Package io.quarkus.vertx.http.runtime
Class FormAuthRuntimeConfig
- java.lang.Object
-
- io.quarkus.vertx.http.runtime.FormAuthRuntimeConfig
-
public class FormAuthRuntimeConfig extends Object
config for the form authentication mechanism
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static classFormAuthRuntimeConfig.CookieSameSiteSameSite attribute values for the session and location cookies.
-
Field Summary
Fields Modifier and Type Field Description StringcookieNameThe cookie that is used to store the persistent sessionOptional<String>cookiePathThe cookie path for the session and location cookies.FormAuthRuntimeConfig.CookieSameSitecookieSameSiteSameSite attribute for the session and location cookies.Optional<String>errorPageThe error page.booleanhttpOnlyCookieSet the HttpOnly attribute to prevent access to the cookie via JavaScript.Optional<String>landingPageThe landing page to redirect to if there is no saved page to redirect back to.StringlocationCookieOption to control the name of the cookie used to redirect the user back to where he wants to get access to.Optional<String>loginPageThe login page.DurationnewCookieIntervalHow old a cookie can get before it will be replaced with a new cookie with an updated timeout, also referred to as "renewal-timeout".StringpasswordParameterThe password field name.booleanredirectAfterLoginDeprecated.redirect to landingPage can be disabled by removing default landing page (via `quarkus.http.auth.form.landing-page=`).DurationtimeoutThe inactivity (idle) timeout When inactivity timeout is reached, cookie is not renewed and a new login is enforced.StringusernameParameterThe username field name.
-
Constructor Summary
Constructors Constructor Description FormAuthRuntimeConfig()
-
-
-
Field Detail
-
loginPage
@ConfigItem(defaultValue="/login.html") public Optional<String> loginPage
The login page. Redirect to login page can be disabled by setting `quarkus.http.auth.form.login-page=`.
-
usernameParameter
@ConfigItem(defaultValue="j_username") public String usernameParameter
The username field name.
-
passwordParameter
@ConfigItem(defaultValue="j_password") public String passwordParameter
The password field name.
-
errorPage
@ConfigItem(defaultValue="/error.html") public Optional<String> errorPage
The error page. Redirect to error page can be disabled by setting `quarkus.http.auth.form.error-page=`.
-
landingPage
@ConfigItem(defaultValue="/index.html") public Optional<String> landingPage
The landing page to redirect to if there is no saved page to redirect back to. Redirect to landing page can be disabled by setting `quarkus.http.auth.form.landing-page=`.
-
redirectAfterLogin
@ConfigItem(defaultValue="true") @Deprecated public boolean redirectAfterLogin
Deprecated.redirect to landingPage can be disabled by removing default landing page (via `quarkus.http.auth.form.landing-page=`). Quarkus will ignore this configuration property if there is no landing page.Option to disable redirect to landingPage if there is no saved page to redirect back to. Form Auth POST is followed by redirect to landingPage by default.
-
locationCookie
@ConfigItem(defaultValue="quarkus-redirect-location") public String locationCookie
Option to control the name of the cookie used to redirect the user back to where he wants to get access to.
-
timeout
@ConfigItem(defaultValue="PT30M") public Duration timeout
The inactivity (idle) timeout When inactivity timeout is reached, cookie is not renewed and a new login is enforced.
-
newCookieInterval
@ConfigItem(defaultValue="PT1M") public Duration newCookieInterval
How old a cookie can get before it will be replaced with a new cookie with an updated timeout, also referred to as "renewal-timeout". Note that smaller values will result in slightly more server load (as new encrypted cookies will be generated more often), however larger values affect the inactivity timeout as the timeout is set when a cookie is generated. For example if this is set to 10 minutes, and the inactivity timeout is 30m, if a users last request is when the cookie is 9m old then the actual timeout will happen 21m after the last request, as the timeout is only refreshed when a new cookie is generated. In other words no timeout is tracked on the server side; the timestamp is encoded and encrypted in the cookie itself, and it is decrypted and parsed with each request.
-
cookieName
@ConfigItem(defaultValue="quarkus-credential") public String cookieName
The cookie that is used to store the persistent session
-
cookiePath
@ConfigItem(defaultValue="/") public Optional<String> cookiePath
The cookie path for the session and location cookies.
-
httpOnlyCookie
@ConfigItem(defaultValue="false") public boolean httpOnlyCookie
Set the HttpOnly attribute to prevent access to the cookie via JavaScript.
-
cookieSameSite
@ConfigItem(defaultValue="strict") public FormAuthRuntimeConfig.CookieSameSite cookieSameSite
SameSite attribute for the session and location cookies.
-
-