Hi, I've set up LDAP configuration for jboss-portal in login-config.xml like this : | <policy> | <!-- For the JCR CMS --> | <application-policy name="cms"> | <authentication> | <login-module code="org.apache.jackrabbit.core.security.SimpleLoginModule" flag="required"/> | </authentication> | </application-policy> | | <application-policy name="portal"> | <authentication> | | <!-- LDAP --> | <login-module code="org.jboss.portal.identity.auth.SynchronizingLDAPExtLoginModule" flag="required"> | <module-option name="synchronizeIdentity">true</module-option> | <module-option name="synchronizeRoles">true</module-option> | <module-option name="defaultAssignedRole">Medecin</module-option> | <module-option name="userModuleJNDIName">java:/portal/UserModule</module-option> | <module-option name="roleModuleJNDIName">java:/portal/RoleModule</module-option> | <module-option name="membershipModuleJNDIName">java:/portal/MembershipModule</module-option> | <module-option name="userProfileModuleJNDIName">java:/portal/UserProfileModule</module-option> | <module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option> | <module-option name="java.naming.provider.url">ldap://cbh71-int:389/</module-option> | <module-option name="java.naming.security.authentication">simple</module-option> | <module-option name="bindDN">CN=Manager,dc=mck,dc=com</module-option> | <module-option name="bindCredential">secret</module-option> | <module-option name="baseCtxDN">ou=People,dc=mck,dc=com</module-option> | <module-option name="baseFilter">(uid={0})</module-option> | <module-option name="rolesCtxDN">ou=People,dc=mck,dc=com</module-option> | <module-option name="roleFilter">(member={1})</module-option> | <module-option name="roleAttributeID">cn</module-option> | <module-option name="roleRecursion">-1</module-option> | <module-option name="searchTimeLimit">10000</module-option> | <module-option name="searchScope">SUBTREE_SCOPE</module-option> | <module-option name="allowEmptyPasswords">false</module-option> | </login-module> | | </authentication> | </application-policy> | </policy> | | Ldap authentication is sucessfull. But when I'm in an page with an URL like ..../AUTH/..... I've an 403 error. I've no errors in JBoss logs. If i open a new browser, i'm still logged in. Is there something I've forgot? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4147454#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...