I have situation in which user is authenticated via java ee security mechanism, so user details are available under getPrincipal. How Modeshape interacts with this mechanism? How login process looks like? I want Modeshape to use principal username in createdBy and modifiedBy fields. What is more our authentication system is based on getPrincipal, and we would like to overwrite modeshape check permissions with one from our system, and it would be the best if it can be achieved by custom Authentication Provider - but then I have no idea what would happen with login process to modeshape?
I think the correct way to do this is to indeed implement your own AuthenticationProvider. See our documentation on the subject. Feel free to create one that is similar to or even extends one of our existing providers (e.g., JaasProvider).