It makes sense to remove the handling of security from the endpoints themselves and handle them transparently to make things cleaner. Currently, however, the username and password are only available on the ServerConnectionEndpoint. One way to solve this is to associate a user with a connection on the client side and pass it with the Packet on send. Does anyone have any thoughts on this? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4127322#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...