Maybe by extending Identity class and overriding hasPermission() method ?
look at the blog example in your seam installation
I would look at the seamspace example, it has plenty of examples of controlling who has access to perform various actions.
I manage to do what i need by extending the seam Identity class using
Then i could override the hasRole and hasPermission moethod to perform my authorisation stuff by injecting entityManager