I am having the same problem, but NM-156's solution of ordering the login modules does not fix it. I am using JBP 2.6.1 + JBoss AS 4.2.1 distribution, and am running it on Windows XP Pro. Also using the NTLM login module from the http://jaaslounge.sourceforge.net project. Here are the jar files added from JaasLounge to server\default\lib jaaslounge-1.0.0RC1.jar jcifs-1.1.11.jar jcifs-ext-0.9.4.jar Here is my server\default\deploy\jboss-portal.sar\conf\login-config.xml: | <application-policy name="portal"> | <authentication> | <login-module code="org.jboss.portal.identity.auth.IdentityLoginModule" flag="optional"> | <module-option name="unauthenticatedIdentity">guest</module-option> | <module-option name="userModuleJNDIName">java:/portal/UserModule</module-option> | <module-option name="roleModuleJNDIName">java:/portal/RoleModule</module-option> | <module-option name="userProfileModuleJNDIName">java:/portal/UserProfileModule</module-option> | <module-option name="membershipModuleJNDIName">java:/portal/MembershipModule</module-option> | <module-option name="additionalRole">Authenticated</module-option> | <module-option name="password-stacking">useFirstPass</module-option> | </login-module> | | <login-module code="org.jaaslounge.ntlm.NtlmLoginModule" flag="required"> | <module-option name="debug">true</module-option> | <module-option name="mode">JBoss</module-option> | <module-option name="domain">DUMMYDOMAIN</module-option> | <module-option name="host">WINNT-SVR-VM</module-option> | <module-option name="additionalRole">Authenticated</module-option> | </login-module> | | <login-module code="org.jboss.portal.identity.auth.SynchronizingLoginModule" flag="optional"> | <module-option name="synchronizeIdentity">true</module-option> | <module-option name="synchronizeRoles">true</module-option> | <module-option name="additionalRole">Authenticated</module-option> | <module-option name="defaultAssignedRole">User</module-option> | <module-option name="userModuleJNDIName">java:/portal/UserModule</module-option> | <module-option name="roleModuleJNDIName">java:/portal/RoleModule</module-option> | <module-option name="membershipModuleJNDIName">java:/portal/MembershipModule</module-option> | <module-option name="userProfileModuleJNDIName">java:/portal/UserProfileModule</module-option> | </login-module> | </authentication> | </application-policy> | Simply adding the jars from JaasLounge, and configuring login-config.xml will allow users to login using thier Windows Domain user and password. However, clicking on the Dashboard link produces the follow page: HTTP Status 403 - -------------------------------------------------------------------------------- type Status report message description Access to the specified resource () has been forbidden. -------------------------------------------------------------------------------- JBossWeb/2.0.0.GA I have also modified server\default\conf\jboss-log4j.xml to expose portal security messages using: | <appender name="CONSOLE" class="org.apache.log4j.ConsoleAppender"> | <errorHandler class="org.jboss.logging.util.OnlyOnceErrorHandler"/> | <param name="Target" value="System.out"/> | <param name="Threshold" value="TRACE"/> | | <layout class="org.apache.log4j.PatternLayout"> | <!-- The default pattern: Date Priority [Category] Message\n --> | <param name="ConversionPattern" value="%d{ABSOLUTE} %-5p [%c{1}.%M] %m%n"/> | </layout> | </appender> | <category name="org.jboss.portal.security"> | <priority value="TRACE" /> | </category> | This produced the following lines when clicking on the Dashboard link: TRACE [JACCPortalAuthorizationManager.checkPermission] hasPermission:uri=dashboard:/portal/user::action=portalobject::type=portalobject TRACE [JACCPortalAuthorizationManager.checkPermission] hasPermission:result=false View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4089392#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...