I think this was an optimization, to avoid a lookup. I'm not sure about the security risk in this case, but maybe you have something else in mind.
Can you give us what you are thinking about ? Thanks ! On 10/15/07, Alex Karasulu <[EMAIL PROTECTED]> wrote: > I was going through the code and found that the LdapPrincipal is now storing > the user's > password. This is an immense security risk! Why would we do such a thing? > > Alex > > -- Regards, Cordialement, Emmanuel Lécharny www.iktek.com
