Wicket, JBoss, JAAS, LDAP
Call me old-skool, but I don't like pulling in huge frameworks like Acegi for some simple authentication and authorization stuff. This post will show you how I connected Wicket security to an LDAP through JAAS. This leverages the LDAP configuration and access on the appserver level and keeps the application clean. This was done on JBoss, so YMMV on another server, but this post should help you along when you need to tweak the solution.
Caveat: this solution does NOT get you logged in as far as the appserver is concerned, so you'll not be able to use container calls like isUserInRole(). If you find out how, let me know. For our purposes we didn't need it, but it's nice to know anyway.