[JBoss Portal] - Re: Unauthenticated /sec Access with CAS enabled - jboss-user

Tuesday, 2 December 2008

This is a valid bug. The CAS SecuredURLPattern needs to filter /sec from its list.

This fix should be available in the next release. Until then, you can override the
getSecuredURLPatterns method on the Valve with this filtering

Thanks

View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4193773#...

Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...