I use an older version of the portal (version 2.4) and I can do that. What we did was we extended the Login module and "save" the password into an attribute in the session. Sample code below: HttpServletRequest request = (HttpServletRequest)javax.security.jacc.PolicyContext.getContext("javax.servlet.http.HttpServletRequest"); request.getSession().setAttribute("pwd", myPassword); Hope that helps. -Andrew View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4242057#... Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&a...