… filter The verification of token type in the filter is to avoid the situation where tokens from other authenticator type are presented and interpreted as valid. This could be the case when a HTTP service protected with Alfredo changes its authentication handler and restarts using the the same secret to sign the tokens, in this case, tokens from the previous authentication type are not rejected as invalid.
Some servlet containers interpret ',' as cookie separator.
…xpiration of the token
…thentication HTTP cookie
…, updating missed change in README.txt