Oh and to answer your question: It sounds to me like you might need to write a custom subclass of one of JBoss's LoginModule classes. It's not hard to do. But what you're doing doesn't sound like it makes sense. If your passwords are hashed, you should hex encode them before storing them, and then DatabaseServerLoginModule will be able to handle them with the proper config settings. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4018018#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...