openSSO use only for authentication for j2ee application

Hi,
We have to use openSSO for authentication in our application as demanded by Client.
The requirement here is,
when user launch our application,
he would be redirected to openSSO,
user needs to authenticate itself,
after authentication, re-direct back to our application.

We want opensso only for authentication. As far as authorization is concerned, our application will handle itself like what menus/UI pages/ EJBs an user can call etc.,

I was informed to install policy agent in our weblogic domain ( J2EE Policy Agent 3.0 )
This would redirect to openSSO server.

But when I saw the steps to configure Agent in openSSO, Policies and Rules and many other stuff, I think I'm misguided with many concepts.

All I wanted is authentication from openSSO. I think if the user is valid, openSSO would put some cookie or Token in request and re-direct back. We might need to change application to read the subject/ principal from this token.
But I'm not getting things correctly..
Can any one please help..?