myfaces-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dennis Byrne" <>
Subject Re: Core 1.1.4
Date Tue, 01 Aug 2006 14:53:50 GMT
>I haven't said much because I don't really understand the problem.
>One thing that is confusing me is that the issue open appeared to be
>regarding a case-sensitivity issue.   

A little more on this.  The CACHE param is there only for individuals who wish to disable
it, meaning the key is not stored in app scope at startup.  It will then be created on each
request ( major performance hit ).  I did this only because there is no guarantee that an
encryption provider *must* provide a thread safe version of the key object ( making it unsafe
to store in the session or the application).

>My experience was that a new
>'org.apache.myfaces.secret.CACHE' parameter is now required in my
>web.xml file that was previously not required, and it's unclear to me
>from the documentation what this does or why it's required.

This parameter should never be required by the application developer.

Dennis Byrne

View raw message