* Authentication Database (PostgreSQL)
** User and group tables 
** Authentication configuration 
** Servlet container realm configuration 

* JSPWiki Application 
** Directory layout and permissions 
*** WAR file 
*** Wiki pages 
*** Wiki logs 

* [Optimizations|DeploymentOptimizations] 
** Connecting Apache 2 to Tomcat 
** Serving static content from Apache 
** Pre-compiling JSPs 
** Running Tomcat & JSPWiki with a Security Manager 

* Deployment tools 
** SSH agent 
** Ant scripts 

This is just a rough outline. I will be fleshing this out over the next few weeks. -- Andrew Jaquith 

!!Comments and Discussion:
(starts here...)

!!!Operating system and servlet container 

!!Host access 

!!Directory layout 

!!Runtime security 

!Runtime users 

!Startup scripts 


!Container-managed authentication 

!!Service minimization 

!Tomcat hardening 

!!File permissions 

!Servlet logs 

!Servlet configuration directory 

!!Host-based firewall 

!IPTables example 

!!!PostgreSQL Database 

!!User and group tables 

!!Authentication configuration 

!!Servlet container realm configuration 

!!!JSPWiki Application 

!!Directory layout and permissions 

!WAR file 

!Wiki pages