Dave Johnson on open web technologies, social software and software development
« Roller in Japanese,... | Main | Roller on the Sun... »
I made this proposal -- a new Atom server implementation for Roller and Rome -- on the Roller mailing list and nobody objected, but I didn't get a lot of feedback.
Dave Johnson in Roller
02:40PM Nov 08, 2004
Comments [4]
Tags:
Roller
This is just one entry in the weblog Blogging Roller. You may want to visit the main page of the weblog
Below are the most recent entries in the category Roller, some may be related to this entry.
Posted by Lance Lavandowska on November 09, 2004 at 01:24 AM EST #
First welcome to rome, we discussed that and I think it is a great idea.
I had no time to dig into that in details, I'm in vacations these days, but the getPassword() method puzzles me: the implementation should use container managed security and should not have to deal with passwords at all: getPrincipal and isUserInRole should be all you need for security. Once again I did not look at the details but for me this getPassword() method is a red falg.
BTW on the same security note, I looked at roller tables recently and realized that passwords are stored in the clear. This is not secure at all. I think a hash should be stored instead and the realm would use the hash function to check the password.
Just my 2 quick lazy cents:-)
Posted by patrick chanezon on November 09, 2004 at 08:55 AM EST #
Posted by Matt Raible on November 09, 2004 at 03:14 PM EST #
Posted by Patrick Chanezon on November 10, 2004 at 08:29 AM EST #