This security thing are also usually done by some http server in front (apache...).
another thing to think of : if you use some ajax features, it usually have it's own servlet and calls it's own resources (scripts files) in the web app. this also need to be secure, but let the ajax feature access it's resources. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4138249#4138249 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4138249 _______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
