We are currently running JBoss 4.0.0 in production. Right now we are using the JAAS api and a custom database to manage authentication. At time(JBoss 3.0) this applicaiton was concieved there was no easy way to create a single sign on among multiple war files in a ear file. So we packaged all the web application into one war in a ear file. This allowed us to have all the web components in a single sign on. It also helped us pass through the credentials to our EJBs.
We are currently in the process of upgrading to JBoss 4.3. At this time we are investigating the options around using kerberos. Our JBoss application server is running on AIX (in production).
Based on the following use case, can anyone help us identify if J SSO could be a good fit.
1. We use IE as a browser of choice in the intranet
2. We like IE to negotiate the authentication using kerberos to JBoss.
3. We have Microsoft ADS to help with the kerberos authentication.
4. We still like a way to authenticate the EJB's called by web application components automatically.