"ataylor" wrote : | | Ok, so thats what we have already. We're almost there. The problem with the current implementation is that injects a org.jboss.security.AuthenticationManager which is a non core class. The core shouldn't be dependent on this. Instead we need to define our own Authentication interface, and inject this instead. Then, we a) Create a simple implementation which authenticates using a simple non JAAS authentication approach - e.g. simple xml user-password b) Create another implementation which is just a wrapper around JAAS stuff - this lives outside core and is what is injected when using AS View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4132471#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...