We are creating our own container to sit above the Microcontainer, and I'm currently looking into replacing our internal security with authentication (JAAS) and authorization (JACC) services as provided by JBoss.
Whilst I'm fairly confident that I understand providing JAAS services to EJB and Java Servlet applications, I can't find anything as authoritive for providing services to containers.
Any help would be very much appreciated.
The security project is externally downloadable and usable in the mc. We do provide JACC as an authorization module.