In fact, in terms of the authentication - the reg is a service, right! Therefore (in theory), the security requirements for accessing and using this service should be the same as that required for accessing and using any other service - and should be handled by whatever security "features" come with the ESB. As yet, I haven't heard anything of what these features will be though :-) View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3966628#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...