Undertow team,

I'm trying to integrate our integration with JBoss into Wildfy 8.x.  Its a reverse proxy that generates a token in a header that is then decoded and the context is set.  It works in JBoss 7.x using a combination of a Valve and a JAAS LoginModule but am struggling to figure out what the replacement of the Valve would be.  

Doing some googling I found http://undertow.io/documentation/core/security.html but it doesn't point out how to configure this without writing custom code to add mechanism to the chain.  I found a stacktrace article about setting up a servlet extension that creates the mechanism, but I don't feel like thats the *best* solution.  When I did the JBoss 7 integration I used PicketLink's SAML integration as an example but it looks like it isn't yet working for Wildfly 8.x and won't work until 9?

I know this isn't a JBoss list but my post on the JBoss forums isn't going anywhere so I thought I'd ask here.  If someone could point me to an example (I usually start with an example of authenticating based on a username in a header) I'd really appreciate it.

Thanks

Marc Boorshtein