Java EE Security refcard is available for download. This refcard covers Java EE 6 security and discuss how each application server supports the specs. The refcard covers authentication, authorization, and transport security in Web Application, EJB application and web services by introducing the concept and the related annotations and deployment descriptors which help us realize the concept.
This is the second part of a larger setup which explain how to extend GlassFish CLI (Command Line interface , asadmin functionalities) and GlassFish Administration Console (Web Console). This Second part assume that you read the first part and you are ready to get your hands dirty with the coding and deployment.
My thought on GlassFish v3 release. GlassFish v3 is the the first application server supporting Java EE 6. You can find several useful links to related resources and events.