1. I defined a application policy in login-config.xml files in JBoss5.0.0GA for example: <application-policy name="bvdb-password-encrypted" > | <authentication> | <login-module code="org.jboss.resource.security.SecureIdentityLoginModule" flag="required"> | <module-option name="username">bv1to6</module-option> | <module-option name="password">68e9a814ca20b431</module-option> | <module-option name="managedConnectionFactoryName">bv.ds:service=LocalTxCM,name=bv_framework.bvdbPool</module-option> | </login-module> | </authentication> | </application-policy> 2. I add the following code in our DataSource. <attribute name="SecurityDomainJndiName">bvdb-password-encrypted</attribute> | <depends optional-attribute-name="JaasSecurityManagerService">jboss.security:service=JaasSecurityManager</depends> 3. Now the login module can't work in JBoss5.0.0GA, It can work well in JBoss4.2.3GA. I study the BaseConnectionManager2.java code. It have the following code private Subject getSubject() | { | Subject subject = null; | if(subjectFactory != null && securityDomainJndiName != null) | { | subject = subjectFactory.createSubject(securityDomainJndiName); | } | if (trace) | log.trace("subject: " + subject); | return subject; | } 4. If we don't pass subjectFactory. The subjectFactory is null. So we can't get subjcet. Now we want to know How to pass subjectFactory in our datasource in xml files. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4224599#... Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&a...