anonymous wrote : Well login modules have two aspects to them, authentication is the first. The second stage is to associate Principals/Credentials with the current security context. | The generation of the SAML context could be handled by this mechanism. | By generation, do you mean that the requesting of the STS to issue a security token be performed after authentication has been performed by another login module (these modules being stacked that is)? View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4261276#... Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&a...