There has been some threads on this and it's clarified in the 2.0.1CR1 manual:
13.4.2.2. Special Considerations When writing an authenticator method, it is important that it is kept minimal and free from any side-effects. This is because there is no guarantee as to how many times the authenticator method will be called by the security API, and as such it may be invoked multiple times during a single request. Because of this, any special code that should execute upon a successful or failed authentication should be written by implementing an event observer. See the section on Security Events further down in this chapter for more information about which events are raised by Seam Security. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4122048#4122048 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4122048 _______________________________________________ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user