Deprecation of getRoles in RouteDefinition

[kruckerr]

Hi,

What is the reason for deprecation of the methods getPermitAll(), getRoles() and checkSecurity() in RouteDefinition class? Do you have an example how to implement a role based user authorization without these methods?

[drejc]

Hi @kruckerr the @authenticate and @authorize annotations are the preferred vertx way of doing this. For Vert.x applications, I'd recommend going with the authenticate + authorize approach rather than looking for @roles annotations because:

More explicit control - You can see exactly what's happening in your routing
Better fits Vert.x's reactive model - Handlers chain naturally
Framework consistency - Aligns with Vert.x's handler-based architecture
Flexibility - Easier to implement complex authorization logic

This said, the @roles annotation will stay in and work as expected for the foreseeable future, but don't count on it.