Hi everybody, sorry for doing silly question, but i couldn't find an answer. I'm trying to migrate from jrun to jboss a bunch of applications. In jrun we use apache httpd and mod_auth_ldap to authenticate users against Active Directory. User profiling is done in the business logic of the webapp, simply calling request.getAuthType and request.getRemoteUser. I read in SecurityFAQ this is not possible in jboss; in fact, http headers contain neither user nor auth info, on jboss side. I tryed to (and made it work) enable security constraints and application policies; de facto, mod_ldap passes info to jboss, which processes everiting and authorize my servlets. But still no info on remoteUser. Is there a (programmatic or not) way to make request info available in jboss? Thanks View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4160793#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...