Quarkus Security Guidelines

Apply Quarkus security best practices with secure-by-default API and service boundaries.

What is covered in this Skill?

• Quarkus security configuration for authentication mechanisms
• Authorization with @RolesAllowed / @Authenticated / @PermitAll
• Endpoint and resource protection strategy
• Least-privilege role design
• Secure denial/error handling behavior
• Sensitive data protection in logs and responses

Scope: Apply recommendations based on the reference rules and good/bad examples.

Constraints

Before applying security changes, ensure the project compiles. After improvements, run full verification.