A user has already been authenticated before accessing my application's servlet. This authentication is evidenced by setting a parameter to one of several predetermined values in the request. I could use the value of this parameter as a username. I can assign this user certain roles through the roles and password files as a Form authentication would do using UsersRolesLoginModule. I need to have this authentication available to EJB's downstream as well.
So, how can I do this without submitting a form?
It seems that similar issue has been discussed in this forum but I couldn't pick out a clear solution.