I'm going to check this by the end of the week. An interesting point is that commercial competitors (such as Oracle Portal) do not like SAP Logon Tickets as well and complain about the Cookie format. maybe this is off-topic, but anyway - here's the soap message of Oracle Portal in the same scenario. You're not alone in a dark world of weak standard implementations... | <?xml version="1.0" encoding="UTF-8"?> | <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ns0="urn:oasis:names:tc:wsrp:v1:types"> | <env:Body> | <env:Fault xsi:type="env:Fault"> | <faultcode>env:Server</faultcode> | <faultstring>oracle.webdb.wsrp.InvalidCookie</faultstring> | <detail> | <ns0:InvalidCookie/> | </detail> | </env:Fault> | </env:Body> | </env:Envelope> | View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4140817#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...