Good Day bifriis, I read your introduction to getting fat clients to use SPNEGO/Kerberos to use SSO. I was wondering if you knew of a way to get this method to work with JBOSS J2EE server, especially when the fat/smart client is making calls on a session bean. If the session bean implementation does not work, woul the Tomcat server housed in JBoss be able to use the SPNEGO token to authenticate the user when making webservice calls which ultimately make the session bean calls. In this scenario could we still use the default ejb authorization constructs in the ejb-jar.xml? Regards, Mark P Ashworth View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3968829#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...