Your user name is principal. His credential is his smartcard with signature ( am I right? )
Security checking in Jboss has 2 phases:
authentication ( caller is person who it pretends
to be, and provided valiud credentials ( smart card ) for his principal )
So your login module on server side has to verify
correctness of his signature.
Second phase is authorization - it's checked whether
given user has certain roles required to perform
Most common way on the client side is to just store away principal ( username ) and credential[s] ( signature from the smart card ) provided by user and
pass them to backendon every bean invocation
( this is implemented in ClientLoginModule )
you will need means on the client side to obtain username and signature from the smartcard,
and login module on the server side which performs
checking of those and also role-mapping.