Hi, I haven't used JBoss much recently but did play around with JAAS and wrote a class for authentication and access control using an RDB in version 2.0 (it of course still works in 2.2). I'm now about to look into PKI (Public Key Infrastructure) and its usage with JBoss and have seen some references to SRP (Secure Remote Passwords) but my question is this: What about all the network traffic between the client and the server (over RMI). Is there any implementation at present to encrypt this (per session keys)? And if not could anyone point me in the direction to look into it and do some coding? Thanks in advance, Sean _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/jboss-user