I have a 3 tier architecture using Java Swing client/ Tomcat Server/ MySQL. I want to implement security. I am pretty open to what I can use. The only restriction is to use users/roles stored in the DB. I am just looking for suggestions on how I can implement this without re-inventing the wheel.