I think I'm used to strong passwords. I should probably loosen that up a bit. :) Thanks for the feedback.
I used Shiro because it's pretty well documented and flexible. Spring has Spring Security, but there's no default equivalent for Guice. Also Shiro seems more comprehensive than Spring Security and I was able to get it to work in GAE without too much trouble. On the SSL issue, wild card certs only work one level deep. The url support.fuzedtest.appspot.com is two levels and so you get the SSL issue. If you got there from the Sign In link, you should have gotten something more like this: https://fuzedtest.appspot.com/signin.html?context=support I wonder why you didn't ... Anyway, that's why I'm looking forward to the SSL support that Google is working on now. Thanks for checking it out! -- You received this message because you are subscribed to the Google Groups "Google App Engine for Java" group. To view this discussion on the web visit https://groups.google.com/d/msg/google-appengine-java/-/G0C0Y6WUO90J. To post to this group, send email to google-appengine-java@googlegroups.com. To unsubscribe from this group, send email to google-appengine-java+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine-java?hl=en.