Remove security properties
This commit is contained in:
Stephane Nicoll
parent
9e366f0fde
commit
2b2eb73cb0
|
|
@ -477,32 +477,17 @@ content into your application; rather pick only the properties that you need.
|
|||
# ----------------------------------------
|
||||
# SECURITY ({sc-spring-boot-autoconfigure}/security/SecurityProperties.{sc-ext}[SecurityProperties])
|
||||
security.basic.authorize-mode=role # Security authorize mode to apply.
|
||||
security.basic.enabled=true # Enable basic authentication.
|
||||
security.basic.path=/** # Comma-separated list of paths to secure.
|
||||
security.basic.realm=Spring # HTTP basic realm name.
|
||||
security.enable-csrf=false # Enable Cross Site Request Forgery support.
|
||||
security.filter-order=0 # Security filter chain order.
|
||||
security.filter-dispatcher-types=ASYNC,ERROR,REQUEST # Security filter chain dispatcher types.
|
||||
security.headers.cache=true # Enable cache control HTTP headers.
|
||||
security.headers.content-security-policy= # Value for content security policy header.
|
||||
security.headers.content-security-policy-mode=default # Content security policy mode.
|
||||
security.headers.content-type=true # Enable "X-Content-Type-Options" header.
|
||||
security.headers.frame=true # Enable "X-Frame-Options" header.
|
||||
security.headers.hsts=all # HTTP Strict Transport Security (HSTS) mode (none, domain, all).
|
||||
security.headers.xss=true # Enable cross site scripting (XSS) protection.
|
||||
security.ignored= # Comma-separated list of paths to exclude from the default secured paths.
|
||||
security.require-ssl=false # Enable secure channel for all requests.
|
||||
security.sessions=stateless # Session creation policy (always, never, if_required, stateless).
|
||||
security.user.name=user # Default user name.
|
||||
security.user.password= # Password for the default user name. A random password is logged on startup by default.
|
||||
security.user.role=USER # Granted roles for the default user name.
|
||||
security.basic.enabled=true # Enable basic authentication.
|
||||
security.filter-order=0 # Security filter chain order.
|
||||
security.filter-dispatcher-types=ASYNC,ERROR,REQUEST # Security filter chain dispatcher types.
|
||||
security.headers.hsts=all # HTTP Strict Transport Security (HSTS) mode (none, domain, all).
|
||||
security.sessions=stateless # Session creation policy (always, never, if_required, stateless).
|
||||
|
||||
# SECURITY OAUTH2 CLIENT ({sc-spring-boot-autoconfigure}/security/oauth2/OAuth2ClientProperties.{sc-ext}[OAuth2ClientProperties])
|
||||
security.oauth2.client.client-id= # OAuth2 client id.
|
||||
security.oauth2.client.client-secret= # OAuth2 client secret. A random secret is generated by default
|
||||
|
||||
# SECURITY OAUTH2 RESOURCES ({sc-spring-boot-autoconfigure}/security/oauth2/resource/ResourceServerProperties.{sc-ext}[ResourceServerProperties])
|
||||
security.oauth2.resource.filter-order= # The order of the filter chain used to authenticate tokens.
|
||||
security.oauth2.resource.id= # Identifier of the resource.
|
||||
security.oauth2.resource.jwt.key-uri= # The URI of the JWT token. Can be set if the value is not available and the key is public.
|
||||
security.oauth2.resource.jwt.key-value= # The verification key of the JWT token. Can either be a symmetric secret or PEM-encoded RSA public key.
|
||||
|
|
@ -514,7 +499,6 @@ content into your application; rather pick only the properties that you need.
|
|||
security.oauth2.resource.user-info-uri= # URI of the user endpoint.
|
||||
|
||||
# SECURITY OAUTH2 SSO ({sc-spring-boot-autoconfigure}/security/oauth2/client/OAuth2SsoProperties.{sc-ext}[OAuth2SsoProperties])
|
||||
security.oauth2.sso.filter-order= # Filter order to apply if not providing an explicit WebSecurityConfigurerAdapter
|
||||
security.oauth2.sso.login-path=/login # Path to the login page, i.e. the one that triggers the redirect to the OAuth2 Authorization Server
|
||||
|
||||
|
||||
|
|
@ -1210,8 +1194,6 @@ content into your application; rather pick only the properties that you need.
|
|||
management.address= # Network address that the management endpoints should bind to.
|
||||
management.context-path= # Management endpoint context-path. For instance `/actuator`
|
||||
management.port= # Management endpoint HTTP port. Uses the same port as the application by default. Configure a different port to use management-specific SSL.
|
||||
management.security.enabled=true # Enable security.
|
||||
management.security.roles=ACTUATOR # Comma-separated list of roles that can access the management endpoint.
|
||||
management.security.sessions=stateless # Session creating policy to use (always, never, if_required, stateless).
|
||||
management.ssl.ciphers= # Supported SSL ciphers. Requires a custom management.port.
|
||||
management.ssl.client-auth= # Whether client authentication is wanted ("want") or needed ("need"). Requires a trust store. Requires a custom management.port.
|
||||
|
|
|
|||
Loading…
Reference in New Issue