I have no idea how you happen to have the NT-Login-name available in the session. In our configuration the NT-Login is passed as an attribute of the HTTP-request (and availble via request.getRemoteUser()). I am using Seam 2 and I have added the authentication logic in my annotaded authentication class. In components.xml I have configured <security:identity authenticate-method="#{authenticator.authenticate}" /> | In pages.xml I have the following config: <page view-id="/login.xhtml"> | <action execute="#{identity.login}"/> | <navigation from-action="#{identity.login}"> | <rule if="#{identity.loggedIn}"> | <redirect view-id="/main.xhtml"></redirect> | </rule> | <rule if="#{not identity.loggedIn}"> | <redirect view-id="/loginFailed.xhtml"></redirect> | </rule> | </navigation> | </page> The login.xml page is not existing. It is just a stub. The method identity.login() should be called and itself calling authenticator.authenticate() but it isn't. Any idea why? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4089313#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...