Now you are the genius's... lets be very clear about that... I had a login Action that called an Authentication object to authenticate the user; then my login action acted on the result of the authentication to decide which page to go to and returned it. I was fumbling around trying to find the "controller" so that I could tell it which page I wanted it to go to... e.g. <security:identity authenticate-method="#{authenticationController.authenticate}" loginSuccessPage='''' loginFailurePage="" logoutPage="mainMenu"/> Now I understand what you have done. You have merged the two "things" into one, called authentication. Perhaps the way I did it was naive, but it made sense at the time. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4013384#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...