fix: Utiliser * au lieu de ** dans HTTP auth paths (Quarkus)

2025-11-08 15:12:08 +00:00
parent 31b1b35a65
commit 03f83de218
1 changed files with 6 additions and 5 deletions
--- a/src/main/resources/application-prod.properties
+++ b/src/main/resources/application-prod.properties
@@ -78,13 +78,14 @@ quarkus.http.auth.proactive=true
 quarkus.security.deny-unannotated-endpoints=false

 # Permissions pour accès public aux ressources statiques et pages publiques
-# Format Quarkus : ** pour plusieurs segments de path
-quarkus.http.auth.permission.public.paths=/resources/**,/jakarta.faces.resource/**,/static/**,/webjars/**
+# NOTE: Quarkus supporte seulement * pour UN segment (pas **)
+# Désactiver auth proactive permet aux ressources JSF d'être servies
+quarkus.http.auth.permission.public.paths=/resources/*,/jakarta.faces.resource/*,/static/*,/webjars/*,/api/auth/*
 quarkus.http.auth.permission.public.policy=permit

-# Authentification requise pour toutes les autres pages
-quarkus.http.auth.permission.authenticated.paths=/*
-quarkus.http.auth.permission.authenticated.policy=authenticated
+# Authentification requise pour les pages de l'application
+quarkus.http.auth.permission.app.paths=/app/*,/dashboard/*,/chantiers/*,/clients/*,/employes/*,/equipes/*,/devis/*,/factures/*,/materiels/*,/maintenance/*,/stock/*,/planning/*,/rapports/*,/admin/*
+quarkus.http.auth.permission.app.policy=authenticated

 # Configuration API Backend
 btpxpress.api.base-url=${BTPXPRESS_API_BASE_URL:https://api.btpxpress.lions.dev}