Authenticators
CookieAuthenticator
To configure the CookieAuthenticator
service you must use the CookieAuthenticatorSettings
class. This class has the following form:
case class CookieAuthenticatorSettings(
cookieName: String = "id",
cookiePath: String = "/",
cookieDomain: Option[String] = None,
secureCookie: Boolean = Play.isProd,
httpOnlyCookie: Boolean = true,
useFingerprinting: Boolean = true,
cookieMaxAge: Option[Int] = Some(12 * 60 * 60),
authenticatorIdleTimeout: Option[Int] = Some(30 * 60),
authenticatorExpiry: Int = 12 * 60 * 60)
Property | Description |
---|---|
| The cookie name |
| The cookie path |
| The cookie domain |
| Whether this cookie is secured, sent only for HTTPS requests. Default to sending only for HTTPS in production, but not for development and test |
| Whether this cookie is HTTP only, i.e. not accessible from client-side JavaScript code |
| Indicates if a fingerprint of the user should be stored in the authenticator |
| The cookie expiration date in seconds, |
| The time in seconds an authenticator can be idle before it timed out. Defaults to 30 minutes |
| The expiry of the authenticator in seconds. Defaults to 12 hours |
SessionAuthenticator
To configure the SessionAuthenticator
service you must use the SessionAuthenticatorSettings
class. This class has the following form:
case class SessionAuthenticatorSettings(
sessionKey: String = "authenticator",
encryptAuthenticator: Boolean = true,
useFingerprinting: Boolean = true,
authenticatorIdleTimeout: Option[Int] = Some(30 * 60),
authenticatorExpiry: Int = 12 * 60 * 60)
Property | Description |
---|---|
| The key of the authenticator in the session |
| Indicates if the authenticator should be encrypted in session |
| Indicates if a fingerprint of the user should be stored in the |
| The time in seconds an authenticator can be idle before it timed out. Defaults to 30 minutes |
| The expiry of the authenticator in seconds. Defaults to 12 hours |
BearerTokenAuthenticator
To configure the BearerTokenAuthenticator
service you must use the BearerTokenAuthenticatorSettings
class. This class has the following form:
case class BearerTokenAuthenticatorSettings(
headerName: String = "X-Auth-Token",
authenticatorIdleTimeout: Option[Int] = Some(30 * 60),
authenticatorExpiry: Int = 12 * 60 * 60)
Property | Description |
---|---|
| The name of the header in which the token will be transfered |
| The time in seconds an authenticator can be idle before it timed out. Defaults to 30 minutes |
| The expiry of the authenticator in seconds. Defaults to 12 hours |
JWTAuthenticator
To configure the JWTAuthenticator
service you must use the JWTAuthenticatorSettings
class. This class has the following form:
case class JWTAuthenticatorSettings(
headerName: String = "X-Auth-Token",
issuerClaim: String = "play-silhouette",
encryptSubject: Boolean = true,
authenticatorIdleTimeout: Option[Int] = None,
authenticatorExpiry: Int = 12 * 60 * 60,
sharedSecret: String)
Property | Description |
---|---|
| The name of the header in which the token will be transfered |
| The issuer claim identifies the principal that issued the JWT |
| Indicates if the subject should be encrypted in JWT |
| The time in seconds an authenticator can be idle before it timed out. This feature is disabled by default to prevent the generation of a new JWT on every request |
| The expiry of the authenticator in seconds. Defaults to 12 hours |
| The shared secret to sign the JWT |
Updated 2 months ago