...
[13:19:09 CST(-0600)] <drewwills> that is insanely cool
[13:19:38 CST(-0600)] <athena> i know!!
[13:19:44 CST(-0600)] <athena> and you can do really cool filtering stuff too
[13:19:55 CST(-0600)] <drewwills> who ever imagined it would work out well not to be able to do session.getAttribute('foo') in a JSP?
[13:19:58 CST(-0600)] <athena> so you could do a post authorize that filters out person results the user doesn't have permissions to see, or something like that
[13:20:33 CST(-0600)] <drewwills> i have to run to lunch now, but glad this issue is in hand
[13:21:38 CST(-0600)] <athena> awesome 