You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@geronimo.apache.org by Aaron Mulder <am...@alumni.princeton.edu> on 2005/12/18 23:50:50 UTC
Proposed Jetty Security Fix
I couldn't figure out how to fix the problem properly. So to avoid
the hole, here's a patch to reject deployments if web.xml includes
security settings and geronimo-web.xml does not. This way, at least
it's impossible to end up thinking you have security in place when
actually you do not.
Aaron