On Fri, Jul 18, 2008 at 11:01 AM, Rajdeep Dua <[EMAIL PROTECTED]> wrote:
> Hi, > Recently the Abdera code seems to have been removed from the REST > implementation. The new implementation looks pretty simple as compared to > Abdera. > Were we over engineering by using Abdera or are we missing something which > existed before. > > Didnt quite understand the BasicSecurityToken implementation -- i gave a > token value of "a:a:a:a:a" and it happily accepted it. Is it by design or > it > is a bug?( I was tempted to open a Bug but thought of clarifying ) By design -- we have no way of knowing whether the token is valid for you or not. You shouldn't use BasicSecurityToken in production, instead using an encrypted form. > > > Thanks > Rajdeep >
