Hi Bill,
I think this looks good. I would not bother with dealing with tokenizing the password the URL property, rather we can update the javadocs to clarify that you should use the password element instead.
Best,
Lance
On Jan 30, 2012, at 5:49 PM, Bill Shannon wrote:
> I've uploaded a proposal from our security team for password aliasing
> support in Java EE 7. Let me know if you have any comments.
>
> http://java.net/projects/javaee-spec/downloads/download/password-aliasing-ee7-proposal.pdf
Lance Andersen| Principal Member of Technical Staff | +1.781.442.2037
Oracle Java Engineering
1 Network Drive
Burlington, MA 01803
Lance.Andersen_at_oracle.com