https://bz.apache.org/bugzilla/show_bug.cgi?id=58551
--- Comment #6 from romain.manni-bucau <rmannibu...@gmail.com> --- The "not that hard" is really dependent on your environment. Not being in the spec is one thing and you seem to keep speaking of web applications where the most common use case for such a feature is webservices IMO (allowing "internal" not secured communication and "external" secured communications). I wouldnt activate it by defaut as well but I would add a flag on the connector to be able to do so (acceptPlain=true on a SSL connector for instance). -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
