Dear all, I was trying to find a solution in the web, found some sites but not really getting thru how following scenario should be implemented: 1. Using a fat client, the client shall authenticate via JBoss Server (using AS 5.1) 2. The server shall perform the authentication request from fat client using kerberos against Active Directory. 3. After successful authentication the server shall read roles from AD via group membership as well and add them to the subject. Thing is, Performing the Kerberos auth on the client-side was simple, but I don't understand how it should be implemented like the client showing up a login dialog, securely transmitting auth data (maybe ticket) to server and server doing the auth work. Could anyone give me an advice, since I'm kind of new to this issue? Best regards, Sebastian View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4268438#... Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&a...