Having read through several tutorials etc on the subject oj J2EE & security, I am still struggling with one aspect which is very important in the project I'm working on...
According to something somewhere (!) on the Sun site, a standalone Java client (ie: outside of the J2EE world completely) is assumed to be a "guest" / un-authenticated user on the J2EE server. This is a real problem for us, as we need to use Java clients which won't be within J2EE but want to use the J2EE security and not have to code our own stuff.
So, does anyone know if you can you make a standalone Java application use the J2EE security model ? ie: is there any way of authenticating a standalone client object ?
(brian_mcanulty at yahoo dot com)