66 lines
3.1 KiB
Properties
66 lines
3.1 KiB
Properties
# ============================================================================
|
|
# Lions User Manager Client - Configuration COMMUNE (tous environnements)
|
|
# ============================================================================
|
|
# Ce fichier contient UNIQUEMENT les propriétés communes à dev et prod.
|
|
# Les configs OIDC, HTTP port, etc. vont dans application-dev/prod.properties
|
|
# ============================================================================
|
|
|
|
# ============================================
|
|
# Application Info (COMMUNE)
|
|
# ============================================
|
|
quarkus.application.name=lions-user-manager-client
|
|
quarkus.application.version=1.0.0
|
|
|
|
# ============================================
|
|
# REST Client Configuration (COMMUNE)
|
|
# ============================================
|
|
# Config pour les clients service/ (UserServiceClient, RoleServiceClient, AuditServiceClient, etc.)
|
|
quarkus.rest-client."lions-user-manager-api".scope=jakarta.inject.Singleton
|
|
quarkus.rest-client."lions-user-manager-api".connect-timeout=5000
|
|
quarkus.rest-client."lions-user-manager-api".read-timeout=30000
|
|
|
|
# Config pour les clients api/ (AuditRestClient, HealthRestClient, RoleRestClient, etc.)
|
|
quarkus.rest-client."user-api".scope=jakarta.inject.Singleton
|
|
quarkus.rest-client."user-api".connect-timeout=5000
|
|
quarkus.rest-client."user-api".read-timeout=30000
|
|
|
|
# ============================================
|
|
# OIDC Configuration (COMMUNE)
|
|
# ============================================
|
|
quarkus.oidc.roles.role-claim-path=realm_access/roles
|
|
quarkus.oidc.roles.source=accesstoken
|
|
quarkus.oidc.application-type=web-app
|
|
quarkus.oidc.authentication.redirect-path=/
|
|
quarkus.oidc.authentication.restore-path-after-redirect=true
|
|
quarkus.oidc.authentication.pkce-required=true
|
|
quarkus.oidc.logout.path=/auth/logout
|
|
quarkus.oidc.logout.post-logout-path=/
|
|
|
|
# ============================================
|
|
# HTTP Security Policies (COMMUNE)
|
|
# ============================================
|
|
# Protéger toutes les pages JSF - force la redirection vers Keycloak login
|
|
quarkus.http.auth.permission.authenticated-pages.paths=/pages/*
|
|
quarkus.http.auth.permission.authenticated-pages.policy=authenticated
|
|
|
|
# Protéger la racine (index.xhtml / dashboard)
|
|
quarkus.http.auth.permission.authenticated-root.paths=/,/index.xhtml,/index.jsf
|
|
quarkus.http.auth.permission.authenticated-root.policy=authenticated
|
|
|
|
# Ressources publiques (CSS, JS, images, fonts, PrimeFaces resources)
|
|
quarkus.http.auth.permission.public-resources.paths=/jakarta.faces.resource/*,/resources/*,/css/*,/js/*,/images/*,/fonts/*,/favicon.ico
|
|
quarkus.http.auth.permission.public-resources.policy=permit
|
|
|
|
# Endpoint de logout (doit être accessible)
|
|
quarkus.http.auth.permission.logout.paths=/auth/logout
|
|
quarkus.http.auth.permission.logout.policy=authenticated
|
|
|
|
# Dev UI Quarkus (accessible en dev uniquement)
|
|
quarkus.http.auth.permission.dev-ui.paths=/q/*
|
|
quarkus.http.auth.permission.dev-ui.policy=permit
|
|
|
|
# ============================================
|
|
# Keycloak Dev Services désactivé (COMMUNE)
|
|
# ============================================
|
|
quarkus.keycloak.devservices.enabled=false
|