First thing is, the domain that SharePOint is in must trust the user domain.
You must enable your peoplepicker to look into that domain (if it's in another forest). See this article:
http://technet.microsoft.com/en-us/library/cc262051(office.12).aspxAs far as non-domain users....I'm not really up to speed on the claims based security in 2010. In 2007 you would need to extend your web app, use FBA authentication, and set up some sort of user repository for them (such as SQL or ADAM).