Hi, I have a question about Picketbox, and how I can setup a security context when I don't have a real credential for an account. Basically my use case is an apache server in front of Undertow, where the apache server performs the authentication and just forwards the authenticated principal to Undertow. From an Undertow point of view it is easy to setup that principal as the current user, however I have no way to then setup the Picketbox SecurityContext object, as it appears that the only way to do this is with a credential. The only way I can think of that maybe we can use a custom login module, that does not require a credential? Apparently this used to work, however I have not been able to find a working config anywhere, and I can't see any LoginModule implementation in the source that look like they would do this, so I am not really sure how to best approach this. Stuart