I have a out-of-the-box (jboss-5.0.1.GA) 2 node cluster setup (using the 'all' config). I've added the following AUTH protocol to the UDP stack in jgroups-channel-factory-stacks.xml, with limited success: <pbcast.STABLE stability_delay="1000" desired_avg_gossip="50000" <AUTH auth_class="org.jgroups.auth.MD5Token" token_hash="MD5" auth_value="mysharedsecret"> <pbcast.GMS print_local_addr="true" join_timeout="3000" ... I've verified that the AUTH is working by changing the auth_value before starting the nodes. If I bring the nodes up one at a time, they pass AUTH and form a cluster. If I bring one node down, the other node detects failure, and if change the auth_value on the one brought down, and then restart, I see the Security Exception thrown on that node, however, looking at the logs after the that Security Exception, I am seeing that both nodes stilll think that it is still a 2 node cluster: GroupMember] New Members : 1 ([10.11.14.69:2595]) GroupMember] All Members : 2 ([10.11.14.58:45930, 10.11.14.69:2595]) If the Security Exception is thrown, I wouldn't expect the nodes to think it is a 2 node cluster in this case. So, where is the proper place to put the AUTH protocol? I've tried several different locations, but with same results ... View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4258716#... Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&a...