Hello, I'm researching JBoss Portal for a few projects. After browsing through the documentation, I have a few questions about JAAS and SSO. If someone has a few minutes to either go into detail on a few points or direct me to some further documentation, I'd greatly appreciate it.
As I understand the software (from the reference documentation), the permissions are mapped to roles in the jboss-portlet.xml. These roles are defined in the database and managed via the roles portlet. Obtaining authorization for a permission is done by a call to JBossRenderRequest or JBossActionRequest's hasPermission(permission) method.
Are there methods to obtain the Principal or the Subject? For instance, I will need to somehow authenticate and authorize the user in my service layer which will most likely be a remote or local EJB sesssion facade. What would be considered the best practice for accomplishing this under your famework/API?
Also, are there any modules written for obtaining authentication/authorization against other user stores (LDAP, etc.) or is this left to the developer to implement via some custom LoginModule or other means?