change the configuration in the jboss-sso-test.ear/META-INF/security-config.xml | <login-module code="org.jboss.security.idm.UsernameAndPasswordLoginModule" flag="sufficient"> | | <module-option name="unauthenticatedIdentity">guest</module-option> | | <module-option name="password-stacking">useFirstPass</module-option> | | <!--module-option name="hashAlgorithm">SHA-1</module-option--> | | <module-option name="hashUserPassword">false</module-option> | <module-option name="hashStorePassword">false</module-option> | | <module-option name="authenticatedRoles">Authenticated,RegisteredUsers</module-option> | | </login-module> | Pay attention to the hashAlgorithm, hashUserPassword and hashStoredPassword. Here is where you specified what password need to be hashed and what algorithm you must use... This file is under the jboss-sso-test.ear .. so you must explode the file to change it easily. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4141893#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...