i also posted this at the portal forum, but maybe i'll get a more detailed response here:
I'm currently fronting my JBoss Portal with an Apache2 Webserver via AJP. I'm now trying to use mod_jk to do Authentication of the user. My first problem was that the authentication took place but the getRemoteUser() method always returned null.
After some googling I read that i should set tomcatAuthentication="false" in the AJP connector configuration. When I do that, both authentication and auto-login work fine for the first request, but whenever I click on a link outside of a Portlet (Admin, Home, Dashboard, whatever) I get 403 errors.
Any explanations, ideas and workarounds would be greatly appreciated!