Without ever having done anything like it, two ideas come to my mind.
First would be SingleSignOn, but that requires modifications on all containers, which is probably not what you want.
The second, and maybe more practical approach would be InterPortletCommunication via PortletEvents as described in the docs (http://docs.jboss.com/jbportal/v2.7.1/referenceGuide/html/portalapi.html#d0e7108). Once you receive a certain event, your portlets could invalidate their corresponding session.
Maybe it helps :)
Thanks, that helps. I was thinking there might be some sort of JSR186/268 type mechanism to assist with that.
None that I know of, but then again, I never had a problem like that.
JSR-286 however has a standardized event mechanism (Ch.15, Coordination between portlets), although I haven't read the spec yet (sticking with JSR-168).
We've enabled Tomcat's SSO valve which is effectively very similar to what you're trying to do: http://www.andypemberton.com/jboss/securing-ajax-servlets-in-jboss-portal/
Though, can you further describe your apps and the "four different containers" they run in? Are the consumed with WSRP? How are the sessions initially established to those applications?
The default behavior of the portal is to synchronize the session between the Portal and portlet WARs deployed to it.