To put my comments into context, I only have experience with Java (jsps) and php.
When it comes to speed of development/implementation, php requires much less development time. Java always requires more code.
When it comes to security, Java seems to be the most secure and trusted language as your application is usually restricted to certain behaviors, unless security settings are specifically changed. There is nothing insecure about php itself, although bad practice by the script writers can open up holes. As long as best practices are followed, php can be very secure.
Java's JDBC database connectivity allows applications to switch databases very easily. If you use a good database abstraction class for your php, you should also be able to change databases in php.
The jsp and php models are different when comparing the lifetime of the application. In php, when you request a page, the server will run your application and then it ends with the end of the request. With Java, your application will continue to run over multiple requests, allowing you to share the same data and memory until you close or reset the application. What this means is that you can have a cache of data in main memory to hold record information without having to hit the database each time there is a new request.
Php is a hot technology, and because it is so easy to use, it has a large following. But beware, not all people who "know php" know good programming / design principles.
Php5 gives good support for Object Oriented design, which if done right, can allow your new application to be much more flexible and better suited as an enterprise application.
That is my 2 cents.