I haven't been able to find good information on how to set up user authentication / authorization within the embedded Tomcat engine (v4.1.24). If want to set up user validation using a JDBCRealm I need to have a place to drop the JDBC drivers and a server.xml equivalent file to make the necessary adjustments, problem is the embedded version is completely different -at least in its directory structure- from the standalone one.
Moreover, I'd like to know how the user's security credentials are propagated from the Web Tier to EJBs within JBoss (v3.2.1)
Any help, hints or tips will be greatly appreciated.
PS: do things like this are explained in the for-pay JBoss documentation?