diff --git a/docs/src/main/asciidoc/security-authentication-mechanisms.adoc b/docs/src/main/asciidoc/security-authentication-mechanisms.adoc index 25ea1a9d90ce97..facc51668f1028 100644 --- a/docs/src/main/asciidoc/security-authentication-mechanisms.adoc +++ b/docs/src/main/asciidoc/security-authentication-mechanisms.adoc @@ -434,9 +434,12 @@ In both cases, `quarkus-oidc` requires a connection to the specified OpenID Conn * If the user authentication requires Authorization Code flow, or you need to support multiple tenants, use `quarkus-oidc`. `quarkus-oidc` can also request user information by using both Authorization Code Flow and Bearer access tokens. -* If your bearer tokens must be verified, use `quarkus-oidc`, -ifndef::quarkus-elytron-security-oauth2[`quarkus-elytron-security-oauth2`, ] -or `quarkus-smallrye-jwt`. +ifndef::quarkus-elytron-security-oauth2[] +* If your bearer tokens must be verified, use `quarkus-oidc`, `quarkus-elytron-security-oauth2`, or `quarkus-smallrye-jwt`. +endif::quarkus-elytron-security-oauth2[] +ifdef::quarkus-elytron-security-oauth2[] +* If your bearer tokens must be verified, use `quarkus-oidc` or `quarkus-smallrye-jwt`. +endif::quarkus-elytron-security-oauth2[] * If your bearer tokens are in a JSON web token (JWT) format, you can use any extensions in the preceding list. Both `quarkus-oidc` and `quarkus-smallrye-jwt` support refreshing the `JsonWebKey` (JWK) set when the OpenID Connect provider rotates the keys. diff --git a/docs/src/main/asciidoc/security-basic-authentication-howto.adoc b/docs/src/main/asciidoc/security-basic-authentication-howto.adoc index e3006a02142c4b..0210cef17b2526 100644 --- a/docs/src/main/asciidoc/security-basic-authentication-howto.adoc +++ b/docs/src/main/asciidoc/security-basic-authentication-howto.adoc @@ -19,10 +19,10 @@ Enable xref:security-basic-authentication.adoc[Basic authentication] for your Qu For example: ifndef::quarkus-security-jpa-reactive[] -** xref:security-jpa.adoc[Quarkus Security Jakarta Persistence extensions (`security-jpa` or `security-jpa-reactive`)] +** xref:security-jpa.adoc[Quarkus Security Jakarta Persistence extensions (`quarkus-security-jpa` or `quarkus-security-jpa-reactive`)] endif::quarkus-security-jpa-reactive[] ifdef::quarkus-security-jpa-reactive[] -** xref:security-jpa.adoc[Quarkus Security Jakarta Persistence extension (`security-jpa`)] +** xref:security-jpa.adoc[Quarkus Security Jakarta Persistence extension (`quarkus-security-jpa`)] endif::quarkus-security-jpa-reactive[] ** xref:security-properties.adoc[Elytron security properties file extension `(quarkus-elytron-security-properties-file)`] ** xref:security-jdbc.adoc[Elytron security JDBC extension `(quarkus-elytron-security-jdbc)`] diff --git a/docs/src/main/asciidoc/security-getting-started-tutorial.adoc b/docs/src/main/asciidoc/security-getting-started-tutorial.adoc index 2c42b886a2f303..00b1a34a172c29 100644 --- a/docs/src/main/asciidoc/security-getting-started-tutorial.adoc +++ b/docs/src/main/asciidoc/security-getting-started-tutorial.adoc @@ -55,18 +55,18 @@ You can find the solution in the `security-jpa-quickstart` link:{quickstarts-tre == Create and verify the Maven project ifndef::quarkus-security-jpa-reactive[] -For Quarkus Security to be able to map your security source to Jakarta Persistence entities, ensure that the Maven project in this tutorial includes the `security-jpa` or `security-jpa-reactive` extension. +For Quarkus Security to be able to map your security source to Jakarta Persistence entities, ensure that the Maven project in this tutorial includes the `quarkus-security-jpa` or `quarkus-security-jpa-reactive` extension. endif::quarkus-security-jpa-reactive[] ifdef::quarkus-security-jpa-reactive[] -For Quarkus Security to be able to map your security source to Jakarta Persistence entities, ensure that the Maven project in this tutorial includes the `security-jpa` extension. +For Quarkus Security to be able to map your security source to Jakarta Persistence entities, ensure that the Maven project in this tutorial includes the `quarkus-security-jpa` extension. endif::quarkus-security-jpa-reactive[] [NOTE] ==== -xref:hibernate-orm-panache.adoc[Hibernate ORM with Panache] is used to store your user identities, but you can also use xref:hibernate-orm.adoc[Hibernate ORM] with the `security-jpa` extension. +xref:hibernate-orm-panache.adoc[Hibernate ORM with Panache] is used to store your user identities, but you can also use xref:hibernate-orm.adoc[Hibernate ORM] with the `quarkus-security-jpa` extension. ifndef::quarkus-security-jpa-reactive[] -Both xref:hibernate-reactive.adoc[Hibernate Reactive] and xref:hibernate-reactive-panache.adoc[Hibernate Reactive with Panache] can be used with the `security-jpa-reactive` extension. +Both xref:hibernate-reactive.adoc[Hibernate Reactive] and xref:hibernate-reactive-panache.adoc[Hibernate Reactive with Panache] can be used with the `quarkus-security-jpa-reactive` extension. endif::quarkus-security-jpa-reactive[] You must also add your preferred database connector library. @@ -105,9 +105,9 @@ endif::quarkus-security-jpa-reactive[] === Verify the quarkus-security-jpa dependency -After you have run either of the preceding commands to create the Maven project, verify that the `security-jpa` dependency was added to your project build XML file. +After you have run either of the preceding commands to create the Maven project, verify that the `quarkus-security-jpa` dependency was added to your project build XML file. -* To verify the `security-jpa` extension, check for the following configuration: +* To verify the `quarkus-security-jpa` extension, check for the following configuration: + ==== [source,xml,role="primary asciidoc-tabs-target-sync-cli asciidoc-tabs-target-sync-maven"] @@ -126,7 +126,7 @@ implementation("io.quarkus:quarkus-security-jpa") ---- ==== ifndef::quarkus-security-jpa-reactive[] -* To verify the `security-jpa-reactive` extension, check for the following configuration: +* To verify the `quarkus-security-jpa-reactive` extension, check for the following configuration: + ==== [source,xml,role="primary asciidoc-tabs-target-sync-cli asciidoc-tabs-target-sync-maven"] @@ -278,7 +278,7 @@ public class User extends PanacheEntity { ---- -The `security-jpa` extension only initializes if a single entity is annotated with `@UserDefinition`. +The `quarkus-security-jpa` extension only initializes if a single entity is annotated with `@UserDefinition`. <1> The `@UserDefinition` annotation must be present on a single entity, either a regular Hibernate ORM entity or a Hibernate ORM with Panache entity. <2> Indicates the field used for the username. @@ -312,7 +312,7 @@ When secure access is required, and no other authentication mechanisms are enabl Therefore, in this tutorial, you do not need to set the property `quarkus.http.auth.basic` to `true`. ==== + -. Configure at least one data source in the `application.properties` file so the `security-jpa` extension can access your database. +. Configure at least one data source in the `application.properties` file so the `quarkus-security-jpa` extension can access your database. For example: + ==== @@ -334,7 +334,7 @@ quarkus.hibernate-orm.database.generation=drop-and-create ifndef::quarkus-security-jpa-reactive[] [NOTE] ==== -* The URLs of Reactive datasources that are used by the `security-jpa-reactive` extension are set with the `quarkus.datasource.reactive.url` +* The URLs of Reactive datasources that are used by the `quarkus-security-jpa-reactive` extension are set with the `quarkus.datasource.reactive.url` configuration property and not the `quarkus.datasource.jdbc.url` configuration property typically used by JDBC datasources. + [source,properties] @@ -377,7 +377,7 @@ The preceding example demonstrates how the application can be protected and iden [IMPORTANT] ==== In a production environment, do not store plain text passwords. -As a result, the `security-jpa` defaults to using bcrypt-hashed passwords. +As a result, the `quarkus-security-jpa` defaults to using bcrypt-hashed passwords. ==== == Test your application by using Dev Services for PostgreSQL diff --git a/docs/src/main/asciidoc/security-jpa.adoc b/docs/src/main/asciidoc/security-jpa.adoc index d114c46cf9666e..0eefd1783de9e4 100644 --- a/docs/src/main/asciidoc/security-jpa.adoc +++ b/docs/src/main/asciidoc/security-jpa.adoc @@ -78,12 +78,12 @@ public class User extends PanacheEntity { ---- -The `security-jpa` extension initializes only if a single entity is annotated with `@UserDefinition`. +The `quarkus-security-jpa` extension initializes only if a single entity is annotated with `@UserDefinition`. <1> The `@UserDefinition` annotation must be present on a single entity, either a regular Hibernate ORM entity or a Hibernate ORM with Panache entity. <2> Indicates the field used for the username. <3> Indicates the field used for the password. -By default, `security-jpa` uses bcrypt-hashed passwords, or you can configure plain text or custom passwords instead. +By default, `quarkus-security-jpa` uses bcrypt-hashed passwords, or you can configure plain text or custom passwords instead. <4> This indicates the comma-separated list of roles added to the target principal representation attributes. <5> This method lets you add users while hashing passwords with the proper `bcrypt` hash. diff --git a/docs/src/main/asciidoc/writing-extensions.adoc b/docs/src/main/asciidoc/writing-extensions.adoc index 7bf884802e9b45..303c7089a6a2d0 100644 --- a/docs/src/main/asciidoc/writing-extensions.adoc +++ b/docs/src/main/asciidoc/writing-extensions.adoc @@ -2334,7 +2334,7 @@ A feature can be registered in a <> method that produces } ---- -The name of the feature should only contain lowercase characters, words are separated by dash; e.g. `security-jpa`. +The name of the feature should only contain lowercase characters, words are separated by dash; e.g. `quarkus-security-jpa`. An extension should provide at most one feature and the name must be unique. If multiple extensions register a feature of the same name the build fails.