[http://e-docs.bea.com/wls/docs81/secintro/concepts.html WebLogic Security Fundamentals]

[http://www.mooreds.com/jaas.html Using JAAS for Authorization and Authentication] by Dan Moore focuses on Struts, and in particular the example application distributed with Struts.

[http://www.javaworld.com/javaworld/jw-09-2002/jw-0913-jaas.html JavaWorld article] by John Musser and Paul Feuer (particularly [http://www.javaworld.com/javaworld/jw-09-2002/jw-0913-jaas-p4.html page 4])