DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=18004>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=18004 JDBCRealm.authenticate() eats SQLExceptions and should not ------- Additional Comments From [EMAIL PROTECTED] 2003-03-14 21:25 ------- Been there (dealt with user support issues) ... done that (tried to make error messages more helpful) ... and I've seen server containers that behave the way you propose get themselves published on CERT advisories for having security vulnerabilities (what you want is *totally* against basic "Security 101" design principles). I'm not interested in seeing that happen to Tomcat. If you deploy an app that throws a JDBC exception in the authenticate method (say, because you mis-typed the name of one of the columns in the config), that is first and foremost a flaw in your application testing and deployment practices, which needs to be addressed before you even start thinking about how the server might be more responsive to reporting these problems to the ultimate end user. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
