I've come up with a workaround of sorts-- I've rewritten my build to produce a stripped down jar that contains only the server side JAAS login module, so I can deploy that to a standalone JBoss Messaging server for the queues we use in the HL7 message pipeline. This was our critical need, so I'm pretty happy with my solution. However, as far as I can tell, if I want to upgrade the queues used in our application server, the one that has a custom JAAS-authentication scheme for the fat client (we integrate with the univerity's Kerberos server), I would need to bring up a parallel instance of JBoss Messaging and rewrite the internals of my server application to have the queues hosted externally. I'm just going to wait for JBoss 5-- I have to assume that the missing client security classes will become available in the integrated release. Seems to me to be something of a gap. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3978354#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...