Hi I have JBoss AS setup and dedicated to servicing a franchise-based business. I have a couple of modules deployed in JBoss AS (4.2.1), that are completely unrelated (but together serve a higher purpose). JSPWiki at example.com/wiki/ and JForum at example.com/forum/ - (note: I have enabled forwarding of port 80 to 8080). I also have a custom built module deployed as ROOT.war, and is hence available at example.com - For all intensive purposes, you can consider this module the "main system module", with the wiki and forum installed for collaboration purposes. So in a nutshell, my user navigates to www.example.com and is prompted to login with a form. Based on their username, they get assigned a role or denied access. Assuming they're authenticated, they proceed to the ROOT.war home page, and from there they either use the main system, or collaborate on the wiki and forum. Based on their role, their access to the wiki is limited, meanwhile access to the forum is a given so long as they managed to log in to begin with. Fwiw, I aim to use JBoss's DdatabaseServerLoginModule to allow my client's IT admin staff to CRUD users and roles online. We're estimating to have around 400 users at most. Thus goal is to implement user/role-based security at the ROOT level, that carries over to the wiki/ (fully JAAS) and forum/ (just top-level folder), using DatabaseServerLoginModule. Is this possible? Thanks in advance. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4092432#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...