now I have a Webservice running on JBoss 4.2.2.GA (all) with "X509 Certificate Token"-Security. The serice endpoint is implemented by an ejb3 sessionbean.
This works fine and a request/response is now signed and encrypted.
Now, I would like to add authentication, so that a special user (and role) will be associated to the call.
I know the CertificatePrincipal-Wiki-entry, but I don't know, how I should adopt this for a ejb-endpoint. Could you give me a hint, how I can authenticate and authorize with a security domain from a given x509 certificate?