case class SecretConfiguration(secret: String = "changeme", provider: Option[String] = None) extends Product with Serializable
The application secret. Must be set. A value of "changeme" will cause the application to fail to start in production.
With the Play secret we want to:
1. Encourage the practice of *not* using the same secret in dev and prod. 2. Make it obvious that the secret should be changed. 3. Ensure that in dev mode, the secret stays stable across restarts. 4. Ensure that in dev mode, sessions do not interfere with other applications that may be or have been running on localhost. Eg, if I start Play app 1, and it stores a PLAY_SESSION cookie for localhost:9000, then I stop it, and start Play app 2, when it reads the PLAY_SESSION cookie for localhost:9000, it should not see the session set by Play app 1. This can be achieved by using different secrets for the two, since if they are different, they will simply ignore the session cookie set by the other.
To achieve 1 and 2, we will, in Activator templates, set the default secret to be "changeme". This should make it obvious that the secret needs to be changed and discourage using the same secret in dev and prod.
For safety, if the secret is not set, or if it's changeme, and we are in prod mode, then we will fail fatally. This will further enforce both 1 and 2.
To achieve 3, if in dev or test mode, if the secret is either changeme or not set, we will generate a secret based on the location of application.conf. This should be stable across restarts for a given application.
To achieve 4, using the location of application.conf to generate the secret should ensure this.
Play secret is checked for a minimum length in production:
1. If the key is fifteen characters or fewer, a warning will be logged. 2. If the key is eight characters or fewer, then an error is thrown and the configuration is invalid.
- secret
the application secret
- provider
the JCE provider to use. If null, uses the platform default
- Source
- HttpConfiguration.scala
- Alphabetic
- By Inheritance
- SecretConfiguration
- Serializable
- Serializable
- Product
- Equals
- AnyRef
- Any
- Hide All
- Show All
- Public
- All
Instance Constructors
-
new
SecretConfiguration(secret: String = "changeme", provider: Option[String] = None)
- secret
the application secret
- provider
the JCE provider to use. If null, uses the platform default
Value Members
-
final
def
!=(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
-
final
def
##(): Int
- Definition Classes
- AnyRef → Any
-
final
def
==(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
-
final
def
asInstanceOf[T0]: T0
- Definition Classes
- Any
-
def
clone(): AnyRef
- Attributes
- protected[java.lang]
- Definition Classes
- AnyRef
- Annotations
- @native() @throws( ... )
-
final
def
eq(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef
-
def
finalize(): Unit
- Attributes
- protected[java.lang]
- Definition Classes
- AnyRef
- Annotations
- @throws( classOf[java.lang.Throwable] )
-
final
def
getClass(): Class[_]
- Definition Classes
- AnyRef → Any
- Annotations
- @native()
-
final
def
isInstanceOf[T0]: Boolean
- Definition Classes
- Any
-
final
def
ne(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef
-
final
def
notify(): Unit
- Definition Classes
- AnyRef
- Annotations
- @native()
-
final
def
notifyAll(): Unit
- Definition Classes
- AnyRef
- Annotations
- @native()
- val provider: Option[String]
- val secret: String
-
final
def
synchronized[T0](arg0: ⇒ T0): T0
- Definition Classes
- AnyRef
-
final
def
wait(): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws( ... )
-
final
def
wait(arg0: Long, arg1: Int): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws( ... )
-
final
def
wait(arg0: Long): Unit
- Definition Classes
- AnyRef
- Annotations
- @native() @throws( ... )