WS and SAP Logon Ticket

Hello,

I have a scenario WS would connect via EJB (RFC call) to SAP R/3. For Authentication UME is going to be used, SAP R/3 is going to be the data source. I did have a look at "Protecting Access to the Web Dynpro Application Using UME Permissions " but I had few doubts:

1. In this tutorial, SAP Logon Ticket is being used - in that ONLY the User Id is being checked for authentication. I understand from the description that ONLY UserID is sent and there is concept of cookies and all. Does this mean, that the password is not checked at all? Would it be possible to program that the user can ask for password?

2. The Web Service with SAP Logon Ticket if called form MS Application like Visual .NET then what are the requirements for that?

3. Is UME Configuration required on the EP? Since the tutorial did say about using UME console to assign users, roles etc or it is not required if the authentication is form the WD application.

4. How is synchronization handled with UME?

I look forward to the suggestions/comments from you. Can anybody also point to some other tutorial for making a WS which makes an EJB RFC call. I am a novice in UME so looking for help form experts.

Many thanks,

Dharmi