Giordano, Thanks for pointing this out. I was hoping to leave this in place so people could browse around and look at a running demo. I guess you are right. There are a lot of knuckheads out there, so I now have /portal redirecting and am using a custom security-domain.
I didn't consider this a flaw at all. It is a managed risk. I monitor my access logs fairly closely. I was just trying to help people out, but since it was pointed out in a public forum I have removed that feature. Thanks Kevin Nilson www.javaclimber.com View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3902304#3902304 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3902304 ------------------------------------------------------- This SF.Net email is sponsored by: Power Architecture Resource Center: Free content, downloads, discussions, and more. http://solutions.newsforge.com/ibmarch.tmpl _______________________________________________ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
