Julien Chanaud

> for the controller part we need to had a custom micronaut validation that replaces the `@Secured` from micronaut I agree for something like `@MySecured(resource="TOPIC" operation="CONSUME")` for example, but how...

> The annotation will be here to be sure the user has a right on the reources, operation for this cluster only I think The resource name is sometimes in...

Are you aligned with this direction https://github.com/tchiotludo/akhq/pull/964/commits/36dde2bec7c68389c203d00f00584929078bfd47 ?

@tchiotludo Everything builds correctly. You can only test using the API. The new behavior is like this : - All endpoints are secured through bindings, even when anonymous. - If...

Hello, The gitlab doc also specifies the following: > The claims `sub`, `sub_legacy`, `email`, `email_verified` and `groups_direct` are included in the ID token. All other claims are available from the...

Same here on `dev` branch. The JWT cookie is present (and correct) after the first authentication if it's anything useful.

**Short answer** : It's not possible with current security model. **Long answer** : The current security model allows for a single list of roles and 3 filters that applies to...

Hello @tchiotludo, I have a related issue. I'm using AKHQ to view topic data on multiple clusters. We recently reached 35+ clusters and ... even with 50% zoom .... let's...

Much better on my side, thank you.  

You are absolutely correct. This is a behavior in Micronaut framework. https://github.com/micronaut-projects/micronaut-security/blob/master/security/src/main/java/io/micronaut/security/authentication/BasicAuthUtils.java#L47-L69 You could raise an issue on https://github.com/micronaut-projects/micronaut-security It won't be fixed on AKHQ side.