Security - mark222/SSDir GitHub Wiki

...TODO: Describe security model via Tomcat user IDs and encrypted passwords. Note dependence on Tomcat for this, no invention of our own. Note use of J2EE roles for administrator and office staff (e.g. protect functions, not just data). Note use of some code to allow/prevent access based on ROLE (not just limit URL resource or servlet name).

Describe technique to encrypte JSON data file, configuration options, hiding the private key.