diff --git a/_generated-doc/main/config/all-configuration-groups-generated-doc/io.quarkus.vertx.http.runtime.AuthRuntimeConfig b/_generated-doc/main/config/all-configuration-groups-generated-doc/io.quarkus.vertx.http.runtime.AuthRuntimeConfig index 0918908ef7..b2c4a174bb 100644 --- a/_generated-doc/main/config/all-configuration-groups-generated-doc/io.quarkus.vertx.http.runtime.AuthRuntimeConfig +++ b/_generated-doc/main/config/all-configuration-groups-generated-doc/io.quarkus.vertx.http.runtime.AuthRuntimeConfig @@ -1 +1 @@ -[{"configDocSection":{"name":"","optional":false,"withinAMap":false,"sectionDetails":null,"sectionDetailsTitle":".permission.\"permissions\"","configPhase":"BUILD_TIME","topLevelGrouping":"","configGroupType":"io.quarkus.vertx.http.runtime.PolicyMappingConfig","showSection":false,"configDocItems":[{"configDocKey":{"type":"java.lang.Boolean","key":".permission.\"permissions\".enabled","additionalKeys":[],"configDoc":"Determines whether the entire permission set is enabled, or not. By default, if the permission set is defined, it is enabled.","withinAMap":true,"defaultValue":"","javaDocSiteLink":"","docMapKey":"enabled","configPhase":"BUILD_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_PERMISSION__PERMISSIONS__ENABLED","enum":false}},{"configDocKey":{"type":"string","key":".permission.\"permissions\".policy","additionalKeys":[],"configDoc":"The HTTP policy that this permission set is linked to. There are three built-in policies: permit, deny and authenticated. Role based policies can be defined, and extensions can add their own policies.","withinAMap":true,"defaultValue":"","javaDocSiteLink":"","docMapKey":"policy","configPhase":"BUILD_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_PERMISSION__PERMISSIONS__POLICY","enum":false}},{"configDocKey":{"type":"string","key":".permission.\"permissions\".methods","additionalKeys":[],"configDoc":"The methods that this permission set applies to. If this is not set then they apply to all methods. Note that if a request matches any path from any permission set, but does not match the constraint due to the method not being listed then the request will be denied. Method specific permissions take precedence over matches that do not have any methods set. This means that for example if Quarkus is configured to allow GET and POST requests to /admin to and no other permissions are configured PUT requests to /admin will be denied.","withinAMap":true,"defaultValue":"","javaDocSiteLink":"","docMapKey":"methods","configPhase":"BUILD_TIME","acceptedValues":null,"optional":true,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_PERMISSION__PERMISSIONS__METHODS","enum":false}},{"configDocKey":{"type":"string","key":".permission.\"permissions\".paths","additionalKeys":[],"configDoc":"The paths that this permission check applies to. If the path ends in /++*++ then this is treated as a path prefix, otherwise it is treated as an exact match. Matches are done on a length basis, so the most specific path match takes precedence. If multiple permission sets match the same path then explicit methods matches take precedence over matches without methods set, otherwise the most restrictive permissions are applied.","withinAMap":true,"defaultValue":"","javaDocSiteLink":"","docMapKey":"paths","configPhase":"BUILD_TIME","acceptedValues":null,"optional":true,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_PERMISSION__PERMISSIONS__PATHS","enum":false}},{"configDocKey":{"type":"string","key":".permission.\"permissions\".auth-mechanism","additionalKeys":[],"configDoc":"Path specific authentication mechanism which must be used to authenticate a user. It needs to match `HttpCredentialTransport` authentication scheme such as 'basic', 'bearer', 'form', etc.","withinAMap":true,"defaultValue":"","javaDocSiteLink":"","docMapKey":"auth-mechanism","configPhase":"BUILD_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_PERMISSION__PERMISSIONS__AUTH_MECHANISM","enum":false}},{"configDocKey":{"type":"boolean","key":".permission.\"permissions\".shared","additionalKeys":[],"configDoc":"Indicates that this policy always applies to the matched paths in addition to the policy with a winning path. Avoid creating more than one shared policy to minimize the performance impact.","withinAMap":true,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"shared","configPhase":"BUILD_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_PERMISSION__PERMISSIONS__SHARED","enum":false}},{"configDocKey":{"type":"io.quarkus.vertx.http.runtime.PolicyMappingConfig.AppliesTo","key":".permission.\"permissions\".applies-to","additionalKeys":[],"configDoc":"Whether permission check should be applied on all matching paths, or paths specific for the Jakarta REST resources.","withinAMap":true,"defaultValue":"all","javaDocSiteLink":"","docMapKey":"applies-to","configPhase":"BUILD_TIME","acceptedValues":["tooltip:all[Apply on all matching paths.]","tooltip:jaxrs[Declares that a permission check must only be applied on the Jakarta REST request paths. Use this option to delay the permission check if an authentication mechanism is chosen with an annotation on the matching Jakarta REST endpoint. This option must be set if the following REST endpoint annotations are used: - `io.quarkus.oidc.Tenant` annotation which selects an OIDC authentication mechanism with a tenant identifier - `io.quarkus.vertx.http.runtime.security.annotation.BasicAuthentication` which selects the Basic authentication mechanism - `io.quarkus.vertx.http.runtime.security.annotation.FormAuthentication` which selects the Form-based authentication mechanism - `io.quarkus.vertx.http.runtime.security.annotation.MTLSAuthentication` which selects the mTLS authentication mechanism - `io.quarkus.security.webauthn.WebAuthn` which selects the WebAuth authentication mechanism - `io.quarkus.oidc.BearerTokenAuthentication` which selects the OpenID Connect Bearer token authentication mechanism - `io.quarkus.oidc.AuthorizationCodeFlow` which selects the OpenID Connect Code authentication mechanism]"],"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_PERMISSION__PERMISSIONS__APPLIES_TO","enum":true}}],"anchorPrefix":null}},{"configDocSection":{"name":"","optional":false,"withinAMap":false,"sectionDetails":null,"sectionDetailsTitle":".policy.\"role-policy\"","configPhase":"BUILD_TIME","topLevelGrouping":"","configGroupType":"io.quarkus.vertx.http.runtime.PolicyConfig","showSection":false,"configDocItems":[{"configDocKey":{"type":"string","key":".policy.\"role-policy\".roles-allowed","additionalKeys":[],"configDoc":"The roles that are allowed to access resources protected by this policy. By default, access is allowed to any authenticated user.","withinAMap":true,"defaultValue":"**","javaDocSiteLink":"","docMapKey":"roles-allowed","configPhase":"BUILD_TIME","acceptedValues":null,"optional":false,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_POLICY__ROLE_POLICY__ROLES_ALLOWED","enum":false}},{"configDocKey":{"type":"java.util.List","key":".policy.\"role-policy\".roles.\"role-name\"","additionalKeys":[],"configDoc":"Add roles granted to the `SecurityIdentity` based on the roles that the `SecurityIdentity` already have. For example, the Quarkus OIDC extension can map roles from the verified JWT access token, and you may want to remap them to a deployment specific roles.","withinAMap":true,"defaultValue":"","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/util/List.html","docMapKey":"role-name","configPhase":"BUILD_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_POLICY__ROLE_POLICY__ROLES__ROLE_NAME_","enum":false}},{"configDocKey":{"type":"java.util.List","key":".policy.\"role-policy\".permissions.\"role-name\"","additionalKeys":[],"configDoc":"Permissions granted to the `SecurityIdentity` if this policy is applied successfully (the policy allows request to proceed) and the authenticated request has required role. For example, you can map permission `perm1` with actions `action1` and `action2` to role `admin` by setting `quarkus.http.auth.policy.role-policy1.permissions.admin=perm1:action1,perm1:action2` configuration property. Granted permissions are used for authorization with the `@PermissionsAllowed` annotation.","withinAMap":true,"defaultValue":"","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/util/List.html","docMapKey":"role-name","configPhase":"BUILD_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_POLICY__ROLE_POLICY__PERMISSIONS__ROLE_NAME_","enum":false}},{"configDocKey":{"type":"string","key":".policy.\"role-policy\".permission-class","additionalKeys":[],"configDoc":"Permissions granted by this policy will be created with a `java.security.Permission` implementation specified by this configuration property. The permission class must declare exactly one constructor that accepts permission name (`String`) or permission name and actions (`String`, `String++[]++`). Permission class must be registered for reflection if you run your application in a native mode.","withinAMap":true,"defaultValue":"io.quarkus.security.StringPermission","javaDocSiteLink":"","docMapKey":"permission-class","configPhase":"BUILD_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_POLICY__ROLE_POLICY__PERMISSION_CLASS","enum":false}}],"anchorPrefix":null}},{"configDocKey":{"type":"java.util.List","key":".roles-mapping.\"role-name\"","additionalKeys":[],"configDoc":"Map the `SecurityIdentity` roles to deployment specific roles and add the matching roles to `SecurityIdentity`.\n\nFor example, if `SecurityIdentity` has a `user` role and the endpoint is secured with a 'UserRole' role, use this property to map the `user` role to the `UserRole` role, and have `SecurityIdentity` to have both `user` and `UserRole` roles.","withinAMap":true,"defaultValue":"","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/util/List.html","docMapKey":"role-name","configPhase":"BUILD_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_ROLES_MAPPING__ROLE_NAME_","enum":false}},{"configDocKey":{"type":"path","key":".certificate-role-properties","additionalKeys":[],"configDoc":"Properties file containing the client certificate common name (CN) to role mappings. Use it only if the mTLS authentication mechanism is enabled with either `quarkus.http.ssl.client-auth=required` or `quarkus.http.ssl.client-auth=request`.\n\nProperties file is expected to have the `CN=role1,role,...,roleN` format and should be encoded using UTF-8.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"certificate-role-properties","configPhase":"BUILD_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_CERTIFICATE_ROLE_PROPERTIES","enum":false}},{"configDocKey":{"type":"string","key":".realm","additionalKeys":[],"configDoc":"The authentication realm","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"realm","configPhase":"BUILD_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_REALM","enum":false}},{"configDocSection":{"name":"","optional":false,"withinAMap":false,"sectionDetails":null,"sectionDetailsTitle":".form","configPhase":"BUILD_TIME","topLevelGrouping":"","configGroupType":"io.quarkus.vertx.http.runtime.FormAuthRuntimeConfig","showSection":false,"configDocItems":[{"configDocKey":{"type":"string","key":".form.login-page","additionalKeys":[],"configDoc":"The login page. Redirect to login page can be disabled by setting `quarkus.http.auth.form.login-page=`.","withinAMap":false,"defaultValue":"/login.html","javaDocSiteLink":"","docMapKey":"login-page","configPhase":"BUILD_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_FORM_LOGIN_PAGE","enum":false}},{"configDocKey":{"type":"string","key":".form.username-parameter","additionalKeys":[],"configDoc":"The username field name.","withinAMap":false,"defaultValue":"j_username","javaDocSiteLink":"","docMapKey":"username-parameter","configPhase":"BUILD_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_FORM_USERNAME_PARAMETER","enum":false}},{"configDocKey":{"type":"string","key":".form.password-parameter","additionalKeys":[],"configDoc":"The password field name.","withinAMap":false,"defaultValue":"j_password","javaDocSiteLink":"","docMapKey":"password-parameter","configPhase":"BUILD_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_FORM_PASSWORD_PARAMETER","enum":false}},{"configDocKey":{"type":"string","key":".form.error-page","additionalKeys":[],"configDoc":"The error page. Redirect to error page can be disabled by setting `quarkus.http.auth.form.error-page=`.","withinAMap":false,"defaultValue":"/error.html","javaDocSiteLink":"","docMapKey":"error-page","configPhase":"BUILD_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_FORM_ERROR_PAGE","enum":false}},{"configDocKey":{"type":"string","key":".form.landing-page","additionalKeys":[],"configDoc":"The landing page to redirect to if there is no saved page to redirect back to. Redirect to landing page can be disabled by setting `quarkus.http.auth.form.landing-page=`.","withinAMap":false,"defaultValue":"/index.html","javaDocSiteLink":"","docMapKey":"landing-page","configPhase":"BUILD_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_FORM_LANDING_PAGE","enum":false}},{"configDocKey":{"type":"string","key":".form.location-cookie","additionalKeys":[],"configDoc":"Option to control the name of the cookie used to redirect the user back to the location they want to access.","withinAMap":false,"defaultValue":"quarkus-redirect-location","javaDocSiteLink":"","docMapKey":"location-cookie","configPhase":"BUILD_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_FORM_LOCATION_COOKIE","enum":false}},{"configDocKey":{"type":"java.time.Duration","key":".form.timeout","additionalKeys":[],"configDoc":"The inactivity (idle) timeout When inactivity timeout is reached, cookie is not renewed and a new login is enforced.","withinAMap":false,"defaultValue":"PT30M","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/time/Duration.html","docMapKey":"timeout","configPhase":"BUILD_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_FORM_TIMEOUT","enum":false}},{"configDocKey":{"type":"java.time.Duration","key":".form.new-cookie-interval","additionalKeys":[],"configDoc":"How old a cookie can get before it will be replaced with a new cookie with an updated timeout, also referred to as \"renewal-timeout\". Note that smaller values will result in slightly more server load (as new encrypted cookies will be generated more often); however, larger values affect the inactivity timeout because the timeout is set when a cookie is generated. For example if this is set to 10 minutes, and the inactivity timeout is 30m, if a user's last request is when the cookie is 9m old then the actual timeout will happen 21m after the last request because the timeout is only refreshed when a new cookie is generated. That is, no timeout is tracked on the server side; the timestamp is encoded and encrypted in the cookie itself, and it is decrypted and parsed with each request.","withinAMap":false,"defaultValue":"PT1M","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/time/Duration.html","docMapKey":"new-cookie-interval","configPhase":"BUILD_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_FORM_NEW_COOKIE_INTERVAL","enum":false}},{"configDocKey":{"type":"string","key":".form.cookie-name","additionalKeys":[],"configDoc":"The cookie that is used to store the persistent session","withinAMap":false,"defaultValue":"quarkus-credential","javaDocSiteLink":"","docMapKey":"cookie-name","configPhase":"BUILD_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_FORM_COOKIE_NAME","enum":false}},{"configDocKey":{"type":"string","key":".form.cookie-path","additionalKeys":[],"configDoc":"The cookie path for the session and location cookies.","withinAMap":false,"defaultValue":"/","javaDocSiteLink":"","docMapKey":"cookie-path","configPhase":"BUILD_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_FORM_COOKIE_PATH","enum":false}},{"configDocKey":{"type":"boolean","key":".form.http-only-cookie","additionalKeys":[],"configDoc":"Set the HttpOnly attribute to prevent access to the cookie via JavaScript.","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"http-only-cookie","configPhase":"BUILD_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_FORM_HTTP_ONLY_COOKIE","enum":false}},{"configDocKey":{"type":"io.quarkus.vertx.http.runtime.FormAuthRuntimeConfig.CookieSameSite","key":".form.cookie-same-site","additionalKeys":[],"configDoc":"SameSite attribute for the session and location cookies.","withinAMap":false,"defaultValue":"strict","javaDocSiteLink":"","docMapKey":"cookie-same-site","configPhase":"BUILD_TIME","acceptedValues":["`strict`","`lax`","`none`"],"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_FORM_COOKIE_SAME_SITE","enum":true}}],"anchorPrefix":null}}] \ No newline at end of file +[{"configDocSection":{"name":"","optional":false,"withinAMap":false,"sectionDetails":null,"sectionDetailsTitle":".permission.\"permissions\"","configPhase":"BUILD_TIME","topLevelGrouping":"","configGroupType":"io.quarkus.vertx.http.runtime.PolicyMappingConfig","showSection":false,"configDocItems":[{"configDocKey":{"type":"java.lang.Boolean","key":".permission.\"permissions\".enabled","additionalKeys":[],"configDoc":"Determines whether the entire permission set is enabled, or not. By default, if the permission set is defined, it is enabled.","withinAMap":true,"defaultValue":"","javaDocSiteLink":"","docMapKey":"enabled","configPhase":"BUILD_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_PERMISSION__PERMISSIONS__ENABLED","enum":false}},{"configDocKey":{"type":"string","key":".permission.\"permissions\".policy","additionalKeys":[],"configDoc":"The HTTP policy that this permission set is linked to. There are three built-in policies: permit, deny and authenticated. Role based policies can be defined, and extensions can add their own policies.","withinAMap":true,"defaultValue":"","javaDocSiteLink":"","docMapKey":"policy","configPhase":"BUILD_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_PERMISSION__PERMISSIONS__POLICY","enum":false}},{"configDocKey":{"type":"string","key":".permission.\"permissions\".methods","additionalKeys":[],"configDoc":"The methods that this permission set applies to. If this is not set then they apply to all methods. Note that if a request matches any path from any permission set, but does not match the constraint due to the method not being listed then the request will be denied. Method specific permissions take precedence over matches that do not have any methods set. This means that for example if Quarkus is configured to allow GET and POST requests to /admin to and no other permissions are configured PUT requests to /admin will be denied.","withinAMap":true,"defaultValue":"","javaDocSiteLink":"","docMapKey":"methods","configPhase":"BUILD_TIME","acceptedValues":null,"optional":true,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_PERMISSION__PERMISSIONS__METHODS","enum":false}},{"configDocKey":{"type":"string","key":".permission.\"permissions\".paths","additionalKeys":[],"configDoc":"The paths that this permission check applies to. If the path ends in /++*++ then this is treated as a path prefix, otherwise it is treated as an exact match. Matches are done on a length basis, so the most specific path match takes precedence. If multiple permission sets match the same path then explicit methods matches take precedence over matches without methods set, otherwise the most restrictive permissions are applied.","withinAMap":true,"defaultValue":"","javaDocSiteLink":"","docMapKey":"paths","configPhase":"BUILD_TIME","acceptedValues":null,"optional":true,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_PERMISSION__PERMISSIONS__PATHS","enum":false}},{"configDocKey":{"type":"string","key":".permission.\"permissions\".auth-mechanism","additionalKeys":[],"configDoc":"Path specific authentication mechanism which must be used to authenticate a user. It needs to match `HttpCredentialTransport` authentication scheme such as 'basic', 'bearer', 'form', etc.","withinAMap":true,"defaultValue":"","javaDocSiteLink":"","docMapKey":"auth-mechanism","configPhase":"BUILD_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_PERMISSION__PERMISSIONS__AUTH_MECHANISM","enum":false}},{"configDocKey":{"type":"boolean","key":".permission.\"permissions\".shared","additionalKeys":[],"configDoc":"Indicates that this policy always applies to the matched paths in addition to the policy with a winning path. Avoid creating more than one shared policy to minimize the performance impact.","withinAMap":true,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"shared","configPhase":"BUILD_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_PERMISSION__PERMISSIONS__SHARED","enum":false}},{"configDocKey":{"type":"io.quarkus.vertx.http.runtime.PolicyMappingConfig.AppliesTo","key":".permission.\"permissions\".applies-to","additionalKeys":[],"configDoc":"Whether permission check should be applied on all matching paths, or paths specific for the Jakarta REST resources.","withinAMap":true,"defaultValue":"all","javaDocSiteLink":"","docMapKey":"applies-to","configPhase":"BUILD_TIME","acceptedValues":["tooltip:all[Apply on all matching paths.]","tooltip:jaxrs[Declares that a permission check must only be applied on the Jakarta REST request paths. Use this option to delay the permission check if an authentication mechanism is chosen with an annotation on the matching Jakarta REST endpoint. This option must be set if the following REST endpoint annotations are used: - `io.quarkus.oidc.Tenant` annotation which selects an OIDC authentication mechanism with a tenant identifier - `io.quarkus.vertx.http.runtime.security.annotation.BasicAuthentication` which selects the Basic authentication mechanism - `io.quarkus.vertx.http.runtime.security.annotation.FormAuthentication` which selects the Form-based authentication mechanism - `io.quarkus.vertx.http.runtime.security.annotation.MTLSAuthentication` which selects the mTLS authentication mechanism - `io.quarkus.security.webauthn.WebAuthn` which selects the WebAuth authentication mechanism - `io.quarkus.oidc.BearerTokenAuthentication` which selects the OpenID Connect Bearer token authentication mechanism - `io.quarkus.oidc.AuthorizationCodeFlow` which selects the OpenID Connect Code authentication mechanism]"],"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_PERMISSION__PERMISSIONS__APPLIES_TO","enum":true}}],"anchorPrefix":null}},{"configDocSection":{"name":"","optional":false,"withinAMap":false,"sectionDetails":null,"sectionDetailsTitle":".policy.\"role-policy\"","configPhase":"BUILD_TIME","topLevelGrouping":"","configGroupType":"io.quarkus.vertx.http.runtime.PolicyConfig","showSection":false,"configDocItems":[{"configDocKey":{"type":"string","key":".policy.\"role-policy\".roles-allowed","additionalKeys":[],"configDoc":"The roles that are allowed to access resources protected by this policy. By default, access is allowed to any authenticated user.","withinAMap":true,"defaultValue":"**","javaDocSiteLink":"","docMapKey":"roles-allowed","configPhase":"BUILD_TIME","acceptedValues":null,"optional":false,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_POLICY__ROLE_POLICY__ROLES_ALLOWED","enum":false}},{"configDocKey":{"type":"java.util.List","key":".policy.\"role-policy\".roles.\"role-name\"","additionalKeys":[],"configDoc":"Add roles granted to the `SecurityIdentity` based on the roles that the `SecurityIdentity` already have. For example, the Quarkus OIDC extension can map roles from the verified JWT access token, and you may want to remap them to a deployment specific roles.","withinAMap":true,"defaultValue":"","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/util/List.html","docMapKey":"role-name","configPhase":"BUILD_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_POLICY__ROLE_POLICY__ROLES__ROLE_NAME_","enum":false}},{"configDocKey":{"type":"java.util.List","key":".policy.\"role-policy\".permissions.\"role-name\"","additionalKeys":[],"configDoc":"Permissions granted to the `SecurityIdentity` if this policy is applied successfully (the policy allows request to proceed) and the authenticated request has required role. For example, you can map permission `perm1` with actions `action1` and `action2` to role `admin` by setting `quarkus.http.auth.policy.role-policy1.permissions.admin=perm1:action1,perm1:action2` configuration property. Granted permissions are used for authorization with the `@PermissionsAllowed` annotation.","withinAMap":true,"defaultValue":"","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/util/List.html","docMapKey":"role-name","configPhase":"BUILD_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_POLICY__ROLE_POLICY__PERMISSIONS__ROLE_NAME_","enum":false}},{"configDocKey":{"type":"string","key":".policy.\"role-policy\".permission-class","additionalKeys":[],"configDoc":"Permissions granted by this policy will be created with a `java.security.Permission` implementation specified by this configuration property. The permission class must declare exactly one constructor that accepts permission name (`String`) or permission name and actions (`String`, `String++[]++`). Permission class must be registered for reflection if you run your application in a native mode.","withinAMap":true,"defaultValue":"io.quarkus.security.StringPermission","javaDocSiteLink":"","docMapKey":"permission-class","configPhase":"BUILD_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_POLICY__ROLE_POLICY__PERMISSION_CLASS","enum":false}}],"anchorPrefix":null}},{"configDocKey":{"type":"java.util.List","key":".roles-mapping.\"role-name\"","additionalKeys":[],"configDoc":"Map the `SecurityIdentity` roles to deployment specific roles and add the matching roles to `SecurityIdentity`.\n\nFor example, if `SecurityIdentity` has a `user` role and the endpoint is secured with a 'UserRole' role, use this property to map the `user` role to the `UserRole` role, and have `SecurityIdentity` to have both `user` and `UserRole` roles.","withinAMap":true,"defaultValue":"","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/util/List.html","docMapKey":"role-name","configPhase":"BUILD_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_ROLES_MAPPING__ROLE_NAME_","enum":false}},{"configDocKey":{"type":"string","key":".certificate-role-attribute","additionalKeys":[],"configDoc":"Client certificate attribute whose values are going to be mapped to the 'SecurityIdentity' roles according to the roles mapping specified in the certificate properties file. The attribute must be either one of the Relative Distinguished Names (RDNs) or Subject Alternative Names (SANs). By default, the Common Name (CN) attribute value is used for roles mapping. Supported values are:\n\n - RDN type - Distinguished Name field. For example 'CN' represents Common Name field. Multivalued RNDs and multiple instances of the same attributes are currently not supported.\n - 'SAN_RFC822' - Subject Alternative Name field RFC 822 Name.\n - 'SAN_URI' - Subject Alternative Name field Uniform Resource Identifier (URI).\n - 'SAN_ANY' - Subject Alternative Name field Other Name. Please note that only simple case of UTF8 identifier mapping is supported. For example, you can map 'other-identifier' to the SecurityIdentity roles. If you use 'openssl' tool, supported Other name definition would look like this: `subjectAltName=otherName:1.2.3.4;UTF8:other-identifier`","withinAMap":false,"defaultValue":"CN","javaDocSiteLink":"","docMapKey":"certificate-role-attribute","configPhase":"BUILD_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_CERTIFICATE_ROLE_ATTRIBUTE","enum":false}},{"configDocKey":{"type":"path","key":".certificate-role-properties","additionalKeys":[],"configDoc":"Properties file containing the client certificate attribute value to role mappings. Use it only if the mTLS authentication mechanism is enabled with either `quarkus.http.ssl.client-auth=required` or `quarkus.http.ssl.client-auth=request`.\n\nProperties file is expected to have the `CN_VALUE=role1,role,...,roleN` format and should be encoded using UTF-8.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"certificate-role-properties","configPhase":"BUILD_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_CERTIFICATE_ROLE_PROPERTIES","enum":false}},{"configDocKey":{"type":"string","key":".realm","additionalKeys":[],"configDoc":"The authentication realm","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"realm","configPhase":"BUILD_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_REALM","enum":false}},{"configDocSection":{"name":"","optional":false,"withinAMap":false,"sectionDetails":null,"sectionDetailsTitle":".form","configPhase":"BUILD_TIME","topLevelGrouping":"","configGroupType":"io.quarkus.vertx.http.runtime.FormAuthRuntimeConfig","showSection":false,"configDocItems":[{"configDocKey":{"type":"string","key":".form.login-page","additionalKeys":[],"configDoc":"The login page. Redirect to login page can be disabled by setting `quarkus.http.auth.form.login-page=`.","withinAMap":false,"defaultValue":"/login.html","javaDocSiteLink":"","docMapKey":"login-page","configPhase":"BUILD_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_FORM_LOGIN_PAGE","enum":false}},{"configDocKey":{"type":"string","key":".form.username-parameter","additionalKeys":[],"configDoc":"The username field name.","withinAMap":false,"defaultValue":"j_username","javaDocSiteLink":"","docMapKey":"username-parameter","configPhase":"BUILD_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_FORM_USERNAME_PARAMETER","enum":false}},{"configDocKey":{"type":"string","key":".form.password-parameter","additionalKeys":[],"configDoc":"The password field name.","withinAMap":false,"defaultValue":"j_password","javaDocSiteLink":"","docMapKey":"password-parameter","configPhase":"BUILD_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_FORM_PASSWORD_PARAMETER","enum":false}},{"configDocKey":{"type":"string","key":".form.error-page","additionalKeys":[],"configDoc":"The error page. Redirect to error page can be disabled by setting `quarkus.http.auth.form.error-page=`.","withinAMap":false,"defaultValue":"/error.html","javaDocSiteLink":"","docMapKey":"error-page","configPhase":"BUILD_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_FORM_ERROR_PAGE","enum":false}},{"configDocKey":{"type":"string","key":".form.landing-page","additionalKeys":[],"configDoc":"The landing page to redirect to if there is no saved page to redirect back to. Redirect to landing page can be disabled by setting `quarkus.http.auth.form.landing-page=`.","withinAMap":false,"defaultValue":"/index.html","javaDocSiteLink":"","docMapKey":"landing-page","configPhase":"BUILD_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_FORM_LANDING_PAGE","enum":false}},{"configDocKey":{"type":"string","key":".form.location-cookie","additionalKeys":[],"configDoc":"Option to control the name of the cookie used to redirect the user back to the location they want to access.","withinAMap":false,"defaultValue":"quarkus-redirect-location","javaDocSiteLink":"","docMapKey":"location-cookie","configPhase":"BUILD_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_FORM_LOCATION_COOKIE","enum":false}},{"configDocKey":{"type":"java.time.Duration","key":".form.timeout","additionalKeys":[],"configDoc":"The inactivity (idle) timeout When inactivity timeout is reached, cookie is not renewed and a new login is enforced.","withinAMap":false,"defaultValue":"PT30M","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/time/Duration.html","docMapKey":"timeout","configPhase":"BUILD_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_FORM_TIMEOUT","enum":false}},{"configDocKey":{"type":"java.time.Duration","key":".form.new-cookie-interval","additionalKeys":[],"configDoc":"How old a cookie can get before it will be replaced with a new cookie with an updated timeout, also referred to as \"renewal-timeout\". Note that smaller values will result in slightly more server load (as new encrypted cookies will be generated more often); however, larger values affect the inactivity timeout because the timeout is set when a cookie is generated. For example if this is set to 10 minutes, and the inactivity timeout is 30m, if a user's last request is when the cookie is 9m old then the actual timeout will happen 21m after the last request because the timeout is only refreshed when a new cookie is generated. That is, no timeout is tracked on the server side; the timestamp is encoded and encrypted in the cookie itself, and it is decrypted and parsed with each request.","withinAMap":false,"defaultValue":"PT1M","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/time/Duration.html","docMapKey":"new-cookie-interval","configPhase":"BUILD_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_FORM_NEW_COOKIE_INTERVAL","enum":false}},{"configDocKey":{"type":"string","key":".form.cookie-name","additionalKeys":[],"configDoc":"The cookie that is used to store the persistent session","withinAMap":false,"defaultValue":"quarkus-credential","javaDocSiteLink":"","docMapKey":"cookie-name","configPhase":"BUILD_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_FORM_COOKIE_NAME","enum":false}},{"configDocKey":{"type":"string","key":".form.cookie-path","additionalKeys":[],"configDoc":"The cookie path for the session and location cookies.","withinAMap":false,"defaultValue":"/","javaDocSiteLink":"","docMapKey":"cookie-path","configPhase":"BUILD_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_FORM_COOKIE_PATH","enum":false}},{"configDocKey":{"type":"boolean","key":".form.http-only-cookie","additionalKeys":[],"configDoc":"Set the HttpOnly attribute to prevent access to the cookie via JavaScript.","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"http-only-cookie","configPhase":"BUILD_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_FORM_HTTP_ONLY_COOKIE","enum":false}},{"configDocKey":{"type":"io.quarkus.vertx.http.runtime.FormAuthRuntimeConfig.CookieSameSite","key":".form.cookie-same-site","additionalKeys":[],"configDoc":"SameSite attribute for the session and location cookies.","withinAMap":false,"defaultValue":"strict","javaDocSiteLink":"","docMapKey":"cookie-same-site","configPhase":"BUILD_TIME","acceptedValues":["`strict`","`lax`","`none`"],"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"","since":null,"environmentVariable":"_FORM_COOKIE_SAME_SITE","enum":true}}],"anchorPrefix":null}}] \ No newline at end of file diff --git a/_generated-doc/main/config/all-configuration-roots-generated-doc/io.quarkus.vertx.http.runtime.HttpConfiguration b/_generated-doc/main/config/all-configuration-roots-generated-doc/io.quarkus.vertx.http.runtime.HttpConfiguration index cb78b416df..7e2af8e93d 100644 --- a/_generated-doc/main/config/all-configuration-roots-generated-doc/io.quarkus.vertx.http.runtime.HttpConfiguration +++ b/_generated-doc/main/config/all-configuration-roots-generated-doc/io.quarkus.vertx.http.runtime.HttpConfiguration @@ -1 +1 @@ -[{"configDocKey":{"type":"java.lang.Boolean","key":"quarkus.http.auth.permission.\"permissions\".enabled","additionalKeys":[],"configDoc":"Determines whether the entire permission set is enabled, or not. By default, if the permission set is defined, it is enabled.","withinAMap":true,"defaultValue":"","javaDocSiteLink":"","docMapKey":"enabled","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_PERMISSION__PERMISSIONS__ENABLED","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.permission.\"permissions\".policy","additionalKeys":[],"configDoc":"The HTTP policy that this permission set is linked to. There are three built-in policies: permit, deny and authenticated. Role based policies can be defined, and extensions can add their own policies.","withinAMap":true,"defaultValue":"","javaDocSiteLink":"","docMapKey":"policy","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_PERMISSION__PERMISSIONS__POLICY","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.permission.\"permissions\".methods","additionalKeys":[],"configDoc":"The methods that this permission set applies to. If this is not set then they apply to all methods. Note that if a request matches any path from any permission set, but does not match the constraint due to the method not being listed then the request will be denied. Method specific permissions take precedence over matches that do not have any methods set. This means that for example if Quarkus is configured to allow GET and POST requests to /admin to and no other permissions are configured PUT requests to /admin will be denied.","withinAMap":true,"defaultValue":"","javaDocSiteLink":"","docMapKey":"methods","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_PERMISSION__PERMISSIONS__METHODS","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.permission.\"permissions\".paths","additionalKeys":[],"configDoc":"The paths that this permission check applies to. If the path ends in /++*++ then this is treated as a path prefix, otherwise it is treated as an exact match. Matches are done on a length basis, so the most specific path match takes precedence. If multiple permission sets match the same path then explicit methods matches take precedence over matches without methods set, otherwise the most restrictive permissions are applied.","withinAMap":true,"defaultValue":"","javaDocSiteLink":"","docMapKey":"paths","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_PERMISSION__PERMISSIONS__PATHS","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.permission.\"permissions\".auth-mechanism","additionalKeys":[],"configDoc":"Path specific authentication mechanism which must be used to authenticate a user. It needs to match `HttpCredentialTransport` authentication scheme such as 'basic', 'bearer', 'form', etc.","withinAMap":true,"defaultValue":"","javaDocSiteLink":"","docMapKey":"auth-mechanism","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_PERMISSION__PERMISSIONS__AUTH_MECHANISM","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.auth.permission.\"permissions\".shared","additionalKeys":[],"configDoc":"Indicates that this policy always applies to the matched paths in addition to the policy with a winning path. Avoid creating more than one shared policy to minimize the performance impact.","withinAMap":true,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"shared","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_PERMISSION__PERMISSIONS__SHARED","enum":false}},{"configDocKey":{"type":"io.quarkus.vertx.http.runtime.PolicyMappingConfig.AppliesTo","key":"quarkus.http.auth.permission.\"permissions\".applies-to","additionalKeys":[],"configDoc":"Whether permission check should be applied on all matching paths, or paths specific for the Jakarta REST resources.","withinAMap":true,"defaultValue":"all","javaDocSiteLink":"","docMapKey":"applies-to","configPhase":"RUN_TIME","acceptedValues":["tooltip:all[Apply on all matching paths.]","tooltip:jaxrs[Declares that a permission check must only be applied on the Jakarta REST request paths. Use this option to delay the permission check if an authentication mechanism is chosen with an annotation on the matching Jakarta REST endpoint. This option must be set if the following REST endpoint annotations are used: - `io.quarkus.oidc.Tenant` annotation which selects an OIDC authentication mechanism with a tenant identifier - `io.quarkus.vertx.http.runtime.security.annotation.BasicAuthentication` which selects the Basic authentication mechanism - `io.quarkus.vertx.http.runtime.security.annotation.FormAuthentication` which selects the Form-based authentication mechanism - `io.quarkus.vertx.http.runtime.security.annotation.MTLSAuthentication` which selects the mTLS authentication mechanism - `io.quarkus.security.webauthn.WebAuthn` which selects the WebAuth authentication mechanism - `io.quarkus.oidc.BearerTokenAuthentication` which selects the OpenID Connect Bearer token authentication mechanism - `io.quarkus.oidc.AuthorizationCodeFlow` which selects the OpenID Connect Code authentication mechanism]"],"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_PERMISSION__PERMISSIONS__APPLIES_TO","enum":true}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.policy.\"role-policy\".roles-allowed","additionalKeys":[],"configDoc":"The roles that are allowed to access resources protected by this policy. By default, access is allowed to any authenticated user.","withinAMap":true,"defaultValue":"**","javaDocSiteLink":"","docMapKey":"roles-allowed","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_POLICY__ROLE_POLICY__ROLES_ALLOWED","enum":false}},{"configDocKey":{"type":"java.util.List","key":"quarkus.http.auth.policy.\"role-policy\".roles.\"role-name\"","additionalKeys":[],"configDoc":"Add roles granted to the `SecurityIdentity` based on the roles that the `SecurityIdentity` already have. For example, the Quarkus OIDC extension can map roles from the verified JWT access token, and you may want to remap them to a deployment specific roles.","withinAMap":true,"defaultValue":"","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/util/List.html","docMapKey":"role-name","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_POLICY__ROLE_POLICY__ROLES__ROLE_NAME_","enum":false}},{"configDocKey":{"type":"java.util.List","key":"quarkus.http.auth.policy.\"role-policy\".permissions.\"role-name\"","additionalKeys":[],"configDoc":"Permissions granted to the `SecurityIdentity` if this policy is applied successfully (the policy allows request to proceed) and the authenticated request has required role. For example, you can map permission `perm1` with actions `action1` and `action2` to role `admin` by setting `quarkus.http.auth.policy.role-policy1.permissions.admin=perm1:action1,perm1:action2` configuration property. Granted permissions are used for authorization with the `@PermissionsAllowed` annotation.","withinAMap":true,"defaultValue":"","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/util/List.html","docMapKey":"role-name","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_POLICY__ROLE_POLICY__PERMISSIONS__ROLE_NAME_","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.policy.\"role-policy\".permission-class","additionalKeys":[],"configDoc":"Permissions granted by this policy will be created with a `java.security.Permission` implementation specified by this configuration property. The permission class must declare exactly one constructor that accepts permission name (`String`) or permission name and actions (`String`, `String++[]++`). Permission class must be registered for reflection if you run your application in a native mode.","withinAMap":true,"defaultValue":"io.quarkus.security.StringPermission","javaDocSiteLink":"","docMapKey":"permission-class","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_POLICY__ROLE_POLICY__PERMISSION_CLASS","enum":false}},{"configDocKey":{"type":"java.util.List","key":"quarkus.http.auth.roles-mapping.\"role-name\"","additionalKeys":[],"configDoc":"Map the `SecurityIdentity` roles to deployment specific roles and add the matching roles to `SecurityIdentity`.\n\nFor example, if `SecurityIdentity` has a `user` role and the endpoint is secured with a 'UserRole' role, use this property to map the `user` role to the `UserRole` role, and have `SecurityIdentity` to have both `user` and `UserRole` roles.","withinAMap":true,"defaultValue":"","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/util/List.html","docMapKey":"role-name","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_ROLES_MAPPING__ROLE_NAME_","enum":false}},{"configDocKey":{"type":"path","key":"quarkus.http.auth.certificate-role-properties","additionalKeys":[],"configDoc":"Properties file containing the client certificate common name (CN) to role mappings. Use it only if the mTLS authentication mechanism is enabled with either `quarkus.http.ssl.client-auth=required` or `quarkus.http.ssl.client-auth=request`.\n\nProperties file is expected to have the `CN=role1,role,...,roleN` format and should be encoded using UTF-8.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"certificate-role-properties","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_CERTIFICATE_ROLE_PROPERTIES","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.realm","additionalKeys":[],"configDoc":"The authentication realm","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"realm","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_REALM","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.form.login-page","additionalKeys":[],"configDoc":"The login page. Redirect to login page can be disabled by setting `quarkus.http.auth.form.login-page=`.","withinAMap":false,"defaultValue":"/login.html","javaDocSiteLink":"","docMapKey":"login-page","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_FORM_LOGIN_PAGE","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.form.username-parameter","additionalKeys":[],"configDoc":"The username field name.","withinAMap":false,"defaultValue":"j_username","javaDocSiteLink":"","docMapKey":"username-parameter","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_FORM_USERNAME_PARAMETER","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.form.password-parameter","additionalKeys":[],"configDoc":"The password field name.","withinAMap":false,"defaultValue":"j_password","javaDocSiteLink":"","docMapKey":"password-parameter","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_FORM_PASSWORD_PARAMETER","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.form.error-page","additionalKeys":[],"configDoc":"The error page. Redirect to error page can be disabled by setting `quarkus.http.auth.form.error-page=`.","withinAMap":false,"defaultValue":"/error.html","javaDocSiteLink":"","docMapKey":"error-page","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_FORM_ERROR_PAGE","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.form.landing-page","additionalKeys":[],"configDoc":"The landing page to redirect to if there is no saved page to redirect back to. Redirect to landing page can be disabled by setting `quarkus.http.auth.form.landing-page=`.","withinAMap":false,"defaultValue":"/index.html","javaDocSiteLink":"","docMapKey":"landing-page","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_FORM_LANDING_PAGE","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.form.location-cookie","additionalKeys":[],"configDoc":"Option to control the name of the cookie used to redirect the user back to the location they want to access.","withinAMap":false,"defaultValue":"quarkus-redirect-location","javaDocSiteLink":"","docMapKey":"location-cookie","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_FORM_LOCATION_COOKIE","enum":false}},{"configDocKey":{"type":"java.time.Duration","key":"quarkus.http.auth.form.timeout","additionalKeys":[],"configDoc":"The inactivity (idle) timeout When inactivity timeout is reached, cookie is not renewed and a new login is enforced.","withinAMap":false,"defaultValue":"PT30M","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/time/Duration.html","docMapKey":"timeout","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_FORM_TIMEOUT","enum":false}},{"configDocKey":{"type":"java.time.Duration","key":"quarkus.http.auth.form.new-cookie-interval","additionalKeys":[],"configDoc":"How old a cookie can get before it will be replaced with a new cookie with an updated timeout, also referred to as \"renewal-timeout\". Note that smaller values will result in slightly more server load (as new encrypted cookies will be generated more often); however, larger values affect the inactivity timeout because the timeout is set when a cookie is generated. For example if this is set to 10 minutes, and the inactivity timeout is 30m, if a user's last request is when the cookie is 9m old then the actual timeout will happen 21m after the last request because the timeout is only refreshed when a new cookie is generated. That is, no timeout is tracked on the server side; the timestamp is encoded and encrypted in the cookie itself, and it is decrypted and parsed with each request.","withinAMap":false,"defaultValue":"PT1M","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/time/Duration.html","docMapKey":"new-cookie-interval","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_FORM_NEW_COOKIE_INTERVAL","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.form.cookie-name","additionalKeys":[],"configDoc":"The cookie that is used to store the persistent session","withinAMap":false,"defaultValue":"quarkus-credential","javaDocSiteLink":"","docMapKey":"cookie-name","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_FORM_COOKIE_NAME","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.form.cookie-path","additionalKeys":[],"configDoc":"The cookie path for the session and location cookies.","withinAMap":false,"defaultValue":"/","javaDocSiteLink":"","docMapKey":"cookie-path","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_FORM_COOKIE_PATH","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.auth.form.http-only-cookie","additionalKeys":[],"configDoc":"Set the HttpOnly attribute to prevent access to the cookie via JavaScript.","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"http-only-cookie","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_FORM_HTTP_ONLY_COOKIE","enum":false}},{"configDocKey":{"type":"io.quarkus.vertx.http.runtime.FormAuthRuntimeConfig.CookieSameSite","key":"quarkus.http.auth.form.cookie-same-site","additionalKeys":[],"configDoc":"SameSite attribute for the session and location cookies.","withinAMap":false,"defaultValue":"strict","javaDocSiteLink":"","docMapKey":"cookie-same-site","configPhase":"RUN_TIME","acceptedValues":["`strict`","`lax`","`none`"],"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_FORM_COOKIE_SAME_SITE","enum":true}},{"configDocKey":{"type":"boolean","key":"quarkus.http.cors","additionalKeys":[],"configDoc":"Enable the CORS filter.","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"cors-enabled","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_CORS","enum":false}},{"configDocKey":{"type":"int","key":"quarkus.http.port","additionalKeys":[],"configDoc":"The HTTP port","withinAMap":false,"defaultValue":"8080","javaDocSiteLink":"","docMapKey":"port","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_PORT","enum":false}},{"configDocKey":{"type":"int","key":"quarkus.http.test-port","additionalKeys":[],"configDoc":"The HTTP port used to run tests","withinAMap":false,"defaultValue":"8081","javaDocSiteLink":"","docMapKey":"test-port","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_TEST_PORT","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.host","additionalKeys":[],"configDoc":"The HTTP host\n\nIn dev/test mode this defaults to localhost, in prod mode this defaults to 0.0.0.0\n\nDefaulting to 0.0.0.0 makes it easier to deploy Quarkus to container, however it is not suitable for dev/test mode as other people on the network can connect to your development machine.\n\nAs an exception, when running in Windows Subsystem for Linux (WSL), the HTTP host defaults to 0.0.0.0 even in dev/test mode since using localhost makes the application inaccessible.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"host","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_HOST","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.test-host","additionalKeys":[],"configDoc":"Used when `QuarkusIntegrationTest` is meant to execute against an application that is already running and listening on the host specified by this property.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"test-host","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_TEST_HOST","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.host-enabled","additionalKeys":[],"configDoc":"Enable listening to host:port","withinAMap":false,"defaultValue":"true","javaDocSiteLink":"","docMapKey":"host-enabled","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_HOST_ENABLED","enum":false}},{"configDocKey":{"type":"int","key":"quarkus.http.ssl-port","additionalKeys":[],"configDoc":"The HTTPS port","withinAMap":false,"defaultValue":"8443","javaDocSiteLink":"","docMapKey":"ssl-port","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_PORT","enum":false}},{"configDocKey":{"type":"int","key":"quarkus.http.test-ssl-port","additionalKeys":[],"configDoc":"The HTTPS port used to run tests","withinAMap":false,"defaultValue":"8444","javaDocSiteLink":"","docMapKey":"test-ssl-port","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_TEST_SSL_PORT","enum":false}},{"configDocKey":{"type":"java.lang.Boolean","key":"quarkus.http.test-ssl-enabled","additionalKeys":[],"configDoc":"Used when `QuarkusIntegrationTest` is meant to execute against an application that is already running to configure the test to use SSL.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"test-ssl-enabled","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_TEST_SSL_ENABLED","enum":false}},{"configDocKey":{"type":"io.quarkus.vertx.http.runtime.HttpConfiguration.InsecureRequests","key":"quarkus.http.insecure-requests","additionalKeys":[],"configDoc":"If insecure (i.e. http rather than https) requests are allowed. If this is `enabled` then http works as normal. `redirect` will still open the http port, but all requests will be redirected to the HTTPS port. `disabled` will prevent the HTTP port from opening at all.\n\nDefault is `enabled` except when client auth is set to `required` (configured using `quarkus.http.ssl.client-auth=required`). In this case, the default is `disabled`.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"insecure-requests","configPhase":"RUN_TIME","acceptedValues":["`enabled`","`redirect`","`disabled`"],"optional":true,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_INSECURE_REQUESTS","enum":true}},{"configDocKey":{"type":"boolean","key":"quarkus.http.http2","additionalKeys":[],"configDoc":"If this is true (the default) then HTTP/2 will be enabled.\n\nNote that for browsers to be able to use it HTTPS must be enabled, and you must be running on JDK11 or above, as JDK8 does not support ALPN.","withinAMap":false,"defaultValue":"true","javaDocSiteLink":"","docMapKey":"http2","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_HTTP2","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.http2-push-enabled","additionalKeys":[],"configDoc":"Enables or Disable the HTTP/2 Push feature. This setting can be used to disable server push. The server will not send a `PUSH_PROMISE` frame if it receives this parameter set to @++{++code false++}++.","withinAMap":false,"defaultValue":"true","javaDocSiteLink":"","docMapKey":"http2-push-enabled","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_HTTP2_PUSH_ENABLED","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.cors.origins","additionalKeys":[],"configDoc":"Origins allowed for CORS Comma separated list of valid URLs, e.g.: http://www.quarkus.io,http://localhost:3000 In case an entry of the list is surrounded by forward slashes, it is interpreted as a regular expression.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"origins","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_CORS_ORIGINS","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.cors.methods","additionalKeys":[],"configDoc":"HTTP methods allowed for CORS Comma separated list of valid methods. ex: GET,PUT,POST The filter allows any method if this is not set. default: returns any requested method as valid","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"methods","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_CORS_METHODS","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.cors.headers","additionalKeys":[],"configDoc":"HTTP headers allowed for CORS Comma separated list of valid headers. ex: X-Custom,Content-Disposition The filter allows any header if this is not set. default: returns any requested header as valid","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"headers","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_CORS_HEADERS","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.cors.exposed-headers","additionalKeys":[],"configDoc":"HTTP headers exposed in CORS Comma separated list of valid headers. ex: X-Custom,Content-Disposition default: empty","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"exposed-headers","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_CORS_EXPOSED_HEADERS","enum":false}},{"configDocKey":{"type":"java.time.Duration","key":"quarkus.http.cors.access-control-max-age","additionalKeys":[],"configDoc":"The `Access-Control-Max-Age` response header value indicating how long the results of a pre-flight request can be cached.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/time/Duration.html","docMapKey":"access-control-max-age","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_CORS_ACCESS_CONTROL_MAX_AGE","enum":false}},{"configDocKey":{"type":"java.lang.Boolean","key":"quarkus.http.cors.access-control-allow-credentials","additionalKeys":[],"configDoc":"The `Access-Control-Allow-Credentials` header is used to tell the browsers to expose the response to front-end JavaScript code when the request’s credentials mode Request.credentials is “include”. The value of this header will default to `true` if `quarkus.http.cors.origins` property is set and there is a match with the precise `Origin` header.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"access-control-allow-credentials","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_CORS_ACCESS_CONTROL_ALLOW_CREDENTIALS","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.ssl.certificate.credentials-provider","additionalKeys":[],"configDoc":"The `CredentialsProvider`. If this property is configured, then a matching 'CredentialsProvider' will be used to get the keystore, keystore key, and truststore passwords unless these passwords have already been configured.\n\nPlease note that using MicroProfile `ConfigSource` which is directly supported by Quarkus Configuration should be preferred unless using `CredentialsProvider` provides for some additional security and dynamism.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"credentials-provider","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_CREDENTIALS_PROVIDER","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.ssl.certificate.credentials-provider-name","additionalKeys":[],"configDoc":"The credentials provider bean name.\n\nThis is a bean name (as in `@Named`) of a bean that implements `CredentialsProvider`. It is used to select the credentials provider bean when multiple exist. This is unnecessary when there is only one credentials provider available.\n\nFor Vault, the credentials provider bean name is `vault-credentials-provider`.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"credentials-provider-name","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_CREDENTIALS_PROVIDER_NAME","enum":false}},{"configDocKey":{"type":"path","key":"quarkus.http.ssl.certificate.files","additionalKeys":[],"configDoc":"The list of path to server certificates using the PEM format. Specifying multiple files requires SNI to be enabled.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"files","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_FILES","enum":false}},{"configDocKey":{"type":"path","key":"quarkus.http.ssl.certificate.key-files","additionalKeys":[],"configDoc":"The list of path to server certificates private key files using the PEM format. Specifying multiple files requires SNI to be enabled.\n\nThe order of the key files must match the order of the certificates.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"key-files","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_KEY_FILES","enum":false}},{"configDocKey":{"type":"path","key":"quarkus.http.ssl.certificate.key-store-file","additionalKeys":[],"configDoc":"An optional keystore that holds the certificate information instead of specifying separate files.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"key-store-file","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_KEY_STORE_FILE","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.ssl.certificate.key-store-file-type","additionalKeys":[],"configDoc":"An optional parameter to specify the type of the keystore file. If not given, the type is automatically detected based on the file name.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"key-store-file-type","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_KEY_STORE_FILE_TYPE","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.ssl.certificate.key-store-provider","additionalKeys":[],"configDoc":"An optional parameter to specify a provider of the keystore file. If not given, the provider is automatically detected based on the keystore file type.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"key-store-provider","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_KEY_STORE_PROVIDER","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.ssl.certificate.key-store-password","additionalKeys":[],"configDoc":"A parameter to specify the password of the keystore file. If not given, and if it can not be retrieved from `CredentialsProvider`.","withinAMap":false,"defaultValue":"password","javaDocSiteLink":"","docMapKey":"key-store-password","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_KEY_STORE_PASSWORD","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.ssl.certificate.key-store-password-key","additionalKeys":[],"configDoc":"A parameter to specify a `CredentialsProvider` property key, which can be used to get the password of the key store file from `CredentialsProvider`.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"key-store-password-key","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_KEY_STORE_PASSWORD_KEY","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.ssl.certificate.key-store-alias","additionalKeys":[],"configDoc":"An optional parameter to select a specific key in the keystore. When SNI is disabled, and the keystore contains multiple keys and no alias is specified; the behavior is undefined.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"key-store-alias","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_KEY_STORE_ALIAS","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.ssl.certificate.key-store-alias-password","additionalKeys":[],"configDoc":"An optional parameter to define the password for the key, in case it is different from `key-store-password` If not given, it might be retrieved from `CredentialsProvider`.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"key-store-alias-password","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_KEY_STORE_ALIAS_PASSWORD","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.ssl.certificate.key-store-alias-password-key","additionalKeys":[],"configDoc":"A parameter to specify a `CredentialsProvider` property key, which can be used to get the password for the alias from `CredentialsProvider`.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"key-store-alias-password-key","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_KEY_STORE_ALIAS_PASSWORD_KEY","enum":false}},{"configDocKey":{"type":"path","key":"quarkus.http.ssl.certificate.trust-store-file","additionalKeys":[],"configDoc":"An optional trust store that holds the certificate information of the trusted certificates.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"trust-store-file","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_TRUST_STORE_FILE","enum":false}},{"configDocKey":{"type":"path","key":"quarkus.http.ssl.certificate.trust-store-files","additionalKeys":[],"configDoc":"An optional list of trusted certificates using the PEM format. If you pass multiple files, you must use the PEM format.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"trust-store-files","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_TRUST_STORE_FILES","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.ssl.certificate.trust-store-file-type","additionalKeys":[],"configDoc":"An optional parameter to specify the type of the trust store file. If not given, the type is automatically detected based on the file name.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"trust-store-file-type","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_TRUST_STORE_FILE_TYPE","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.ssl.certificate.trust-store-provider","additionalKeys":[],"configDoc":"An optional parameter to specify a provider of the trust store file. If not given, the provider is automatically detected based on the trust store file type.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"trust-store-provider","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_TRUST_STORE_PROVIDER","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.ssl.certificate.trust-store-password","additionalKeys":[],"configDoc":"A parameter to specify the password of the trust store file. If not given, it might be retrieved from `CredentialsProvider`.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"trust-store-password","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_TRUST_STORE_PASSWORD","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.ssl.certificate.trust-store-password-key","additionalKeys":[],"configDoc":"A parameter to specify a `CredentialsProvider` property key, which can be used to get the password of the trust store file from `CredentialsProvider`.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"trust-store-password-key","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_TRUST_STORE_PASSWORD_KEY","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.ssl.certificate.trust-store-cert-alias","additionalKeys":[],"configDoc":"An optional parameter to trust a single certificate from the trust store rather than trusting all certificates in the store.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"trust-store-cert-alias","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_TRUST_STORE_CERT_ALIAS","enum":false}},{"configDocKey":{"type":"java.time.Duration","key":"quarkus.http.ssl.certificate.reload-period","additionalKeys":[],"configDoc":"When set, the configured certificate will be reloaded after the given period. Note that the certificate will be reloaded only if the file has been modified.\n\nAlso, the update can also occur when the TLS certificate is configured using paths (and not in-memory).\n\nThe reload period must be equal or greater than 30 seconds. If not set, the certificate will not be reloaded.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/time/Duration.html","docMapKey":"reload-period","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_RELOAD_PERIOD","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.ssl.cipher-suites","additionalKeys":[],"configDoc":"The cipher suites to use. If none is given, a reasonable default is selected.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"cipher-suites","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CIPHER_SUITES","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.ssl.protocols","additionalKeys":[],"configDoc":"Sets the ordered list of enabled SSL/TLS protocols.\n\nIf not set, it defaults to `\"TLSv1.3, TLSv1.2\"`. The following list of protocols are supported: `TLSv1, TLSv1.1, TLSv1.2, TLSv1.3`. To only enable `TLSv1.3`, set the value to `to \"TLSv1.3\"`.\n\nNote that setting an empty list, and enabling SSL/TLS is invalid. You must at least have one protocol.","withinAMap":false,"defaultValue":"TLSv1.3,TLSv1.2","javaDocSiteLink":"","docMapKey":"protocols","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_PROTOCOLS","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.ssl.sni","additionalKeys":[],"configDoc":"Enables Server Name Indication (SNI), an TLS extension allowing the server to use multiple certificates. The client indicate the server name during the TLS handshake, allowing the server to select the right certificate.","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"sni","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_SNI","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.static-resources.index-page","additionalKeys":[],"configDoc":"Set the index page when serving static resources.","withinAMap":false,"defaultValue":"index.html","javaDocSiteLink":"","docMapKey":"index-page","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_STATIC_RESOURCES_INDEX_PAGE","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.static-resources.include-hidden","additionalKeys":[],"configDoc":"Set whether hidden files should be served.","withinAMap":false,"defaultValue":"true","javaDocSiteLink":"","docMapKey":"include-hidden","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_STATIC_RESOURCES_INCLUDE_HIDDEN","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.static-resources.enable-range-support","additionalKeys":[],"configDoc":"Set whether range requests (resumable downloads; media streaming) should be enabled.","withinAMap":false,"defaultValue":"true","javaDocSiteLink":"","docMapKey":"enable-range-support","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_STATIC_RESOURCES_ENABLE_RANGE_SUPPORT","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.static-resources.caching-enabled","additionalKeys":[],"configDoc":"Set whether cache handling is enabled.","withinAMap":false,"defaultValue":"true","javaDocSiteLink":"","docMapKey":"caching-enabled","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_STATIC_RESOURCES_CACHING_ENABLED","enum":false}},{"configDocKey":{"type":"java.time.Duration","key":"quarkus.http.static-resources.cache-entry-timeout","additionalKeys":[],"configDoc":"Set the cache entry timeout. The default is `30` seconds.","withinAMap":false,"defaultValue":"30S","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/time/Duration.html","docMapKey":"cache-entry-timeout","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_STATIC_RESOURCES_CACHE_ENTRY_TIMEOUT","enum":false}},{"configDocKey":{"type":"java.time.Duration","key":"quarkus.http.static-resources.max-age","additionalKeys":[],"configDoc":"Set value for max age in caching headers. The default is `24` hours.","withinAMap":false,"defaultValue":"24H","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/time/Duration.html","docMapKey":"max-age","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_STATIC_RESOURCES_MAX_AGE","enum":false}},{"configDocKey":{"type":"int","key":"quarkus.http.static-resources.max-cache-size","additionalKeys":[],"configDoc":"Set the max cache size.","withinAMap":false,"defaultValue":"10000","javaDocSiteLink":"","docMapKey":"max-cache-size","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_STATIC_RESOURCES_MAX_CACHE_SIZE","enum":false}},{"configDocKey":{"type":"java.nio.charset.Charset","key":"quarkus.http.static-resources.content-encoding","additionalKeys":[],"configDoc":"Content encoding for text related files","withinAMap":false,"defaultValue":"UTF-8","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/nio/charset/Charset.html","docMapKey":"content-encoding","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_STATIC_RESOURCES_CONTENT_ENCODING","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.handle-100-continue-automatically","additionalKeys":[],"configDoc":"When set to `true`, the HTTP server automatically sends `100 CONTINUE` response when the request expects it (with the `Expect: 100-Continue` header).","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"handle100-continue-automatically","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_HANDLE_100_CONTINUE_AUTOMATICALLY","enum":false}},{"configDocKey":{"type":"java.lang.Integer","key":"quarkus.http.io-threads","additionalKeys":[],"configDoc":"The number if IO threads used to perform IO. This will be automatically set to a reasonable value based on the number of CPU cores if it is not provided. If this is set to a higher value than the number of Vert.x event loops then it will be capped at the number of event loops.\n\nIn general this should be controlled by setting quarkus.vertx.event-loops-pool-size, this setting should only be used if you want to limit the number of HTTP io threads to a smaller number than the total number of IO threads.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"io-threads","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_IO_THREADS","enum":false}},{"configDocKey":{"type":"io.quarkus.runtime.configuration.MemorySize","key":"quarkus.http.limits.max-header-size","additionalKeys":[],"configDoc":"The maximum length of all headers.","withinAMap":false,"defaultValue":"20K","javaDocSiteLink":"","docMapKey":"max-header-size","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_LIMITS_MAX_HEADER_SIZE","enum":false}},{"configDocKey":{"type":"io.quarkus.runtime.configuration.MemorySize","key":"quarkus.http.limits.max-body-size","additionalKeys":[],"configDoc":"The maximum size of a request body.","withinAMap":false,"defaultValue":"10240K","javaDocSiteLink":"","docMapKey":"max-body-size","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_LIMITS_MAX_BODY_SIZE","enum":false}},{"configDocKey":{"type":"io.quarkus.runtime.configuration.MemorySize","key":"quarkus.http.limits.max-chunk-size","additionalKeys":[],"configDoc":"The max HTTP chunk size","withinAMap":false,"defaultValue":"8192","javaDocSiteLink":"","docMapKey":"max-chunk-size","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_LIMITS_MAX_CHUNK_SIZE","enum":false}},{"configDocKey":{"type":"int","key":"quarkus.http.limits.max-initial-line-length","additionalKeys":[],"configDoc":"The maximum length of the initial line (e.g. `\"GET / HTTP/1.0\"`).","withinAMap":false,"defaultValue":"4096","javaDocSiteLink":"","docMapKey":"max-initial-line-length","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_LIMITS_MAX_INITIAL_LINE_LENGTH","enum":false}},{"configDocKey":{"type":"io.quarkus.runtime.configuration.MemorySize","key":"quarkus.http.limits.max-form-attribute-size","additionalKeys":[],"configDoc":"The maximum length of a form attribute.","withinAMap":false,"defaultValue":"2048","javaDocSiteLink":"","docMapKey":"max-form-attribute-size","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_LIMITS_MAX_FORM_ATTRIBUTE_SIZE","enum":false}},{"configDocKey":{"type":"int","key":"quarkus.http.limits.max-form-fields","additionalKeys":[],"configDoc":"Set the maximum number of fields of a form. Set to `-1` to allow unlimited number of attributes.","withinAMap":false,"defaultValue":"256","javaDocSiteLink":"","docMapKey":"max-form-fields","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_LIMITS_MAX_FORM_FIELDS","enum":false}},{"configDocKey":{"type":"io.quarkus.runtime.configuration.MemorySize","key":"quarkus.http.limits.max-form-buffered-bytes","additionalKeys":[],"configDoc":"Set the maximum number of bytes a server can buffer when decoding a form. Set to `-1` to allow unlimited length","withinAMap":false,"defaultValue":"1K","javaDocSiteLink":"","docMapKey":"max-form-buffered-bytes","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_LIMITS_MAX_FORM_BUFFERED_BYTES","enum":false}},{"configDocKey":{"type":"int","key":"quarkus.http.limits.max-parameters","additionalKeys":[],"configDoc":"The maximum number of HTTP request parameters permitted for incoming requests.\n\nIf a client sends more than this number of parameters in a request, the connection is closed.","withinAMap":false,"defaultValue":"1000","javaDocSiteLink":"","docMapKey":"max-parameters","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_LIMITS_MAX_PARAMETERS","enum":false}},{"configDocKey":{"type":"java.lang.Integer","key":"quarkus.http.limits.max-connections","additionalKeys":[],"configDoc":"The maximum number of connections that are allowed at any one time. If this is set it is recommended to set a short idle timeout.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"max-connections","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_LIMITS_MAX_CONNECTIONS","enum":false}},{"configDocKey":{"type":"java.lang.Long","key":"quarkus.http.limits.header-table-size","additionalKeys":[],"configDoc":"Set the SETTINGS_HEADER_TABLE_SIZE HTTP/2 setting.\n\nAllows the sender to inform the remote endpoint of the maximum size of the header compression table used to decode header blocks, in octets. The encoder can select any size equal to or less than this value by using signaling specific to the header compression format inside a header block. The initial value is `4,096` octets.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"header-table-size","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_LIMITS_HEADER_TABLE_SIZE","enum":false}},{"configDocKey":{"type":"java.lang.Long","key":"quarkus.http.limits.max-concurrent-streams","additionalKeys":[],"configDoc":"Set SETTINGS_MAX_CONCURRENT_STREAMS HTTP/2 setting.\n\nIndicates the maximum number of concurrent streams that the sender will allow. This limit is directional: it applies to the number of streams that the sender permits the receiver to create. Initially, there is no limit to this value. It is recommended that this value be no smaller than 100, to not unnecessarily limit parallelism.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"max-concurrent-streams","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_LIMITS_MAX_CONCURRENT_STREAMS","enum":false}},{"configDocKey":{"type":"java.lang.Integer","key":"quarkus.http.limits.max-frame-size","additionalKeys":[],"configDoc":"Set the SETTINGS_MAX_FRAME_SIZE HTTP/2 setting. Indicates the size of the largest frame payload that the sender is willing to receive, in octets. The initial value is `2^14` (16,384) octets.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"max-frame-size","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_LIMITS_MAX_FRAME_SIZE","enum":false}},{"configDocKey":{"type":"java.lang.Long","key":"quarkus.http.limits.max-header-list-size","additionalKeys":[],"configDoc":"Set the SETTINGS_MAX_HEADER_LIST_SIZE HTTP/2 setting. This advisory setting informs a peer of the maximum size of header list that the sender is prepared to accept, in octets. The value is based on the uncompressed size of header fields, including the length of the name and value in octets plus an overhead of 32 octets for each header field. The default value is `8192`","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"max-header-list-size","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_LIMITS_MAX_HEADER_LIST_SIZE","enum":false}},{"configDocKey":{"type":"java.lang.Integer","key":"quarkus.http.limits.rst-flood-max-rst-frame-per-window","additionalKeys":[],"configDoc":"Set the max number of RST frame allowed per time window, this is used to prevent link:https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p[HTTP/2 RST frame flood DDOS attacks]. The default value is `200`, setting zero or a negative value, disables flood protection.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"rst-flood-max-rst-frame-per-window","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_LIMITS_RST_FLOOD_MAX_RST_FRAME_PER_WINDOW","enum":false}},{"configDocKey":{"type":"java.time.Duration","key":"quarkus.http.limits.rst-flood-window-duration","additionalKeys":[],"configDoc":"Set the duration of the time window when checking the max number of RST frames, this is used to prevent link:https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p[HTTP/2 RST frame flood DDOS attacks].. The default value is `30 s`, setting zero or a negative value, disables flood protection.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/time/Duration.html","docMapKey":"rst-flood-window-duration","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_LIMITS_RST_FLOOD_WINDOW_DURATION","enum":false}},{"configDocKey":{"type":"java.time.Duration","key":"quarkus.http.idle-timeout","additionalKeys":[],"configDoc":"Http connection idle timeout","withinAMap":false,"defaultValue":"30M","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/time/Duration.html","docMapKey":"idle-timeout","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_IDLE_TIMEOUT","enum":false}},{"configDocKey":{"type":"java.time.Duration","key":"quarkus.http.read-timeout","additionalKeys":[],"configDoc":"Http connection read timeout for blocking IO. This is the maximum amount of time a thread will wait for data, before an IOException will be thrown and the connection closed.","withinAMap":false,"defaultValue":"60S","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/time/Duration.html","docMapKey":"read-timeout","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_READ_TIMEOUT","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.body.handle-file-uploads","additionalKeys":[],"configDoc":"Whether the files sent using `multipart/form-data` will be stored locally.\n\nIf `true`, they will be stored in `quarkus.http.body-handler.uploads-directory` and will be made available via `io.vertx.ext.web.RoutingContext.fileUploads()`. Otherwise, the files sent using `multipart/form-data` will not be stored locally, and `io.vertx.ext.web.RoutingContext.fileUploads()` will always return an empty collection. Note that even with this option being set to `false`, the `multipart/form-data` requests will be accepted.","withinAMap":false,"defaultValue":"true","javaDocSiteLink":"","docMapKey":"handle-file-uploads","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_BODY_HANDLE_FILE_UPLOADS","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.body.uploads-directory","additionalKeys":[],"configDoc":"The directory where the files sent using `multipart/form-data` should be stored.\n\nEither an absolute path or a path relative to the current directory of the application process.","withinAMap":false,"defaultValue":"${java.io.tmpdir}/uploads","javaDocSiteLink":"","docMapKey":"uploads-directory","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_BODY_UPLOADS_DIRECTORY","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.body.merge-form-attributes","additionalKeys":[],"configDoc":"Whether the form attributes should be added to the request parameters.\n\nIf `true`, the form attributes will be added to the request parameters; otherwise the form parameters will not be added to the request parameters","withinAMap":false,"defaultValue":"true","javaDocSiteLink":"","docMapKey":"merge-form-attributes","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_BODY_MERGE_FORM_ATTRIBUTES","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.body.delete-uploaded-files-on-end","additionalKeys":[],"configDoc":"Whether the uploaded files should be removed after serving the request.\n\nIf `true` the uploaded files stored in `quarkus.http.body-handler.uploads-directory` will be removed after handling the request. Otherwise, the files will be left there forever.","withinAMap":false,"defaultValue":"true","javaDocSiteLink":"","docMapKey":"delete-uploaded-files-on-end","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_BODY_DELETE_UPLOADED_FILES_ON_END","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.body.preallocate-body-buffer","additionalKeys":[],"configDoc":"Whether the body buffer should pre-allocated based on the `Content-Length` header value.\n\nIf `true` the body buffer is pre-allocated according to the size read from the `Content-Length` header. Otherwise, the body buffer is pre-allocated to 1KB, and is resized dynamically","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"preallocate-body-buffer","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_BODY_PREALLOCATE_BODY_BUFFER","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.body.multipart.file-content-types","additionalKeys":[],"configDoc":"A comma-separated list of `ContentType` to indicate whether a given multipart field should be handled as a file part. You can use this setting to force HTTP-based extensions to parse a message part as a file based on its content type. For now, this setting only works when using RESTEasy Reactive.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"file-content-types","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_BODY_MULTIPART_FILE_CONTENT_TYPES","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.session.encryption-key","additionalKeys":[],"configDoc":"The encryption key that is used to store persistent logins (e.g. for form auth). Logins are stored in a persistent cookie that is encrypted with AES-256 using a key derived from a SHA-256 hash of the key that is provided here.\n\nIf no key is provided then an in-memory one will be generated, this will change on every restart though so it is not suitable for production environments. This must be more than 16 characters long for security reasons","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"encryption-key","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_SESSION_ENCRYPTION_KEY","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.so-reuse-port","additionalKeys":[],"configDoc":"Enable socket reuse port (linux/macOs native transport only)","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"so-reuse-port","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SO_REUSE_PORT","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.tcp-quick-ack","additionalKeys":[],"configDoc":"Enable tcp quick ack (linux native transport only)","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"tcp-quick-ack","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_TCP_QUICK_ACK","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.tcp-cork","additionalKeys":[],"configDoc":"Enable tcp cork (linux native transport only)","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"tcp-cork","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_TCP_CORK","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.tcp-fast-open","additionalKeys":[],"configDoc":"Enable tcp fast open (linux native transport only)","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"tcp-fast-open","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_TCP_FAST_OPEN","enum":false}},{"configDocKey":{"type":"int","key":"quarkus.http.accept-backlog","additionalKeys":[],"configDoc":"The accept backlog, this is how many connections can be waiting to be accepted before connections start being rejected","withinAMap":false,"defaultValue":"-1","javaDocSiteLink":"","docMapKey":"accept-backlog","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_ACCEPT_BACKLOG","enum":false}},{"configDocKey":{"type":"java.lang.Integer","key":"quarkus.http.initial-window-size","additionalKeys":[],"configDoc":"Set the SETTINGS_INITIAL_WINDOW_SIZE HTTP/2 setting. Indicates the sender's initial window size (in octets) for stream-level flow control. The initial value is `2^16-1` (65,535) octets.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"initial-window-size","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_INITIAL_WINDOW_SIZE","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.domain-socket","additionalKeys":[],"configDoc":"Path to a unix domain socket","withinAMap":false,"defaultValue":"/var/run/io.quarkus.app.socket","javaDocSiteLink":"","docMapKey":"domain-socket","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_DOMAIN_SOCKET","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.domain-socket-enabled","additionalKeys":[],"configDoc":"Enable listening to host:port","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"domain-socket-enabled","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_DOMAIN_SOCKET_ENABLED","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.record-request-start-time","additionalKeys":[],"configDoc":"If this is true then the request start time will be recorded to enable logging of total request time.\n\nThis has a small performance penalty, so is disabled by default.","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"record-request-start-time","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_RECORD_REQUEST_START_TIME","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.access-log.enabled","additionalKeys":[],"configDoc":"If access logging is enabled. By default this will log via the standard logging facility","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"enabled","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_ACCESS_LOG_ENABLED","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.access-log.exclude-pattern","additionalKeys":[],"configDoc":"A regular expression that can be used to exclude some paths from logging.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"exclude-pattern","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_ACCESS_LOG_EXCLUDE_PATTERN","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.access-log.pattern","additionalKeys":[],"configDoc":"The access log pattern.\n\nIf this is the string `common`, `combined` or `long` then this will use one of the specified named formats:\n\n- common: `%h %l %u %t \"%r\" %s %b`\n- combined: `%h %l %u %t \"%r\" %s %b \"%{i,Referer}\" \"%{i,User-Agent}\"`\n- long: `%r\\n%{ALL_REQUEST_HEADERS}`\n\nOtherwise, consult the Quarkus documentation for the full list of variables that can be used.","withinAMap":false,"defaultValue":"common","javaDocSiteLink":"","docMapKey":"pattern","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_ACCESS_LOG_PATTERN","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.access-log.log-to-file","additionalKeys":[],"configDoc":"If logging should be done to a separate file.","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"log-to-file","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_ACCESS_LOG_LOG_TO_FILE","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.access-log.base-file-name","additionalKeys":[],"configDoc":"The access log file base name, defaults to 'quarkus' which will give a log file name of 'quarkus.log'.","withinAMap":false,"defaultValue":"quarkus","javaDocSiteLink":"","docMapKey":"base-file-name","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_ACCESS_LOG_BASE_FILE_NAME","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.access-log.log-directory","additionalKeys":[],"configDoc":"The log directory to use when logging access to a file If this is not set then the current working directory is used.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"log-directory","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_ACCESS_LOG_LOG_DIRECTORY","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.access-log.log-suffix","additionalKeys":[],"configDoc":"The log file suffix","withinAMap":false,"defaultValue":".log","javaDocSiteLink":"","docMapKey":"log-suffix","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_ACCESS_LOG_LOG_SUFFIX","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.access-log.category","additionalKeys":[],"configDoc":"The log category to use if logging is being done via the standard log mechanism (i.e. if base-file-name is empty).","withinAMap":false,"defaultValue":"io.quarkus.http.access-log","javaDocSiteLink":"","docMapKey":"category","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_ACCESS_LOG_CATEGORY","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.access-log.rotate","additionalKeys":[],"configDoc":"If the log should be rotated daily","withinAMap":false,"defaultValue":"true","javaDocSiteLink":"","docMapKey":"rotate","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_ACCESS_LOG_ROTATE","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.access-log.consolidate-rerouted-requests","additionalKeys":[],"configDoc":"If rerouted requests should be consolidated into one log entry","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"consolidate-rerouted-requests","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_ACCESS_LOG_CONSOLIDATE_REROUTED_REQUESTS","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.traffic-shaping.enabled","additionalKeys":[],"configDoc":"Enables the traffic shaping.","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"enabled","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_TRAFFIC_SHAPING_ENABLED","enum":false}},{"configDocKey":{"type":"io.quarkus.runtime.configuration.MemorySize","key":"quarkus.http.traffic-shaping.inbound-global-bandwidth","additionalKeys":[],"configDoc":"Set bandwidth limit in bytes per second for inbound connections. If not set, no limits are applied.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"inbound-global-bandwidth","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_TRAFFIC_SHAPING_INBOUND_GLOBAL_BANDWIDTH","enum":false}},{"configDocKey":{"type":"io.quarkus.runtime.configuration.MemorySize","key":"quarkus.http.traffic-shaping.outbound-global-bandwidth","additionalKeys":[],"configDoc":"Set bandwidth limit in bytes per second for outbound connections. If not set, no limits are applied.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"outbound-global-bandwidth","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_TRAFFIC_SHAPING_OUTBOUND_GLOBAL_BANDWIDTH","enum":false}},{"configDocKey":{"type":"java.time.Duration","key":"quarkus.http.traffic-shaping.max-delay","additionalKeys":[],"configDoc":"Set the maximum delay to wait in case of traffic excess. Default is 15s. Must be less than the HTTP timeout.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/time/Duration.html","docMapKey":"max-delay","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_TRAFFIC_SHAPING_MAX_DELAY","enum":false}},{"configDocKey":{"type":"java.time.Duration","key":"quarkus.http.traffic-shaping.check-interval","additionalKeys":[],"configDoc":"Set the delay between two computations of performances for channels. If set to 0, no stats are computed. Despite 0 is accepted (no accounting), it is recommended to set a positive value for the check interval, even if it is high since the precision of the traffic shaping depends on the period where the traffic is computed. In this case, a suggested value is something close to 5 or 10 minutes.\n\nIf not default, it defaults to 1s.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/time/Duration.html","docMapKey":"check-interval","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_TRAFFIC_SHAPING_CHECK_INTERVAL","enum":false}},{"configDocKey":{"type":"io.quarkus.runtime.configuration.MemorySize","key":"quarkus.http.traffic-shaping.peak-outbound-global-bandwidth","additionalKeys":[],"configDoc":"Set the maximum global write size in bytes per second allowed in the buffer globally for all channels before write are suspended. The default value is 400 MB.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"peak-outbound-global-bandwidth","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_TRAFFIC_SHAPING_PEAK_OUTBOUND_GLOBAL_BANDWIDTH","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.same-site-cookie.\"same-site-cookie\".case-sensitive","additionalKeys":[],"configDoc":"If the cookie pattern is case-sensitive","withinAMap":true,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"case-sensitive","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SAME_SITE_COOKIE__SAME_SITE_COOKIE__CASE_SENSITIVE","enum":false}},{"configDocKey":{"type":"io.vertx.core.http.CookieSameSite","key":"quarkus.http.same-site-cookie.\"same-site-cookie\".value","additionalKeys":[],"configDoc":"The value to set in the samesite attribute","withinAMap":true,"defaultValue":"","javaDocSiteLink":"https://vertx.io/docs/apidocs/io/vertx/core/http/CookieSameSite.html","docMapKey":"value","configPhase":"RUN_TIME","acceptedValues":["`none`","`strict`","`lax`"],"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SAME_SITE_COOKIE__SAME_SITE_COOKIE__VALUE","enum":true}},{"configDocKey":{"type":"boolean","key":"quarkus.http.same-site-cookie.\"same-site-cookie\".enable-client-checker","additionalKeys":[],"configDoc":"Some User Agents break when sent SameSite=None, this will detect them and avoid sending the value","withinAMap":true,"defaultValue":"true","javaDocSiteLink":"","docMapKey":"enable-client-checker","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SAME_SITE_COOKIE__SAME_SITE_COOKIE__ENABLE_CLIENT_CHECKER","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.same-site-cookie.\"same-site-cookie\".add-secure-for-none","additionalKeys":[],"configDoc":"If this is true then the 'secure' attribute will automatically be sent on cookies with a SameSite attribute of None.","withinAMap":true,"defaultValue":"true","javaDocSiteLink":"","docMapKey":"add-secure-for-none","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SAME_SITE_COOKIE__SAME_SITE_COOKIE__ADD_SECURE_FOR_NONE","enum":false}},{"configDocKey":{"type":"io.quarkus.vertx.http.runtime.HttpConfiguration.PayloadHint","key":"quarkus.http.unhandled-error-content-type-default","additionalKeys":[],"configDoc":"Provides a hint (optional) for the default content type of responses generated for the errors not handled by the application.\n\nIf the client requested a supported content-type in request headers (e.g. \"Accept: application/json\", \"Accept: text/html\"), Quarkus will use that content type.\n\nOtherwise, it will default to the content type configured here.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"unhandled-error-content-type-default","configPhase":"RUN_TIME","acceptedValues":["`json`","`html`"],"optional":true,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_UNHANDLED_ERROR_CONTENT_TYPE_DEFAULT","enum":true}},{"configDocKey":{"type":"string","key":"quarkus.http.header.\"header\".path","additionalKeys":[],"configDoc":"The path this header should be applied","withinAMap":true,"defaultValue":"/*","javaDocSiteLink":"","docMapKey":"path","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_HEADER__HEADER__PATH","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.header.\"header\".value","additionalKeys":[],"configDoc":"The value for this header configuration","withinAMap":true,"defaultValue":"","javaDocSiteLink":"","docMapKey":"value","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_HEADER__HEADER__VALUE","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.header.\"header\".methods","additionalKeys":[],"configDoc":"The HTTP methods for this header configuration","withinAMap":true,"defaultValue":"","javaDocSiteLink":"","docMapKey":"methods","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_HEADER__HEADER__METHODS","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.filter.\"filter\".matches","additionalKeys":[],"configDoc":"A regular expression for the paths matching this configuration","withinAMap":true,"defaultValue":"","javaDocSiteLink":"","docMapKey":"matches","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_FILTER__FILTER__MATCHES","enum":false}},{"configDocKey":{"type":"java.lang.String","key":"quarkus.http.filter.\"filter\".header.\"header-name\"","additionalKeys":[],"configDoc":"Additional HTTP Headers always sent in the response","withinAMap":true,"defaultValue":"","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/lang/String.html","docMapKey":"header-name","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_FILTER__FILTER__HEADER__HEADER_NAME_","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.filter.\"filter\".methods","additionalKeys":[],"configDoc":"The HTTP methods for this path configuration","withinAMap":true,"defaultValue":"","javaDocSiteLink":"","docMapKey":"methods","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_FILTER__FILTER__METHODS","enum":false}},{"configDocKey":{"type":"java.lang.Integer","key":"quarkus.http.filter.\"filter\".order","additionalKeys":[],"configDoc":"","withinAMap":true,"defaultValue":"","javaDocSiteLink":"","docMapKey":"order","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_FILTER__FILTER__ORDER","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.proxy.use-proxy-protocol","additionalKeys":[],"configDoc":"Set whether the server should use the HA `PROXY` protocol when serving requests from behind a proxy. (see the link:https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt[PROXY Protocol]). When set to `true`, the remote address returned will be the one from the actual connecting client. If it is set to `false` (default), the remote address returned will be the one from the proxy.","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"use-proxy-protocol","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_PROXY_USE_PROXY_PROTOCOL","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.proxy.proxy-address-forwarding","additionalKeys":[],"configDoc":"If this is true then the address, scheme etc. will be set from headers forwarded by the proxy server, such as `X-Forwarded-For`. This should only be set if you are behind a proxy that sets these headers.","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"proxy-address-forwarding","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_PROXY_PROXY_ADDRESS_FORWARDING","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.proxy.allow-forwarded","additionalKeys":[],"configDoc":"If this is true and proxy address forwarding is enabled then the standard `Forwarded` header will be used. In case the not standard `X-Forwarded-For` header is enabled and detected on HTTP requests, the standard header has the precedence. Activating this together with `quarkus.http.proxy.allow-x-forwarded` has security implications as clients can forge requests with a forwarded header that is not overwritten by the proxy. Therefore, proxies should strip unexpected `X-Forwarded` or `X-Forwarded-++*++` headers from the client.","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"allow-forwarded","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_PROXY_ALLOW_FORWARDED","enum":false}},{"configDocKey":{"type":"java.lang.Boolean","key":"quarkus.http.proxy.allow-x-forwarded","additionalKeys":[],"configDoc":"If either this or `allow-forwarded` are true and proxy address forwarding is enabled then the not standard `Forwarded` header will be used. In case the standard `Forwarded` header is enabled and detected on HTTP requests, the standard header has the precedence. Activating this together with `quarkus.http.proxy.allow-forwarded` has security implications as clients can forge requests with a forwarded header that is not overwritten by the proxy. Therefore, proxies should strip unexpected `X-Forwarded` or `X-Forwarded-++*++` headers from the client.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"allow-x-forwarded","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_PROXY_ALLOW_X_FORWARDED","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.proxy.enable-forwarded-host","additionalKeys":[],"configDoc":"Enable override the received request's host through a forwarded host header.","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"enable-forwarded-host","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_PROXY_ENABLE_FORWARDED_HOST","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.proxy.forwarded-host-header","additionalKeys":[],"configDoc":"Configure the forwarded host header to be used if override enabled.","withinAMap":false,"defaultValue":"X-Forwarded-Host","javaDocSiteLink":"","docMapKey":"forwarded-host-header","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_PROXY_FORWARDED_HOST_HEADER","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.proxy.enable-forwarded-prefix","additionalKeys":[],"configDoc":"Enable prefix the received request's path with a forwarded prefix header.","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"enable-forwarded-prefix","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_PROXY_ENABLE_FORWARDED_PREFIX","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.proxy.forwarded-prefix-header","additionalKeys":[],"configDoc":"Configure the forwarded prefix header to be used if prefixing enabled.","withinAMap":false,"defaultValue":"X-Forwarded-Prefix","javaDocSiteLink":"","docMapKey":"forwarded-prefix-header","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_PROXY_FORWARDED_PREFIX_HEADER","enum":false}},{"configDocKey":{"type":"io.quarkus.vertx.http.runtime.TrustedProxyCheck.TrustedProxyCheckPart","key":"quarkus.http.proxy.trusted-proxies","additionalKeys":[],"configDoc":"Configure the list of trusted proxy addresses. Received `Forwarded`, `X-Forwarded` or `X-Forwarded-++*++` headers from any other proxy address will be ignored. The trusted proxy address should be specified as the IP address (IPv4 or IPv6), hostname or Classless Inter-Domain Routing (CIDR) notation. Please note that Quarkus needs to perform DNS lookup for all hostnames during the request. For that reason, using hostnames is not recommended.\n\nExamples of a socket address in the form of `host` or `host:port`:\n\n - `127.0.0.1:8084`\n - `++[++0:0:0:0:0:0:0:1++]++`\n - `++[++0:0:0:0:0:0:0:1++]++:8084`\n - `++[++::++]++`\n - `localhost`\n - `localhost:8084`\n\nExamples of a CIDR notation:\n\n - `::/128`\n - `::/0`\n - `127.0.0.0/8`\n\nPlease bear in mind that IPv4 CIDR won't match request sent from the IPv6 address and the other way around.","withinAMap":false,"defaultValue":"All proxy addresses are trusted","javaDocSiteLink":"","docMapKey":"trusted-proxies","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_PROXY_TRUSTED_PROXIES","enum":false}}] \ No newline at end of file +[{"configDocKey":{"type":"java.lang.Boolean","key":"quarkus.http.auth.permission.\"permissions\".enabled","additionalKeys":[],"configDoc":"Determines whether the entire permission set is enabled, or not. By default, if the permission set is defined, it is enabled.","withinAMap":true,"defaultValue":"","javaDocSiteLink":"","docMapKey":"enabled","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_PERMISSION__PERMISSIONS__ENABLED","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.permission.\"permissions\".policy","additionalKeys":[],"configDoc":"The HTTP policy that this permission set is linked to. There are three built-in policies: permit, deny and authenticated. Role based policies can be defined, and extensions can add their own policies.","withinAMap":true,"defaultValue":"","javaDocSiteLink":"","docMapKey":"policy","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_PERMISSION__PERMISSIONS__POLICY","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.permission.\"permissions\".methods","additionalKeys":[],"configDoc":"The methods that this permission set applies to. If this is not set then they apply to all methods. Note that if a request matches any path from any permission set, but does not match the constraint due to the method not being listed then the request will be denied. Method specific permissions take precedence over matches that do not have any methods set. This means that for example if Quarkus is configured to allow GET and POST requests to /admin to and no other permissions are configured PUT requests to /admin will be denied.","withinAMap":true,"defaultValue":"","javaDocSiteLink":"","docMapKey":"methods","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_PERMISSION__PERMISSIONS__METHODS","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.permission.\"permissions\".paths","additionalKeys":[],"configDoc":"The paths that this permission check applies to. If the path ends in /++*++ then this is treated as a path prefix, otherwise it is treated as an exact match. Matches are done on a length basis, so the most specific path match takes precedence. If multiple permission sets match the same path then explicit methods matches take precedence over matches without methods set, otherwise the most restrictive permissions are applied.","withinAMap":true,"defaultValue":"","javaDocSiteLink":"","docMapKey":"paths","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_PERMISSION__PERMISSIONS__PATHS","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.permission.\"permissions\".auth-mechanism","additionalKeys":[],"configDoc":"Path specific authentication mechanism which must be used to authenticate a user. It needs to match `HttpCredentialTransport` authentication scheme such as 'basic', 'bearer', 'form', etc.","withinAMap":true,"defaultValue":"","javaDocSiteLink":"","docMapKey":"auth-mechanism","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_PERMISSION__PERMISSIONS__AUTH_MECHANISM","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.auth.permission.\"permissions\".shared","additionalKeys":[],"configDoc":"Indicates that this policy always applies to the matched paths in addition to the policy with a winning path. Avoid creating more than one shared policy to minimize the performance impact.","withinAMap":true,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"shared","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_PERMISSION__PERMISSIONS__SHARED","enum":false}},{"configDocKey":{"type":"io.quarkus.vertx.http.runtime.PolicyMappingConfig.AppliesTo","key":"quarkus.http.auth.permission.\"permissions\".applies-to","additionalKeys":[],"configDoc":"Whether permission check should be applied on all matching paths, or paths specific for the Jakarta REST resources.","withinAMap":true,"defaultValue":"all","javaDocSiteLink":"","docMapKey":"applies-to","configPhase":"RUN_TIME","acceptedValues":["tooltip:all[Apply on all matching paths.]","tooltip:jaxrs[Declares that a permission check must only be applied on the Jakarta REST request paths. Use this option to delay the permission check if an authentication mechanism is chosen with an annotation on the matching Jakarta REST endpoint. This option must be set if the following REST endpoint annotations are used: - `io.quarkus.oidc.Tenant` annotation which selects an OIDC authentication mechanism with a tenant identifier - `io.quarkus.vertx.http.runtime.security.annotation.BasicAuthentication` which selects the Basic authentication mechanism - `io.quarkus.vertx.http.runtime.security.annotation.FormAuthentication` which selects the Form-based authentication mechanism - `io.quarkus.vertx.http.runtime.security.annotation.MTLSAuthentication` which selects the mTLS authentication mechanism - `io.quarkus.security.webauthn.WebAuthn` which selects the WebAuth authentication mechanism - `io.quarkus.oidc.BearerTokenAuthentication` which selects the OpenID Connect Bearer token authentication mechanism - `io.quarkus.oidc.AuthorizationCodeFlow` which selects the OpenID Connect Code authentication mechanism]"],"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_PERMISSION__PERMISSIONS__APPLIES_TO","enum":true}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.policy.\"role-policy\".roles-allowed","additionalKeys":[],"configDoc":"The roles that are allowed to access resources protected by this policy. By default, access is allowed to any authenticated user.","withinAMap":true,"defaultValue":"**","javaDocSiteLink":"","docMapKey":"roles-allowed","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_POLICY__ROLE_POLICY__ROLES_ALLOWED","enum":false}},{"configDocKey":{"type":"java.util.List","key":"quarkus.http.auth.policy.\"role-policy\".roles.\"role-name\"","additionalKeys":[],"configDoc":"Add roles granted to the `SecurityIdentity` based on the roles that the `SecurityIdentity` already have. For example, the Quarkus OIDC extension can map roles from the verified JWT access token, and you may want to remap them to a deployment specific roles.","withinAMap":true,"defaultValue":"","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/util/List.html","docMapKey":"role-name","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_POLICY__ROLE_POLICY__ROLES__ROLE_NAME_","enum":false}},{"configDocKey":{"type":"java.util.List","key":"quarkus.http.auth.policy.\"role-policy\".permissions.\"role-name\"","additionalKeys":[],"configDoc":"Permissions granted to the `SecurityIdentity` if this policy is applied successfully (the policy allows request to proceed) and the authenticated request has required role. For example, you can map permission `perm1` with actions `action1` and `action2` to role `admin` by setting `quarkus.http.auth.policy.role-policy1.permissions.admin=perm1:action1,perm1:action2` configuration property. Granted permissions are used for authorization with the `@PermissionsAllowed` annotation.","withinAMap":true,"defaultValue":"","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/util/List.html","docMapKey":"role-name","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_POLICY__ROLE_POLICY__PERMISSIONS__ROLE_NAME_","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.policy.\"role-policy\".permission-class","additionalKeys":[],"configDoc":"Permissions granted by this policy will be created with a `java.security.Permission` implementation specified by this configuration property. The permission class must declare exactly one constructor that accepts permission name (`String`) or permission name and actions (`String`, `String++[]++`). Permission class must be registered for reflection if you run your application in a native mode.","withinAMap":true,"defaultValue":"io.quarkus.security.StringPermission","javaDocSiteLink":"","docMapKey":"permission-class","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_POLICY__ROLE_POLICY__PERMISSION_CLASS","enum":false}},{"configDocKey":{"type":"java.util.List","key":"quarkus.http.auth.roles-mapping.\"role-name\"","additionalKeys":[],"configDoc":"Map the `SecurityIdentity` roles to deployment specific roles and add the matching roles to `SecurityIdentity`.\n\nFor example, if `SecurityIdentity` has a `user` role and the endpoint is secured with a 'UserRole' role, use this property to map the `user` role to the `UserRole` role, and have `SecurityIdentity` to have both `user` and `UserRole` roles.","withinAMap":true,"defaultValue":"","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/util/List.html","docMapKey":"role-name","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_ROLES_MAPPING__ROLE_NAME_","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.certificate-role-attribute","additionalKeys":[],"configDoc":"Client certificate attribute whose values are going to be mapped to the 'SecurityIdentity' roles according to the roles mapping specified in the certificate properties file. The attribute must be either one of the Relative Distinguished Names (RDNs) or Subject Alternative Names (SANs). By default, the Common Name (CN) attribute value is used for roles mapping. Supported values are:\n\n - RDN type - Distinguished Name field. For example 'CN' represents Common Name field. Multivalued RNDs and multiple instances of the same attributes are currently not supported.\n - 'SAN_RFC822' - Subject Alternative Name field RFC 822 Name.\n - 'SAN_URI' - Subject Alternative Name field Uniform Resource Identifier (URI).\n - 'SAN_ANY' - Subject Alternative Name field Other Name. Please note that only simple case of UTF8 identifier mapping is supported. For example, you can map 'other-identifier' to the SecurityIdentity roles. If you use 'openssl' tool, supported Other name definition would look like this: `subjectAltName=otherName:1.2.3.4;UTF8:other-identifier`","withinAMap":false,"defaultValue":"CN","javaDocSiteLink":"","docMapKey":"certificate-role-attribute","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_CERTIFICATE_ROLE_ATTRIBUTE","enum":false}},{"configDocKey":{"type":"path","key":"quarkus.http.auth.certificate-role-properties","additionalKeys":[],"configDoc":"Properties file containing the client certificate attribute value to role mappings. Use it only if the mTLS authentication mechanism is enabled with either `quarkus.http.ssl.client-auth=required` or `quarkus.http.ssl.client-auth=request`.\n\nProperties file is expected to have the `CN_VALUE=role1,role,...,roleN` format and should be encoded using UTF-8.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"certificate-role-properties","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_CERTIFICATE_ROLE_PROPERTIES","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.realm","additionalKeys":[],"configDoc":"The authentication realm","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"realm","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_REALM","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.form.login-page","additionalKeys":[],"configDoc":"The login page. Redirect to login page can be disabled by setting `quarkus.http.auth.form.login-page=`.","withinAMap":false,"defaultValue":"/login.html","javaDocSiteLink":"","docMapKey":"login-page","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_FORM_LOGIN_PAGE","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.form.username-parameter","additionalKeys":[],"configDoc":"The username field name.","withinAMap":false,"defaultValue":"j_username","javaDocSiteLink":"","docMapKey":"username-parameter","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_FORM_USERNAME_PARAMETER","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.form.password-parameter","additionalKeys":[],"configDoc":"The password field name.","withinAMap":false,"defaultValue":"j_password","javaDocSiteLink":"","docMapKey":"password-parameter","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_FORM_PASSWORD_PARAMETER","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.form.error-page","additionalKeys":[],"configDoc":"The error page. Redirect to error page can be disabled by setting `quarkus.http.auth.form.error-page=`.","withinAMap":false,"defaultValue":"/error.html","javaDocSiteLink":"","docMapKey":"error-page","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_FORM_ERROR_PAGE","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.form.landing-page","additionalKeys":[],"configDoc":"The landing page to redirect to if there is no saved page to redirect back to. Redirect to landing page can be disabled by setting `quarkus.http.auth.form.landing-page=`.","withinAMap":false,"defaultValue":"/index.html","javaDocSiteLink":"","docMapKey":"landing-page","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_FORM_LANDING_PAGE","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.form.location-cookie","additionalKeys":[],"configDoc":"Option to control the name of the cookie used to redirect the user back to the location they want to access.","withinAMap":false,"defaultValue":"quarkus-redirect-location","javaDocSiteLink":"","docMapKey":"location-cookie","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_FORM_LOCATION_COOKIE","enum":false}},{"configDocKey":{"type":"java.time.Duration","key":"quarkus.http.auth.form.timeout","additionalKeys":[],"configDoc":"The inactivity (idle) timeout When inactivity timeout is reached, cookie is not renewed and a new login is enforced.","withinAMap":false,"defaultValue":"PT30M","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/time/Duration.html","docMapKey":"timeout","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_FORM_TIMEOUT","enum":false}},{"configDocKey":{"type":"java.time.Duration","key":"quarkus.http.auth.form.new-cookie-interval","additionalKeys":[],"configDoc":"How old a cookie can get before it will be replaced with a new cookie with an updated timeout, also referred to as \"renewal-timeout\". Note that smaller values will result in slightly more server load (as new encrypted cookies will be generated more often); however, larger values affect the inactivity timeout because the timeout is set when a cookie is generated. For example if this is set to 10 minutes, and the inactivity timeout is 30m, if a user's last request is when the cookie is 9m old then the actual timeout will happen 21m after the last request because the timeout is only refreshed when a new cookie is generated. That is, no timeout is tracked on the server side; the timestamp is encoded and encrypted in the cookie itself, and it is decrypted and parsed with each request.","withinAMap":false,"defaultValue":"PT1M","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/time/Duration.html","docMapKey":"new-cookie-interval","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_FORM_NEW_COOKIE_INTERVAL","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.form.cookie-name","additionalKeys":[],"configDoc":"The cookie that is used to store the persistent session","withinAMap":false,"defaultValue":"quarkus-credential","javaDocSiteLink":"","docMapKey":"cookie-name","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_FORM_COOKIE_NAME","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.form.cookie-path","additionalKeys":[],"configDoc":"The cookie path for the session and location cookies.","withinAMap":false,"defaultValue":"/","javaDocSiteLink":"","docMapKey":"cookie-path","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_FORM_COOKIE_PATH","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.auth.form.http-only-cookie","additionalKeys":[],"configDoc":"Set the HttpOnly attribute to prevent access to the cookie via JavaScript.","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"http-only-cookie","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_FORM_HTTP_ONLY_COOKIE","enum":false}},{"configDocKey":{"type":"io.quarkus.vertx.http.runtime.FormAuthRuntimeConfig.CookieSameSite","key":"quarkus.http.auth.form.cookie-same-site","additionalKeys":[],"configDoc":"SameSite attribute for the session and location cookies.","withinAMap":false,"defaultValue":"strict","javaDocSiteLink":"","docMapKey":"cookie-same-site","configPhase":"RUN_TIME","acceptedValues":["`strict`","`lax`","`none`"],"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_FORM_COOKIE_SAME_SITE","enum":true}},{"configDocKey":{"type":"boolean","key":"quarkus.http.cors","additionalKeys":[],"configDoc":"Enable the CORS filter.","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"cors-enabled","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_CORS","enum":false}},{"configDocKey":{"type":"int","key":"quarkus.http.port","additionalKeys":[],"configDoc":"The HTTP port","withinAMap":false,"defaultValue":"8080","javaDocSiteLink":"","docMapKey":"port","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_PORT","enum":false}},{"configDocKey":{"type":"int","key":"quarkus.http.test-port","additionalKeys":[],"configDoc":"The HTTP port used to run tests","withinAMap":false,"defaultValue":"8081","javaDocSiteLink":"","docMapKey":"test-port","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_TEST_PORT","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.host","additionalKeys":[],"configDoc":"The HTTP host\n\nIn dev/test mode this defaults to localhost, in prod mode this defaults to 0.0.0.0\n\nDefaulting to 0.0.0.0 makes it easier to deploy Quarkus to container, however it is not suitable for dev/test mode as other people on the network can connect to your development machine.\n\nAs an exception, when running in Windows Subsystem for Linux (WSL), the HTTP host defaults to 0.0.0.0 even in dev/test mode since using localhost makes the application inaccessible.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"host","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_HOST","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.test-host","additionalKeys":[],"configDoc":"Used when `QuarkusIntegrationTest` is meant to execute against an application that is already running and listening on the host specified by this property.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"test-host","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_TEST_HOST","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.host-enabled","additionalKeys":[],"configDoc":"Enable listening to host:port","withinAMap":false,"defaultValue":"true","javaDocSiteLink":"","docMapKey":"host-enabled","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_HOST_ENABLED","enum":false}},{"configDocKey":{"type":"int","key":"quarkus.http.ssl-port","additionalKeys":[],"configDoc":"The HTTPS port","withinAMap":false,"defaultValue":"8443","javaDocSiteLink":"","docMapKey":"ssl-port","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_PORT","enum":false}},{"configDocKey":{"type":"int","key":"quarkus.http.test-ssl-port","additionalKeys":[],"configDoc":"The HTTPS port used to run tests","withinAMap":false,"defaultValue":"8444","javaDocSiteLink":"","docMapKey":"test-ssl-port","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_TEST_SSL_PORT","enum":false}},{"configDocKey":{"type":"java.lang.Boolean","key":"quarkus.http.test-ssl-enabled","additionalKeys":[],"configDoc":"Used when `QuarkusIntegrationTest` is meant to execute against an application that is already running to configure the test to use SSL.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"test-ssl-enabled","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_TEST_SSL_ENABLED","enum":false}},{"configDocKey":{"type":"io.quarkus.vertx.http.runtime.HttpConfiguration.InsecureRequests","key":"quarkus.http.insecure-requests","additionalKeys":[],"configDoc":"If insecure (i.e. http rather than https) requests are allowed. If this is `enabled` then http works as normal. `redirect` will still open the http port, but all requests will be redirected to the HTTPS port. `disabled` will prevent the HTTP port from opening at all.\n\nDefault is `enabled` except when client auth is set to `required` (configured using `quarkus.http.ssl.client-auth=required`). In this case, the default is `disabled`.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"insecure-requests","configPhase":"RUN_TIME","acceptedValues":["`enabled`","`redirect`","`disabled`"],"optional":true,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_INSECURE_REQUESTS","enum":true}},{"configDocKey":{"type":"boolean","key":"quarkus.http.http2","additionalKeys":[],"configDoc":"If this is true (the default) then HTTP/2 will be enabled.\n\nNote that for browsers to be able to use it HTTPS must be enabled, and you must be running on JDK11 or above, as JDK8 does not support ALPN.","withinAMap":false,"defaultValue":"true","javaDocSiteLink":"","docMapKey":"http2","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_HTTP2","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.http2-push-enabled","additionalKeys":[],"configDoc":"Enables or Disable the HTTP/2 Push feature. This setting can be used to disable server push. The server will not send a `PUSH_PROMISE` frame if it receives this parameter set to @++{++code false++}++.","withinAMap":false,"defaultValue":"true","javaDocSiteLink":"","docMapKey":"http2-push-enabled","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_HTTP2_PUSH_ENABLED","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.cors.origins","additionalKeys":[],"configDoc":"Origins allowed for CORS Comma separated list of valid URLs, e.g.: http://www.quarkus.io,http://localhost:3000 In case an entry of the list is surrounded by forward slashes, it is interpreted as a regular expression.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"origins","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_CORS_ORIGINS","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.cors.methods","additionalKeys":[],"configDoc":"HTTP methods allowed for CORS Comma separated list of valid methods. ex: GET,PUT,POST The filter allows any method if this is not set. default: returns any requested method as valid","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"methods","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_CORS_METHODS","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.cors.headers","additionalKeys":[],"configDoc":"HTTP headers allowed for CORS Comma separated list of valid headers. ex: X-Custom,Content-Disposition The filter allows any header if this is not set. default: returns any requested header as valid","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"headers","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_CORS_HEADERS","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.cors.exposed-headers","additionalKeys":[],"configDoc":"HTTP headers exposed in CORS Comma separated list of valid headers. ex: X-Custom,Content-Disposition default: empty","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"exposed-headers","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_CORS_EXPOSED_HEADERS","enum":false}},{"configDocKey":{"type":"java.time.Duration","key":"quarkus.http.cors.access-control-max-age","additionalKeys":[],"configDoc":"The `Access-Control-Max-Age` response header value indicating how long the results of a pre-flight request can be cached.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/time/Duration.html","docMapKey":"access-control-max-age","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_CORS_ACCESS_CONTROL_MAX_AGE","enum":false}},{"configDocKey":{"type":"java.lang.Boolean","key":"quarkus.http.cors.access-control-allow-credentials","additionalKeys":[],"configDoc":"The `Access-Control-Allow-Credentials` header is used to tell the browsers to expose the response to front-end JavaScript code when the request’s credentials mode Request.credentials is “include”. The value of this header will default to `true` if `quarkus.http.cors.origins` property is set and there is a match with the precise `Origin` header.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"access-control-allow-credentials","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_CORS_ACCESS_CONTROL_ALLOW_CREDENTIALS","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.ssl.certificate.credentials-provider","additionalKeys":[],"configDoc":"The `CredentialsProvider`. If this property is configured, then a matching 'CredentialsProvider' will be used to get the keystore, keystore key, and truststore passwords unless these passwords have already been configured.\n\nPlease note that using MicroProfile `ConfigSource` which is directly supported by Quarkus Configuration should be preferred unless using `CredentialsProvider` provides for some additional security and dynamism.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"credentials-provider","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_CREDENTIALS_PROVIDER","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.ssl.certificate.credentials-provider-name","additionalKeys":[],"configDoc":"The credentials provider bean name.\n\nThis is a bean name (as in `@Named`) of a bean that implements `CredentialsProvider`. It is used to select the credentials provider bean when multiple exist. This is unnecessary when there is only one credentials provider available.\n\nFor Vault, the credentials provider bean name is `vault-credentials-provider`.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"credentials-provider-name","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_CREDENTIALS_PROVIDER_NAME","enum":false}},{"configDocKey":{"type":"path","key":"quarkus.http.ssl.certificate.files","additionalKeys":[],"configDoc":"The list of path to server certificates using the PEM format. Specifying multiple files requires SNI to be enabled.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"files","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_FILES","enum":false}},{"configDocKey":{"type":"path","key":"quarkus.http.ssl.certificate.key-files","additionalKeys":[],"configDoc":"The list of path to server certificates private key files using the PEM format. Specifying multiple files requires SNI to be enabled.\n\nThe order of the key files must match the order of the certificates.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"key-files","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_KEY_FILES","enum":false}},{"configDocKey":{"type":"path","key":"quarkus.http.ssl.certificate.key-store-file","additionalKeys":[],"configDoc":"An optional keystore that holds the certificate information instead of specifying separate files.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"key-store-file","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_KEY_STORE_FILE","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.ssl.certificate.key-store-file-type","additionalKeys":[],"configDoc":"An optional parameter to specify the type of the keystore file. If not given, the type is automatically detected based on the file name.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"key-store-file-type","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_KEY_STORE_FILE_TYPE","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.ssl.certificate.key-store-provider","additionalKeys":[],"configDoc":"An optional parameter to specify a provider of the keystore file. If not given, the provider is automatically detected based on the keystore file type.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"key-store-provider","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_KEY_STORE_PROVIDER","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.ssl.certificate.key-store-password","additionalKeys":[],"configDoc":"A parameter to specify the password of the keystore file. If not given, and if it can not be retrieved from `CredentialsProvider`.","withinAMap":false,"defaultValue":"password","javaDocSiteLink":"","docMapKey":"key-store-password","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_KEY_STORE_PASSWORD","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.ssl.certificate.key-store-password-key","additionalKeys":[],"configDoc":"A parameter to specify a `CredentialsProvider` property key, which can be used to get the password of the key store file from `CredentialsProvider`.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"key-store-password-key","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_KEY_STORE_PASSWORD_KEY","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.ssl.certificate.key-store-alias","additionalKeys":[],"configDoc":"An optional parameter to select a specific key in the keystore. When SNI is disabled, and the keystore contains multiple keys and no alias is specified; the behavior is undefined.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"key-store-alias","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_KEY_STORE_ALIAS","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.ssl.certificate.key-store-alias-password","additionalKeys":[],"configDoc":"An optional parameter to define the password for the key, in case it is different from `key-store-password` If not given, it might be retrieved from `CredentialsProvider`.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"key-store-alias-password","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_KEY_STORE_ALIAS_PASSWORD","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.ssl.certificate.key-store-alias-password-key","additionalKeys":[],"configDoc":"A parameter to specify a `CredentialsProvider` property key, which can be used to get the password for the alias from `CredentialsProvider`.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"key-store-alias-password-key","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_KEY_STORE_ALIAS_PASSWORD_KEY","enum":false}},{"configDocKey":{"type":"path","key":"quarkus.http.ssl.certificate.trust-store-file","additionalKeys":[],"configDoc":"An optional trust store that holds the certificate information of the trusted certificates.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"trust-store-file","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_TRUST_STORE_FILE","enum":false}},{"configDocKey":{"type":"path","key":"quarkus.http.ssl.certificate.trust-store-files","additionalKeys":[],"configDoc":"An optional list of trusted certificates using the PEM format. If you pass multiple files, you must use the PEM format.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"trust-store-files","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_TRUST_STORE_FILES","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.ssl.certificate.trust-store-file-type","additionalKeys":[],"configDoc":"An optional parameter to specify the type of the trust store file. If not given, the type is automatically detected based on the file name.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"trust-store-file-type","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_TRUST_STORE_FILE_TYPE","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.ssl.certificate.trust-store-provider","additionalKeys":[],"configDoc":"An optional parameter to specify a provider of the trust store file. If not given, the provider is automatically detected based on the trust store file type.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"trust-store-provider","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_TRUST_STORE_PROVIDER","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.ssl.certificate.trust-store-password","additionalKeys":[],"configDoc":"A parameter to specify the password of the trust store file. If not given, it might be retrieved from `CredentialsProvider`.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"trust-store-password","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_TRUST_STORE_PASSWORD","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.ssl.certificate.trust-store-password-key","additionalKeys":[],"configDoc":"A parameter to specify a `CredentialsProvider` property key, which can be used to get the password of the trust store file from `CredentialsProvider`.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"trust-store-password-key","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_TRUST_STORE_PASSWORD_KEY","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.ssl.certificate.trust-store-cert-alias","additionalKeys":[],"configDoc":"An optional parameter to trust a single certificate from the trust store rather than trusting all certificates in the store.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"trust-store-cert-alias","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_TRUST_STORE_CERT_ALIAS","enum":false}},{"configDocKey":{"type":"java.time.Duration","key":"quarkus.http.ssl.certificate.reload-period","additionalKeys":[],"configDoc":"When set, the configured certificate will be reloaded after the given period. Note that the certificate will be reloaded only if the file has been modified.\n\nAlso, the update can also occur when the TLS certificate is configured using paths (and not in-memory).\n\nThe reload period must be equal or greater than 30 seconds. If not set, the certificate will not be reloaded.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/time/Duration.html","docMapKey":"reload-period","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CERTIFICATE_RELOAD_PERIOD","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.ssl.cipher-suites","additionalKeys":[],"configDoc":"The cipher suites to use. If none is given, a reasonable default is selected.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"cipher-suites","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_CIPHER_SUITES","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.ssl.protocols","additionalKeys":[],"configDoc":"Sets the ordered list of enabled SSL/TLS protocols.\n\nIf not set, it defaults to `\"TLSv1.3, TLSv1.2\"`. The following list of protocols are supported: `TLSv1, TLSv1.1, TLSv1.2, TLSv1.3`. To only enable `TLSv1.3`, set the value to `to \"TLSv1.3\"`.\n\nNote that setting an empty list, and enabling SSL/TLS is invalid. You must at least have one protocol.","withinAMap":false,"defaultValue":"TLSv1.3,TLSv1.2","javaDocSiteLink":"","docMapKey":"protocols","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_PROTOCOLS","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.ssl.sni","additionalKeys":[],"configDoc":"Enables Server Name Indication (SNI), an TLS extension allowing the server to use multiple certificates. The client indicate the server name during the TLS handshake, allowing the server to select the right certificate.","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"sni","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SSL_SNI","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.static-resources.index-page","additionalKeys":[],"configDoc":"Set the index page when serving static resources.","withinAMap":false,"defaultValue":"index.html","javaDocSiteLink":"","docMapKey":"index-page","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_STATIC_RESOURCES_INDEX_PAGE","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.static-resources.include-hidden","additionalKeys":[],"configDoc":"Set whether hidden files should be served.","withinAMap":false,"defaultValue":"true","javaDocSiteLink":"","docMapKey":"include-hidden","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_STATIC_RESOURCES_INCLUDE_HIDDEN","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.static-resources.enable-range-support","additionalKeys":[],"configDoc":"Set whether range requests (resumable downloads; media streaming) should be enabled.","withinAMap":false,"defaultValue":"true","javaDocSiteLink":"","docMapKey":"enable-range-support","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_STATIC_RESOURCES_ENABLE_RANGE_SUPPORT","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.static-resources.caching-enabled","additionalKeys":[],"configDoc":"Set whether cache handling is enabled.","withinAMap":false,"defaultValue":"true","javaDocSiteLink":"","docMapKey":"caching-enabled","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_STATIC_RESOURCES_CACHING_ENABLED","enum":false}},{"configDocKey":{"type":"java.time.Duration","key":"quarkus.http.static-resources.cache-entry-timeout","additionalKeys":[],"configDoc":"Set the cache entry timeout. The default is `30` seconds.","withinAMap":false,"defaultValue":"30S","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/time/Duration.html","docMapKey":"cache-entry-timeout","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_STATIC_RESOURCES_CACHE_ENTRY_TIMEOUT","enum":false}},{"configDocKey":{"type":"java.time.Duration","key":"quarkus.http.static-resources.max-age","additionalKeys":[],"configDoc":"Set value for max age in caching headers. The default is `24` hours.","withinAMap":false,"defaultValue":"24H","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/time/Duration.html","docMapKey":"max-age","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_STATIC_RESOURCES_MAX_AGE","enum":false}},{"configDocKey":{"type":"int","key":"quarkus.http.static-resources.max-cache-size","additionalKeys":[],"configDoc":"Set the max cache size.","withinAMap":false,"defaultValue":"10000","javaDocSiteLink":"","docMapKey":"max-cache-size","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_STATIC_RESOURCES_MAX_CACHE_SIZE","enum":false}},{"configDocKey":{"type":"java.nio.charset.Charset","key":"quarkus.http.static-resources.content-encoding","additionalKeys":[],"configDoc":"Content encoding for text related files","withinAMap":false,"defaultValue":"UTF-8","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/nio/charset/Charset.html","docMapKey":"content-encoding","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_STATIC_RESOURCES_CONTENT_ENCODING","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.handle-100-continue-automatically","additionalKeys":[],"configDoc":"When set to `true`, the HTTP server automatically sends `100 CONTINUE` response when the request expects it (with the `Expect: 100-Continue` header).","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"handle100-continue-automatically","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_HANDLE_100_CONTINUE_AUTOMATICALLY","enum":false}},{"configDocKey":{"type":"java.lang.Integer","key":"quarkus.http.io-threads","additionalKeys":[],"configDoc":"The number if IO threads used to perform IO. This will be automatically set to a reasonable value based on the number of CPU cores if it is not provided. If this is set to a higher value than the number of Vert.x event loops then it will be capped at the number of event loops.\n\nIn general this should be controlled by setting quarkus.vertx.event-loops-pool-size, this setting should only be used if you want to limit the number of HTTP io threads to a smaller number than the total number of IO threads.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"io-threads","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_IO_THREADS","enum":false}},{"configDocKey":{"type":"io.quarkus.runtime.configuration.MemorySize","key":"quarkus.http.limits.max-header-size","additionalKeys":[],"configDoc":"The maximum length of all headers.","withinAMap":false,"defaultValue":"20K","javaDocSiteLink":"","docMapKey":"max-header-size","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_LIMITS_MAX_HEADER_SIZE","enum":false}},{"configDocKey":{"type":"io.quarkus.runtime.configuration.MemorySize","key":"quarkus.http.limits.max-body-size","additionalKeys":[],"configDoc":"The maximum size of a request body.","withinAMap":false,"defaultValue":"10240K","javaDocSiteLink":"","docMapKey":"max-body-size","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_LIMITS_MAX_BODY_SIZE","enum":false}},{"configDocKey":{"type":"io.quarkus.runtime.configuration.MemorySize","key":"quarkus.http.limits.max-chunk-size","additionalKeys":[],"configDoc":"The max HTTP chunk size","withinAMap":false,"defaultValue":"8192","javaDocSiteLink":"","docMapKey":"max-chunk-size","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_LIMITS_MAX_CHUNK_SIZE","enum":false}},{"configDocKey":{"type":"int","key":"quarkus.http.limits.max-initial-line-length","additionalKeys":[],"configDoc":"The maximum length of the initial line (e.g. `\"GET / HTTP/1.0\"`).","withinAMap":false,"defaultValue":"4096","javaDocSiteLink":"","docMapKey":"max-initial-line-length","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_LIMITS_MAX_INITIAL_LINE_LENGTH","enum":false}},{"configDocKey":{"type":"io.quarkus.runtime.configuration.MemorySize","key":"quarkus.http.limits.max-form-attribute-size","additionalKeys":[],"configDoc":"The maximum length of a form attribute.","withinAMap":false,"defaultValue":"2048","javaDocSiteLink":"","docMapKey":"max-form-attribute-size","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_LIMITS_MAX_FORM_ATTRIBUTE_SIZE","enum":false}},{"configDocKey":{"type":"int","key":"quarkus.http.limits.max-form-fields","additionalKeys":[],"configDoc":"Set the maximum number of fields of a form. Set to `-1` to allow unlimited number of attributes.","withinAMap":false,"defaultValue":"256","javaDocSiteLink":"","docMapKey":"max-form-fields","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_LIMITS_MAX_FORM_FIELDS","enum":false}},{"configDocKey":{"type":"io.quarkus.runtime.configuration.MemorySize","key":"quarkus.http.limits.max-form-buffered-bytes","additionalKeys":[],"configDoc":"Set the maximum number of bytes a server can buffer when decoding a form. Set to `-1` to allow unlimited length","withinAMap":false,"defaultValue":"1K","javaDocSiteLink":"","docMapKey":"max-form-buffered-bytes","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_LIMITS_MAX_FORM_BUFFERED_BYTES","enum":false}},{"configDocKey":{"type":"int","key":"quarkus.http.limits.max-parameters","additionalKeys":[],"configDoc":"The maximum number of HTTP request parameters permitted for incoming requests.\n\nIf a client sends more than this number of parameters in a request, the connection is closed.","withinAMap":false,"defaultValue":"1000","javaDocSiteLink":"","docMapKey":"max-parameters","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_LIMITS_MAX_PARAMETERS","enum":false}},{"configDocKey":{"type":"java.lang.Integer","key":"quarkus.http.limits.max-connections","additionalKeys":[],"configDoc":"The maximum number of connections that are allowed at any one time. If this is set it is recommended to set a short idle timeout.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"max-connections","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_LIMITS_MAX_CONNECTIONS","enum":false}},{"configDocKey":{"type":"java.lang.Long","key":"quarkus.http.limits.header-table-size","additionalKeys":[],"configDoc":"Set the SETTINGS_HEADER_TABLE_SIZE HTTP/2 setting.\n\nAllows the sender to inform the remote endpoint of the maximum size of the header compression table used to decode header blocks, in octets. The encoder can select any size equal to or less than this value by using signaling specific to the header compression format inside a header block. The initial value is `4,096` octets.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"header-table-size","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_LIMITS_HEADER_TABLE_SIZE","enum":false}},{"configDocKey":{"type":"java.lang.Long","key":"quarkus.http.limits.max-concurrent-streams","additionalKeys":[],"configDoc":"Set SETTINGS_MAX_CONCURRENT_STREAMS HTTP/2 setting.\n\nIndicates the maximum number of concurrent streams that the sender will allow. This limit is directional: it applies to the number of streams that the sender permits the receiver to create. Initially, there is no limit to this value. It is recommended that this value be no smaller than 100, to not unnecessarily limit parallelism.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"max-concurrent-streams","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_LIMITS_MAX_CONCURRENT_STREAMS","enum":false}},{"configDocKey":{"type":"java.lang.Integer","key":"quarkus.http.limits.max-frame-size","additionalKeys":[],"configDoc":"Set the SETTINGS_MAX_FRAME_SIZE HTTP/2 setting. Indicates the size of the largest frame payload that the sender is willing to receive, in octets. The initial value is `2^14` (16,384) octets.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"max-frame-size","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_LIMITS_MAX_FRAME_SIZE","enum":false}},{"configDocKey":{"type":"java.lang.Long","key":"quarkus.http.limits.max-header-list-size","additionalKeys":[],"configDoc":"Set the SETTINGS_MAX_HEADER_LIST_SIZE HTTP/2 setting. This advisory setting informs a peer of the maximum size of header list that the sender is prepared to accept, in octets. The value is based on the uncompressed size of header fields, including the length of the name and value in octets plus an overhead of 32 octets for each header field. The default value is `8192`","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"max-header-list-size","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_LIMITS_MAX_HEADER_LIST_SIZE","enum":false}},{"configDocKey":{"type":"java.lang.Integer","key":"quarkus.http.limits.rst-flood-max-rst-frame-per-window","additionalKeys":[],"configDoc":"Set the max number of RST frame allowed per time window, this is used to prevent link:https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p[HTTP/2 RST frame flood DDOS attacks]. The default value is `200`, setting zero or a negative value, disables flood protection.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"rst-flood-max-rst-frame-per-window","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_LIMITS_RST_FLOOD_MAX_RST_FRAME_PER_WINDOW","enum":false}},{"configDocKey":{"type":"java.time.Duration","key":"quarkus.http.limits.rst-flood-window-duration","additionalKeys":[],"configDoc":"Set the duration of the time window when checking the max number of RST frames, this is used to prevent link:https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p[HTTP/2 RST frame flood DDOS attacks].. The default value is `30 s`, setting zero or a negative value, disables flood protection.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/time/Duration.html","docMapKey":"rst-flood-window-duration","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_LIMITS_RST_FLOOD_WINDOW_DURATION","enum":false}},{"configDocKey":{"type":"java.time.Duration","key":"quarkus.http.idle-timeout","additionalKeys":[],"configDoc":"Http connection idle timeout","withinAMap":false,"defaultValue":"30M","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/time/Duration.html","docMapKey":"idle-timeout","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_IDLE_TIMEOUT","enum":false}},{"configDocKey":{"type":"java.time.Duration","key":"quarkus.http.read-timeout","additionalKeys":[],"configDoc":"Http connection read timeout for blocking IO. This is the maximum amount of time a thread will wait for data, before an IOException will be thrown and the connection closed.","withinAMap":false,"defaultValue":"60S","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/time/Duration.html","docMapKey":"read-timeout","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_READ_TIMEOUT","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.body.handle-file-uploads","additionalKeys":[],"configDoc":"Whether the files sent using `multipart/form-data` will be stored locally.\n\nIf `true`, they will be stored in `quarkus.http.body-handler.uploads-directory` and will be made available via `io.vertx.ext.web.RoutingContext.fileUploads()`. Otherwise, the files sent using `multipart/form-data` will not be stored locally, and `io.vertx.ext.web.RoutingContext.fileUploads()` will always return an empty collection. Note that even with this option being set to `false`, the `multipart/form-data` requests will be accepted.","withinAMap":false,"defaultValue":"true","javaDocSiteLink":"","docMapKey":"handle-file-uploads","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_BODY_HANDLE_FILE_UPLOADS","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.body.uploads-directory","additionalKeys":[],"configDoc":"The directory where the files sent using `multipart/form-data` should be stored.\n\nEither an absolute path or a path relative to the current directory of the application process.","withinAMap":false,"defaultValue":"${java.io.tmpdir}/uploads","javaDocSiteLink":"","docMapKey":"uploads-directory","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_BODY_UPLOADS_DIRECTORY","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.body.merge-form-attributes","additionalKeys":[],"configDoc":"Whether the form attributes should be added to the request parameters.\n\nIf `true`, the form attributes will be added to the request parameters; otherwise the form parameters will not be added to the request parameters","withinAMap":false,"defaultValue":"true","javaDocSiteLink":"","docMapKey":"merge-form-attributes","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_BODY_MERGE_FORM_ATTRIBUTES","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.body.delete-uploaded-files-on-end","additionalKeys":[],"configDoc":"Whether the uploaded files should be removed after serving the request.\n\nIf `true` the uploaded files stored in `quarkus.http.body-handler.uploads-directory` will be removed after handling the request. Otherwise, the files will be left there forever.","withinAMap":false,"defaultValue":"true","javaDocSiteLink":"","docMapKey":"delete-uploaded-files-on-end","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_BODY_DELETE_UPLOADED_FILES_ON_END","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.body.preallocate-body-buffer","additionalKeys":[],"configDoc":"Whether the body buffer should pre-allocated based on the `Content-Length` header value.\n\nIf `true` the body buffer is pre-allocated according to the size read from the `Content-Length` header. Otherwise, the body buffer is pre-allocated to 1KB, and is resized dynamically","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"preallocate-body-buffer","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_BODY_PREALLOCATE_BODY_BUFFER","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.body.multipart.file-content-types","additionalKeys":[],"configDoc":"A comma-separated list of `ContentType` to indicate whether a given multipart field should be handled as a file part. You can use this setting to force HTTP-based extensions to parse a message part as a file based on its content type. For now, this setting only works when using RESTEasy Reactive.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"file-content-types","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_BODY_MULTIPART_FILE_CONTENT_TYPES","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.auth.session.encryption-key","additionalKeys":[],"configDoc":"The encryption key that is used to store persistent logins (e.g. for form auth). Logins are stored in a persistent cookie that is encrypted with AES-256 using a key derived from a SHA-256 hash of the key that is provided here.\n\nIf no key is provided then an in-memory one will be generated, this will change on every restart though so it is not suitable for production environments. This must be more than 16 characters long for security reasons","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"encryption-key","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_AUTH_SESSION_ENCRYPTION_KEY","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.so-reuse-port","additionalKeys":[],"configDoc":"Enable socket reuse port (linux/macOs native transport only)","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"so-reuse-port","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SO_REUSE_PORT","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.tcp-quick-ack","additionalKeys":[],"configDoc":"Enable tcp quick ack (linux native transport only)","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"tcp-quick-ack","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_TCP_QUICK_ACK","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.tcp-cork","additionalKeys":[],"configDoc":"Enable tcp cork (linux native transport only)","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"tcp-cork","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_TCP_CORK","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.tcp-fast-open","additionalKeys":[],"configDoc":"Enable tcp fast open (linux native transport only)","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"tcp-fast-open","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_TCP_FAST_OPEN","enum":false}},{"configDocKey":{"type":"int","key":"quarkus.http.accept-backlog","additionalKeys":[],"configDoc":"The accept backlog, this is how many connections can be waiting to be accepted before connections start being rejected","withinAMap":false,"defaultValue":"-1","javaDocSiteLink":"","docMapKey":"accept-backlog","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_ACCEPT_BACKLOG","enum":false}},{"configDocKey":{"type":"java.lang.Integer","key":"quarkus.http.initial-window-size","additionalKeys":[],"configDoc":"Set the SETTINGS_INITIAL_WINDOW_SIZE HTTP/2 setting. Indicates the sender's initial window size (in octets) for stream-level flow control. The initial value is `2^16-1` (65,535) octets.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"initial-window-size","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_INITIAL_WINDOW_SIZE","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.domain-socket","additionalKeys":[],"configDoc":"Path to a unix domain socket","withinAMap":false,"defaultValue":"/var/run/io.quarkus.app.socket","javaDocSiteLink":"","docMapKey":"domain-socket","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_DOMAIN_SOCKET","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.domain-socket-enabled","additionalKeys":[],"configDoc":"Enable listening to host:port","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"domain-socket-enabled","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_DOMAIN_SOCKET_ENABLED","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.record-request-start-time","additionalKeys":[],"configDoc":"If this is true then the request start time will be recorded to enable logging of total request time.\n\nThis has a small performance penalty, so is disabled by default.","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"record-request-start-time","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_RECORD_REQUEST_START_TIME","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.access-log.enabled","additionalKeys":[],"configDoc":"If access logging is enabled. By default this will log via the standard logging facility","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"enabled","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_ACCESS_LOG_ENABLED","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.access-log.exclude-pattern","additionalKeys":[],"configDoc":"A regular expression that can be used to exclude some paths from logging.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"exclude-pattern","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_ACCESS_LOG_EXCLUDE_PATTERN","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.access-log.pattern","additionalKeys":[],"configDoc":"The access log pattern.\n\nIf this is the string `common`, `combined` or `long` then this will use one of the specified named formats:\n\n- common: `%h %l %u %t \"%r\" %s %b`\n- combined: `%h %l %u %t \"%r\" %s %b \"%{i,Referer}\" \"%{i,User-Agent}\"`\n- long: `%r\\n%{ALL_REQUEST_HEADERS}`\n\nOtherwise, consult the Quarkus documentation for the full list of variables that can be used.","withinAMap":false,"defaultValue":"common","javaDocSiteLink":"","docMapKey":"pattern","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_ACCESS_LOG_PATTERN","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.access-log.log-to-file","additionalKeys":[],"configDoc":"If logging should be done to a separate file.","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"log-to-file","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_ACCESS_LOG_LOG_TO_FILE","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.access-log.base-file-name","additionalKeys":[],"configDoc":"The access log file base name, defaults to 'quarkus' which will give a log file name of 'quarkus.log'.","withinAMap":false,"defaultValue":"quarkus","javaDocSiteLink":"","docMapKey":"base-file-name","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_ACCESS_LOG_BASE_FILE_NAME","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.access-log.log-directory","additionalKeys":[],"configDoc":"The log directory to use when logging access to a file If this is not set then the current working directory is used.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"log-directory","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_ACCESS_LOG_LOG_DIRECTORY","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.access-log.log-suffix","additionalKeys":[],"configDoc":"The log file suffix","withinAMap":false,"defaultValue":".log","javaDocSiteLink":"","docMapKey":"log-suffix","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_ACCESS_LOG_LOG_SUFFIX","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.access-log.category","additionalKeys":[],"configDoc":"The log category to use if logging is being done via the standard log mechanism (i.e. if base-file-name is empty).","withinAMap":false,"defaultValue":"io.quarkus.http.access-log","javaDocSiteLink":"","docMapKey":"category","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_ACCESS_LOG_CATEGORY","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.access-log.rotate","additionalKeys":[],"configDoc":"If the log should be rotated daily","withinAMap":false,"defaultValue":"true","javaDocSiteLink":"","docMapKey":"rotate","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_ACCESS_LOG_ROTATE","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.access-log.consolidate-rerouted-requests","additionalKeys":[],"configDoc":"If rerouted requests should be consolidated into one log entry","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"consolidate-rerouted-requests","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_ACCESS_LOG_CONSOLIDATE_REROUTED_REQUESTS","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.traffic-shaping.enabled","additionalKeys":[],"configDoc":"Enables the traffic shaping.","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"enabled","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_TRAFFIC_SHAPING_ENABLED","enum":false}},{"configDocKey":{"type":"io.quarkus.runtime.configuration.MemorySize","key":"quarkus.http.traffic-shaping.inbound-global-bandwidth","additionalKeys":[],"configDoc":"Set bandwidth limit in bytes per second for inbound connections. If not set, no limits are applied.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"inbound-global-bandwidth","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_TRAFFIC_SHAPING_INBOUND_GLOBAL_BANDWIDTH","enum":false}},{"configDocKey":{"type":"io.quarkus.runtime.configuration.MemorySize","key":"quarkus.http.traffic-shaping.outbound-global-bandwidth","additionalKeys":[],"configDoc":"Set bandwidth limit in bytes per second for outbound connections. If not set, no limits are applied.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"outbound-global-bandwidth","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_TRAFFIC_SHAPING_OUTBOUND_GLOBAL_BANDWIDTH","enum":false}},{"configDocKey":{"type":"java.time.Duration","key":"quarkus.http.traffic-shaping.max-delay","additionalKeys":[],"configDoc":"Set the maximum delay to wait in case of traffic excess. Default is 15s. Must be less than the HTTP timeout.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/time/Duration.html","docMapKey":"max-delay","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_TRAFFIC_SHAPING_MAX_DELAY","enum":false}},{"configDocKey":{"type":"java.time.Duration","key":"quarkus.http.traffic-shaping.check-interval","additionalKeys":[],"configDoc":"Set the delay between two computations of performances for channels. If set to 0, no stats are computed. Despite 0 is accepted (no accounting), it is recommended to set a positive value for the check interval, even if it is high since the precision of the traffic shaping depends on the period where the traffic is computed. In this case, a suggested value is something close to 5 or 10 minutes.\n\nIf not default, it defaults to 1s.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/time/Duration.html","docMapKey":"check-interval","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_TRAFFIC_SHAPING_CHECK_INTERVAL","enum":false}},{"configDocKey":{"type":"io.quarkus.runtime.configuration.MemorySize","key":"quarkus.http.traffic-shaping.peak-outbound-global-bandwidth","additionalKeys":[],"configDoc":"Set the maximum global write size in bytes per second allowed in the buffer globally for all channels before write are suspended. The default value is 400 MB.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"peak-outbound-global-bandwidth","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_TRAFFIC_SHAPING_PEAK_OUTBOUND_GLOBAL_BANDWIDTH","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.same-site-cookie.\"same-site-cookie\".case-sensitive","additionalKeys":[],"configDoc":"If the cookie pattern is case-sensitive","withinAMap":true,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"case-sensitive","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SAME_SITE_COOKIE__SAME_SITE_COOKIE__CASE_SENSITIVE","enum":false}},{"configDocKey":{"type":"io.vertx.core.http.CookieSameSite","key":"quarkus.http.same-site-cookie.\"same-site-cookie\".value","additionalKeys":[],"configDoc":"The value to set in the samesite attribute","withinAMap":true,"defaultValue":"","javaDocSiteLink":"https://vertx.io/docs/apidocs/io/vertx/core/http/CookieSameSite.html","docMapKey":"value","configPhase":"RUN_TIME","acceptedValues":["`none`","`strict`","`lax`"],"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SAME_SITE_COOKIE__SAME_SITE_COOKIE__VALUE","enum":true}},{"configDocKey":{"type":"boolean","key":"quarkus.http.same-site-cookie.\"same-site-cookie\".enable-client-checker","additionalKeys":[],"configDoc":"Some User Agents break when sent SameSite=None, this will detect them and avoid sending the value","withinAMap":true,"defaultValue":"true","javaDocSiteLink":"","docMapKey":"enable-client-checker","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SAME_SITE_COOKIE__SAME_SITE_COOKIE__ENABLE_CLIENT_CHECKER","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.same-site-cookie.\"same-site-cookie\".add-secure-for-none","additionalKeys":[],"configDoc":"If this is true then the 'secure' attribute will automatically be sent on cookies with a SameSite attribute of None.","withinAMap":true,"defaultValue":"true","javaDocSiteLink":"","docMapKey":"add-secure-for-none","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_SAME_SITE_COOKIE__SAME_SITE_COOKIE__ADD_SECURE_FOR_NONE","enum":false}},{"configDocKey":{"type":"io.quarkus.vertx.http.runtime.HttpConfiguration.PayloadHint","key":"quarkus.http.unhandled-error-content-type-default","additionalKeys":[],"configDoc":"Provides a hint (optional) for the default content type of responses generated for the errors not handled by the application.\n\nIf the client requested a supported content-type in request headers (e.g. \"Accept: application/json\", \"Accept: text/html\"), Quarkus will use that content type.\n\nOtherwise, it will default to the content type configured here.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"unhandled-error-content-type-default","configPhase":"RUN_TIME","acceptedValues":["`json`","`html`"],"optional":true,"list":false,"withinAConfigGroup":false,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_UNHANDLED_ERROR_CONTENT_TYPE_DEFAULT","enum":true}},{"configDocKey":{"type":"string","key":"quarkus.http.header.\"header\".path","additionalKeys":[],"configDoc":"The path this header should be applied","withinAMap":true,"defaultValue":"/*","javaDocSiteLink":"","docMapKey":"path","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_HEADER__HEADER__PATH","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.header.\"header\".value","additionalKeys":[],"configDoc":"The value for this header configuration","withinAMap":true,"defaultValue":"","javaDocSiteLink":"","docMapKey":"value","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_HEADER__HEADER__VALUE","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.header.\"header\".methods","additionalKeys":[],"configDoc":"The HTTP methods for this header configuration","withinAMap":true,"defaultValue":"","javaDocSiteLink":"","docMapKey":"methods","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_HEADER__HEADER__METHODS","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.filter.\"filter\".matches","additionalKeys":[],"configDoc":"A regular expression for the paths matching this configuration","withinAMap":true,"defaultValue":"","javaDocSiteLink":"","docMapKey":"matches","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_FILTER__FILTER__MATCHES","enum":false}},{"configDocKey":{"type":"java.lang.String","key":"quarkus.http.filter.\"filter\".header.\"header-name\"","additionalKeys":[],"configDoc":"Additional HTTP Headers always sent in the response","withinAMap":true,"defaultValue":"","javaDocSiteLink":"https://docs.oracle.com/javase/8/docs/api/java/lang/String.html","docMapKey":"header-name","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_FILTER__FILTER__HEADER__HEADER_NAME_","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.filter.\"filter\".methods","additionalKeys":[],"configDoc":"The HTTP methods for this path configuration","withinAMap":true,"defaultValue":"","javaDocSiteLink":"","docMapKey":"methods","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_FILTER__FILTER__METHODS","enum":false}},{"configDocKey":{"type":"java.lang.Integer","key":"quarkus.http.filter.\"filter\".order","additionalKeys":[],"configDoc":"","withinAMap":true,"defaultValue":"","javaDocSiteLink":"","docMapKey":"order","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_FILTER__FILTER__ORDER","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.proxy.use-proxy-protocol","additionalKeys":[],"configDoc":"Set whether the server should use the HA `PROXY` protocol when serving requests from behind a proxy. (see the link:https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt[PROXY Protocol]). When set to `true`, the remote address returned will be the one from the actual connecting client. If it is set to `false` (default), the remote address returned will be the one from the proxy.","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"use-proxy-protocol","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_PROXY_USE_PROXY_PROTOCOL","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.proxy.proxy-address-forwarding","additionalKeys":[],"configDoc":"If this is true then the address, scheme etc. will be set from headers forwarded by the proxy server, such as `X-Forwarded-For`. This should only be set if you are behind a proxy that sets these headers.","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"proxy-address-forwarding","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_PROXY_PROXY_ADDRESS_FORWARDING","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.proxy.allow-forwarded","additionalKeys":[],"configDoc":"If this is true and proxy address forwarding is enabled then the standard `Forwarded` header will be used. In case the not standard `X-Forwarded-For` header is enabled and detected on HTTP requests, the standard header has the precedence. Activating this together with `quarkus.http.proxy.allow-x-forwarded` has security implications as clients can forge requests with a forwarded header that is not overwritten by the proxy. Therefore, proxies should strip unexpected `X-Forwarded` or `X-Forwarded-++*++` headers from the client.","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"allow-forwarded","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_PROXY_ALLOW_FORWARDED","enum":false}},{"configDocKey":{"type":"java.lang.Boolean","key":"quarkus.http.proxy.allow-x-forwarded","additionalKeys":[],"configDoc":"If either this or `allow-forwarded` are true and proxy address forwarding is enabled then the not standard `Forwarded` header will be used. In case the standard `Forwarded` header is enabled and detected on HTTP requests, the standard header has the precedence. Activating this together with `quarkus.http.proxy.allow-forwarded` has security implications as clients can forge requests with a forwarded header that is not overwritten by the proxy. Therefore, proxies should strip unexpected `X-Forwarded` or `X-Forwarded-++*++` headers from the client.","withinAMap":false,"defaultValue":"","javaDocSiteLink":"","docMapKey":"allow-x-forwarded","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_PROXY_ALLOW_X_FORWARDED","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.proxy.enable-forwarded-host","additionalKeys":[],"configDoc":"Enable override the received request's host through a forwarded host header.","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"enable-forwarded-host","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_PROXY_ENABLE_FORWARDED_HOST","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.proxy.forwarded-host-header","additionalKeys":[],"configDoc":"Configure the forwarded host header to be used if override enabled.","withinAMap":false,"defaultValue":"X-Forwarded-Host","javaDocSiteLink":"","docMapKey":"forwarded-host-header","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_PROXY_FORWARDED_HOST_HEADER","enum":false}},{"configDocKey":{"type":"boolean","key":"quarkus.http.proxy.enable-forwarded-prefix","additionalKeys":[],"configDoc":"Enable prefix the received request's path with a forwarded prefix header.","withinAMap":false,"defaultValue":"false","javaDocSiteLink":"","docMapKey":"enable-forwarded-prefix","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_PROXY_ENABLE_FORWARDED_PREFIX","enum":false}},{"configDocKey":{"type":"string","key":"quarkus.http.proxy.forwarded-prefix-header","additionalKeys":[],"configDoc":"Configure the forwarded prefix header to be used if prefixing enabled.","withinAMap":false,"defaultValue":"X-Forwarded-Prefix","javaDocSiteLink":"","docMapKey":"forwarded-prefix-header","configPhase":"RUN_TIME","acceptedValues":null,"optional":false,"list":false,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_PROXY_FORWARDED_PREFIX_HEADER","enum":false}},{"configDocKey":{"type":"io.quarkus.vertx.http.runtime.TrustedProxyCheck.TrustedProxyCheckPart","key":"quarkus.http.proxy.trusted-proxies","additionalKeys":[],"configDoc":"Configure the list of trusted proxy addresses. Received `Forwarded`, `X-Forwarded` or `X-Forwarded-++*++` headers from any other proxy address will be ignored. The trusted proxy address should be specified as the IP address (IPv4 or IPv6), hostname or Classless Inter-Domain Routing (CIDR) notation. Please note that Quarkus needs to perform DNS lookup for all hostnames during the request. For that reason, using hostnames is not recommended.\n\nExamples of a socket address in the form of `host` or `host:port`:\n\n - `127.0.0.1:8084`\n - `++[++0:0:0:0:0:0:0:1++]++`\n - `++[++0:0:0:0:0:0:0:1++]++:8084`\n - `++[++::++]++`\n - `localhost`\n - `localhost:8084`\n\nExamples of a CIDR notation:\n\n - `::/128`\n - `::/0`\n - `127.0.0.0/8`\n\nPlease bear in mind that IPv4 CIDR won't match request sent from the IPv6 address and the other way around.","withinAMap":false,"defaultValue":"All proxy addresses are trusted","javaDocSiteLink":"","docMapKey":"trusted-proxies","configPhase":"RUN_TIME","acceptedValues":null,"optional":true,"list":true,"withinAConfigGroup":true,"topLevelGrouping":"quarkus.http","since":null,"environmentVariable":"QUARKUS_HTTP_PROXY_TRUSTED_PROXIES","enum":false}}] \ No newline at end of file diff --git a/_generated-doc/main/config/quarkus-all-config.adoc b/_generated-doc/main/config/quarkus-all-config.adoc index 21b52d3263..5c288d537f 100644 --- a/_generated-doc/main/config/quarkus-all-config.adoc +++ b/_generated-doc/main/config/quarkus-all-config.adoc @@ -6040,14 +6040,36 @@ endif::add-copy-button-to-env-var[] | +a| [[quarkus-vertx-http_quarkus-http-auth-certificate-role-attribute]]`link:#quarkus-vertx-http_quarkus-http-auth-certificate-role-attribute[quarkus.http.auth.certificate-role-attribute]` + + +[.description] +-- +Client certificate attribute whose values are going to be mapped to the 'SecurityIdentity' roles according to the roles mapping specified in the certificate properties file. The attribute must be either one of the Relative Distinguished Names (RDNs) or Subject Alternative Names (SANs). By default, the Common Name (CN) attribute value is used for roles mapping. Supported values are: + + - RDN type - Distinguished Name field. For example 'CN' represents Common Name field. Multivalued RNDs and multiple instances of the same attributes are currently not supported. + - 'SAN_RFC822' - Subject Alternative Name field RFC 822 Name. + - 'SAN_URI' - Subject Alternative Name field Uniform Resource Identifier (URI). + - 'SAN_ANY' - Subject Alternative Name field Other Name. Please note that only simple case of UTF8 identifier mapping is supported. For example, you can map 'other-identifier' to the SecurityIdentity roles. If you use 'openssl' tool, supported Other name definition would look like this: `subjectAltName=otherName:1.2.3.4;UTF8:other-identifier` + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_HTTP_AUTH_CERTIFICATE_ROLE_ATTRIBUTE+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_HTTP_AUTH_CERTIFICATE_ROLE_ATTRIBUTE+++` +endif::add-copy-button-to-env-var[] +--|string +|`CN` + + a| [[quarkus-vertx-http_quarkus-http-auth-certificate-role-properties]]`link:#quarkus-vertx-http_quarkus-http-auth-certificate-role-properties[quarkus.http.auth.certificate-role-properties]` [.description] -- -Properties file containing the client certificate common name (CN) to role mappings. Use it only if the mTLS authentication mechanism is enabled with either `quarkus.http.ssl.client-auth=required` or `quarkus.http.ssl.client-auth=request`. +Properties file containing the client certificate attribute value to role mappings. Use it only if the mTLS authentication mechanism is enabled with either `quarkus.http.ssl.client-auth=required` or `quarkus.http.ssl.client-auth=request`. -Properties file is expected to have the `CN=role1,role,...,roleN` format and should be encoded using UTF-8. +Properties file is expected to have the `CN_VALUE=role1,role,...,roleN` format and should be encoded using UTF-8. ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_HTTP_AUTH_CERTIFICATE_ROLE_PROPERTIES+++[] diff --git a/_generated-doc/main/config/quarkus-http-http-configuration.adoc b/_generated-doc/main/config/quarkus-http-http-configuration.adoc index 96777d3efe..90a4452d08 100644 --- a/_generated-doc/main/config/quarkus-http-http-configuration.adoc +++ b/_generated-doc/main/config/quarkus-http-http-configuration.adoc @@ -10,14 +10,36 @@ h|[[quarkus-http-http-configuration_configuration]]link:#quarkus-http-http-confi h|Type h|Default +a| [[quarkus-http-http-configuration_quarkus-http-auth-certificate-role-attribute]]`link:#quarkus-http-http-configuration_quarkus-http-auth-certificate-role-attribute[quarkus.http.auth.certificate-role-attribute]` + + +[.description] +-- +Client certificate attribute whose values are going to be mapped to the 'SecurityIdentity' roles according to the roles mapping specified in the certificate properties file. The attribute must be either one of the Relative Distinguished Names (RDNs) or Subject Alternative Names (SANs). By default, the Common Name (CN) attribute value is used for roles mapping. Supported values are: + + - RDN type - Distinguished Name field. For example 'CN' represents Common Name field. Multivalued RNDs and multiple instances of the same attributes are currently not supported. + - 'SAN_RFC822' - Subject Alternative Name field RFC 822 Name. + - 'SAN_URI' - Subject Alternative Name field Uniform Resource Identifier (URI). + - 'SAN_ANY' - Subject Alternative Name field Other Name. Please note that only simple case of UTF8 identifier mapping is supported. For example, you can map 'other-identifier' to the SecurityIdentity roles. If you use 'openssl' tool, supported Other name definition would look like this: `subjectAltName=otherName:1.2.3.4;UTF8:other-identifier` + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_HTTP_AUTH_CERTIFICATE_ROLE_ATTRIBUTE+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_HTTP_AUTH_CERTIFICATE_ROLE_ATTRIBUTE+++` +endif::add-copy-button-to-env-var[] +--|string +|`CN` + + a| [[quarkus-http-http-configuration_quarkus-http-auth-certificate-role-properties]]`link:#quarkus-http-http-configuration_quarkus-http-auth-certificate-role-properties[quarkus.http.auth.certificate-role-properties]` [.description] -- -Properties file containing the client certificate common name (CN) to role mappings. Use it only if the mTLS authentication mechanism is enabled with either `quarkus.http.ssl.client-auth=required` or `quarkus.http.ssl.client-auth=request`. +Properties file containing the client certificate attribute value to role mappings. Use it only if the mTLS authentication mechanism is enabled with either `quarkus.http.ssl.client-auth=required` or `quarkus.http.ssl.client-auth=request`. -Properties file is expected to have the `CN=role1,role,...,roleN` format and should be encoded using UTF-8. +Properties file is expected to have the `CN_VALUE=role1,role,...,roleN` format and should be encoded using UTF-8. ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_HTTP_AUTH_CERTIFICATE_ROLE_PROPERTIES+++[] diff --git a/_generated-doc/main/config/quarkus-vertx-http-config-group-auth-runtime-config.adoc b/_generated-doc/main/config/quarkus-vertx-http-config-group-auth-runtime-config.adoc index ca3f2b07f7..296e2703eb 100644 --- a/_generated-doc/main/config/quarkus-vertx-http-config-group-auth-runtime-config.adoc +++ b/_generated-doc/main/config/quarkus-vertx-http-config-group-auth-runtime-config.adoc @@ -10,14 +10,36 @@ h|[[quarkus-vertx-http-config-group-auth-runtime-config_configuration]]link:#qua h|Type h|Default +a| [[quarkus-vertx-http-config-group-auth-runtime-config_quarkus-http-auth-certificate-role-attribute]]`link:#quarkus-vertx-http-config-group-auth-runtime-config_quarkus-http-auth-certificate-role-attribute[quarkus.http.auth.certificate-role-attribute]` + + +[.description] +-- +Client certificate attribute whose values are going to be mapped to the 'SecurityIdentity' roles according to the roles mapping specified in the certificate properties file. The attribute must be either one of the Relative Distinguished Names (RDNs) or Subject Alternative Names (SANs). By default, the Common Name (CN) attribute value is used for roles mapping. Supported values are: + + - RDN type - Distinguished Name field. For example 'CN' represents Common Name field. Multivalued RNDs and multiple instances of the same attributes are currently not supported. + - 'SAN_RFC822' - Subject Alternative Name field RFC 822 Name. + - 'SAN_URI' - Subject Alternative Name field Uniform Resource Identifier (URI). + - 'SAN_ANY' - Subject Alternative Name field Other Name. Please note that only simple case of UTF8 identifier mapping is supported. For example, you can map 'other-identifier' to the SecurityIdentity roles. If you use 'openssl' tool, supported Other name definition would look like this: `subjectAltName=otherName:1.2.3.4;UTF8:other-identifier` + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_HTTP_AUTH_CERTIFICATE_ROLE_ATTRIBUTE+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_HTTP_AUTH_CERTIFICATE_ROLE_ATTRIBUTE+++` +endif::add-copy-button-to-env-var[] +--|string +|`CN` + + a| [[quarkus-vertx-http-config-group-auth-runtime-config_quarkus-http-auth-certificate-role-properties]]`link:#quarkus-vertx-http-config-group-auth-runtime-config_quarkus-http-auth-certificate-role-properties[quarkus.http.auth.certificate-role-properties]` [.description] -- -Properties file containing the client certificate common name (CN) to role mappings. Use it only if the mTLS authentication mechanism is enabled with either `quarkus.http.ssl.client-auth=required` or `quarkus.http.ssl.client-auth=request`. +Properties file containing the client certificate attribute value to role mappings. Use it only if the mTLS authentication mechanism is enabled with either `quarkus.http.ssl.client-auth=required` or `quarkus.http.ssl.client-auth=request`. -Properties file is expected to have the `CN=role1,role,...,roleN` format and should be encoded using UTF-8. +Properties file is expected to have the `CN_VALUE=role1,role,...,roleN` format and should be encoded using UTF-8. ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_HTTP_AUTH_CERTIFICATE_ROLE_PROPERTIES+++[] diff --git a/_generated-doc/main/config/quarkus-vertx-http-general-config-items.adoc b/_generated-doc/main/config/quarkus-vertx-http-general-config-items.adoc index 7c7c9213d1..85bc1aab2c 100644 --- a/_generated-doc/main/config/quarkus-vertx-http-general-config-items.adoc +++ b/_generated-doc/main/config/quarkus-vertx-http-general-config-items.adoc @@ -78,14 +78,36 @@ endif::add-copy-button-to-env-var[] |`true` +a| [[quarkus-vertx-http-general-config-items_quarkus-http-auth-certificate-role-attribute]]`link:#quarkus-vertx-http-general-config-items_quarkus-http-auth-certificate-role-attribute[quarkus.http.auth.certificate-role-attribute]` + + +[.description] +-- +Client certificate attribute whose values are going to be mapped to the 'SecurityIdentity' roles according to the roles mapping specified in the certificate properties file. The attribute must be either one of the Relative Distinguished Names (RDNs) or Subject Alternative Names (SANs). By default, the Common Name (CN) attribute value is used for roles mapping. Supported values are: + + - RDN type - Distinguished Name field. For example 'CN' represents Common Name field. Multivalued RNDs and multiple instances of the same attributes are currently not supported. + - 'SAN_RFC822' - Subject Alternative Name field RFC 822 Name. + - 'SAN_URI' - Subject Alternative Name field Uniform Resource Identifier (URI). + - 'SAN_ANY' - Subject Alternative Name field Other Name. Please note that only simple case of UTF8 identifier mapping is supported. For example, you can map 'other-identifier' to the SecurityIdentity roles. If you use 'openssl' tool, supported Other name definition would look like this: `subjectAltName=otherName:1.2.3.4;UTF8:other-identifier` + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_HTTP_AUTH_CERTIFICATE_ROLE_ATTRIBUTE+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_HTTP_AUTH_CERTIFICATE_ROLE_ATTRIBUTE+++` +endif::add-copy-button-to-env-var[] +--|string +|`CN` + + a| [[quarkus-vertx-http-general-config-items_quarkus-http-auth-certificate-role-properties]]`link:#quarkus-vertx-http-general-config-items_quarkus-http-auth-certificate-role-properties[quarkus.http.auth.certificate-role-properties]` [.description] -- -Properties file containing the client certificate common name (CN) to role mappings. Use it only if the mTLS authentication mechanism is enabled with either `quarkus.http.ssl.client-auth=required` or `quarkus.http.ssl.client-auth=request`. +Properties file containing the client certificate attribute value to role mappings. Use it only if the mTLS authentication mechanism is enabled with either `quarkus.http.ssl.client-auth=required` or `quarkus.http.ssl.client-auth=request`. -Properties file is expected to have the `CN=role1,role,...,roleN` format and should be encoded using UTF-8. +Properties file is expected to have the `CN_VALUE=role1,role,...,roleN` format and should be encoded using UTF-8. ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_HTTP_AUTH_CERTIFICATE_ROLE_PROPERTIES+++[] diff --git a/_generated-doc/main/config/quarkus-vertx-http.adoc b/_generated-doc/main/config/quarkus-vertx-http.adoc index 6256906248..bff363e13f 100644 --- a/_generated-doc/main/config/quarkus-vertx-http.adoc +++ b/_generated-doc/main/config/quarkus-vertx-http.adoc @@ -251,14 +251,36 @@ endif::add-copy-button-to-env-var[] | +a| [[quarkus-vertx-http_quarkus-http-auth-certificate-role-attribute]]`link:#quarkus-vertx-http_quarkus-http-auth-certificate-role-attribute[quarkus.http.auth.certificate-role-attribute]` + + +[.description] +-- +Client certificate attribute whose values are going to be mapped to the 'SecurityIdentity' roles according to the roles mapping specified in the certificate properties file. The attribute must be either one of the Relative Distinguished Names (RDNs) or Subject Alternative Names (SANs). By default, the Common Name (CN) attribute value is used for roles mapping. Supported values are: + + - RDN type - Distinguished Name field. For example 'CN' represents Common Name field. Multivalued RNDs and multiple instances of the same attributes are currently not supported. + - 'SAN_RFC822' - Subject Alternative Name field RFC 822 Name. + - 'SAN_URI' - Subject Alternative Name field Uniform Resource Identifier (URI). + - 'SAN_ANY' - Subject Alternative Name field Other Name. Please note that only simple case of UTF8 identifier mapping is supported. For example, you can map 'other-identifier' to the SecurityIdentity roles. If you use 'openssl' tool, supported Other name definition would look like this: `subjectAltName=otherName:1.2.3.4;UTF8:other-identifier` + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_HTTP_AUTH_CERTIFICATE_ROLE_ATTRIBUTE+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_HTTP_AUTH_CERTIFICATE_ROLE_ATTRIBUTE+++` +endif::add-copy-button-to-env-var[] +--|string +|`CN` + + a| [[quarkus-vertx-http_quarkus-http-auth-certificate-role-properties]]`link:#quarkus-vertx-http_quarkus-http-auth-certificate-role-properties[quarkus.http.auth.certificate-role-properties]` [.description] -- -Properties file containing the client certificate common name (CN) to role mappings. Use it only if the mTLS authentication mechanism is enabled with either `quarkus.http.ssl.client-auth=required` or `quarkus.http.ssl.client-auth=request`. +Properties file containing the client certificate attribute value to role mappings. Use it only if the mTLS authentication mechanism is enabled with either `quarkus.http.ssl.client-auth=required` or `quarkus.http.ssl.client-auth=request`. -Properties file is expected to have the `CN=role1,role,...,roleN` format and should be encoded using UTF-8. +Properties file is expected to have the `CN_VALUE=role1,role,...,roleN` format and should be encoded using UTF-8. ifdef::add-copy-button-to-env-var[] Environment variable: env_var_with_copy_button:+++QUARKUS_HTTP_AUTH_CERTIFICATE_ROLE_PROPERTIES+++[]