Gianluca Barbon

**Is your feature request related to a problem? Please describe.** External users rely on the external OpenID Connect provider in order to authenticate. All the credentials are stored in the...

**Describe the bug** `KapuaErrorCodes.SUBJECT_UNAUTHORIZED` is never thrown and seems a duplication of `KapuaAuthorizationErrorCodes.SUBJECT_UNAUTHORIZED`. Moreover, the former is mapped in the console class `KapuaExceptionHandler`, while the latter should probably be mapped...

**Describe the bug** When booting the console the Shiro realms detailed in the `shiro.ini` file are initialised twice. The realm initialisation seems to be managed by the `execute()` method of...

**Describe the bug** The POST `/{scopeId}/users/{userId}/mfa` Swagger example of the MFA REST API should be updated, since it is not showing the QR code base64 image and the scratch codes....

**Is your feature request related to a problem? Please describe.** The current MFA implementation is using the same trust key for all the trusted machines (browsers) for a given `User`....

**Is your feature request related to a problem? Please describe.** PR #3117 introduces TLS Protocol Version Selection feature for MariaDB connection. However, the `enabledSslProtocolSuites` used in that PR for passing...

We would like to have [Rond](https://github.com/rond-authz/rond) integrated with micro-lc, in such a way to use RBAC in place of the existing ACL filtering. Is this possible?

## The feature or bug you are proposing The `+` character is removed when parameters are parsed if the params are not URL encoded. E.g. using an "email" parameter with...