I've found two JBoss classes that retrieve Security information using JNDI:
I've tried the code from MailAccountServlet.java in one of my own servlets and it works.
There are some pecularities in JBoss' Db organization that uses 'qualified' groups to distinguish the User's login Principal from the Roles the User is associated with. I know this explanation is vague; I'm tracking this down and will report my findings later.
There's a post by basil @http://jboss.org/forums/thread.jsp?forum=49&thread=12162&message=3513126#3513126
that describes how to get the current Subject from JBoss.
I've used this code in a SLSB and it's worked OK so far.