Hi there, I believe the best approach would be to call the Validate method in the Authenticate.asmx web service provided in all EPiServer sites. If the credentials validate against the EPiServer then you are returned the list of permissions the user has and groups the user is a member of. You could then use this as the basis for your security implementation in your Java application. The advantage of this is you are making use if the built in EPiServer functionality and if things change in future versions (e.g. the database) you would hope the Web service interface would remain the same. Cheers, Jeremy

Hi, how can I call the method from the webservice in a asp.net page? Let's say I create a 'regular' asp.net page. I then go to the code behind and include: using EPiServer; using EPiServer.Core; Should I include something else in my file? I want to be able to make like an object: Authenticate auth = new Authenticate(); auth.doSomething(); Is this possible? /Johan

Hi Johan! In visual studio you have the option to add a web reference when right clicking on a project. There is also a helper class called AuthenticateClient in the WebServices namespace that is usefull if you want to be able to define the website dynamicly.