Package io.quarkus.vertx.http.runtime

Class FormAuthConfig

  • public class FormAuthConfig
extends Object
    config for the form authentication mechanism

    • Field Detail

      • enabled

        @ConfigItem
public boolean enabled
        If form authentication is enabled.

      • loginPage

        @ConfigItem(defaultValue="/login.html")
public Optional<String> loginPage
        The login page. Redirect to login page can be disabled by setting `quarkus.http.auth.form.login-page=`.

      • errorPage

        @ConfigItem(defaultValue="/error.html")
public Optional<String> errorPage
        The error page. Redirect to error page can be disabled by setting `quarkus.http.auth.form.error-page=`.

      • landingPage

        @ConfigItem(defaultValue="/index.html")
public Optional<String> landingPage
        The landing page to redirect to if there is no saved page to redirect back to. Redirect to landing page can be disabled by setting `quarkus.http.auth.form.landing-page=`.

      • redirectAfterLogin

        @ConfigItem(defaultValue="true")
@Deprecated
public boolean redirectAfterLogin
        Deprecated.
        redirect to landingPage can be disabled by removing default landing page (via `quarkus.http.auth.form.landing-page=`). Quarkus will ignore this configuration property if there is no landing page.
        Option to disable redirect to landingPage if there is no saved page to redirect back to. Form Auth POST is followed by redirect to landingPage by default.

      • locationCookie

        @ConfigItem(defaultValue="quarkus-redirect-location")
public String locationCookie
        Option to control the name of the cookie used to redirect the user back to where he wants to get access to.

      • timeout

        @ConfigItem(defaultValue="PT30M")
public Duration timeout
        The inactivity (idle) timeout When inactivity timeout is reached, cookie is not renewed and a new login is enforced.

      • newCookieInterval

        @ConfigItem(defaultValue="PT1M")
public Duration newCookieInterval
        How old a cookie can get before it will be replaced with a new cookie with an updated timeout, also referred to as "renewal-timeout". Note that smaller values will result in slightly more server load (as new encrypted cookies will be generated more often), however larger values affect the inactivity timeout as the timeout is set when a cookie is generated. For example if this is set to 10 minutes, and the inactivity timeout is 30m, if a users last request is when the cookie is 9m old then the actual timeout will happen 21m after the last request, as the timeout is only refreshed when a new cookie is generated. In other words no timeout is tracked on the server side; the timestamp is encoded and encrypted in the cookie itself, and it is decrypted and parsed with each request.

      • httpOnlyCookie

        @ConfigItem(defaultValue="false")
public boolean httpOnlyCookie
        Set the HttpOnly attribute to prevent access to the cookie via JavaScript.

    • Constructor Detail

      • FormAuthConfig

        public FormAuthConfig()