This is a recurring theme that appears across many open source projects. Since we are an enterprise organisation, we do not allow admin access to applications from the internet. Admin access has to be done, internally(this may be allowed via a vpn connection from the internet, but for all intents and purposes, the connection is from our internal network).
To facilitate this, we have seen some projects provide two separate war files. Once for "normal" user access, and one for the admin user to access. This means we can deploy the admin user on a separate jvm, and hence have a nice sandboxed access to administration. This can listen on another ip/port, which would allow us to separate admin access from normal user access.
In other words, no matter how hard a black hat tries, there is no admin functionality available on the internet facing application(eg. scmadmin does not exist).
Not sure if this is currently possible, appreciate any feedback on your thougths as to the practicality of doing such a setup.
thanks for a great product, and keep up the good work Sc0tt..