Hi, Security, other point to investigate: jdbc connection user id and pwd (this can be secured using password DIGEST) session timeout (expose data ) put in fron of teh Application Server a reverse proxy (Apache 2.2.x) (useful also for eventually load balancing) LDAP use ? (open point not for 1.1 I think) Tomcat REALM use ? (teh Memory REAL can be used straithward while JDBC and JNDI REALM need a more study)
I am sure I forgot something Best Regards ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
