I'm just starting in on a new project. I have been directed to create a SOAP service that will be consumed by a Portlet. The portal server is on a physically separate server from the JBoss EJB3/SOAP server. What I want to do is to take the Authenticated Principal from the Portal and pass it back to the server running the SOAP services. How would I do this? I assume that JAAS plays a role and the secret is in a properly configured realm. The documentation I have assumes the SOAP and Portal programs are on the same server... but these programs are on physically different servers. I can see this being a problem if I have to coordinate authentication between multiple SOAP servers which I know many shops must have to do. So, I figure there must be a straight forward solution that I'm not finding in the JBoss wiki, the JBoss text books I have, or the other training materials. I'm trying to answer this security question before I start writing application code. Thanks. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4052678#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...