EJBCA and OpenSSO are great companions. EJBCA provides users with digital certificates for strong authentication and digital signatures, and OpenSSO uses these credentials to provide single sign-on and authorization. Using the latest buzzwords such as SAML, XACML etc.
Over at ejbca.org we have a couple of great articles how to set up integration between EJBCA and OpenSSO and how to configure the Certificate authentication module in OpenSSO. Issue a certificate in EJBCA and immediately use it to authenticate with OpenSSO.
Check out the EJBCA-OpenSSO articles at EJBCA.org.