I am working on a services app development project where our app/service is going to serve some consumer application requests in the form of JMS or webservice requests. Please let me know what is the best solution to implement security in this scenario? I am looking for answers pertaining to authentication( validating the user/ client app) and authorization(whether the client can make this request).
Honestly, i never felt comfortable with the documentation in Sun site to be simple or easily understandable . [no offense intended to j2ee evangelists ]
Please dont give me the links from java site , unless they are very lucid. Please ... I am looking for straight forward answers in this forum.