I am observing some unusual behaviour in the deployment of my web app. I would
like to configure the Orion server to not add the "session" query string to
URL's within my JSP pages (since I am not using sessions).
To do this I add the line:
to config/global-web-application.xml.
However
I have installed the server (Orion/1.0rc1), deployed a test application and all
appears to working well. I would now like to add in basic authentication to a
section of the web site.
When I configure the application deployment descriptor (web.xml) in the usual
way to add in a security-constrai