How would I get Authentication and roles information from a JBoss realm that uses kerberos/SPNEGO from MSAD into a web-app using Spring security 3? Do I need to create a custom AuthenticationProvider or UserdetailsService? I've noticed that Spring Security 2 had container adapters, but they decided it was too much of a pain to keep them up. The other alternative that I can see is to call back out using LDAP. But, shouldn't there be an easier way?
The main point is the app is deployed in a single sign-on environment, but we'd need to enable/disable certain functionality based on the user roles.