We use Jasper Server 3.7.1 Community Edition and we are experiencing problems trying to integrate security in our application. We use JBoss 4.2.3, deploying our application as an EAR and the Jasper Server as an independent war. We are using JAAS for security, we have defined this JAAS authentication policy to authenticate against an LDAP (in login-config.xml file): <application-policy name ="cobre-admin"> <authentication> <login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="required"> <module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option> <module-option name="java.naming.provider.url">ldap://127.0.0.1:389/</module-option> <module-option name="java.naming.security.authentication">simple</module-option> <!-- Rebind as a user with search priviledges for the role queries <module-option name="java.naming.security.principal">cn=Root,dc=jboss,dc=org</module-option> <module-option name="java.naming.security.credentials">secret1</module-option>--> <module-option name="principalDNPrefix">uid=</module-option> <module-option name="principalDNSuffix">,o=airtel.es</module-option> <module-option name="rolesCtxDN">o=airtel.es</module-option> <module-option name="uidAttributeID">uniqueMember</module-option> <module-option name="matchOnUserDN">true</module-option> <module-option name="roleAttributeID">cn</module-option> <module-option name="roleAttributeIsDN">false</module-option> <module-option name="searchTimeLimit">5000</module-option> <module-option name="searchScope">ONELEVEL_SCOPE</module-option> </login-module> <!-- Needed to propagate the authentication info to the components called by the tests (mainly EJBs) --> <login-module code="org.jboss.security.ClientLoginModule" flag="required" /> </authentication> </application-policy> This LDAP authentication works fine for our web application, but the problem appears when we try to use the same JAAS realm for the Jasper Server war. We configure JS to use the same policy but it doesn't works in the expected way. The idea is to integrate our web application to Jasper Server reports by linking to Jasper Server repository elements, without having to authenticate twice, using JAAS and the Single Sign On valve mechanism provided in JBoss. How can we indicate JasperServer to use our JAAS realm? Is this possible? I have read is possible, but can't get it. Where can I find some example? If not, how can we get the same SSO result? I have checked that JR uses ACEGI, but I can't find the connection for the moment between ACEGI and JAAS. Thanks a lot in advance! Javier