Hello! I'm just curious to know what others developers are doing in general to implement login / registration redirects, and what's working or not working for you: JAAS-Based? Tomcat auth? @LoggedIn? I've been using pages.xml to "protect" pages and directories behind a login action, and although this is not a clean solution (and perhaps not very secure), It's working well for me. I was just wondering what other developers are doing... Thanks! Felipe View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4006982#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...