On 10/31/2014 4:15 AM, Stian Thorgersen
Looking this over, it seems pretty important! I think I'd like to
go ahead and implement this option before we merge. I should be
able to do that and also finish the doc updates by the middle of
next week. Just go ahead and release the Beta if you want. I can
catch the next release train.
Looks good to me. We should include this in Beta1.
A few comments/questions:
* Can we support enabling confidential transport-guarantee (auth-server/WEB-INF/web.xml) without cracking open the WAR? This seems to be the last requirement for an exploded WAR
I plan to implement this as a boolean value on on the server called
"https-required". Is there a better name for it?
Should the default be false? I realize that the default in the
appliance dist is false, but should the default always be false?
If true, this will be automatically added to auth-server.war at