The recent problems detected in LoginModule implementation are also
applicable to code in branches\1.2, branches\1.1 etc. Though it has not
resulted in a security issue in other releases as serious as the one Donald
has unearthed in 2.0 release, the code is not as per what JAAS recommends.
Should
I guess I think it would be reasonable to port the fixes to the 1.2
branch before we forget since that should only take a few minutes but
I'm not sure this is of enough importance to inspire someone to
actually release 1.2.
thanks
david jencks
On Aug 15, 2007, at 11:29 PM, Vamsavardhana