Hi Christian, try to enable logging for the security layer, maybe there is some internal error about the properties file not retrieved: http://www.jboss.org/community/docs/DOC-12198 (question 4) Up to now, I never used a "JndiLoginInitialContextFactory", but a "NamingContextFactory" and an explicit programmatic login. According to the doc at http://www.jboss.org/community/docs/DOC-11206, "This is useful in context where a JAAS login is not desired", so it sounds like it does not work in your case. My client code looks like this: Properties props = new Properties(); | props.setProperty(Context.INITIAL_CONTEXT_FACTORY, "org.jnp.interfaces.NamingContextFactory"); | props.setProperty(Context.URL_PKG_PREFIXES, "org.jboss.naming.client"); | props.setProperty(Context.PROVIDER_URL, "jnp://localhost:1099"); | props.setProperty("j2ee.clientName", ...); | | InitialContext initialContext = new InitialContext(props); | | AppCallbackHandler callbackHandler = new AppCallbackHandler(user, password.toCharArray() ); | LoginContext loginContext = new LoginContext ("logincontextname", callbackHandler); | loginContext.login(); For this to work, I have to add a file "auth.conf" to my project (in "META-INF" of the app client). The first line is also the parameter to "LoginContext ": logincontextname { | // jBoss LoginModule | org.jboss.security.ClientLoginModule required | ; | }; Hope this helps Wolfgang View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4186402#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...