(window.webpackJsonp=window.webpackJsonp||[]).push([[180],{607:function(e,t,r){"use strict";r.r(t);var i=r(56),s=Object(i.a)({},(function(){var e=this,t=e.$createElement,r=e._self._c||t;return r("ContentSlotsDistributor",{attrs:{"slot-key":e.$parent.slotKey}},[r("h1",{attrs:{id:"project-modules-and-dependencies"}},[r("a",{staticClass:"header-anchor",attrs:{href:"#project-modules-and-dependencies"}},[e._v("#")]),e._v(" Project Modules and Dependencies")]),e._v(" "),r("p",[e._v("Even if you do not use Maven, we recommend that you consult the "),r("code",[e._v("pom.xml")]),e._v(" files to get an idea of third-party dependencies and versions.\nAnother good idea is to examine the libraries that are included in the sample applications.")]),e._v(" "),r("p",[e._v("This section provides a reference of the modules in Spring Security and the additional dependencies that they require in order to function in a running application.\nWe don’t include dependencies that are only used when building or testing Spring Security itself.\nNor do we include transitive dependencies which are required by external dependencies.")]),e._v(" "),r("p",[e._v('The version of Spring required is listed on the project website, so the specific versions are omitted for Spring dependencies below.\nNote that some of the dependencies listed as "optional" below may still be required for other non-security functionality in a Spring application.\nAlso dependencies listed as "optional" may not actually be marked as such in the project’s Maven POM files if they are used in most applications.\nThey are "optional" only in the sense that you don’t need them unless you are using the specified functionality.')]),e._v(" "),r("p",[e._v("Where a module depends on another Spring Security module, the non-optional dependencies of the module it depends on are also assumed to be required and are not listed separately.")]),e._v(" "),r("h2",{attrs:{id:"core-spring-security-core-jar"}},[r("a",{staticClass:"header-anchor",attrs:{href:"#core-spring-security-core-jar"}},[e._v("#")]),e._v(" Core — "),r("code",[e._v("spring-security-core.jar")])]),e._v(" "),r("p",[e._v("This module contains core authentication and access-contol classes and interfaces, remoting support, and basic provisioning APIs.\nIt is required by any application that uses Spring Security.\nIt supports standalone applications, remote clients, method (service layer) security, and JDBC user provisioning.\nIt contains the following top-level packages:")]),e._v(" "),r("ul",[r("li",[r("p",[r("code",[e._v("org.springframework.security.core")])])]),e._v(" "),r("li",[r("p",[r("code",[e._v("org.springframework.security.access")])])]),e._v(" "),r("li",[r("p",[r("code",[e._v("org.springframework.security.authentication")])])]),e._v(" "),r("li",[r("p",[r("code",[e._v("org.springframework.security.provisioning")])])])]),e._v(" "),r("table",[r("thead",[r("tr",[r("th",[e._v("Dependency")]),e._v(" "),r("th",[e._v("Version")]),e._v(" "),r("th",[e._v("Description")])])]),e._v(" "),r("tbody",[r("tr",[r("td",[e._v("ehcache")]),e._v(" "),r("td",[e._v("1.6.2")]),e._v(" "),r("td",[e._v("Required if the Ehcache-based user cache implementation is used (optional).")])]),e._v(" "),r("tr",[r("td",[e._v("spring-aop")]),e._v(" "),r("td"),e._v(" "),r("td",[e._v("Method security is based on Spring AOP")])]),e._v(" "),r("tr",[r("td",[e._v("spring-beans")]),e._v(" "),r("td"),e._v(" "),r("td",[e._v("Required for Spring configuration")])]),e._v(" "),r("tr",[r("td",[e._v("spring-expression")]),e._v(" "),r("td"),e._v(" "),r("td",[e._v("Required for expression-based method security (optional)")])]),e._v(" "),r("tr",[r("td",[e._v("spring-jdbc")]),e._v(" "),r("td"),e._v(" "),r("td",[e._v("Required if using a database to store user data (optional).")])]),e._v(" "),r("tr",[r("td",[e._v("spring-tx")]),e._v(" "),r("td"),e._v(" "),r("td",[e._v("Required if using a database to store user data (optional).")])]),e._v(" "),r("tr",[r("td",[e._v("aspectjrt")]),e._v(" "),r("td",[e._v("1.6.10")]),e._v(" "),r("td",[e._v("Required if using AspectJ support (optional).")])]),e._v(" "),r("tr",[r("td",[e._v("jsr250-api")]),e._v(" "),r("td",[e._v("1.0")]),e._v(" "),r("td",[e._v("Required if you are using JSR-250 method-security annotations (optional).")])])])]),e._v(" "),r("h2",{attrs:{id:"remoting-spring-security-remoting-jar"}},[r("a",{staticClass:"header-anchor",attrs:{href:"#remoting-spring-security-remoting-jar"}},[e._v("#")]),e._v(" Remoting — "),r("code",[e._v("spring-security-remoting.jar")])]),e._v(" "),r("p",[e._v("This module provides integration with Spring Remoting.\nYou do not need this unless you are writing a remote client that uses Spring Remoting.\nThe main package is "),r("code",[e._v("org.springframework.security.remoting")]),e._v(".")]),e._v(" "),r("table",[r("thead",[r("tr",[r("th",[e._v("Dependency")]),e._v(" "),r("th",[e._v("Version")]),e._v(" "),r("th",[e._v("Description")])])]),e._v(" "),r("tbody",[r("tr",[r("td",[e._v("spring-security-core")]),e._v(" "),r("td"),e._v(" "),r("td")]),e._v(" "),r("tr",[r("td",[e._v("spring-web")]),e._v(" "),r("td"),e._v(" "),r("td",[e._v("Required for clients which use HTTP remoting support.")])])])]),e._v(" "),r("h2",{attrs:{id:"web-spring-security-web-jar"}},[r("a",{staticClass:"header-anchor",attrs:{href:"#web-spring-security-web-jar"}},[e._v("#")]),e._v(" Web — "),r("code",[e._v("spring-security-web.jar")])]),e._v(" "),r("p",[e._v("This module contains filters and related web-security infrastructure code.\nIt contains anything with a servlet API dependency.\nYou need it if you require Spring Security web authentication services and URL-based access-control.\nThe main package is "),r("code",[e._v("org.springframework.security.web")]),e._v(".")]),e._v(" "),r("table",[r("thead",[r("tr",[r("th",[e._v("Dependency")]),e._v(" "),r("th",[e._v("Version")]),e._v(" "),r("th",[e._v("Description")])])]),e._v(" "),r("tbody",[r("tr",[r("td",[e._v("spring-security-core")]),e._v(" "),r("td"),e._v(" "),r("td")]),e._v(" "),r("tr",[r("td",[e._v("spring-web")]),e._v(" "),r("td"),e._v(" "),r("td",[e._v("Spring web support classes are used extensively.")])]),e._v(" "),r("tr",[r("td",[e._v("spring-jdbc")]),e._v(" "),r("td"),e._v(" "),r("td",[e._v("Required for JDBC-based persistent remember-me token repository (optional).")])]),e._v(" "),r("tr",[r("td",[e._v("spring-tx")]),e._v(" "),r("td"),e._v(" "),r("td",[e._v("Required by remember-me persistent token repository implementations (optional).")])])])]),e._v(" "),r("h2",{attrs:{id:"config-spring-security-config-jar"}},[r("a",{staticClass:"header-anchor",attrs:{href:"#config-spring-security-config-jar"}},[e._v("#")]),e._v(" Config — "),r("code",[e._v("spring-security-config.jar")])]),e._v(" "),r("p",[e._v("This module contains the security namespace parsing code and Java configuration code.\nYou need it if you use the Spring Security XML namespace for configuration or Spring Security’s Java Configuration support.\nThe main package is "),r("code",[e._v("org.springframework.security.config")]),e._v(".\nNone of the classes are intended for direct use in an application.")]),e._v(" "),r("table",[r("thead",[r("tr",[r("th",[e._v("Dependency")]),e._v(" "),r("th",[e._v("Version")]),e._v(" "),r("th",[e._v("Description")])])]),e._v(" "),r("tbody",[r("tr",[r("td",[e._v("spring-security-core")]),e._v(" "),r("td"),e._v(" "),r("td")]),e._v(" "),r("tr",[r("td",[e._v("spring-security-web")]),e._v(" "),r("td"),e._v(" "),r("td",[e._v("Required if you are using any web-related namespace configuration (optional).")])]),e._v(" "),r("tr",[r("td",[e._v("spring-security-ldap")]),e._v(" "),r("td"),e._v(" "),r("td",[e._v("Required if you are using the LDAP namespace options (optional).")])]),e._v(" "),r("tr",[r("td",[e._v("spring-security-openid")]),e._v(" "),r("td"),e._v(" "),r("td",[e._v("Required if you are using OpenID authentication (optional).")])]),e._v(" "),r("tr",[r("td",[e._v("aspectjweaver")]),e._v(" "),r("td",[e._v("1.6.10")]),e._v(" "),r("td",[e._v("Required if using the protect-pointcut namespace syntax (optional).")])])])]),e._v(" "),r("h2",{attrs:{id:"ldap-spring-security-ldap-jar"}},[r("a",{staticClass:"header-anchor",attrs:{href:"#ldap-spring-security-ldap-jar"}},[e._v("#")]),e._v(" LDAP — "),r("code",[e._v("spring-security-ldap.jar")])]),e._v(" "),r("p",[e._v("This module provides LDAP authentication and provisioning code.\nIt is required if you need to use LDAP authentication or manage LDAP user entries.\nThe top-level package is "),r("code",[e._v("org.springframework.security.ldap")]),e._v(".")]),e._v(" "),r("table",[r("thead",[r("tr",[r("th",[e._v("Dependency")]),e._v(" "),r("th",[e._v("Version")]),e._v(" "),r("th",[e._v("Description")])])]),e._v(" "),r("tbody",[r("tr",[r("td",[e._v("spring-security-core")]),e._v(" "),r("td"),e._v(" "),r("td")]),e._v(" "),r("tr",[r("td",[e._v("spring-ldap-core")]),e._v(" "),r("td",[e._v("1.3.0")]),e._v(" "),r("td",[e._v("LDAP support is based on Spring LDAP.")])]),e._v(" "),r("tr",[r("td",[e._v("spring-tx")]),e._v(" "),r("td"),e._v(" "),r("td",[e._v("Data exception classes are required.")])]),e._v(" "),r("tr",[r("td",[e._v("apache-ds "),r("sup",{staticClass:"footnote"},[e._v("["),r("a",{staticClass:"footnote",attrs:{id:"_footnoteref_1",href:"#_footnotedef_1",title:"View footnote."}},[e._v("1")]),e._v("]")])]),e._v(" "),r("td",[e._v("1.5.5")]),e._v(" "),r("td",[e._v("Required if you are using an embedded LDAP server (optional).")])]),e._v(" "),r("tr",[r("td",[e._v("shared-ldap")]),e._v(" "),r("td",[e._v("0.9.15")]),e._v(" "),r("td",[e._v("Required if you are using an embedded LDAP server (optional).")])]),e._v(" "),r("tr",[r("td",[e._v("ldapsdk")]),e._v(" "),r("td",[e._v("4.1")]),e._v(" "),r("td",[e._v("Mozilla LdapSDK."),r("br"),e._v("Used for decoding LDAP password policy controls if you are using password-policy functionality with OpenLDAP, for example.")])])])]),e._v(" "),r("h2",{attrs:{id:"oauth-2-0-core-spring-security-oauth2-core-jar"}},[r("a",{staticClass:"header-anchor",attrs:{href:"#oauth-2-0-core-spring-security-oauth2-core-jar"}},[e._v("#")]),e._v(" OAuth 2.0 Core — "),r("code",[e._v("spring-security-oauth2-core.jar")])]),e._v(" "),r("p",[r("code",[e._v("spring-security-oauth2-core.jar")]),e._v(" contains core classes and interfaces that provide support for the OAuth 2.0 Authorization Framework and for OpenID Connect Core 1.0.\nIt is required by applications that use OAuth 2.0 or OpenID Connect Core 1.0, such as client, resource server, and authorization server.\nThe top-level package is "),r("code",[e._v("org.springframework.security.oauth2.core")]),e._v(".")]),e._v(" "),r("h2",{attrs:{id:"oauth-2-0-client-spring-security-oauth2-client-jar"}},[r("a",{staticClass:"header-anchor",attrs:{href:"#oauth-2-0-client-spring-security-oauth2-client-jar"}},[e._v("#")]),e._v(" OAuth 2.0 Client — "),r("code",[e._v("spring-security-oauth2-client.jar")])]),e._v(" "),r("p",[r("code",[e._v("spring-security-oauth2-client.jar")]),e._v(" contains Spring Security’s client support for OAuth 2.0 Authorization Framework and OpenID Connect Core 1.0.\nIt is required by applications that use OAuth 2.0 Login or OAuth Client support.\nThe top-level package is "),r("code",[e._v("org.springframework.security.oauth2.client")]),e._v(".")]),e._v(" "),r("h2",{attrs:{id:"oauth-2-0-jose-spring-security-oauth2-jose-jar"}},[r("a",{staticClass:"header-anchor",attrs:{href:"#oauth-2-0-jose-spring-security-oauth2-jose-jar"}},[e._v("#")]),e._v(" OAuth 2.0 JOSE — "),r("code",[e._v("spring-security-oauth2-jose.jar")])]),e._v(" "),r("p",[r("code",[e._v("spring-security-oauth2-jose.jar")]),e._v(" contains Spring Security’s support for the JOSE (Javascript Object Signing and Encryption) framework.\nThe JOSE framework is intended to provide a method to securely transfer claims between parties.\nIt is built from a collection of specifications:")]),e._v(" "),r("ul",[r("li",[r("p",[e._v("JSON Web Token (JWT)")])]),e._v(" "),r("li",[r("p",[e._v("JSON Web Signature (JWS)")])]),e._v(" "),r("li",[r("p",[e._v("JSON Web Encryption (JWE)")])]),e._v(" "),r("li",[r("p",[e._v("JSON Web Key (JWK)")])])]),e._v(" "),r("p",[e._v("It contains the following top-level packages:")]),e._v(" "),r("ul",[r("li",[r("p",[r("code",[e._v("org.springframework.security.oauth2.jwt")])])]),e._v(" "),r("li",[r("p",[r("code",[e._v("org.springframework.security.oauth2.jose")])])])]),e._v(" "),r("h2",{attrs:{id:"oauth-2-0-resource-server-spring-security-oauth2-resource-server-jar"}},[r("a",{staticClass:"header-anchor",attrs:{href:"#oauth-2-0-resource-server-spring-security-oauth2-resource-server-jar"}},[e._v("#")]),e._v(" OAuth 2.0 Resource Server — "),r("code",[e._v("spring-security-oauth2-resource-server.jar")])]),e._v(" "),r("p",[r("code",[e._v("spring-security-oauth2-resource-server.jar")]),e._v(" contains Spring Security’s support for OAuth 2.0 Resource Servers.\nIt is used to protect APIs via OAuth 2.0 Bearer Tokens.\nThe top-level package is "),r("code",[e._v("org.springframework.security.oauth2.server.resource")]),e._v(".")]),e._v(" "),r("h2",{attrs:{id:"acl-spring-security-acl-jar"}},[r("a",{staticClass:"header-anchor",attrs:{href:"#acl-spring-security-acl-jar"}},[e._v("#")]),e._v(" ACL — "),r("code",[e._v("spring-security-acl.jar")])]),e._v(" "),r("p",[e._v("This module contains a specialized domain object ACL implementation.\nIt is used to apply security to specific domain object instances within your application.\nThe top-level package is "),r("code",[e._v("org.springframework.security.acls")]),e._v(".")]),e._v(" "),r("table",[r("thead",[r("tr",[r("th",[e._v("Dependency")]),e._v(" "),r("th",[e._v("Version")]),e._v(" "),r("th",[e._v("Description")])])]),e._v(" "),r("tbody",[r("tr",[r("td",[e._v("spring-security-core")]),e._v(" "),r("td"),e._v(" "),r("td")]),e._v(" "),r("tr",[r("td",[e._v("ehcache")]),e._v(" "),r("td",[e._v("1.6.2")]),e._v(" "),r("td",[e._v("Required if the Ehcache-based ACL cache implementation is used (optional if you are using your own implementation).")])]),e._v(" "),r("tr",[r("td",[e._v("spring-jdbc")]),e._v(" "),r("td"),e._v(" "),r("td",[e._v("Required if you are using the default JDBC-based AclService (optional if you implement your own).")])]),e._v(" "),r("tr",[r("td",[e._v("spring-tx")]),e._v(" "),r("td"),e._v(" "),r("td",[e._v("Required if you are using the default JDBC-based AclService (optional if you implement your own).")])])])]),e._v(" "),r("h2",{attrs:{id:"cas-spring-security-cas-jar"}},[r("a",{staticClass:"header-anchor",attrs:{href:"#cas-spring-security-cas-jar"}},[e._v("#")]),e._v(" CAS — "),r("code",[e._v("spring-security-cas.jar")])]),e._v(" "),r("p",[e._v("This module contains Spring Security’s CAS client integration.\nYou should use it if you want to use Spring Security web authentication with a CAS single sign-on server.\nThe top-level package is "),r("code",[e._v("org.springframework.security.cas")]),e._v(".")]),e._v(" "),r("table",[r("thead",[r("tr",[r("th",[e._v("Dependency")]),e._v(" "),r("th",[e._v("Version")]),e._v(" "),r("th",[e._v("Description")])])]),e._v(" "),r("tbody",[r("tr",[r("td",[e._v("spring-security-core")]),e._v(" "),r("td"),e._v(" "),r("td")]),e._v(" "),r("tr",[r("td",[e._v("spring-security-web")]),e._v(" "),r("td"),e._v(" "),r("td")]),e._v(" "),r("tr",[r("td",[e._v("cas-client-core")]),e._v(" "),r("td",[e._v("3.1.12")]),e._v(" "),r("td",[e._v("The JA-SIG CAS Client."),r("br"),e._v("This is the basis of the Spring Security integration.")])]),e._v(" "),r("tr",[r("td",[e._v("ehcache")]),e._v(" "),r("td",[e._v("1.6.2")]),e._v(" "),r("td",[e._v("Required if you are using the Ehcache-based ticket cache (optional).")])])])]),e._v(" "),r("h2",{attrs:{id:"openid-spring-security-openid-jar"}},[r("a",{staticClass:"header-anchor",attrs:{href:"#openid-spring-security-openid-jar"}},[e._v("#")]),e._v(" OpenID — "),r("code",[e._v("spring-security-openid.jar")])]),e._v(" "),r("table",[r("thead",[r("tr",[r("th"),e._v(" "),r("th",[e._v("The OpenID 1.0 and 2.0 protocols have been deprecated and users are encouraged to migrate to OpenID Connect, which is supported by spring-security-oauth2.")])])]),e._v(" "),r("tbody")]),e._v(" "),r("p",[e._v("This module contains OpenID web authentication support.\nIt is used to authenticate users against an external OpenID server.\nThe top-level package is "),r("code",[e._v("org.springframework.security.openid")]),e._v(".\nIt requires OpenID4Java.")]),e._v(" "),r("table",[r("thead",[r("tr",[r("th",[e._v("Dependency")]),e._v(" "),r("th",[e._v("Version")]),e._v(" "),r("th",[e._v("Description")])])]),e._v(" "),r("tbody",[r("tr",[r("td",[e._v("spring-security-core")]),e._v(" "),r("td"),e._v(" "),r("td")]),e._v(" "),r("tr",[r("td",[e._v("spring-security-web")]),e._v(" "),r("td"),e._v(" "),r("td")]),e._v(" "),r("tr",[r("td",[e._v("openid4java-nodeps")]),e._v(" "),r("td",[e._v("0.9.6")]),e._v(" "),r("td",[e._v("Spring Security’s OpenID integration uses OpenID4Java.")])]),e._v(" "),r("tr",[r("td",[e._v("httpclient")]),e._v(" "),r("td",[e._v("4.1.1")]),e._v(" "),r("td",[e._v("openid4java-nodeps depends on HttpClient 4.")])]),e._v(" "),r("tr",[r("td",[e._v("guice")]),e._v(" "),r("td",[e._v("2.0")]),e._v(" "),r("td",[e._v("openid4java-nodeps depends on Guice 2.")])])])]),e._v(" "),r("h2",{attrs:{id:"test-spring-security-test-jar"}},[r("a",{staticClass:"header-anchor",attrs:{href:"#test-spring-security-test-jar"}},[e._v("#")]),e._v(" Test — "),r("code",[e._v("spring-security-test.jar")])]),e._v(" "),r("p",[e._v("This module contains support for testing with Spring Security.")]),e._v(" "),r("h2",{attrs:{id:"taglibs-spring-secuity-taglibs-jar"}},[r("a",{staticClass:"header-anchor",attrs:{href:"#taglibs-spring-secuity-taglibs-jar"}},[e._v("#")]),e._v(" Taglibs — "),r("code",[e._v("spring-secuity-taglibs.jar")])]),e._v(" "),r("p",[e._v("Provides Spring Security’s JSP tag implementations.")]),e._v(" "),r("table",[r("thead",[r("tr",[r("th",[e._v("Dependency")]),e._v(" "),r("th",[e._v("Version")]),e._v(" "),r("th",[e._v("Description")])])]),e._v(" "),r("tbody",[r("tr",[r("td",[e._v("spring-security-core")]),e._v(" "),r("td"),e._v(" "),r("td")]),e._v(" "),r("tr",[r("td",[e._v("spring-security-web")]),e._v(" "),r("td"),e._v(" "),r("td")]),e._v(" "),r("tr",[r("td",[e._v("spring-security-acl")]),e._v(" "),r("td"),e._v(" "),r("td",[e._v("Required if you are using the "),r("code",[e._v("accesscontrollist")]),e._v(" tag or "),r("code",[e._v("hasPermission()")]),e._v(" expressions with ACLs (optional).")])]),e._v(" "),r("tr",[r("td",[e._v("spring-expression")]),e._v(" "),r("td"),e._v(" "),r("td",[e._v("Required if you are using SPEL expressions in your tag access constraints.")])])])]),e._v(" "),r("hr"),e._v(" "),r("p",[r("a",{attrs:{href:"#_footnoteref_1"}},[e._v("1")]),e._v(". The modules "),r("code",[e._v("apacheds-core")]),e._v(", "),r("code",[e._v("apacheds-core-entry")]),e._v(", "),r("code",[e._v("apacheds-protocol-shared")]),e._v(", "),r("code",[e._v("apacheds-protocol-ldap")]),e._v(" and "),r("code",[e._v("apacheds-server-jndi")]),e._v(" are required.")])])}),[],!1,null,null,null);t.default=s.exports}}]);