Hello again and thanks for your answer.
Unfortunately, I am still stuck...
I do not want to hand over the login info through the session, that's just ugly.
So I tried your second solution.
If I understand it correctly, the JBossIntegrationFilter basically just looks
up
I look at the CMSExportServlet in the jboss portal sources. It does not enforce
security... so it is a bad track. sorry.
where is your servlet ?
calling the jndi service for the subject works with the filter put in web.xml
of the portal-server.war.
This web app is the context where the
by the way, you have an example of downloading a file in the CMSAdmin portlet.
It is for downloading an export of the CMS.
may be things there.
The HttpSession, which is seen by the servlet, is not the same as the
portletSession that is used by the portlet.
what you can do is set the principal