I was, initially. But it turns out that the JDK GSSAPI module for SASL cannot do any GSSAPI mechanism other than Kerberos. This means that I'd not only have to develop the SRP plugin for GSS, but I'd also have to develop an alternate GSSAPI mechanism for SASL, and the user would have to make sure that mine supersedes the JDK one. So I thought I'd evaluate this route instead, since it's much simpler overall, from both a user standpoint and my standpoint. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4097014#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...