We have a series of external spring based RMI services which make use of interceptors to authenticate user requests against a centralized authentication server. The authentication server exposes entirely propriatary APIs used by the RMI interceptors and uses a user repository (DB based).
We are working on a project to move these services to standard stateless session beans hosted in JBoss AS 6 (eventually 7). For these new services, we have been able to configure AS to authenticate the incoming users against the same identity data source used by the older authentication server.
Having described all this, we will not be able to move all the services at once, so for sometime I need to have a few external processes exposing RMI services with the old interceptors. My question is, without complicating the deployment and requiring any new centralized authentication service that handle requests for both the RMI services outside and stateless session beans in AS, can I get my old interceptors on the external RMI services to invoke authentication API in a standard JBoss AS instance? Are there any articles/examples of this type of use case? Or is the only option to move both JBoss and the RMI serviecs to authenticate against a standard central service?
Ideally I would like to simplify the deployment to a single JBoss instance hosting the new services (stateless session beans), the older spring based RMI service instance and clients logging into JBoss and able to invoke the old Spring based RMI services without anything in the middle.