3 Replies Latest reply on Sep 13, 2005 12:52 AM by Jens Elkner

    JBAS-2243 - SecurityExceptions

    Adrian Brock Master

      http://jira.jboss.com/jira/browse/JBAS-2243


      Comment by Scott M Stark [12/Sep/05 09:14 PM]
      What is an example client context that is exposing this info?


      A dictionary attack.

      If the client has to guess both the user and password it is harder.
      log.warn("Access Denied", realError);
      throw new SecurityException("Access Denied"); // to the client