"Ok in this case you have no choice but to go the Tomcat Valve/Custom Authenticator route. " Sohil - thanks very much for suggesting this! I've successfully implemented a custom Tomcat Authenticator/Value, and that solves the problem, and I've been able to achieve exactly what I wanted. Needless to mention, some hacks were required but it ultimately works!! Cool, thanks again! View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4073177#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...