It has come to our attention that files stored on a JDS are world readable if someone knows the URL. This seems like a security risk since people can scan your JDSs and potentially "borrow" your software. The only way we have been able to figure out how to lock it down also removes Casper access, which is pretty useless.
Have others dealt with this? Were you able to give Casper and clients access but remove web access?