I've been breaking my head over working around a JBoss Portal bug that prevents access to the dashboard if the Principal has a "." (dot). So, I can't use JBoss Portal if I logged in as "temp(a)company.com" or "first.last(a)company.com", etc. To be able to workaround this, I need to avoid the addition of the UserPrincipal automatically. What do I need to do to achieve this, and is it even possible? Does JBoss security code use AOP interceptors to do this? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4068282#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...