I am using STRUTS and have created a Plugin. This plugin needs to call some EJB's to get information for caching. However, the ejb's are secure. I need to be able to tunnel through the security with the initialization of the plugin. Then, when someone hits the site, they need to be forced to authenticate.
I have set the unauthenticatedIdentity and it allows the struts plugin to run, but the users now get a 404 when trying to access the site. On the flip side, if I do not set the unauthenticatedIdentity, the plugin can access the ejbs and the users CAN access the site.