31b1b35a65
Changements: - Remplacer /*.css, /*.js, etc. par /resources/**, /jakarta.faces.resource/** - Le format /* est invalide dans Quarkus security - Utiliser ** pour matcher plusieurs segments de path Résout: HTTP permission path error au démarrage 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
116 lines
4.1 KiB
Properties
116 lines
4.1 KiB
Properties
# Configuration de production pour BTP Xpress Client
|
|
# Variables d'environnement requises :
|
|
# - BTPXPRESS_API_BASE_URL : URL de l'API backend
|
|
|
|
# Application
|
|
quarkus.application.name=BTP Xpress Client
|
|
quarkus.application.version=1.0.0
|
|
|
|
# Configuration PrimeFaces
|
|
primefaces.THEME=freya-purple-light
|
|
primefaces.FONT_AWESOME=true
|
|
primefaces.UPLOADER=auto
|
|
primefaces.MOVE_SCRIPTS_TO_BOTTOM=true
|
|
primefaces.CLIENT_SIDE_VALIDATION=true
|
|
|
|
# Configuration JSF - Production
|
|
jakarta.faces.PROJECT_STAGE=Production
|
|
jakarta.faces.STATE_SAVING_METHOD=server
|
|
jakarta.faces.DATETIMECONVERTER_DEFAULT_TIMEZONE_IS_SYSTEM_TIMEZONE=true
|
|
jakarta.faces.PARTIAL_STATE_SAVING=true
|
|
jakarta.faces.VALIDATE_EMPTY_FIELDS=auto
|
|
|
|
# Configuration Arc
|
|
quarkus.arc.remove-unused-beans=true
|
|
|
|
# Serveur HTTP
|
|
quarkus.http.port=8081
|
|
quarkus.http.host=0.0.0.0
|
|
|
|
# CORS Configuration pour production
|
|
# Frontend accessible depuis btpxpress.lions.dev
|
|
quarkus.http.cors=true
|
|
quarkus.http.cors.origins=https://btpxpress.lions.dev,https://www.btpxpress.lions.dev
|
|
quarkus.http.cors.methods=GET,POST,PUT,DELETE,OPTIONS,PATCH
|
|
quarkus.http.cors.headers=Content-Type,Authorization,X-Requested-With,X-CSRF-Token
|
|
quarkus.http.cors.exposed-headers=Content-Disposition
|
|
quarkus.http.cors.access-control-max-age=3600
|
|
quarkus.http.cors.access-control-allow-credentials=true
|
|
|
|
# Configuration OIDC / Keycloak pour production
|
|
quarkus.oidc.enabled=true
|
|
quarkus.oidc.auth-server-url=https://security.lions.dev/realms/btpxpress
|
|
quarkus.oidc.client-id=btpxpress-frontend
|
|
quarkus.oidc.application-type=web-app
|
|
quarkus.oidc.tls.verification=required
|
|
|
|
# Authentification
|
|
quarkus.oidc.authentication.redirect-path=/
|
|
quarkus.oidc.authentication.restore-path-after-redirect=true
|
|
quarkus.oidc.authentication.cookie-path=/
|
|
quarkus.oidc.authentication.session-age-extension=PT30M
|
|
quarkus.oidc.authentication.cookie-same-site=strict
|
|
|
|
# Token configuration
|
|
quarkus.oidc.token.issuer=https://security.lions.dev/realms/btpxpress
|
|
quarkus.oidc.discovery-enabled=true
|
|
|
|
# Token state manager
|
|
quarkus.oidc.token-state-manager.split-tokens=true
|
|
quarkus.oidc.token-state-manager.strategy=id-refresh-tokens
|
|
quarkus.oidc.token-state-manager.encryption-required=true
|
|
quarkus.oidc.token-state-manager.cookie-max-size=8192
|
|
quarkus.oidc.token-state-manager.cookie-secure=true
|
|
quarkus.oidc.token-state-manager.cookie-http-only=true
|
|
|
|
# Limites HTTP pour sécurité
|
|
quarkus.http.max-headers-size=128K
|
|
quarkus.http.max-request-body-size=10M
|
|
quarkus.http.max-parameters=1000
|
|
quarkus.http.max-parameter-size=2048
|
|
|
|
quarkus.vertx.max-headers-size=128K
|
|
vertx.http.maxHeaderSize=131072
|
|
|
|
# Configuration sécurité
|
|
quarkus.security.users.embedded.enabled=false
|
|
quarkus.http.auth.proactive=true
|
|
quarkus.security.deny-unannotated-endpoints=false
|
|
|
|
# Permissions pour accès public aux ressources statiques et pages publiques
|
|
# Format Quarkus : ** pour plusieurs segments de path
|
|
quarkus.http.auth.permission.public.paths=/resources/**,/jakarta.faces.resource/**,/static/**,/webjars/**
|
|
quarkus.http.auth.permission.public.policy=permit
|
|
|
|
# Authentification requise pour toutes les autres pages
|
|
quarkus.http.auth.permission.authenticated.paths=/*
|
|
quarkus.http.auth.permission.authenticated.policy=authenticated
|
|
|
|
# Configuration API Backend
|
|
btpxpress.api.base-url=${BTPXPRESS_API_BASE_URL:https://api.btpxpress.lions.dev}
|
|
btpxpress.api.timeout=30000
|
|
|
|
quarkus.rest-client."dev.lions.btpxpress.service.BtpXpressApiClient".url=${btpxpress.api.base-url}
|
|
quarkus.rest-client."dev.lions.btpxpress.service.BtpXpressApiClient".scope=jakarta.inject.Singleton
|
|
|
|
# Locale
|
|
quarkus.locale=fr_FR
|
|
|
|
# Logging - Production
|
|
quarkus.log.level=INFO
|
|
quarkus.log.category."dev.lions.btpxpress".level=INFO
|
|
quarkus.log.category."org.hibernate".level=WARN
|
|
quarkus.log.category."io.quarkus".level=INFO
|
|
quarkus.log.category."io.quarkus.oidc".level=WARN
|
|
quarkus.log.console.enable=true
|
|
quarkus.log.console.format=%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c{2.}] (%t) %s%e%n
|
|
|
|
# Cache optimisé pour production
|
|
quarkus.cache.caffeine.default.initial-capacity=200
|
|
quarkus.cache.caffeine.default.maximum-size=2000
|
|
quarkus.cache.caffeine.default.expire-after-write=PT1H
|
|
|
|
# Compression
|
|
quarkus.http.enable-compression=true
|
|
|