The Portal uses the standard authorization mechanisms offered by servlet containers. It is configured in jboss-portal.sar/portal-server.war/WEB-INF/web.xml. Currently, the setting is: <login-config> | <auth-method>FORM</auth-method> | <realm-name>JBoss Portal</realm-name> | <form-login-config> | <form-login-page>/login.jsp</form-login-page> | <form-error-page>/error.jsp</form-error-page> | </form-login-config> | </login-config> You can change this to use some other authorization method (see the commented-out BASIS authorizatioin method earlier in the file) or even use some other JSP, but you are still limited to the servlet authorization mechanism. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4041465#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...