I'm developing an application with Struts + EJBs + JBoss3.2.3 and I'm faced with a problem. I'd like to use JAAS for authorization and authentication. I was thinking of authenticating the user when it comes for first time with a principal of guest. That´s easy, because I can use IdentityLoginModule and I get such a Subject, but I have no idea of notifying JBoss this user has a principal of guest.
Something I haven't mentioned is that I want to make this thing transparently, without asking the user anything.
This way if I received an SecurityException from JBoss JAASSecurityManager I could redirect the user to a login page.
Does anyone know if this is possible or maybe I'm wrong?