[FIX] correct right: set it when no element is requested

src/org/kar/archidata/filter/AuthenticationFilter.java

@@ -119,7 +119,7 @@ public class AuthenticationFilter implements ContainerRequestFilter {
 		final boolean isApplicationToken = apikeyHeader != null;
 		final boolean isJwtToken = isTokenBasedAuthentication(authorizationHeader);
 		if (!isApplicationToken && !isJwtToken) {
-			LOGGER.warn("REJECTED unauthorized: {}", requestContext.getUriInfo().getPath());
+			LOGGER.warn("REJECTED unauthorized: /{}", requestContext.getUriInfo().getPath());
 			abortWithUnauthorized(requestContext, "REJECTED unauthorized: " + requestContext.getUriInfo().getPath());
 			return;
 		}

src/org/kar/archidata/model/User.java

@@ -48,7 +48,8 @@ public class User extends GenericDataSoftDelete {
 
 	@DefaultValue("'0'")
 	@Column(nullable = false)
-	public boolean blocked = false;
+	@Nullable
+	public Boolean blocked = false;
 	@Column(length = 512)
 	public String blockedReason;
 

src/org/kar/archidata/tools/JWTWrapper.java

@@ -198,7 +198,7 @@ public class JWTWrapper {
 					.claim("login", userLogin).claim("application", application).issuer(isuer).issueTime(now)
 					.expirationTime(expiration); // Do not ask why we need a "-" here ... this have no meaning
 			// add right if needed:
-			if (rights != null && !rights.isEmpty()) {
+			if (rights != null) {
 				builder.claim("right", rights);
 			}
 			// Prepare JWT with claims set