Scott M Stark wrote: > It would be good to add a hash of the password, but this is not > digest authentication as in HTTP digest authentication.
Ah yes, of course. I only meant storing digests of the passwords, nothing to do with HTTP authentication protocols. I don't know why I said digest authentication, because that's obviously something competely different. I'll have a go at modifying UsernamePasswordLoginModule accordingly... On another topic - we spoke previously about mods to the security proxy stuff to throw an exception in cases where the proxy delegate doesn't provide a matching method for all those in the remote interface. Do you think it would be worth changing AbstractSecurityProxy to make this the default in JBoss 3? Luke. -- Luke Taylor. Monkey Machine Ltd. PGP Key ID: 0x57E9523C http://www.mkeym.com _______________________________________________ Jboss-development mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-development