Doc tweaks, placeholder for security debug.

README.md

@@ -109,7 +109,8 @@ reference View- or SessionScoped backing beans. This is alterable
 by setting an option in the faces-config.
 force 
 
-### Developer/deployer note. Because of caching, updated installations
+### Developer/deployer note.
+Because of caching, updated installations
 may not render properly. Manually request the "/main.xtml" resource
 and that should flush out stale info being used by "/main.jsf".
 
@@ -118,6 +119,10 @@ that caused HTTP "400" errors fetching resources. A fix has
 been made, although the ultimate solution will probably be more
 JSF-friendly.
 
+Security note: The gourmetj password file is a simple CSV file
+with "userid","password" plain text, NOT htpasswd form. Modify the
+SpringSecurityConfig if you want something more rigorous. 
+
 ## Minor release 2.0.1
 
 This release can build an installable RPM for Red Hat-compatible

pom.xml

@@ -7,7 +7,7 @@
 
     <groupId>com.mousetech.gourmet</groupId>
     <artifactId>gourmetj</artifactId>
-    <version>2.0.1</version>
+    <version>2.0.4</version>
     <packaging>jar</packaging>
 
     <name>GourmetJ</name>

src/main/java/com/mousetech/gourmetj/SpringSecurityConfig.java

@@ -69,6 +69,7 @@ public class SpringSecurityConfig {
 					|| (pwLine.charAt(0) == '#')) {
 				continue;
 			}
+			//log.error("======== PWLINE="+pwLine);
 			String[] creds = parseCreds(pwLine);
 			UserDetailsManagerConfigurer<AuthenticationManagerBuilder,
 				InMemoryUserDetailsManagerConfigurer<AuthenticationManagerBuilder>>