Make sure every route is login.required and allow FAS authorization
<puiterwijk> Given the nature of this application, the auth needs to be very strong. <puiterwijk> No, every single page here needs auth from a -main person <puiterwijk> "that depends" is mostly whether auth gets handled by the application or by httpd
Login to comment on this ticket.