From a4136f3d9d0a32eb62a26aacdb3fe9fb604f8633 Mon Sep 17 00:00:00 2001 From: Marco Bungart Date: Fri, 6 Jan 2023 01:45:10 +0000 Subject: [PATCH 1/2] Clarified class names of filters --- docs/src/main/asciidoc/security-openid-connect-client.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/src/main/asciidoc/security-openid-connect-client.adoc b/docs/src/main/asciidoc/security-openid-connect-client.adoc index 608ad5f4f3cb9..194345a6458bd 100644 --- a/docs/src/main/asciidoc/security-openid-connect-client.adoc +++ b/docs/src/main/asciidoc/security-openid-connect-client.adoc @@ -139,7 +139,7 @@ public class ProtectedResource { As you can see `ProtectedResource` returns a name from both `userName()` and `adminName()` methods. The name is extracted from the current `JsonWebToken`. -Next let's add a REST Client with `OpenID Connect Client Reactive Filter` and another REST Client with `OpenID Connect Token Propagation Filter`. `FrontendResource` will use these two clients to call `ProtectedResource`: +Next let's add a REST Client with `OidcClientRequestReactiveFilter` and another REST Client with `AccessTokenRequestReactiveFilter`. `FrontendResource` will use these two clients to call `ProtectedResource`: [source,java] ---- From 3ad05534fd65a7fe58c3eba6a5b8590da7c8101f Mon Sep 17 00:00:00 2001 From: Marco Bungart Date: Fri, 6 Jan 2023 01:45:39 +0000 Subject: [PATCH 2/2] fixed access confguration --- .../security-openid-connect-web-authentication.adoc | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/docs/src/main/asciidoc/security-openid-connect-web-authentication.adoc b/docs/src/main/asciidoc/security-openid-connect-web-authentication.adoc index 87f0feb9c3b87..3aed582620151 100644 --- a/docs/src/main/asciidoc/security-openid-connect-web-authentication.adoc +++ b/docs/src/main/asciidoc/security-openid-connect-web-authentication.adoc @@ -447,15 +447,16 @@ quarkus.oidc.credentials.secret=secret quarkus.oidc.application-type=web-app quarkus.oidc.logout.path=/logout +# Logged-out users should be returned to the /welcome.html site which will offer an option to re-login: quarkus.oidc.logout.post-logout-path=/welcome.html # Only the authenticated users can initiate a logout: quarkus.http.auth.permission.authenticated.paths=/logout quarkus.http.auth.permission.authenticated.policy=authenticated -# Logged-out users should be returned to the /welcome.html site which will offer an option to re-login: -quarkus.http.auth.permission.authenticated.paths=/welcome.html -quarkus.http.auth.permission.authenticated.policy=permit +# All users can see the welcome page: +quarkus.http.auth.permission.public.paths=/welcome.html +quarkus.http.auth.permission.public.policy=permit ---- You may also need to set `quarkus.oidc.authentication.cookie-path` to a path value common to all the application resources which is `/` in this example.