You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@geronimo.apache.org by Aaron Mulder <am...@alumni.princeton.edu> on 2005/12/18 23:50:50 UTC

Proposed Jetty Security Fix

I couldn't figure out how to fix the problem properly.  So to avoid
the hole, here's a patch to reject deployments if web.xml includes
security settings and geronimo-web.xml does not.  This way, at least
it's impossible to end up thinking you have security in place when
actually you do not.

Aaron