From your post it looks like the default portal has some security-constraint.
If this is to open to unauthenticated users , you shouldn't be forced to login.
I just read that post...
No, I haven't a security constraint on the default portlet.
I tried to install a very new and clean JBoss Portal 2.6.5 and I can see the default portal. Than I turned on the OpenSSO-Valve in the jboss-portal-ha.sar/portal-server.war/WEB-INF/context.xml and again, I will be redirected to OpenSSO-Login-Page as soon as I call myhost.com:8080/portal.
Interestingly, the back-redirect-url is something like ../auth/default/... ?!
Any ideas, how to see the first page without log in using OpenSSO?