io.helidon.security.providers.httpauth.HttpDigestAuthProvider
Description
Http digest authentication security provider
Configuration options
| Key | Type | Default | Description |
|---|---|---|---|
qop | Qop | NONE | Only `AUTH` supported. If left empty, uses the legacy approach (older RFC version). `AUTH-INT` is not supported |
server-secret | List<String> | The nonce is encrypted using this secret - to make sure the nonce we get back was generated by us and to make sure we can safely time-out nonce values | |
optional | Boolean | false | Whether authentication is required |
realm | String | Helidon | Set the realm to use when challenging users |
nonce-timeout-millis | Long | 86400000 | How long will the nonce value be valid. When timed-out, browser will re-request username/password |
principal-type | SubjectType | USER | Principal type this provider extracts (and also propagates) |
users | List<ConfigUser> | Set user store to obtain passwords and roles based on logins | |
algorithm | Algorithm | MD5 | Digest algorithm to use |
Usages
See the manifest for all available types.