[Resin-interest] j_uri sanitising

2009-02-16 Thread Richard Grantham
Hi list, Is it possible to inspect/manipulte the value of j_uri after it has been posted to j_security_check and before it's acted upon on a successful authentication? It has been suggested to us that parameter-based redirection is something of a security risk, so if we can ensure that the value

Re: [Resin-interest] j_uri sanitising

2009-02-16 Thread Aaron Freeman
Richard, This is a guess on my part, but perhaps you want a Custom Security Constraint. This page shows an example of setting up constraints: http://my-messages.setar.aw/ref/security.xtp So here is a tact you might try .. I didn't try to compile this so it's probably loaded with errors:

[Resin-interest] Resin 3.1.8 Recompile with -Xlint:unchecked for details

2009-02-16 Thread Rafael Escolar | Bookassist
Hi, I'm migrating from resin 2.1.16 to resin 3.1.8 and my logs are plenty of: [16:39:58.275][16:39:58.275]Note: /home/automat/www/bassist/WEB-INF/ work/_jsp/_bookassist_0admin/_users__jsp.java uses unchecked or unsafe operations. [16:39:58.275][16:39:58.275]Note: Recompile with

Re: [Resin-interest] Resin 3.1.8 Recompile with -Xlint:unchecked for details

2009-02-16 Thread Aaron Freeman
If your resin.xml is using the javac tag, does this work? javac compiler=eclipse args=-Xlint:unchecked/ - Aaron -Original Message- From: resin-interest-boun...@caucho.com [mailto:resin-interest- boun...@caucho.com] On Behalf Of Rafael Escolar | Bookassist Sent: Monday, February 16,

Re: [Resin-interest] j_uri sanitising

2009-02-16 Thread Richard Grantham
That works a treat. Fantastic. Thanks very much. -Original Message- From: resin-interest-boun...@caucho.com [mailto:resin-interest-boun...@caucho.com] On Behalf Of Aaron Freeman Sent: 16 February 2009 17:04 To: 'General Discussion for the Resin application server' Subject: Re:

[Resin-interest] [ANN] VTD-XML 2.5

2009-02-16 Thread crackeur
VTD-XML 2.5 is now released. Please go to https://sourceforge.net/project/showfiles.php?group_id=110612package_id=120172release_id=661376  to download the latest version. Changes from Version 2.4 (2/2009) * Added separate VTD indexing generating and loading (see