod.security.http.form.RedirectLoginSuccessHandler
-
Creates a redirect login success handler which redirects the client to the specified login success URI.
- RedirectLogoutSuccessHandler<A,
B, - Class in io.inverno.mod.security.http.formC, D, E> -
A logout success handler implementation that redirects the client (302) after a successful logout.
- RedirectLogoutSuccessHandler() - Constructor for class io.inverno.mod.security.http.form.RedirectLogoutSuccessHandler
-
Creates a redirect logout success handler which redirects the client to the default logout success URI.
- RedirectLogoutSuccessHandler(String) - Constructor for class io.inverno.mod.security.http.form.RedirectLogoutSuccessHandler
-
Creates a redirect logout success handler which redirects the client to the specified logout success URI.
- render(String, String, String) - Method in interface io.inverno.mod.security.http.form.LoginView.Renderer
S
- scheme - Variable in class io.inverno.mod.security.http.cors.CORSInterceptor.Origin
-
The scheme.
- secure - Variable in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor.Builder
-
The CSRF token cookie secure parameter.
- secure - Variable in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor
-
Flag indicating whether the token cookie should be secured.
- secure(boolean) - Method in class io.inverno.mod.security.http.csrf.CSRFDoubleSubmitCookieInterceptor.Builder
-
Specifies the
secureflag of the CSRF token cookie. - SecurityContext<A,
B> - Interface in io.inverno.mod.security.http.context -
The security exchange context which exposes
Authentication,IdentityandAccessControllerin the exchange context. - SecurityInterceptor<A,
B, - Interface in io.inverno.mod.security.httpC, D, E> -
The security interceptor extracts the credentials send by a requester, authenticates them and creates the security context in the exchange.
- setNonceValiditySeconds(long) - Method in class io.inverno.mod.security.http.digest.DigestAuthenticationErrorInterceptor
-
Sets the nonce validity period.
- setSecurityContext(SecurityContext<? extends A, ? extends B>) - Method in interface io.inverno.mod.security.http.context.InterceptingSecurityContext
-
Sets the security context in the security exchange context.
- stream(Supplier<T>) - Static method in class io.inverno.mod.security.http.form.LoginView
- string() - Static method in class io.inverno.mod.security.http.form.LoginView
T
- template(String, String, String) - Method in interface io.inverno.mod.security.http.form.LoginView.BytebufTemplateSet
- template(String, String, String) - Method in interface io.inverno.mod.security.http.form.LoginView.BytesTemplateSet
- template(String, String, String) - Method in interface io.inverno.mod.security.http.form.LoginView.StringTemplateSet
- terminal - Variable in class io.inverno.mod.security.http.AuthenticationErrorInterceptor
-
Flag indicating whether the interceptor should claim the exchange (i.e. terminates the exchange by returning an empty response).
- toString() - Method in class io.inverno.mod.security.http.cors.CORSInterceptor.Origin
V
- value - Variable in class io.inverno.mod.security.http.cors.CORSInterceptor.Origin
-
The origin value (
[scheme]://[host]:[port]). - verify(Function<SecurityContext<A, B>, Mono<Boolean>>) - Static method in class io.inverno.mod.security.http.AccessControlInterceptor
-
Returns an access control interceptor that uses the specified access verifier to verify access.
All Classes and Interfaces|All Packages|Constant Field Values|Serialized Form