tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 23970] - form-based authentication and SSL, general principles
Date Sat, 25 Oct 2003 16:25:48 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23970>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23970

form-based authentication and SSL, general principles





------- Additional Comments From adam.hardy@cyberspaceroad.com  2003-10-25 16:25 -------
All I want to do is encrypt a login form but not the pages the
security-constraint protects.

It's all well and good that the spec says such-and-such, but what you are
ignoring is that fact that this change in TC5 is effectively taking away a
large, significant piece functionality from a large, significant percentage of
the people out there using TC. 

There are probably hundreds if not thousands of TC4 users out there doing what I
want to do in TC5 but can't.

It also implies that you (or rather the people who wrote the spec) expect that
other application server providers, i.e. IBM and BEA etc, will be willing to do
this to their users too, which is obviously a false assumption.

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message