Hi Peter, Thanks for your help. About the question 2 and 3, I install Embedded Jopr 1.1 in JBoss 5.0. Inside the Admin console (Embedded Jopr), it won't show the web application (war, ear, ...etc) and then I don't know what it can do. As the install guide said this current version is for JBoss 4.2.x, that is not for 5.0 (something is incompatible). I start to watch the demo video to explore the usage of this GUI. About question 4, I will spend time to search the "isolation" for library later. Thanks for your advise. About the question5 (basis authentication), I don't understand what you mean. I mean that I set some .htaccess to protect webpage in Apache (ldap, password file) and also I set some authentication (maybe custom JAAS to check against ldap or password file) in a web application of JBoss server. After I login Apache to view some webpage, I go to view the protected webpage in JBoss in the same browser session. This URL request send to JBoss (should include the authentication data in the header). Does the JBoss popup to ask the input username and password again? It seems something related to "single signon". ( Apache is front end web server; JBoss is backend application server. ) Thanks for any help. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4206459#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...