geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Jencks <>
Subject Re: LoginModule implementations in branches other than 2.x.x
Date Thu, 16 Aug 2007 15:56:05 GMT
I guess I think it would be reasonable to port the fixes to the 1.2  
branch before we forget since that should only take a few minutes but  
I'm not sure this is of enough importance to inspire someone to  
actually release 1.2.

david jencks

On Aug 15, 2007, at 11:29 PM, Vamsavardhana Reddy wrote:

> The recent problems detected in LoginModule implementation are also  
> applicable to code in branches\1.2, branches\1.1 etc.  Though it  
> has not resulted in a security issue in other releases as serious  
> as the one Donald has unearthed in 2.0 release, the code is not as  
> per what JAAS recommends.  Should we worry about fixing these  
> LoginModule implementation classes in other branches?
> Vamsi

View raw message