From 550c4aafafffeeb3ae1ebd60ac9e8c32b1215c29 Mon Sep 17 00:00:00 2001 From: tim holloway Date: Thu, 19 Sep 2024 16:37:34 -0400 Subject: [PATCH] Doc tweaks, placeholder for security debug. --- README.md | 7 ++++++- pom.xml | 2 +- .../java/com/mousetech/gourmetj/SpringSecurityConfig.java | 1 + 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 3a1a633..f274d00 100644 --- a/README.md +++ b/README.md @@ -109,7 +109,8 @@ reference View- or SessionScoped backing beans. This is alterable by setting an option in the faces-config. force -### Developer/deployer note. Because of caching, updated installations +### Developer/deployer note. +Because of caching, updated installations may not render properly. Manually request the "/main.xtml" resource and that should flush out stale info being used by "/main.jsf". @@ -118,6 +119,10 @@ that caused HTTP "400" errors fetching resources. A fix has been made, although the ultimate solution will probably be more JSF-friendly. +Security note: The gourmetj password file is a simple CSV file +with "userid","password" plain text, NOT htpasswd form. Modify the +SpringSecurityConfig if you want something more rigorous. + ## Minor release 2.0.1 This release can build an installable RPM for Red Hat-compatible diff --git a/pom.xml b/pom.xml index 9e2bdf1..d5a602f 100644 --- a/pom.xml +++ b/pom.xml @@ -7,7 +7,7 @@ com.mousetech.gourmet gourmetj - 2.0.1 + 2.0.4 jar GourmetJ diff --git a/src/main/java/com/mousetech/gourmetj/SpringSecurityConfig.java b/src/main/java/com/mousetech/gourmetj/SpringSecurityConfig.java index 5386fdc..53d2d42 100644 --- a/src/main/java/com/mousetech/gourmetj/SpringSecurityConfig.java +++ b/src/main/java/com/mousetech/gourmetj/SpringSecurityConfig.java @@ -69,6 +69,7 @@ public class SpringSecurityConfig { || (pwLine.charAt(0) == '#')) { continue; } + //log.error("======== PWLINE="+pwLine); String[] creds = parseCreds(pwLine); UserDetailsManagerConfigurer>