I guess I should say, accessing a URL not protected by a
security-constraint still triggers our custom AuthenticaitonMechanism.
On 11/14/2013 12:34 PM, Bill Burke wrote:
Accessing an unprotected area triggers our custom
AuthenticationMechanism. Is this by design or by spec mandate? Or a bug?
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com