Hi Sohil So finally I have some good news and bad news. I developed 2 application A and B and I am now using JbossWS policy whcih is a standard JAAS Login module used in Jboss. Both the applictions are running on same server. Now in application A I login and after sucessfull login I even see a cookie, domain cookie whose name is token and value is some thing like <response:xmlns On application A, on the web page I print request.getUserPrincipal() and I get proper value i.e. Roles and Principal. Now from same browser when I go to application B whcih is on same server (and application B is almost the replica of Application A (only contxt.xml is different) ). ,when I do request.getuserPrincipal() I get null value. I think I shd get the same pricipal in application B also Thanks Nick View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3982810#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...