[
https://issues.apache.org/jira/browse/OFBIZ-10047?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16296569#comment-16296569 ]
Jacques Le Roux commented on OFBIZ-10047:
-----------------------------------------
About
https://tomcat.apache.org/tomcat-8.5-doc/realm-howto.html#LockOutRealm we don't care about this page because it's said there
bq. You only need to care about this if you are using a web application that includes one or more <security-constraint> elements, and a <login-config> element defining how users are required to authenticate themselves. If you are not utilizing these features, you can safely skip this document.
and we don't use that OOTB. We handle sign in, logging out and credentials with password hashed and salted (OFBIZ-1151) internally in OFBiz
So all is clear here to me.
> Tomcat SSO
> ----------
>
> Key: OFBIZ-10047
> URL:
https://issues.apache.org/jira/browse/OFBIZ-10047> Project: OFBiz
> Issue Type: Improvement
> Components: framework
> Affects Versions: Trunk
> Reporter: James Yong
> Assignee: James Yong
> Priority: Minor
> Attachments: OFBIZ-10047.patch, OFBIZ-10047.patch, OFBIZ-10047.patch, OFBIZ-10047.patch, OFBIZ-10047.patch
>
>
> Proposing Tomcat SSO to be used in OFBiz to improve on Single-Sign-On.
> This aim to fix the issues mentioned in OFBIZ-6963, OFBIZ-6994.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
Locked
