Can you try adding:
| <module-option name="unauthenticatedIdentity">guest</module-option> | In the config for the "other" domain, so it looks like: | <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule" | flag = "required"> | <module-option name="unauthenticatedIdentity">guest</module-option> | </login-module> | I'm not sure if this is your main problem, but it should prevent the security exception. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3953496#3953496 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3953496 Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user