Hello, I have a war application using tomcat security and declarative security on the server side. the authentification is performed per login-config on the web.xml and tomcat ensures SingleSignOn. Once done I'd like to launch applets and flash movies (using flash remoting) to call session beans. I can embed that inside a JSP and get the JAAS principal to transfer it to the applet or the flash movie as params yet how to do not to loose the already instanciated JAAS LoginContext and SSO feature ? I guess I need to do some server code to get back the LoginContext and ... then what ? JSP is already working this way so I guess I could re-use some code here. does anybody have any experience/advice here and where is the code I should look at ? Thank you. Sebastien.