Hi, I need advice. I'm working on security and the standard resouce securying via web.xml and j_security_check doesn't fit my needs. I would like to achieve such goals: - Change the standard scenario: when user tries to access secured area he is redirected to login page - and then after successful authentication - get's access to secured resources. I would like to be able to redirect him sometimes first to some other page - for instance page forcing him to change the password - and only then to the requested resource, - be able to put the login-form on any page and after logging in redirecting back to that page, - requesting re-authentication for specific resources (and protecting access to them via SSL - etc. I've developed my own LoginModule and it's working perfectly but the standard solution with j_security_check and tomcat doesn't seem to fit my needs. My question is where should I look for any information about how to achieve my goals? I've looked to the Jboss administraiton guide but still I'm not sure what to do. Will I have to change/add something to JBoss source code? I would be very grateful for any advice. With Kind Regards, Karol Oslowski View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3971354#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...