In your login-config.xml you can create a policy with modules flagged sufficient. i do that to authenticate user on several LDAP: | <authentication> | <login-module code=".. LoginModule" | flag="sufficient"> | ... | </login-module> | <login-module code=".. LoginModule2" | flag="sufficient"> | ... | </login-module> | | </authentication> | </application-policy> View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4082251#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...