we are currently evaluating this possibility. I was wondering if you had any success.
I've created a centralized role-based J2EE security service called JoshuaBranch AS and plan to publish a commercial version (free for non-profits) this month at JoshuaBranch.com (the site will be up within a few weeks).
LDAP authentication is planned for one of the upcoming versions. LDAP authentication is a bit complicated, but it will be simplifid for the Security Administrator (SA). The applications using the security service will be oblivious to how the users are authenitcated, so users of the current version wil not need to change a single line of code to utilized LDAP. The SA will define how users are authenticated via a security administration web front-end to the centralized service, and configure LDAP connection parameters, meaning that applications using the current version will not need to change any code to use it, although a redeploy could be required to include up-to-date client jars.
Currently, any J2EE application can use the centralized security service, including JBoss and WebSphere, even though it runs in JBoss. In other words, you can administrate security for all of your J2EE applications via a single security administration web console even if the applications are running on disparate J2EE vendor servers and multiple server instances. This is ideal for enterprises migrating over to JBoss, while continuing to use WebSphere or WebLogic.
If you would like to be informed on the roll out of JoshuaBranch AS, send an mail to joshuabranch-as-news at joshuabranch.com requesting to be put on the news list.