RewriteValve and the ROOT webapp

precautions should I take? Security guides such as https://www.owasp.org/index.php/Securing_tomcat recommend removing the ROOT webapp, but without providing reasons or rationale. Thank you! --Dan Rabe

IllegalStateException when using CometConnectionManagerValve

We're writing an application that processes requests using both a normal servlet and a CometProcessor. The normal servlet handles user authentication and logout (among other things). Once the user has been authenticated, the client makes a Comet request, which is open until the server has