[jboss-user] [JBoss Seam] - Re: Multiple Domain Quesiton
fhh
do-not-reply at jboss.com
Fri Apr 6 10:45:27 EDT 2007
anonymous wrote :
| Would it be appropriate to use security rules to send 404s if someone tried to access one of the "control" domain pages through a non-control hostname? Or would that be a perversion of the security system?
|
Yes, it would be a perversion of the security system. It would be "security through obscurity" - and even rather poor at that. Security should NEVER depend on false error messages and something as fragile as DNS. Use secure name/passwords instead.
Regards
Felix
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4035341#4035341
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4035341
More information about the jboss-user
mailing list