The Application Server supports the J2EE v1.4 security model, as well as the following features which are specific to the Application Server:
Message security; see Configuring Message Security
Single sign-on across all Application Server applications within a single security domain; see User Authentication for Single Sign-on
Programmatic login; see Programmatic Login
A GUI-based deploytool for building XML files containing the security information; see deploytool