[ http://jira.andromda.org/browse/BPM-219?page=history ]
Wouter Zoons closed BPM-219:
----------------------------
Resolution: Fixed
Fix Version: 3.1-RC1
I'm not generating these pages under WEB-INF since this affects the templates
in an ugly way (each page path requires a possible prefix), a more elegant
solution has been put in place by grouping resources in security-constraints
sections in web.xml with no roles in the corresponding auth-constraint; this
will make sure only the server has direct access to these pages
> have web pages secured: generate them under WEB-INF
> ---------------------------------------------------
>
> Key: BPM-219
> URL: http://jira.andromda.org/browse/BPM-219
> Project: Bpm4Struts Cartridge
> Type: Improvement
> Versions: 3.1M1
> Reporter: Wouter Zoons
> Assignee: Wouter Zoons
> Fix For: 3.1-RC1
>
> apprently this will improve security as only the container will be able to
> directly call those resources
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.andromda.org/secure/Administrators.jspa
-
If you want more information on JIRA, or have a bug to report see:
http://www.atlassian.com/software/jira
-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
_______________________________________________
Andromda-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/andromda-devel
