dsengupt... Thanks for the reply, but I'm not sure I understand what you are suggesting. Because I am running as a stand alone java application (I need to do things that an applet can't), I don't have a browser to pass across cookies. I modified some of the invoker http modules to add the cookies in order to invoke the JNDIFactory. That worked via a TOMCAT Valve (similar to the one supplied for SSO) that works fine for Browser access to my Web Application. How do I get the cookies in a filter? The filter runs on the Server and the cookies are (originally at least) on the Client. Sorry to be a pest but this is all very annoying as I can't understand why there isn't a standard solution to the SSO issue. Has Scott Stark an opinion on this? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4048375#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...