We are creating our own container to sit above the Microcontainer, and I'm currently looking into replacing our internal security with authentication (JAAS) and authorization (JACC) services as provided by JBoss. Whilst I'm fairly confident that I understand providing JAAS services to EJB and Java Servlet applications, I can't find anything as authoritive for providing services to containers. Any help would be very much appreciated. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4159299#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...