This week's book giveaway is in the OCAJP forum. We're giving away four copies of Programmer's Guide to Java SE 8 Oracle Certified Associate (OCA) and have Khalid A Mughal & Rolf W Rasmussen on-line! See this thread for details.
Although it is pretty clear to me how to setup security constraints in J2EE, it is not clear how the different types of authentication mechanisms are implemented. For example, for the FORM type, where is the POST sending the data?
I need to know how to specify the database of username, passwords and roles in order to include it in my diagrams.