atorres, Warren6 is just plain silly. There are at least two ways to get the Authenticated Subject. I think all of them are JBoss dependant; not sure if this is a problem for you. However... 1.) the way you have done it is a great way using JNDI 2.) tomcat service has an SubjectAttributeName option that will store the authenticated subject in request scope. Enjoy, cgriffith View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3957709#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...