AuthenticRoast allows you to build highly flexible authentication mechanisms for the Java Web tier. This can be anything from HTTP Basic authentication to authenticating with openid, facebook, or your company's Kerberos setup. The authentication modules can be combined at will and even changed at runtime. This currently works for glassfish and plain Tomcat, and allows you to use all the features of container-managed security without being constrained to the simple login methods provided.
Flexibly generates password candidates using OS pseudo-random sources.