# Configuration of the login

# Configures if some user is able to reenter his existing session after closing the browser tab or the complete browser. Setting this to
# true may be a security risk for clients running on unsafe computers. If this is configured to true, check that the parameter client
# contains the same identifier the UI sends as client parameter on normal login request. Otherwise the backend will not be able to
# rediscover the users session after closing the browser tab. This parameter only applies to the HTTP authorization header based login
# request.
com.openexchange.ajax.login.http-auth.autologin=false

# Every client tells the backend through the client parameter on the login request his identy. This is not possible when using the HTTP
# authorization header based login. So the client identifier for that request is defined here. It must be the same identifier that the web
# frontend uses, if you set com.openexchange.cookie.hash to calculate and want the previously configured autologin to work.
com.openexchange.ajax.login.http-auth.client=com.openexchange.ox.gui.dhtml

# The version of the client when using the HTTP Authorization Header based login. This should not be the normal web frontend version because
# a different version can be used to distinguish logins through HTTP authorization header and normal login request.
com.openexchange.ajax.login.http-auth.version=HTTP Auth

# Configures which error page should be used for the login. The error page is only applied for the HTML Form login and the HTTP
# Authorization Header login. All other login related requests provide normal JSON responses in error cases. The built-in error page shows
# the error message for 5 seconds and then redirects to the referrer page.
!com.openexchange.ajax.login.errorPageTemplate=
