Hi Folks,

Looking for some insight into how I would configure my application to allow users to get at secured resources when they are authorized from a separate Login System.

For instance if I have a custom authentication application running in WebSphere (or any other web server) and it authenticates a user, puts the user session into some global cache that is accessible with my JBoss application.

The Jboss application would receive a cookie as a key into the global cache to look up the authenticated session. If its there user should get a specific role and is authorized to access the role.

Right now have been digging into a custom Valve to do this however not making very good progress on getting this all working.