I'm trying to check if it's possible to customize the authentication scheme for users of JBoss Enterprise Portal. The specific customization is that in addition to username/password, we want to require either a PIN (limited use, etc.) or second factor auth (using a token or whatever) whenever the user attempts to access a particular set of records/resources in a specific portlet.
The documentation states that a customized login module can be created using JAAS, but I'm not sure if it would support the above scenario.
Anyone have any idea if this can be done or aware of any guides online?
Thanks!