diff --git a/README.md b/README.md
index 3a1a633..f274d00 100644
--- a/README.md
+++ b/README.md
@@ -109,7 +109,8 @@ reference View- or SessionScoped backing beans. This is alterable
 by setting an option in the faces-config.
 force 
 
-### Developer/deployer note. Because of caching, updated installations
+### Developer/deployer note.
+Because of caching, updated installations
 may not render properly. Manually request the "/main.xtml" resource
 and that should flush out stale info being used by "/main.jsf".
 
@@ -118,6 +119,10 @@ that caused HTTP "400" errors fetching resources. A fix has
 been made, although the ultimate solution will probably be more
 JSF-friendly.
 
+Security note: The gourmetj password file is a simple CSV file
+with "userid","password" plain text, NOT htpasswd form. Modify the
+SpringSecurityConfig if you want something more rigorous. 
+
 ## Minor release 2.0.1
 
 This release can build an installable RPM for Red Hat-compatible
diff --git a/pom.xml b/pom.xml
index 9e2bdf1..d5a602f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -7,7 +7,7 @@
 
     <groupId>com.mousetech.gourmet</groupId>
     <artifactId>gourmetj</artifactId>
-    <version>2.0.1</version>
+    <version>2.0.4</version>
     <packaging>jar</packaging>
 
     <name>GourmetJ</name>
diff --git a/src/main/java/com/mousetech/gourmetj/SpringSecurityConfig.java b/src/main/java/com/mousetech/gourmetj/SpringSecurityConfig.java
index 5386fdc..53d2d42 100644
--- a/src/main/java/com/mousetech/gourmetj/SpringSecurityConfig.java
+++ b/src/main/java/com/mousetech/gourmetj/SpringSecurityConfig.java
@@ -69,6 +69,7 @@ public class SpringSecurityConfig {
 					|| (pwLine.charAt(0) == '#')) {
 				continue;
 			}
+			//log.error("======== PWLINE="+pwLine);
 			String[] creds = parseCreds(pwLine);
 			UserDetailsManagerConfigurer<AuthenticationManagerBuilder,
 				InMemoryUserDetailsManagerConfigurer<AuthenticationManagerBuilder>>