One other thing - from what I can see, the only way to allow a client to authenticate a server (or, to have two peers authenticate each other) with SASL is to have both an SASLClient and an SASLServer on both sides of the connection... this means that each chunk has to be processed twice. I'm not sure that SASL is appropriate for this application. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4060922#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...