Can you provide a bit more details on what those 2 (GlassFish) classes provided you? And what kind of authentication are you looking for?
The main information regarding the security configuration can be found here: -
For a simple username / password authentication you would probably be looking for the UsersRoles login module although there are other modules listed if you want to work with an existing database or ldap installation.
What type of app are you actually enabling security on?
Our application is a Swing client talking RMI with the server. Authentication is simply username & password.
Glassfish's programmatic login work on the client side:
"... the actual login will not occur until we actually access a resource requiring a login. And a java.rmi.AccessException with COBRA NO_PERMISSION will occur when actual login is failed."
Login modules are to be used on the server side as far as I understand?