Ideally the existing SecurityStore and configuration will remain for doing per-deployment keystore configuration. Optionally they should be able to refer to a JaasSecurityDomain, which would be globaly configured. So there would be no need to dynamically create one. This needs to be optional because we deploy against the mc, which is not necessarily jboss (could be tomcat). -Jason View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3964050#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...