Separating the deployment model from the runtime in the case of DynamicLoginConfig means that the xml config that is getting injected into the beans needs to be moved out in to the deployers (parsing deployer ?). This means for an user to inject one instance of a security domain configuration (eg: messaging or JBossWS) into the security system will need to add the bean configuration in -beans.xml in the deploy directory and add a parsing deployer for his xml driving the sec.domain in the deployers directory. Is my understanding correct? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4142873#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...