Yes, this is possible. Add a "...-service.xml" to your SAR with this content: <?xml version="1.0" encoding="UTF-8"?> | <server> | <mbean code="org.jboss.security.auth.login.DynamicLoginConfig" | name="jboss:service=DynamicLoginConfig"> | <attribute name="AuthConfig">META-INF/login-config.xml</attribute> | <depends optional-attribute-name="LoginConfigService"> | jboss.security:service=XMLLoginConfig | </depends> | <depends optional-attribute-name="SecurityManagerService"> | jboss.security:service=JaasSecurityManager | </depends> | </mbean> | </server> It adds a "DynamicLoginConfig" MBean, which points to the "login-config.xml" inside your SAR. See http://www.jboss.org/community/wiki/DynamicLoginConfig Best regards Wolfgang View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4230318#... Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&a...