Hi All, I've got a bit of a beginners question I've been struggling with for a few days now. I'm trying to use the new (1.1.6) security features and I must say they are very simple and powerful, great job. Unfortunately all examples i've seen so far assume that a user will login to the session with a username/password and then hit the #{identity.login} button/link. In my situation I've implemented single sign-on using NTLM authentication against windows credentials, and it works fine. The problem is i'm not sure how to execute the #{identity.login} without the user having to do anything! Here's my authenticate object. @Name("authenticator") | public class Authenticator | { | @In Context sessionContext; | | @PersistenceContext(unitName="izzyDS") | private EntityManager em; | | public boolean authenticate() | { | Identity.instance().setUsername(((NtlmPasswordAuthentication) sessionContext.get("NtlmHttpAuth")).getUsername()); | try | { | User user = (User) em.createQuery( | "from User where username = :username") | .setParameter("username", Identity.instance().getUsername()) | .getSingleResult(); | | for (Object mem : user.getMemberships()) | { | Identity.instance().addRole(((Membership)mem).getRole()); | } | | return true; | } | catch (NoResultException ex) | { | return false; | } | } | | } I'm quite flexible about the final page configuration and am running the packaged version of facelets and icefaces 1.5.3 if that helps. I'm abit embarrassed as i've done all the difficult work and I just need this last (seemingly simple) step to get it all polished. Many thanks in advance, Craig View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4019009#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...