Why not just design a generic solution around invoking the JBoss Security Managers by doing a JNDI lookup (works both in web and ejb2 containers) | // Get the JBoss security manager from the ENC context | InitialContext iniCtx = new InitialContext(); | SecurityManager securityMgr = (SecurityManager) iniCtx.lookup("java:comp/env/security/securityMgr"); | SimplePrincipal principal = new SimplePrincipal(username); | if( securityMgr.isValid(principal, password) ) | { | Darran, may I humbly request you to finish my beta release before you assign this JBossWS feature request? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4147116#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...