Application deployment
Before making your application publicly available, you should choose a unique secret key to use to sign the session cookie. Keep this key a secret so that your users won't be able to forge a fake session.
The application secret key is defined by the application.secret configuration property. By default, the template sets it to
changeme. Note that if you try to run your application in the production mode while your secret key still has the changeme value, Play throws an exception.
Deploying to your dedicated infrastructure
We already saw how you can run your application in production mode using the start sbt command. This command compiles your code, eventually executes the assets pipeline if you use it, and starts the Play HTTP server in a new JVM.
However, the start command is executed within the sbt shell, which means that you actually have two running JVMs: one for sbt itself and one for your application. In addition to the start command, there also is a stage command...
