A way to do it is : - let the portal do the process of authentification, as it is, with the login.jsp etc... - just change the login module (or add a new one) with the acegi login module for jboss (don't remember the exact class name, in the adapter provided with acegi) this way, you have a principal setup by the portal, that is a Authentication class from acegi the portal works fine with it (it just need the name of the Principal...). this mean : not using the Acegi authentification process... if you don't really need it. you have the "Acegi Principal" as a result, but don't touch the login process. If you really need it : this should not be such a problem, with replacing this process instead of the tomcat/servlet one that is in portal-server.war. after, to use Acegi security stuff, just add two filters : the httpsessionintegration... (the first one), to have the context holder setup in the session, and the jboss filter provided with acegi, to have jboss set up with this principal. add these in the portal-server web app. it works fine... I will add these thing to the yet existing wiki. but I want to finish my integration before to write some explaination. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4040256#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...