Michal Vavřík

> Hey @michalvavrik sorry for the inconvenience. > > We made the changes to fix some of the raised issues, plus make it consistent with other Quarkus CLI commands. I'll...

I am bit confused by description of this ticket. Please @JDoumerc can you help me out? The description speaks about custom `HttpAuthenticationMechanism` and title speaks about ` HttpSecurityPolicy` but implementation...

> > An obviously good practice would be not to remove useful public methods when their code can still be present. > > This is very true, however in Quarkus...

> May be we can re-open this method in the short term (with note in the Java Docs that it is internal API and as such it can change, be...

Yeah, so there is also "do not authenticate on permit all" thingy. Let me think about it for a bit and get back to you.

@JDoumerc code does path-specific authentication: - permit all -> let others authenticate or anonymous - deny all -> 404 - others: oidc auth If authorization is the first thing that...

Hey @sberyozkin , if you think there is some feature we should provide related to use case described in this issue, please write down suggestion. Suggestion above should provide same...

Thought about it and how to inject configuration properties is documented well https://quarkus.io/guides/config-reference#inject, and so is documented list of all configuraiton properties https://quarkus.io/guides/all-config. You don't need to inject `HttpConfiguration` even...

@sberyozkin I just spend some time doing QE verification of TLS registry. Would you like me to implement this? If so, I will look later next week and may come...

I take it as yes @sberyozkin , I'll draft something this week and we can iterate together to get it where you think. Thanks