This is correct exactly as I have done it. Just a note I was not sure which authentication context to use. I used a different handler but the result is the same. To those who need to know I used the JAAS context from the login-conf.xml file. gersonjohan, this is part of the solution you are authenticating the username and password to JAAS. But, I don't think this is the complete registration. Once this is done you have to tell the portal that this user has authentication to access the pages and then redirect to the /auth context path. I am not sure what else needs to be called to get the user profile information registered along with security rights. Another way of doing this in 2.6 would be to take the login.jsp and add it to the CMS. Then create a CMS portlet and add it to a page. I haven't tried this yet but it should word. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4070268#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...