I am looking for a model like the one used on www.jboss.com. What I would like to do is have unathenticated users have access to the servlets in a "read only" mode, but for authenticated users to be able to use the same URLs but now get the page rendered with a form and data entry widgets.
I don't have a problem coding the servelts to get the principal and determine how their pages should be rendered. But I can't figure out how to configure the login modules so that the servlets have a security domain but to stop the login form or HTTP popup being displayed when the site is first entered. This is dependant upon finding a way to set the security context for the session from within my code running within the JBossAS? Any clues in this area whould be helpful too.
Thanks for any help