I am porting from 4.0.3 to 5.0.1 a large EJB 2.0 application that is integrated with a legacy system and includes a custom security module. Some details about what I had to do to get this working initially are described in this post - http://www.jboss.org/index.html?module=bb&op=viewtopic&t=48997 The application does not build against 5.0.1 jars. I implement SubjectSecurityManager and RealmMapping and I'm getting an error that getTargetPrincipal(java.security.Principal,java.util.Map<java.lang.String,java.lang.Object>) must be implemented. Given this, I assume 5.0.1 is not fully backwards compatible and I must implement this new method. This disappoints me, but I guess I'll have to deal with it. Where can I find additional details about what I must do in this new method? View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4235498#... Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&a...