G'day all! I'm rather new to JBoss, and after spending some time with it, am really impressed. Great work, all!

I've decided on what seems to be a very secure architecture for my application, but am having a bit of trouble understanding whether it is possible. It is a standard three-tier architecture -- web tier, EJB business logic tier, and database tier. The web tier shall strictly not have write access to the database, or even a socket that, when used with the correct DB credentials, could obtain write access to the database. I don't trust the web tier because the web tier is going to have customers with SSH access to it. If one of the customer passwords is compromised (by physical means), I don't want to sacrifice security.

 _____         |        _______        _______
| web | ----> FW <----> | EJB | <---> | RDBMS |
 -----         |        -------        -------



Questions:

1. I presume this is pretty typical (if a bit paranoid), no? If not, is there a better solution to the general layout?

2. The web tier will have Catalina containers running on it. I don't really need JBoss running there, and if I could get away without it, I would. But I would like to have enable web application security from a single authentication store, managed by JBoss, behind the firewall. Possible without JBoss? How?

3. If not possible without JBoss, how do I do set up the web tier with JBoss? Do I have to pass JNDI over the firewall? If so, do I need to secure the JNDI against attacks from the web tier?

4. Does setting up a read-only LDAP server with replication from the SQL database make the problem significantly easier to solve? If so, what are good solutions to replication from SQL to LDAP? Or is it better to keep them in sync explicitly by program control?

5. I'm currently developing on 2.4 for an expected low volume release in a few months. Would I be better off trying to do this on 3.0?



I know this is a lot of questions, and I *really* appreciate the effort that anyone takes in trying to help me understand the answers, or even get some clues, to solving them. Good documentation besides the JBoss 2.4 PDF that would help are also good.