Accepting Unauthenticated Users (The Java EE 6 Tutorial, Volume I)

The Java EE 6 Tutorial, Volume I

Previous: Propagating a Security Identity (Run-As)
Next: Securing Application Clients

Accepting Unauthenticated Users

Web applications may accept unauthenticated web clients and allow these clients to make calls to the EJB container. The EJB specification requires a security credential for accessing EJB methods. Typically, the credential will be that of a generic unauthenticated user. The way you specify this credential is implementation-specific.

In the Enterprise Server, you must specify the name and password that an unauthenticated user will use to log in by modifying the Enterprise Server using the Admin Console:

Start the Enterprise Server, then the Admin Console.
Expand the Configuration node.
Select the Security node.
On the Security page, set the Default Principal and Default Principal Password values.

Previous: Propagating a Security Identity (Run-As)
Next: Securing Application Clients