Packages

p

refuel

saml

package saml

Ordering
  1. Alphabetic
Visibility
  1. Public
  2. All

Type Members

  1. class AuthnSAMLBuilder extends AutoInject 

    class Controller(securityBuilder: AuthnSecrityBuilder) {
  securityBuilder.build(samlConfig, )
}
  2. case class SAMLAuthConfig(keystorePath: String, keystorePassword: String, privateKeyPassword: String, idpMetadataPath: String, spMetadataPath: Option[String], authnRequestBindingType: String = ..., callbackurl: String, sessionCookieName: String = Pac4jConstants.SESSION_ID, lifetimeSeconds: Long = 86400 * 3, cookiePath: String = Pac4jConstants.DEFAULT_URL_VALUE, cookieSecure: Option[Boolean] = Some(true), cookieDomain: Option[String] = None, cookieExtension: Option[String] = Some("SameSite=None"), forceRedirectScheme: Option[String] = Some("https"), csrfTokenKey: String = Pac4jConstants.CSRF_TOKEN) extends Product with Serializable

    By default, it injects the configuration model with application.conf loaded.

    By default, it injects the configuration model with application.conf loaded.

    keystorePath

    SAML keystore path

    keystorePassword

    SAML keystore password

    privateKeyPassword

    Private key password

    idpMetadataPath

    Identity provider metadata file

    spMetadataPath

    Service provider metadata file

    authnRequestBindingType

    AuthnRequest binding type

    callbackurl

    SAML callback url

    sessionCookieName

    SESSION cookie name

    lifetimeSeconds

    Cookie lifetime seconds.

    cookiePath

    Cookie path

    cookieSecure

    Cookie secure mode. If not specified, check if the request uri scheme is https. In the case of SSL L4 termination, the client may not have the Secure attribute even though it is supposed to be communicating over SSL. Therefore, set True when enforcing Secure

    cookieDomain

    Cookie domain

    cookieExtension

    Cookie extension. For use with the REST API, the SameSite=None; attribute and https communication are mandatory..

    forceRedirectScheme

    For SSL L4 termination, to prevent that when the web app receives a request via http, the redirect URI is also http. Basically, https is required because SameSite=None; is required, but it is optional because you may test with http for verification.

    csrfTokenKey

    CSRF token cookie name

Value Members

  1. object SAMLAuthConfig extends Serializable

Ungrouped