I've been breaking my head over working around a JBoss Portal bug that prevents access to the dashboard if the Principal has a "." (dot). So, I can't use JBoss Portal if I logged in as "email@example.com" or "firstname.lastname@example.org", etc.
To be able to workaround this, I need to avoid the addition of the UserPrincipal automatically. What do I need to do to achieve this, and is it even possible?
Does JBoss security code use AOP interceptors to do this?