<< That is the expected behavior in 3.2.3. 3.2.1 could leak credentials back to the request thread pool and allow unauthenticated users to access secured content using someone else's credentials. >>
Will this continue to be the same sort of behavior with 3.2.4? Thanks.. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3834075#3834075 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3834075 ------------------------------------------------------- This SF.Net email is sponsored by Sleepycat Software Learn developer strategies Cisco, Motorola, Ericsson & Lucent use to deliver higher performing products faster, at low TCO. http://www.sleepycat.com/telcomwpreg.php?From=osdnemail3 _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
