Quarkus Security Simple REST API - Quarkus-security Typing CST Test
Loading…
Quarkus Security Simple REST API — Quarkus-security Code
Demonstrates a simple Quarkus REST API with JWT authentication and role-based access control.
@Path("/todos")
@RolesAllowed({"USER"})
public class TodoResource {
@GET
public List<String> getTodos() {
return Arrays.asList("Task 1", "Task 2");
}
}
// application.properties
quarkus.http.auth.permission.todos.paths=/todos
quarkus.http.auth.permission.todos.policy=authenticated
quarkus.smallrye-jwt.enabled=trueQuarkus-security Language Guide
Quarkus Security is a comprehensive security framework within the Quarkus ecosystem, designed to provide authentication, authorization, and identity management for Java applications, particularly for cloud-native and reactive applications.
Primary Use Cases
- ▸JWT and OAuth2-based authentication
- ▸Role-based access control (RBAC)
- ▸Integration with LDAP or external identity providers
- ▸Securing REST endpoints and reactive routes
- ▸Microservices security in cloud environments
Notable Features
- ▸Annotation-based authentication and authorization
- ▸JWT, OAuth2, and basic authentication support
- ▸Integration with identity providers like Keycloak
- ▸Support for reactive and imperative security
- ▸Flexible configuration via properties and application code
Origin & Creator
Created by Red Hat as part of the Quarkus project in 2019.
Industrial Note
Quarkus Security is often used in microservices, Kubernetes-native applications, and serverless environments where fast startup, lightweight footprint, and secure authentication are critical.