hi guys, I'm a student really new to J2EE and I have a few questions was hoping you could help answer:

1 - what are the different levels of security that are in the J2EE security model?

2 - can someone describe to me some of the intricacies of implementing security for each of the major J2EE containers?

3 - how does security identity propagation work on a Web/J2EE technology stack?

thanks!