This was using 1.10 which had any number of security issues (which actually did not affect us, since we do not use dynamic configurations). Tht version was abandoned a long time ago and there is really no reason that we should use an antiquated, unsupported system that (for our purposes) is just a layer over reading XML. Use NCSA Sec-Lib's configuration system which is a much more straightforward way to handle XML and gives many other benefits.
This was using 1.10 which had any number of security issues (which actually did not affect us, since we do not use dynamic configurations). Tht version was abandoned a long time ago and there is really no reason that we should use an antiquated, unsupported system that (for our purposes) is just a layer over reading XML. Use NCSA Sec-Lib's configuration system which is a much more straightforward way to handle XML and gives many other benefits.