Making Resources of Secured Java EE Applications Accessible

For protected Java EE applications, you'd normally want to make certain resources, such as the welcome page, accessible without user authentication. Accomplishing that with OpenSSO Policy Agents involves only a simple procedure.

Part 2 of a recent series on Sun Developer Network guides you through the steps. The article also contains an overview of the three types of single sign-on (SSO): same-domain SSO, cross-domain SO, and Federation.Part 1 describes how to protect applications with authentication before access. Part 3, coming up in early 2009, will show you how to allow only certain users to access predefined resources. Stay tuned!