I've been developing a j2ee project. The final outcome is an ear file that is deployed by weblogic. Today our network guys are saying that this is a security hole. They are placing weblogic in the dmz so there could be potential database security issues with the cmp getting data from the db. They are telling me that i have to break it up so that the html, jsp, images, etc can be in the dmz but the jar file can be behind the firewall.
I have a problem with this whole issue but the main one is that from weblogics site, they use an architecture that has weblogic begind the firewall using an ear file.
And when i propose this to them they cant seem to give me a straight answer.
Do these guys know something that IBM, Sun, BEA, Oralce, Sybase, etc doesnt regarding the use of ear files and security issues.