From tomcat-dev-return-29202-qmlist-jakarta-archive-tomcat-dev=nagoya.apache.org@jakarta.apache.org Wed Apr 30 17:16:19 2003
Return-Path: <tomcat-dev-return-29202-qmlist-jakarta-archive-tomcat-dev=nagoya.apache.org@jakarta.apache.org>
Delivered-To: apmail-jakarta-tomcat-dev-archive@apache.org
Received: (qmail 56778 invoked from network); 30 Apr 2003 17:16:18 -0000
Received: from exchange.sun.com (192.18.33.10)
  by daedalus.apache.org with SMTP; 30 Apr 2003 17:16:18 -0000
Received: (qmail 4779 invoked by uid 97); 30 Apr 2003 17:18:20 -0000
Delivered-To: qmlist-jakarta-archive-tomcat-dev@nagoya.betaversion.org
Received: (qmail 4772 invoked from network); 30 Apr 2003 17:18:20 -0000
Received: from daedalus.apache.org (HELO apache.org) (208.185.179.12)
  by nagoya.betaversion.org with SMTP; 30 Apr 2003 17:18:20 -0000
Received: (qmail 55906 invoked by uid 500); 30 Apr 2003 17:16:09 -0000
Mailing-List: contact tomcat-dev-help@jakarta.apache.org; run by ezmlm
Precedence: bulk
List-Unsubscribe: <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
List-Subscribe: <mailto:tomcat-dev-subscribe@jakarta.apache.org>
List-Help: <mailto:tomcat-dev-help@jakarta.apache.org>
List-Post: <mailto:tomcat-dev@jakarta.apache.org>
List-Id: "Tomcat Developers List" <tomcat-dev.jakarta.apache.org>
Reply-To: "Tomcat Developers List" <tomcat-dev@jakarta.apache.org>
Delivered-To: mailing list tomcat-dev@jakarta.apache.org
Received: (qmail 55884 invoked from network); 30 Apr 2003 17:16:09 -0000
Received: from exchange.sun.com (192.18.33.10)
  by daedalus.apache.org with SMTP; 30 Apr 2003 17:16:09 -0000
Received: (qmail 4764 invoked by uid 50); 30 Apr 2003 17:18:11 -0000
Date: 30 Apr 2003 17:18:11 -0000
Message-ID: <20030430171811.4763.qmail@nagoya.betaversion.org>
From: bugzilla@apache.org
To: tomcat-dev@jakarta.apache.org
Cc:
Subject: DO NOT REPLY [Bug 19483]  - 
    tomcat-users.xml is reset to read all
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=19483>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=19483

tomcat-users.xml is reset to read all





------- Additional Comments From remm@apache.org  2003-04-30 17:18 -------
Well, read my answer. The default realm is not secure to people logged in
locally (a thing which doesn't hash passwords is not secure anyway, no matter
what you do), and you need to use another realm, or another user database provider.

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org