ok, i will ask something specific:
1. is there a way to integrate web-app security with the remote ejb security? (i mean use basic or form-based authentication with the jboss login config?)
2. now i am trying LoginInitialContextFactory, but somebody (tomcat i think) cant find a config file (java.lang.SecurityException: Unable to locate a login configuration). I found info that i have to point it to auth.conf, but i dont have auth.conf. can i use login-conif.xml instead somehow?