Hi I might be moving an application from struts to JSF, and I wonder about the best way of dealing with security, especially one based on certificate. I would like to connect to a LDAP when the user first accesses the site and store details about the user in session scope. Which would be the best way of accomplishing this? Creating a custom Identity object (if so I am curious about how this comoponent fits in the the workflow of seam, when is it created, destroyed, where would I hook in to its lifecycle, etc.)? If I was using an login based solution I guess the athenticate method would have been the place to do this, but where do I hook in to get this done when using a certificate? Cheers, Mike View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4060741#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...