The ability to deploy, undeploy and change deployment properties of decision services should not be available to all web console user accounts. For example, a web console user account with Read-only access should only be able to login and view console pages, and should not also be able to make/modify decision service deployments, connect to other server instances, create applications, or otherwise change anything.  Old server web console (JSPs within axis.war) had a few roles with which user access could be limited or controlled.

Without role-based control, access to web console becomes so sensitive that, in real-world deployments, either corticon.war is not deployed at all, or it's so tightly controlled that the great information it contains isn't available to those who could benefit from it.