Extend Identity (the security chapter of the docs describes how to do this) and add an EmployeeID property to it. You'll also need to override the isCredentialsSet() method and probably some other stuff as well. Then your authenticator simply checks to see what is set (either username/password or employeeId) and authenticates accordingly. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4120961#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...