They try to log into what? A webapp? What JBoss version are you talking about? Generally the way to deal with this sort of thing is to have the service they want to log into depend on your security service. If you're talking about a webapp, in recent versions the web server connectors don't activate until the end of startup, so that should prevent the load balancer sending requests earlier than that. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4156969#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...