An authenticator that uses a header based approach with the help of a bearer token.
An authenticator that uses a header based approach with the help of a bearer token. It works by transporting a token in a user defined header to track the authenticated user and a server side backing store that maps the token to an authenticator instance.
The authenticator can use sliding window expiration. This means that the authenticator times out after a certain time if it wasn't used. This can be controlled with the idleTimeout property.
Note: If deploying to multiple nodes the backing store will need to synchronize.
The authenticator ID.
The linked login info for an identity.
The last used timestamp.
The expiration time.
The time in seconds an authenticator can be idle before it timed out.
The service that handles the bearer token authenticator.
The settings for the bearer token authenticator.
The settings for the bearer token authenticator.
The name of the header in which the token will be transfered.
The time in seconds an authenticator can be idle before it timed out. Defaults to 30 minutes.
The expiry of the authenticator in seconds. Defaults to 12 hours.
An authenticator that uses a cookie based approach.
An authenticator that uses a cookie based approach. It works by storing an ID in a cookie to track the authenticated user and a server side backing store that maps the ID to an authenticator instance.
The authenticator can use sliding window expiration. This means that the authenticator times out after a certain time if it wasn't used. This can be controlled with the idleTimeout property.
Note: If deploying to multiple nodes the backing store will need to synchronize.
The authenticator ID.
The linked login info for an identity.
The last used timestamp.
The expiration time.
The time in seconds an authenticator can be idle before it timed out.
Maybe a fingerprint of the user.
The service that handles the cookie authenticator.
The settings for the cookie authenticator.
The settings for the cookie authenticator.
The cookie name.
The cookie path.
The cookie domain.
Whether this cookie is secured, sent only for HTTPS requests.
Whether this cookie is HTTP only, i.e. not accessible from client-side JavaScript code.
Indicates if a fingerprint of the user should be stored in the authenticator.
The cookie expiration date in seconds, None
for a transient cookie. Defaults to 12 hours.
The time in seconds an authenticator can be idle before it timed out. Defaults to 30 minutes.
The expiry of the authenticator in minutes. Defaults to 12 hours.
An authenticator that can be used if a client doesn't need an authenticator to track a user.
An authenticator that can be used if a client doesn't need an authenticator to track a user. This can be useful for request providers, because authentication may occur here on every request to a protected resource.
The linked login info for an identity.
The service that handles the dummy token authenticator.
An authenticator that uses a header based approach with the help of a JWT.
An authenticator that uses a header based approach with the help of a JWT. It works by using a JWT to transport the authenticator data inside a user defined header. It can be stateless with the disadvantages that the JWT can't be invalidated.
The authenticator can use sliding window expiration. This means that the authenticator times out after a certain time if it wasn't used. This can be controlled with the idleTimeout property. If this feature is activated then a new token will be generated on every update. Make sure your application can handle this case.
The authenticator ID.
The linked login info for an identity.
The last used timestamp.
The expiration time.
The time in seconds an authenticator can be idle before it timed out.
Custom claims to embed into the token.
https://developer.atlassian.com/static/connect/docs/concepts/understanding-jwt.html
http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html#Claims
The service that handles the JWT authenticator.
The service that handles the JWT authenticator.
If the authenticator DAO is deactivated then a stateless approach will be used. But note that you will loose the possibility to invalidate a JWT.
The settings for the JWT authenticator.
The settings for the JWT authenticator.
The name of the header in which the token will be transferred.
The issuer claim identifies the principal that issued the JWT.
Indicates if the subject should be encrypted in JWT.
The time in seconds an authenticator can be idle before it timed out.
The expiry of the authenticator in seconds.
The shared secret to sign the JWT.
An authenticator that uses a stateless, session based approach.
An authenticator that uses a stateless, session based approach. It works by storing a serialized authenticator instance in the Play Framework session cookie.
The authenticator can use sliding window expiration. This means that the authenticator times out after a certain time if it wasn't used. This can be controlled with the idleTimeout property.
The linked login info for an identity.
The last used timestamp.
The expiration time.
The time in seconds an authenticator can be idle before it timed out.
Maybe a fingerprint of the user.
The service that handles the session authenticator.
The settings for the session authenticator.
The settings for the session authenticator.
The key of the authenticator in the session.
Indicates if the authenticator should be encrypted in session.
Indicates if a fingerprint of the user should be stored in the authenticator.
The time in seconds an authenticator can be idle before it timed out. Defaults to 30 minutes.
The expiry of the authenticator in minutes. Defaults to 12 hours.
The companion object of the authenticator service.
The companion object of the authenticator service.
The companion object of the authenticator service.
The companion object of the authenticator service.
The companion object of the authenticator.
The companion object of the authenticator service.
Reference implementations of the authenticators.