Scott Gray wrote:
I don't have a recommendation as such, it was just a thought to get you to the
quickest possible solution.
The options as I see it are:
1. Switch back to using https
2. Submit patches so that these warnings/error aren't logged for every request,
perhaps just at startup or perhaps have another configuration to disable the
warnings
It wasn't clear to me how you are ensuring the same level of security that
OFBiz provides OOTB but I would recommend that maintaining it should be your
highest priority.
I agree with this. Don't assume the network behind the firewall is safe.
Enable security wherever and whenever possible.
