The CertLoginModule is only intended to be used for ESB service security, that is when using the security element on a service in jboss-esb.xml. If I'm reading the stacktrace correctly you are using this for web container security via the http-provider. Could you modify one of the quickstart to reproduce your issue? I'd be happy to take a look and it would make it easier for me to understand what is going on. Thanks, /Daniel View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4259133#... Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&a...