Can you tell me if it's possible to control what portal objects are available for viewing using our own servlets and beans without using the user/role type model in JBoss?

Thanks for your help.