You want to replace the security manager completely?
Your implementation should be implement RealmMapping and AuthenticationManager interfaces at least. The security manager itself should be an MBean.
I think I didn't provide enuf info!I am sorry for that!
Actaully I already have an infrastructure built with support for password aging,no, of user sessions,no of login attempts etc,provided for custom built classes using HTTP/SOAP architecture.
Now I want to migrate those classes to EJBs and, use the logic of already implemented code to JBoss Login modules/proxies, to achieve the same.
Is it possible using the current JBoss architecture?That is to say,for example,once I authenticate the user bean using the custom login module providing verification of above mentioned services,the other beans called subsequently won't be calling the same "login" module again.
ALSO,Is it possible in JBOSS to do the authentication only on "creation" of bean and not on every subsequent method call?
Thanks in Advance.