Hello anonymous wrote : | Authentication is the process of knowing on who's behalf the code is running. In case of jBPM this information should be made available from the environment to jBPM. Cause jBPM is always executed in a specific environment like a webapp, an EJB, a swing application or some other environment, it is always the surrounding environment that should perform authentication. | Also from user guide: anonymous wrote : | 11.11.2.1. First terms | | An expression is resolved from left to right. The first-term specifies a User or Group in the identity model. Subsequent terms calculate the next term from the intermediate user or group. | | previous means the task is assigned to the current authenticated actor. This means the actor that performed the previous step in the process. | If i don't want to use jbpm_user, jbpm_group etc database table but using EJB and servlet enviroment to provide securied enviroment, how to make sure current authenticated actor is the principle name of the EJBs? More information is appreciated here. Regards Yang View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3963382#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...