From d37b87b3119e8de7bf00063e1a34a4f59e4d8b20 Mon Sep 17 00:00:00 2001
From: dahoud <dahoud@dgbf.ci>
Date: Mon, 5 Jan 2026 00:17:45 +0000
Subject: [PATCH] Disable proactive auth to allow public landing page

---
 src/main/resources/application.properties | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index ac3acb6..32949b2 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -77,24 +77,23 @@ quarkus.oidc.authentication.cookie-same-site=lax
 quarkus.oidc.authentication.java-script-auto-redirect=false
 quarkus.oidc.discovery-enabled=true
 quarkus.oidc.verify-access-token=true
-quarkus.security.auth.enabled=true
+
+# Désactiver l'authentification proactive (pas de redirection automatique)
+# Seules les pages /pages/* nécessiteront une authentification
+quarkus.http.auth.proactive=false
 
 # ============================================
 # Security Permissions - Pages publiques
 # ============================================
-# Landing page publique
-quarkus.http.auth.permission.public.paths=/,/index.xhtml,/index.jsf
+# Ressources statiques et landing page publiques (par défaut tout est public)
+quarkus.http.auth.permission.public.paths=/,/index.xhtml,/index.jsf,/resources/*,/jakarta.faces.resource/*,/javax.faces.resource/*
 quarkus.http.auth.permission.public.policy=permit
 
-# Ressources statiques publiques
-quarkus.http.auth.permission.static.paths=/resources/*,/jakarta.faces.resource/*,/javax.faces.resource/*
-quarkus.http.auth.permission.static.policy=permit
-
 # Callback OIDC (doit être accessible)
 quarkus.http.auth.permission.callback.paths=/auth/callback
 quarkus.http.auth.permission.callback.policy=permit
 
-# Pages sécurisées (toutes les autres pages nécessitent une authentification)
+# Pages sécurisées (toutes les pages /pages/* nécessitent une authentification)
 quarkus.http.auth.permission.authenticated.paths=/pages/*
 quarkus.http.auth.permission.authenticated.policy=authenticated