Configuration Reference
Version:4.12.0-SNAPSHOT
Micronaut Security Config Properties
🔗Property | Type | Description |
---|---|---|
|
java.util.Set |
Supported content types for POST endpoints. Default Value application/json and application/x-www-form-urlencoded |
|
boolean |
Whether the controller is enabled. |
|
java.lang.String |
Sets the path to map the {@link OauthController} to. Default value ("/oauth/access_token"). |
|
boolean |
Property | Type | Description |
---|---|---|
|
boolean |
Set whether to enable bearer token authentication. Default value true. |
|
java.lang.String |
Sets the prefix to use for the auth token. Default value Bearer. |
|
java.lang.String |
Sets the header name to use. Default value Authorization. |
Property | Type | Description |
---|---|---|
|
java.lang.String |
Where the user is redirected to after trying to access a secured route which he is forbidden to access. Default value ("/"). |
|
boolean |
Whether it should redirect on forbidden rejections. Default value (true). |
Property | Type | Description |
---|---|---|
|
java.lang.String |
|
|
java.lang.Boolean |
|
|
java.lang.Boolean |
|
|
java.time.Duration |
|
|
Sets the same-site setting of the cookie. Default value null. Value is case sensitive. Allowed values: |
|
|
boolean |
|
|
java.lang.String |
|
|
java.lang.String |
Property | Type | Description |
---|---|---|
|
boolean |
Enables the {@link BasicAuthAuthenticationFetcher}. Default value true. |
Property | Type | Description |
---|---|---|
|
java.lang.String |
Where the user is redirected to after a successful login. Default value ("/"). |
|
java.lang.String |
Where the user is redirected to after a failed login. Default value ("/"). |
|
java.lang.String |
URL where the user is redirected after logout. Default value ("/"). |
|
boolean |
If true, the user should be redirected back to the unauthorized request that initiated the login flow. Supersedes the <code>login-success</code> configuration for those cases. Default value false. |
|
boolean |
Sets whether Redirection configuration enabled. Default value (true). |
Property | Type | Description |
---|---|---|
|
java.lang.String |
Where the user is redirected to after trying to access a secured route. Default value ("/"). |
|
boolean |
Whether it should redirect on unauthorized rejections. Default value (true). |
Property | Type | Description |
---|---|---|
|
java.lang.String |
Set the Subject DN regex. Default value "CN=(.*?)(?:, |
$)". |
|
boolean |
Property | Type | Description |
---|---|---|
|
java.lang.String |
|
|
java.lang.String |
|
|
java.util.regex.Pattern |
|
|
java.util.regex.Pattern |
|
|
boolean |
Enables TokenPropagationHttpClientFilter. Default value false |
|
java.lang.String |
Property | Type | Description |
---|---|---|
|
boolean |
Sets whether the configuration is enabled. Default value true. |
|
java.lang.String |
|
|
java.lang.String |
|
|
java.lang.String |
If the entry used for the roles in the Authentication attributes map is a String, you can use the separator to split its value into multiple roles. Default value DEFAULT_ROLES_SEPARATOR. |
Property | Type | Description |
---|---|---|
|
boolean |
|
|
java.lang.String |
Path to the IntrospectionController. Default value "/token_info" |
Property | Type | Description |
---|---|---|
|
java.lang.String |
Where the user is redirected to after trying to access a secured route which he is forbidden to access. Default value ("/"). |
|
boolean |
Whether it should redirect on forbidden rejections. Default value (true). |
Property | Type | Description |
---|---|---|
|
java.util.Set |
Supported content types for POST endpoints. Default Value application/json and application/x-www-form-urlencoded |
|
boolean |
Whether the controller is enabled. |
|
java.lang.String |
Path to the LogoutController. Default value "/logout". |
|
boolean |
Property | Type | Description |
---|---|---|
|
java.lang.String |
|
|
java.lang.Boolean |
|
|
java.lang.Boolean |
|
|
java.time.Duration |
|
|
Sets the same-site setting of the cookie. Default value null. Value is case sensitive. Allowed values: |
|
|
boolean |
Whether JWT cookie configuration is enabled. Default value (true). |
|
java.lang.String |
Cookie Name. Default value ("JWT"). |
|
java.lang.String |
The path of the cookie. Default value ("/"). |
Property | Type | Description |
---|---|---|
|
boolean |
Enable HttpHeaderTokenPropagator. Default value (true). |
|
java.lang.String |
|
|
java.lang.String |
Property | Type | Description |
---|---|---|
|
java.lang.Integer |
Access token expiration. Default value (3600). |
Property | Type | Description |
---|---|---|
|
boolean |
|
|
java.lang.String |
Pattern the {@link SecurityFilter} should match. Default value |
Property | Type | Description |
---|---|---|
|
java.util.Set |
Supported content types for POST endpoints. Default Value application/json and application/x-www-form-urlencoded |
|
boolean |
Whether the controller is enabled. |
|
java.lang.String |
Path to the controller. |
Property | Type | Description |
---|---|---|
|
Defines which authentication to use. Defaults to null. Possible values bearer, session, cookie, idtoken. Should only be supplied if the service handles login and logout requests. |
|
|
boolean |
If Security is enabled. Default value true |
|
java.util.List |
Map that defines the interception patterns. |
|
java.util.List |
Allowed IP patterns. Default value (["0.0.0.0"]) |
|
boolean |
Whether the intercept URL patterns should be prepended with context path if defined. Defaults to true. |
|
Determines how authentication providers should be processed. Default value ANY. Possible values: ANY or ALL. |
|
|
boolean |
Whether the server should respond with 401 for requests that do not match any routes on the server, if you set it to false, it will return 404 for requests that do not match any routes on the server. Default value (true). |
Micronaut Security Csrf Config Properties
🔗Property | Type | Description |
---|---|---|
|
java.util.Set |
Filter will only process requests whose method matches any of these methods. Default Value is POST, PUT, DELETE, PATCH. |
|
java.util.Set |
Filter will only process requests whose content type matches any of these content types. Default Value is application/x-www-form-urlencoded, multipart/form-data. |
|
boolean |
Whether the filter is enabled. Default value true. |
|
java.lang.String |
CSRF filter processes only request paths matching this regular expression. Default Value: "^.*$" |
Property | Type | Description |
---|---|---|
|
java.lang.String |
The Secret Key that is used to calculate an HMAC as part of a CSRF token generation. Default Value |
|
java.lang.String |
Key to look for the CSRF token in an HTTP Session. Default Value: "csrfToken". |
|
int |
Random value’s size in bytes. The random value used is used to build a CSRF Token. Default Value: 16. |
|
java.lang.String |
HTTP Header name to look for the CSRF token. Default Value: "X-CSRF-TOKEN". |
|
java.lang.String |
Field name in a form url encoded submission to look for the CSRF token. Default Value: "csrfToken". |
|
boolean |
Whether the CSRF integration is enabled. Default value true. |
|
java.lang.String |
Sets the domain name of this Cookie. Default value (null). |
|
java.lang.Boolean |
Sets whether the cookie is secured. Defaults to the secure status of the request. |
|
java.lang.String |
Cookie Name. |
|
java.lang.String |
Sets the path of the cookie. Default value ("/"). |
|
java.lang.Boolean |
Whether the Cookie can only be accessed via HTTP. Default value (true). |
|
java.time.Duration |
Sets the maximum age of the cookie. Default value ({@value AccessTokenConfigurationProperties#DEFAULT_EXPIRATION} seconds). |
|
Cookie Same Site Configuration. It defaults to Strict. |
Micronaut Security Jwt Config Properties
🔗Property | Type | Description |
---|---|---|
|
java.lang.String |
|
|
com.nimbusds.jose.JWEAlgorithm |
|
|
com.nimbusds.jose.EncryptionMethod |
Property | Type | Description |
---|---|---|
|
boolean |
Sets whether SignedRefreshTokenGenerator is enabled. Default value (true). |
|
com.nimbusds.jose.JWSAlgorithm |
{@link com.nimbusds.jose.JWSAlgorithm}. Defaults to HS256 |
|
java.lang.String |
shared secret. For HS256 must be at least 256 bits. |
|
boolean |
Indicates whether the supplied secret is base64 encoded. Default value false. |
Property | Type | Description |
---|---|---|
|
java.lang.String |
A path either starting with |
Property | Type | Description |
---|---|---|
|
java.lang.String |
Whether the iss claim should be validated to ensure it matches this value. It defaults to null, thus it is not validated. |
|
java.lang.String |
Whether the aud claim should be validated to ensure it matches this value. It defaults to null, thus it is not validated. |
|
boolean |
Whether the JWT subject claim should be validated to ensure it is not null. Default value true. |
|
boolean |
|
|
boolean |
Whether the expiration date of the JWT should be validated. Default value true. |
|
boolean |
Whether the nonce claim should be validated when a nonce was present. Default value true. |
|
boolean |
Whether |
Property | Type | Description |
---|---|---|
|
java.lang.Integer |
|
|
java.lang.String |
|
|
com.nimbusds.jose.jwk.KeyType |
Property | Type | Description |
---|---|---|
|
boolean |
Whether the bean {@link NimbusReactiveJsonWebTokenValidator} is enabled. Default value true. |
|
boolean |
Whether the bean {@link NimbusJsonWebTokenValidator} is enabled. Default value true. |
|
boolean |
Whether {@link NimbusReactiveJsonWebTokenValidator} should subscribe on a scheduler created with the blocking task executor. Default value false. |
Property | Type | Description |
---|---|---|
|
boolean |
Sets whether JWT security is enabled. Default value (true). |
Property | Type | Description |
---|---|---|
|
com.nimbusds.jose.JWSAlgorithm |
|
|
java.lang.String |
|
|
boolean |
Property | Type | Description |
---|---|---|
|
boolean |
|
|
java.lang.String |
Path to the KeysController. Default value "/keys". |
Micronaut Security Ldap Config Properties
🔗Property | Type | Description |
---|---|---|
|
boolean |
|
|
java.lang.String |
|
|
java.lang.String |
|
|
java.lang.String |
|
|
boolean |
Sets if group search is enabled. Default false |
|
java.lang.String |
The argument to pass to the search filter. |
Property | Type | Description |
---|---|---|
|
boolean |
Sets whether this configuration is enabled. Default true. |
Property | Type | Description |
---|---|---|
|
boolean |
|
|
java.lang.String |
|
|
java.lang.String |
|
|
java.lang.String |
Property | Type | Description |
---|---|---|
|
java.lang.String |
|
|
java.lang.String |
|
|
java.lang.String |
|
|
java.lang.String |
|
|
java.util.Map |
Micronaut Security Oauth2 Config Properties
🔗Property | Type | Description |
---|---|---|
|
java.lang.String |
The endpoint URL |
Property | Type | Description |
---|---|---|
|
java.lang.String |
The endpoint URL |
Property | Type | Description |
---|---|---|
|
java.net.URL |
URL using the https scheme with no query or fragment component that the Open ID provider asserts as its issuer identifier. |
|
java.lang.String |
The configuration path to discover openid configuration. Default ("/.well-known/openid-configuration"). |
|
java.lang.String |
The JWKS signature URI. |
Property | Type | Description |
---|---|---|
|
java.lang.String |
The URI used to log out of an OpenID provider. Default value ("/oauth/logout"). |
Property | Type | Description |
---|---|---|
|
java.lang.String |
Sets the domain name of this Cookie. Default value (null). |
|
java.lang.Boolean |
Sets whether the cookie is secured. Defaults to the secure status of the request. |
|
java.lang.String |
Cookie Name. Default value |
|
java.lang.String |
Sets the path of the cookie. Default value ("/"). |
|
java.lang.Boolean |
Whether the Cookie can only be accessed via HTTP. Default value (true). |
|
java.time.Duration |
Sets the maximum age of the cookie. Default value (5 minutes). |
Property | Type | Description |
---|---|---|
|
java.lang.String |
Sets the domain name of this Cookie. Default value (null). |
|
java.lang.Boolean |
Sets whether the cookie is secured. Defaults to the secure status of the request. |
|
java.lang.String |
Cookie Name. Default value |
|
java.lang.String |
Sets the path of the cookie. Default value ("/"). |
|
java.lang.Boolean |
Whether the Cookie can only be accessed via HTTP. Default value (true). |
|
java.time.Duration |
Sets the maximum age of the cookie. Default value (5 minutes). |
Property | Type | Description |
---|---|---|
|
java.lang.String |
The endpoint URL |
|
boolean |
The end session enabled flag. Default value (true). |
Property | Type | Description |
---|---|---|
|
java.lang.String |
|
|
java.lang.String |
|
|
java.time.Duration |
Number of seconds for a token obtained via client credentials grant to be considered expired prior to its expiration date. Default value (30 seconds). |
|
java.lang.String |
Scope to be requested in the client credentials request. Defaults to none. |
|
boolean |
Enables ClientCredentialsClient. Default value true |
|
java.util.Map |
Property | Type | Description |
---|---|---|
|
java.lang.String |
The URI the OpenID provider should redirect to after logging out. Default value ("/logout"). |
Property | Type | Description |
---|---|---|
|
boolean |
Set to true if the original JWT from the provider should be included in the Micronaut JWT. Default value (false). |
|
boolean |
Set to true if the original access token from the provider should be included in the Micronaut JWT. Default value (false). |
|
boolean |
Set to true if the original refresh token from the provider should be included in the Micronaut JWT. Default value (false). |
Property | Type | Description |
---|---|---|
|
java.lang.String |
The endpoint URL |
|
Determines the authorization processing flow to be used. Default value (code). |
|
|
java.lang.String |
Mechanism to be used for returning authorization response parameters from the authorization endpoint. |
|
Controls how the authentication interface is displayed. |
|
|
Controls how the authentication server prompts the user. |
|
|
java.lang.Integer |
Maximum authentication age. |
|
java.util.List |
Preferred locales for authentication. |
|
java.util.List |
Authentication class reference values. |
|
java.lang.String |
Code Challenge Method to use for PKCE. |
Property | Type | Description |
---|---|---|
|
java.lang.String |
The endpoint URL |
|
||
|
java.lang.String |
Authentication Method |
Property | Type | Description |
---|---|---|
|
java.lang.String |
Sets the mechanism to persist the state for later retrieval for validation. Supported values ("session", "cookie"). Default value ("cookie"). |
|
boolean |
Sets whether a state parameter will be sent. Default (true). |
Property | Type | Description |
---|---|---|
|
java.lang.String |
The endpoint URL |
|
||
|
java.lang.String |
Authentication Method |
Property | Type | Description |
---|---|---|
|
java.lang.String |
Sets the mechanism to persist the nonce for later retrieval for validation. Supported values ("session", "cookie"). Default value ("cookie"). |
|
boolean |
Sets whether a nonce parameter will be sent. Default (true). |
Property | Type | Description |
---|---|---|
|
int |
entropy (in bytes) used for the code verifier generation. Default value 64. |
|
java.lang.String |
Sets the mechanism to persist the state for later retrieval for validation. Supported values ("session", "cookie"). Default value (PERSISTENCE_COOKIE). |
|
boolean |
Sets whether a state parameter will be sent. Default (true). |
Property | Type | Description |
---|---|---|
|
boolean |
Whether IssuerClaimValidator is enabled. Default value (true). |
|
boolean |
Whether AudienceClaimValidator is enabled. Default value (true). |
|
boolean |
Whether AuthorizedPartyClaimValidator is enabled. Default value (true). |
Property | Type | Description |
---|---|---|
|
boolean |
Sets whether the OAuth 2.0 support is enabled. Default value (true). |
|
java.lang.String |
The URI template that is used to initiate an OAuth 2.0 authorization code grant flow. Default value ("/oauth/login{/provider}"). |
|
java.lang.String |
The URI template that OAuth 2.0 providers can use to submit an authorization callback request. Default value ("/oauth/callback{/provider}"). |
|
java.lang.String |
The default authentication provider for an OAuth 2.0 authorization code grant flow. |
Property | Type | Description |
---|---|---|
|
java.lang.String |
The endpoint URL |
|
java.lang.String |
Code Challenge Method to use for PKCE. |
Property | Type | Description |
---|---|---|
|
java.lang.String |
The endpoint URL |
|
||
|
java.lang.String |
Authentication Method |
Property | Type | Description |
---|---|---|
|
boolean |
Enable {@link ClientCredentialsHeaderTokenPropagatorConfiguration}. Default value (true). |
|
java.lang.String |
|
|
java.lang.String |
Property | Type | Description |
---|---|---|
|
java.lang.String |
The endpoint URL |
|
||
|
java.lang.String |
Authentication Method |
|
The content type of token endpoint requests. Default value (application/x-www-form-urlencoded). |
Property | Type | Description |
---|---|---|
|
java.lang.String |
Sets the domain name of this Cookie. Default value (null). |
|
java.lang.Boolean |
Sets whether the cookie is secured. Defaults to the secure status of the request. |
|
java.lang.String |
Cookie Name. Default value |
|
java.lang.String |
Sets the path of the cookie. Default value ("/"). |
|
java.lang.Boolean |
Whether the Cookie can only be accessed via HTTP. Default value (true). |
|
java.time.Duration |
Sets the maximum age of the cookie. Default value (5 minutes). |
Property | Type | Description |
---|---|---|
|
java.lang.String |
OAuth 2.0 client id. |
|
java.lang.String |
OAuth 2.0 client secret. |
|
boolean |
Sets whether the client is enabled. Default value (true). |
|
java.util.List |
Requested scopes. If not specified for OAuth 2.0 clients using OpenID Connect it defaults to |
|
OAuth 2.0 grant type. Default value (authorization_code). |
Micronaut Security Session Config Properties
🔗Property | Type | Description |
---|---|---|
|
boolean |
Sets whether the session config is enabled. Default value (true). |