Hi All, We are developing some processes in BPEL, and have found jBPM BPEL to work well for executing these processes. However, we have two additional requirements that are not supported by default in jBPM BPEL, and I was hoping that someone could provide some guidance on the best approach for satisfying these requirements. The first additional requirement is that we need to run on other application servers besides JBoss AS. Our primary deployment environment will be JBoss AS, however some of our customers have existing JEE environments which we must use. Looking at the source code it appears that the only JBoss AS dependencies are those under org.jbpm.bpel.integration.server which implement the incoming web service. If we were to reimplement these classes for a new app server, are there any other JBoss AS dependencies which we may run in to? The second requirement we have is to perform some authentication and authorization for the incoming and outgoing SOAP messages, by interpreting and adding WS-Security headers. One idea we had was to build a custom web service which implemented the appropriate security requirements, and which delivered the SOAP messages directly to the BPEL JMS service, much like the classes under org.jbpm.integration.server. To secure the outgoing messages we were thinking we could replace the classes under org.jbpm.bpel.integration.client to add the appropriate security headers. Does this sound like a good way of satisfying our security requirements? Thanks, Matt View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4158243#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...