[jboss-user] [JBoss Seam] - Re: Multiple Domain Quesiton

fhh do-not-reply at jboss.com
Fri Apr 6 10:45:27 EDT 2007

anonymous wrote : 
  | Would it be appropriate to use security rules to send 404s if someone tried to access one of the "control" domain pages through a non-control hostname? Or would that be a perversion of the security system?

Yes, it would be a perversion of the security system. It would be "security through obscurity" - and even rather poor at that. Security should NEVER depend on false error messages and something as fragile as DNS. Use secure name/passwords instead.



View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4035341#4035341

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4035341

More information about the jboss-user mailing list