- Security (security) Configuration
Configuration of security providers, integration and other security options
Type: io.helidon.security.Security
This is a standalone configuration type, prefix from configuration root:
security
Configuration options
| key | type | default value | description |
|---|---|---|---|
providers | io.helidon.security.spi.SecurityProvider[] (service provider interface) Such as: | Add a provider, works as #addProvider(io.helidon.security.spi.SecurityProvider, String), where the name is set to |
| key | type | default value | description |
|---|---|---|---|
default-authentication-provider | string (service provider interface) | ID of the default authentication provider | |
default-authorization-provider | string | ID of the default authorization provider | |
enabled | boolean | true | Security can be disabled using configuration, or explicitly. By default, security instance is enabled. Disabled security instance will not perform any checks and allow all requests. |
environment.executor-service | Configure executor service to be used for blocking operations within security. | ||
environment.server-time | Server time to use when evaluating security policies that depend on time. | ||
provider-policy.class-name | Class | Provider selection policy class name, only used when type is set to CLASS | |
provider-policy.type | ProviderSelectionPolicyType (FIRST, COMPOSITE, CLASS) | FIRST | Type of the policy. |
secrets | Map<string, string> (documented for specific cases) | Configured secrets | |
secrets.*.config | io.helidon.security.SecretsProviderConfig (service provider interface) | Configuration specific to the secret provider | |
secrets.*.name | string | Name of the secret, used for lookup | |
secrets.*.provider | string | Name of the secret provider | |
tracing.enabled | boolean | true | Whether or not tracing should be enabled. If set to false, security tracer will be a no-op tracer. |