[
https://issues.apache.org/jira/browse/OFBIZ-10047?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16296569#comment-16296569
]
Jacques Le Roux commented on OFBIZ-10047:
-----------------------------------------
About https://tomcat.apache.org/tomcat-8.5-doc/realm-howto.html#LockOutRealm we
don't care about this page because it's said there
bq. You only need to care about this if you are using a web application that
includes one or more <security-constraint> elements, and a <login-config>
element defining how users are required to authenticate themselves. If you are
not utilizing these features, you can safely skip this document.
and we don't use that OOTB. We handle sign in, logging out and credentials with
password hashed and salted (OFBIZ-1151) internally in OFBiz
So all is clear here to me.
> Tomcat SSO
> ----------
>
> Key: OFBIZ-10047
> URL: https://issues.apache.org/jira/browse/OFBIZ-10047
> Project: OFBiz
> Issue Type: Improvement
> Components: framework
> Affects Versions: Trunk
> Reporter: James Yong
> Assignee: James Yong
> Priority: Minor
> Attachments: OFBIZ-10047.patch, OFBIZ-10047.patch, OFBIZ-10047.patch,
> OFBIZ-10047.patch, OFBIZ-10047.patch
>
>
> Proposing Tomcat SSO to be used in OFBiz to improve on Single-Sign-On.
> This aim to fix the issues mentioned in OFBIZ-6963, OFBIZ-6994.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
