I am new to JBoss and Portal. So apologize if this question has been asked before.
I have a JBoss 4.2.3 AS with Portal 2.7.2 deployed. I have integrated my firm's SSO standard with the JBoss instance so that a user will be challenged if he tries to access a protected portal page without credential.
Upon authentication, the firm's authentication valve sets the remoteUser header to a valid user ID and jams a session cookie into the request header. My question is how does the portal page pass the request header and the cookie down to portlet windows on the page so that proper entitlements can be applied inside the portlet based on the user credential.
Thanks for the help!
Would really appreciate someone's expertise.