Frederic BAGES wrote:
> I haven't try since the changes were made but i think it's because of the
> way the session object is managed. You don't lose session information (your
> form) until a timeout occur. It's the same on many web sites. If you close
> your browser you won't be able to log in without your password. It's better
> than seeing the password in plain text in the html source. But i don't know
> why the password is not set to an empty string if you don't fill the
> password field.
>
This got changed about a week ago -- the password field no longer echoes the previous
contents into the source of the page. Try a recent nightly build.
>
> I forward this message in the dev list before the 1.0 release of struts.
>
> Frederic.
>
Craig
