Yicong-Huang opened a new issue, #5304: URL: https://github.com/apache/texera/issues/5304
### Task Summary `config-service` currently exposes every config endpoint (`/api/config/gui`, `/api/config/user-system`) as `@PermitAll`, so any anonymous caller can read the full GUI configuration. Only a small subset of these fields is actually needed before login. Split out the pre-login fields into a dedicated `/api/config/pre-login` endpoint and require authentication on the rest. ### Task Type - [x] Other -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
