These docs are for v2.0. Click to read the latest docs for v7.0.

Authenticators

CookieAuthenticator

To configure the CookieAuthenticator service you must use the CookieAuthenticatorSettings class. This class has the following form:

case class CookieAuthenticatorSettings(
  cookieName: String = "id",
  cookiePath: String = "/",
  cookieDomain: Option[String] = None,
  secureCookie: Boolean = Play.isProd,
  httpOnlyCookie: Boolean = true,
  useFingerprinting: Boolean = true,
  cookieMaxAge: Option[Int] = Some(12 * 60 * 60),
  authenticatorIdleTimeout: Option[Int] = Some(30 * 60),
  authenticatorExpiry: Int = 12 * 60 * 60)

Property

Description

cookieName

The cookie name

cookiePath

The cookie path

cookieDomain

The cookie domain

secureCookie

Whether this cookie is secured, sent only for HTTPS requests. Default to sending only for HTTPS in production, but not for development and test

httpOnlyCookie

Whether this cookie is HTTP only, i.e. not accessible from client-side JavaScript code

useFingerprinting

Indicates if a fingerprint of the user should be stored in the authenticator

cookieMaxAge

The cookie expiration date in seconds, None for a transient cookie. Defaults to 12 hours

authenticatorIdleTimeout

The time in seconds an authenticator can be idle before it timed out. Defaults to 30 minutes

authenticatorExpiry

The expiry of the authenticator in seconds. Defaults to 12 hours

SessionAuthenticator

To configure the SessionAuthenticator service you must use the SessionAuthenticatorSettings class. This class has the following form:

case class SessionAuthenticatorSettings(
  sessionKey: String = "authenticator",
  encryptAuthenticator: Boolean = true,
  useFingerprinting: Boolean = true,
  authenticatorIdleTimeout: Option[Int] = Some(30 * 60),
  authenticatorExpiry: Int = 12 * 60 * 60)

Property

Description

sessionKey

The key of the authenticator in the session

encryptAuthenticator

Indicates if the authenticator should be encrypted in session

useFingerprinting

Indicates if a fingerprint of the user should be stored in the

authenticatorIdleTimeout

The time in seconds an authenticator can be idle before it timed out. Defaults to 30 minutes

authenticatorExpiry

The expiry of the authenticator in seconds. Defaults to 12 hours

BearerTokenAuthenticator

To configure the BearerTokenAuthenticator service you must use the BearerTokenAuthenticatorSettings class. This class has the following form:

case class BearerTokenAuthenticatorSettings(
  headerName: String = "X-Auth-Token",
  authenticatorIdleTimeout: Option[Int] = Some(30 * 60),
  authenticatorExpiry: Int = 12 * 60 * 60)

Property

Description

headerName

The name of the header in which the token will be transfered

authenticatorIdleTimeout

The time in seconds an authenticator can be idle before it timed out. Defaults to 30 minutes

authenticatorExpiry

The expiry of the authenticator in seconds. Defaults to 12 hours

JWTAuthenticator

To configure the JWTAuthenticator service you must use the JWTAuthenticatorSettings
class. This class has the following form:

case class JWTAuthenticatorSettings(
  headerName: String = "X-Auth-Token",
  issuerClaim: String = "play-silhouette",
  encryptSubject: Boolean = true,
  authenticatorIdleTimeout: Option[Int] = None,
  authenticatorExpiry: Int = 12 * 60 * 60,
  sharedSecret: String)

Property

Description

headerName

The name of the header in which the token will be transfered

issuerClaim

The issuer claim identifies the principal that issued the JWT

encryptSubject

Indicates if the subject should be encrypted in JWT

authenticatorIdleTimeout

The time in seconds an authenticator can be idle before it timed out. This feature is disabled by default to prevent the generation of a new JWT on every request

authenticatorExpiry

The expiry of the authenticator in seconds. Defaults to 12 hours

sharedSecret

The shared secret to sign the JWT