Authenticators

CookieAuthenticator

To configure the CookieAuthenticator service you must use the CookieAuthenticatorSettings class. This class has the following form:

case class CookieAuthenticatorSettings(
  cookieName: String = "id",
  cookiePath: String = "/",
  cookieDomain: Option[String] = None,
  secureCookie: Boolean = true,
  httpOnlyCookie: Boolean = true,
  encryptAuthenticator: Boolean = true,
  useFingerprinting: Boolean = true,
  cookieMaxAge: Option[FiniteDuration] = None,
  authenticatorIdleTimeout: Option[FiniteDuration] = None,
  authenticatorExpiry: FiniteDuration = 12 hours)

Property	Description
`cookieName`	The cookie name
`cookiePath`	The cookie path
`cookieDomain`	The cookie domain
`secureCookie`	Whether this cookie is secured, sent only for HTTPS requests. Note: This should be disabled for testing on localhost without SSL, otherwise cookie couldn't be set
`httpOnlyCookie`	Whether this cookie is HTTP only, i.e. not accessible from client-side JavaScript code
`encryptAuthenticator`	Indicates if the authenticator should be encrypted in the cookie
`useFingerprinting`	Indicates if a fingerprint of the user should be stored in the authenticator
`cookieMaxAge`	The duration a cookie expires. `None` for a transient cookie
`authenticatorIdleTimeout`	The duration an authenticator can be idle before it timed out
`authenticatorExpiry`	The duration an authenticator expires after it was created

Example

authenticator.cookieName = "authenticator"
authenticator.cookiePath = "/"
authenticator.secureCookie = false
authenticator.httpOnlyCookie = true
authenticator.useFingerprinting = true
authenticator.authenticatorIdleTimeout = 30 minutes
authenticator.authenticatorExpiry = 12 hours

SessionAuthenticator

To configure the SessionAuthenticator service you must use the SessionAuthenticatorSettings class. This class has the following form:

case class SessionAuthenticatorSettings(
  sessionKey: String = "authenticator",
  encryptAuthenticator: Boolean = true,
  useFingerprinting: Boolean = true,
  authenticatorIdleTimeout: Option[FiniteDuration] = None,
  authenticatorExpiry: FiniteDuration = 12 hours)

Property	Description
`sessionKey`	The key of the authenticator in the session
`encryptAuthenticator`	Indicates if the authenticator should be encrypted in session
`useFingerprinting`	Indicates if a fingerprint of the user should be stored in the
`authenticatorIdleTimeout`	The duration an authenticator can be idle before it timed out
`authenticatorExpiry`	The duration an authenticator expires after it was created

Example

authenticator.sessionKey = "authenticator"
authenticator.encryptAuthenticator = true
authenticator.useFingerprinting = true
authenticator.authenticatorIdleTimeout = 30 minutes
authenticator.authenticatorExpiry = 12 hours

BearerTokenAuthenticator

To configure the BearerTokenAuthenticator service you must use the BearerTokenAuthenticatorSettings class. This class has the following form:

case class BearerTokenAuthenticatorSettings(
  headerName: String = "X-Auth-Token",
  authenticatorIdleTimeout: Option[FiniteDuration] = None,
  authenticatorExpiry: FiniteDuration = 12 hours)

Property	Description
`headerName`	The name of the header in which the token will be transfered
`authenticatorIdleTimeout`	The duration an authenticator can be idle before it timed out
`authenticatorExpiry`	The duration an authenticator expires after it was created

Example

authenticator.headerName = "X-Auth-Token"
authenticator.authenticatorIdleTimeout = 30 minutes
authenticator.authenticatorExpiry = 12 hours

JWTAuthenticator

To configure the JWTAuthenticator service you must use the JWTAuthenticatorSettings
class. This class has the following form:

case class JWTAuthenticatorSettings(
  headerName: String = "X-Auth-Token",
  issuerClaim: String = "play-silhouette",
  encryptSubject: Boolean = true,
  authenticatorIdleTimeout: Option[FiniteDuration] = None,
  authenticatorExpiry: FiniteDuration = 12 hours,
  sharedSecret: String)

Property	Description
`headerName`	The name of the header in which the token will be transfered
`issuerClaim`	The issuer claim identifies the principal that issued the JWT
`encryptSubject`	Indicates if the subject should be encrypted in JWT
`authenticatorIdleTimeout`	The duration an authenticator can be idle before it times out
`authenticatorExpiry`	The duration an authenticator expires after it was created
`sharedSecret`	The shared secret to sign the JWT

Example

authenticator.headerName = "X-Auth-Token"
authenticator.issuerClaim = "play-angular-silhouette"
authenticator.encryptSubject = true
authenticator.authenticatorExpiry = 12 hours
authenticator.sharedSecret = "changeme"