Is it possible to assign a default role to the unauthenticated-principal defined in the jboss.xml file?
I can specify an unauthenticated-principal but I don't see the value of setting this parameter if I'm using role-based security. The unauthenticated-principal will not be able to execute any EJB methods in my application, so what good is it?
How do I implement: let everyone in except for those who have given me an invalid principal and credential?
Thanks