I have successfully authenticated against AD/LDAP using JBossSX and LdapLoginModule in a web app. Need to get authorization working now for EJB access for particular roles. Was able to read memberOf 'cn=' values in the attributes returned aftern authentication using jGuard. Anybody know any solid working examples of authorizing using LDAP/JBossSX and to get the roles and perform isMemberOf, etc.? The JBoss 4.0 book does not have any good code examples regarding authorizing against AD/LDAP. thx!