With the assumption you will deploy both your "important Java Web Application" and the JBoss Portal under the same JBoss AS, then you may be able to leverage the Tomcat Valve, setup described here http://docs.jboss.com/jbportal/v2.6.4/referenceGuide/html_single/#d0e9623 which will allow either context/site to do the initial prompting and authentication, after which if the user points the same browser window to the "other" site it will be automatically logged in (by the tomcat single sign on valve). If you can not deploy them under the same JBoss AS instance (for instance you need different ports) then you can consider some of the other SSO solutions like http://www.josso.org for which the setup is also documented in the ref guide. As a separate issue, to change the Portal sign-on behavior to use Active Directory (http://en.wikipedia.org/wiki/Active_Directory), since it is an LDAP you can follow the steps here http://docs.jboss.com/jbportal/v2.6.4/referenceGuide/html_single/#d0e8723. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4146364#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...