A full-service application server like Apache Geronimo needs to have a full-service security implementation, and that means more than just supporting SSL connections. It means securing the internal requests made within an application. In this installment, David Jencks talks to the renegade about the current and future view of Geronimo's security implementation.