This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
Can somebody point to me to a good document which explains J2EE Security. I am interested in knowing the complete flow. For example how is the user name and role mapping is done. How is the password authentication done typically. How is it implemented for web components and how is the role passed to the EJBs.