Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Document how to log authentication failures for RESTEasy Reactive users migrating from the RESTEasy Classic #37025

Merged
merged 1 commit into from
Nov 11, 2023
Merged

Document how to log authentication failures for RESTEasy Reactive users migrating from the RESTEasy Classic #37025

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions docs/src/main/asciidoc/resteasy-reactive-migration.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -153,11 +153,17 @@
----

The same is true for your third-party libraries.
If they happen to depend on servlets you need to find a migration path for them.

Check warning on line 156 in docs/src/main/asciidoc/resteasy-reactive-migration.adoc

View workflow job for this annotation

GitHub Actions / Linting with Vale 

[vale] reported by reviewdog 🐶
[Quarkus.Fluff] Depending on the context, consider using 'Rewrite the sentence, or use 'must', instead of' rather than 'need to'.

Raw Output:
{"message": "[Quarkus.Fluff] Depending on the context, consider using 'Rewrite the sentence, or use 'must', instead of' rather than 'need to'.", "location": {"path": "docs/src/main/asciidoc/resteasy-reactive-migration.adoc", "range": {"start": {"line": 156, "column": 42}}}, "severity": "INFO"}

=== Log authentication and authorization failures

The RESTEasy Reactive endpoint security checks are performed before xref:cdi.adoc#interceptors[CDI interceptors] are invoked.
The safest approach to log Quarkus Security authentication exceptions is to ensure that proactive authentication is enabled and to use Vert.x HTTP route failure handlers.
For more information, see the xref:security-proactive-authentication.adoc#customize-auth-exception-responses[Customize authentication exception responses] section of the Proactive authentication guide.

== Client

The Reactive REST Client (`quarkus-rest-client-reactive` and its dependencies) replace the legacy `quarkus-rest-client` but leverage Quarkus' build time processing

Check warning on line 166 in docs/src/main/asciidoc/resteasy-reactive-migration.adoc

View workflow job for this annotation

GitHub Actions / Linting with Vale 

[vale] reported by reviewdog 🐶
[Quarkus.TermsWarnings] Consider using 'use' rather than 'leverage' unless updating existing content that uses the term.

Raw Output:
{"message": "[Quarkus.TermsWarnings] Consider using 'use' rather than 'leverage' unless updating existing content that uses the term.", "location": {"path": "docs/src/main/asciidoc/resteasy-reactive-migration.adoc", "range": {"start": {"line": 166, "column": 125}}}, "severity": "WARNING"}
and the unified I/O model provided by Vert.x.

=== Dependencies
Expand Down
1 change: 1 addition & 0 deletions docs/src/main/asciidoc/security-proactive-authentication.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,7 @@ public class HelloService {
}
----

[[customize-auth-exception-responses]]
== Customize authentication exception responses

You can use Jakarta REST `ExceptionMapper` to capture Quarkus Security authentication exceptions such as `io.quarkus.security.AuthenticationFailedException`, for example:
Expand Down