Hope this isn't too far off topic. I am wondering if anyone has experience using the LifeRay portlet container (www.liferay.com). In its newest version. the business tier is built using Spring (and optionally EJB) . but JAAS is used for authentication. I would like to use Acegi ACL-based authorization within a portlet. I am assuming that once the principals are placed in the session on login, that I can simply retrieve them and use Acegi authorization within the context of the individual portlet. Does this seem like a tenable approach?
Any feedback much appreciated.