Any Web Application that we develop must be secure and safe. We cannot just create an application that can be accessed/modified by every tom, dick and harry of this world. Though this topic is in no way related to the deployment descriptor or the deployment of a web application, I thought, this is the best place to cover this. Because, we are almost at the fag end of our journey towards SCWCD