Bill Shannon wrote on 08/17/09 16:43:
> Lloyd Chambers wrote on 08/17/09 16:14:
> > 3. Just a weird minor flaw not peculiar to your code:
> postConstruct() can be called by anything at any time, since it's
> public. So even a mistake is a problem and could defeat the local
> password until the servew is restarted: the code as written overwrites
> the in-memory password, which would then differ from the one on disk.
> Probably this should be more defensive.
Actually, it will rewrite the one on disk too, so this should be safe.