| Package Name | Comment |
| acegifier | |
| acegifier.web | |
| org.acegisecurity |
Provides core Acegi Security System for Spring interfaces and classes.
|
| org.acegisecurity.acl |
Enables retrieval of access control lists (ACLs) for domain object instances.
The goal of this package is to locate the AclEntrys
that apply to a given domain object instance.
An AclManager has ultimate resposibility for obtaining the
AclEntrys instances, with a provider-based implementation
available via the AclProviderManager class (and
its AclProvider interface.
|
| org.acegisecurity.acl.basic |
Access control list implementation based on integer bit masks.
|
| org.acegisecurity.acl.basic.cache |
Caches ACL information for the BasicAclProvider.
|
| org.acegisecurity.acl.basic.jdbc |
JDBC-based data access object for ACL information.
|
| org.acegisecurity.acls |
Interfaces and shared classes to manage access control lists (ACLs) for domain object instances.
|
| org.acegisecurity.acls.domain |
Basic implementation of access control lists (ACLs) interfaces.
|
| org.acegisecurity.acls.jdbc |
JDBC-based persistence of ACL information.
|
| org.acegisecurity.acls.objectidentity |
Provides indirection between ACL packages and domain objects.
|
| org.acegisecurity.acls.sid |
Provides indirection between ACL packages and security identities, such as principals and GrantedAuthority[]s.
|
| org.acegisecurity.adapters |
Allows external containers to obtain authentication information from the
system.
It is recommended to use the net.sf.acegisecurity.ui.webapp
package for standard web applications, as it has much lower configuration
complexity.
|
| org.acegisecurity.adapters.cas |
Adapter to Yale Central Authentication Service (CAS).
|
| org.acegisecurity.adapters.cas3 | |
| org.acegisecurity.adapters.catalina |
Adapter to Catalina web container (Tomcat).
|
| org.acegisecurity.adapters.jboss |
Adapter to JBoss.
|
| org.acegisecurity.adapters.jetty |
Adapter to Jetty web container.
|
| org.acegisecurity.adapters.resin |
Adapter to Resin web container.
|
| org.acegisecurity.afterinvocation |
Used for post-processing of an object returned from a secure object invocation.
|
| org.acegisecurity.annotation | |
| org.acegisecurity.annotation.test | |
| org.acegisecurity.captcha |
Captcha classes. Contains :
- a CaptchaSecurityContext that overrides the default SecurityContext and holds some captcha related informations
- an abstract CaptchaChannelProcessorTemplate and its implementations that test this context according to the configuration
- a CaptchaServiceProxy and a CaptchaValidationProcessingFilter that alows to validate a captcha response and to update the CaptchaSecurity
- a CaptchaEntryPoint that redirects to a captcha page if the CaptchaChannelProcessor implementation decide so
|
| org.acegisecurity.concurrent |
Concurrent session control and registration classes.
|
| org.acegisecurity.config | |
| org.acegisecurity.context |
Provides a "request context".
A request context is associated with the current execution thread. It holds
objects that would otherwise need to be included in many method signatures,
such as for authentication.
|
| org.acegisecurity.context.httpinvoker |
Enables use of Spring's HttpInvoker extension points to
present the principal and credentials located
in the ContextHolder via BASIC authentication.
The beans are wired as follows:
<bean id="test" class="org.springframework.remoting.httpinvoker.HttpInvokerProxyFactoryBean">
<property name="serviceUrl"><value>http://localhost/Test</value></property>
<property name="serviceInterface"><value>test.TargetInterface</value></property>
<property name="httpInvokerRequestExecutor"><ref bean="httpInvokerRequestExecutor"/></property>
</bean>
<bean id="httpInvokerRequestExecutor" class="net.sf.acegisecurity.ui.httpinvoker.AuthenticationSimpleHttpInvokerRequestExecutor"/>
|
| org.acegisecurity.context.rmi |
Enables use of Spring's RMI remoting extension points to propagate
the ContextHolder (which should contain an
Authentication request token)
from one JVM to the remote JVM.
The beans are wired as follows:
<bean id="test" class="org.springframework.remoting.rmi.RmiProxyFactoryBean">
<property name="serviceUrl"><value>rmi://localhost/Test</value></property>
<property name="serviceInterface"><value>test.TargetInterface</value></property>
<property name="refreshStubOnConnectFailure"><value>true</value></property>
<property name="remoteInvocationFactory"><ref bean="remoteInvocationFactory"/></property>
</bean>
<bean id="remoteInvocationFactory" class="net.sf.acegisecurity.ui.rmi.ContextPropagatingRemoteInvocationFactory"/>
|
| org.acegisecurity.event.authentication |
Enables events to be published to the Spring application context.
The ProviderManager automatically publishes
events to the application context. These events are received by all
registered Spring ApplicationListeners.
|
| org.acegisecurity.event.authorization |
Provides support objects for security event interception (ie authorization).
|
| org.acegisecurity.intercept |
Actually enforces the security and ties the whole security system together.
A secure object is a term frequently used throughout the security
system. It does not refer to a business object that is being
secured, but instead refers to some infrastructure object that can have
security facilities provided for it by the Acegi Security System for
Spring. For example, one secure object would be
MethodInvocation, whilst another would be HTTP {@link
org.acegisecurity.intercept.web.FilterInvocation}. Note these are
infrastructure objects and their design allows them to represent a large
variety of actual resources that might need to be secured, such as business
objects or HTTP request URLs.
Each secure object typically has its
own org.acegisecurity.intercept package.
Each package usually includes a concrete security interceptor (which
subclasses {@link org.acegisecurity.intercept.AbstractSecurityInterceptor},
an appropriate {@link org.acegisecurity.intercept.ObjectDefinitionSource}
for the type of resources the secure object represents, and a property editor
to populate the ObjectDefinitionSource.
It is simple to create new secure object types, given the
AbstractSecurityInterceptor provides the majority of the logic
and other specialised packages provide the authentication, authorization,
run-as replacement management and ContextHolder population.
|
| org.acegisecurity.intercept.method |
Provides support objects for securing Java method invocations
via different AOP libraries.
|
| org.acegisecurity.intercept.method.aopalliance |
Enforces security for AOP Alliance MethodInvocations, such as via
Spring AOP.
|
| org.acegisecurity.intercept.method.aspectj |
Enforces security for AspectJ JointPoints, delegating secure
object callbacks to the calling aspect.
Refer to the reference guide for information on usage.
|
| org.acegisecurity.intercept.web |
Enforces security for HTTP requests, typically by the URL requested.
|
| org.acegisecurity.ldap | |
| org.acegisecurity.ldap.search |
LdapUserSearch implementations. These may be used to locate the user in the directory.
|
| org.acegisecurity.providers |
Implements a provider-based approach to authentication decisions.
|
| org.acegisecurity.providers.anonymous |
Allows you to secure every invocation (especially useful for web request
URI security) by always having either an actual principal or an anonymous
principal authenticated.
|
| org.acegisecurity.providers.cas |
An authentication provider that can process JA-SIG Central Authentication Service (CAS)
service tickets and proxy tickets.
|
| org.acegisecurity.providers.cas.cache |
Caches CAS tickets for the CasAuthenticationProvider.
|
| org.acegisecurity.providers.cas.populator |
Implementations that populate GrantedAuthority[]s of CAS authentications.
|
| org.acegisecurity.providers.cas.proxy |
Implementations that decide whether proxy lists of
CAS authentications are trusted.
|
| org.acegisecurity.providers.cas.ticketvalidator |
Implementations that validate service tickets.
|
| org.acegisecurity.providers.dao |
An authentication provider that relies upon a data access object.
|
| org.acegisecurity.providers.dao.cache |
Caches User objects for the DaoAuthenticationProvider.
|
| org.acegisecurity.providers.dao.salt |
Implementations that provide salts for more secure password encoding.
|
| org.acegisecurity.providers.encoding |
Password encoding implementations.
|
| org.acegisecurity.providers.jaas |
An authentication provider for JAAS.
|
| org.acegisecurity.providers.jaas.event |
Enables JAAS events to be published to the Spring application context.
|
| org.acegisecurity.providers.ldap |
The LDAP authentication provider package. Interfaces are provided for
both authentication and retrieval of user roles from an LDAP server.
The main provider class is LdapAuthenticationProvider.
This is configured with an LdapAuthenticator instance and
an LdapAuthoritiesPopulator. The latter is used to obtain the
list of roles for the user.
|
| org.acegisecurity.providers.ldap.authenticator |
LDAP authenticator implementations.
|
| org.acegisecurity.providers.ldap.populator |
LdapAuthoritiesPopulator implementations.
|
| org.acegisecurity.providers.openid |
An authentication provider that can process OpenID
Authentication Tokens as created by implementations of the OpenIDConsumer interface.
|
| org.acegisecurity.providers.portlet | |
| org.acegisecurity.providers.portlet.cache | |
| org.acegisecurity.providers.portlet.populator | |
| org.acegisecurity.providers.rcp |
Allows remote clients to authenticate and obtain a populated
Authentication object.
|
| org.acegisecurity.providers.rememberme |
Authentication provider that processes RememberMeAuthenticationTokens.
|
| org.acegisecurity.providers.siteminder |
A Siteminder authentication provider.
|
| org.acegisecurity.providers.x509 |
An authentication provider that can process X.509 certificaties.
|
| org.acegisecurity.providers.x509.cache |
User caches for the X509 provider.
|
| org.acegisecurity.providers.x509.populator |
Implementations that populate GrantedAuthority[]s of X509 authentications.
|
| org.acegisecurity.runas |
Allows secure objects to be run under a different authentication identity.
|
| org.acegisecurity.securechannel |
Classes that ensure web requests are received over required
transport channels.
|
| org.acegisecurity.taglibs.authz |
Java implementation of security taglib.
|
| org.acegisecurity.taglibs.velocity | |
| org.acegisecurity.ui |
Authentication processing mechanisms, which respond to the submission of authentication
credentials using various protocols (eg BASIC, CAS, form login etc).
|
| org.acegisecurity.ui.basicauth |
Authenticates HTTP BASIC authentication requests.
|
| org.acegisecurity.ui.cas |
Authenticates standard web browser users via
JA-SIG Central Authentication Service (CAS).
|
| org.acegisecurity.ui.digestauth |
Authenticates HTTP Digest authentication requests.
|
| org.acegisecurity.ui.logout | |
| org.acegisecurity.ui.openid |
Authenticates standard web browser users via OpenID.
|
| org.acegisecurity.ui.openid.consumers |
Implementations of the OpenIDConsumer interface using 3rd party libraries.
|
| org.acegisecurity.ui.portlet | |
| org.acegisecurity.ui.rememberme |
Support for remembering a user between different web sessions.
|
| org.acegisecurity.ui.savedrequest |
Stores a HttpServletRequest so that it can subsequently be emulated by the
SavedRequestAwareWrapper.
|
| org.acegisecurity.ui.session |
HttpSession events and publisher classes.
|
| org.acegisecurity.ui.switchuser |
Provides HTTP-based "switch user" (su) capabilities.
|
| org.acegisecurity.ui.webapp |
Authenticates users via HTTP properties, headers and session.
|
| org.acegisecurity.ui.x509 |
X.509 authentication filter and related classes.
|
| org.acegisecurity.userdetails | |
| org.acegisecurity.userdetails.jdbc |
Exposes a JDBC-based authentication repository.
|
| org.acegisecurity.userdetails.ldap | |
| org.acegisecurity.userdetails.memory |
Exposes an in-memory authentication repository.
|
| org.acegisecurity.util |
General utility classes used throughout the Acegi Security System.
|
| org.acegisecurity.vote |
Implements a vote-based approach to authorization decisions.
|
| org.acegisecurity.webwork | |
| org.acegisecurity.wrapper |
Populates a Servlet request with a new Acegi Security compliant
HttpServletRequestWrapper.
To use, simply add the ContextHolderAwareRequestFilter
to web.xml.
|
| sample.annotations | |
| sample.contact | |
| sample.dms | |
| sample.dms.secured | |
| samples.annotations | |