If you have h3270 pointing at a recent s3270, then you can get SSL
support for free by specifying:
L:hostname:portnum instead of just hostname in the "connect to" field.
Other Phun Phact: you're probably going to have to edit your Tomcat
(or whatever) policy to allow the h3270 program to execute the s3270
executable.
Once you've done that, though, it's really quite straightforward. All
h3270 is is a little Java web app built on top of s3270 as a screen-
scraper. It works rather nicely. I would imagine that with a little
clever css you could even use proper 3270 fonts and colors, although I
haven't actually bothered yet. Also, wrap your Tomcat in SSL (gee,
that sounds dirty!) so that you're not exposing (gee, that sounds
dirty!) your password in the web part of the session (even if you have
SSL to the host, unless you have Tomcat protected by SSL you're still
sending username/pw in the clear to the web interface).
Adam