We have been forced to upgrade two of our applications from JBOSS 3.2.1 (with J2EE 1.2 and EJB 2.0) to a later, more secure version. We don't have much experience in this area. We are looking into JBOSS 4.0.x series but it seems like we need to make quite significant code changes to make it to work. Unfortunately, we are on a resource and schedule crunch. Would 3.2.8 be a better choice for easier redeployment?