Reputation: 3
How to avoid the .helidon-oidc-secret file creation while using logout features in helidon
we are using helidon logout feature. How do I avoid the creation of .helidon-oidc-secret. Is there a way to set this in configuration ? When I deploy it to cluster it is trying to create/access .helidon-oidc-secret file. We are only allowed to have read-only filesystem on our container.
The below configuration in application.yaml seems to be working for helidon 2.5.1 in local environment:
cookie-encryption-enabled: false
cookie-encryption-password: 'c'
I am using helidon 2.5.1 hence hit the issue https://github.com/oracle/helidon/issues/4512. When I moved to 2.6.0 this issue is fixed I changed it to:
cookie-encryption-enabled: false
cookie-encryption-password: 'cxif'
Do I need to use the cookie-encryption-password ? If I don't use it getting error. When I deployed to cluster with the above changes, still I am facing issue
Upvotes: 0
Views: 138
Answers (1)
Reputation: 525
From: OidcEncryption.java
OIDC requires encryption configuration which was not provided. We will generate
a password that will only work for the current service instance. To disable encryption,
use cookie-encryption-enabled: false configuration, to configure master password, use
cookie-encryption-password: my-master-password (must be configured to same value on all
instances that share the cookie), to configure encryption using security
(support for vaults), use
cookie-encryption-name: name (must have corresponding encryption provider and
configuration with the provided name in security), this also requires Security to be
registered with current or global Context (this works automatically in Helidon MP).
This message is logged just once, before generating the master password
The OIDC configuration is documented here.
If you set cookie-encryption-enabled you skip encryption and the file .helidon-oidc-secret should not be created.
If you set cookie-encryption-password, you are configuring an explicit encryption password so the file should .helidon-oidc-secret should not be created.
Upvotes: 2
Related Questions
- How to pass env variable into application.yaml file in Helidon
- How to authenticate user using basic auth in Helidon MP?
- How can I send "PATCH" requests using Helidon WebClient?
- Helidon MP: How to disable the ssl validation?
- Incorrect file being produced using websockets in helidon
- ERROR The specified file 'helidon-quickstart-se.jar' not exists in helidon se project
- How to change JSON returned by query using Helidon 2.0.0-M-2
- How to Assert OAM token in helidon using OIDC?
- Can we use Spring instead of CDI and Weld while using Helidon Microprofile Server?