Thanks for Information.
My thoughts was Stand Alone Client over Jboss Remote3 Security Propagation will work same ( or similare ) way for calling remote EJB between EJB Containers. I guest remote3 will be used also for this.
I have working example of Java Client ( java 6 ), which does JAAS Login ( krb5 ) and call an SPNEGO Protected URL on Jboss AS 7, SPNEGO ( picketbox valve ) take place over HTTP and standard Java JAAS Login Module configured on JBoss AS 7 Server Side successfully authenticates the Users.
I thought mabe , calling EJB after successful JAAS Login over remote3 , remote 3 ( or the jboss-ejb-client Layer above ) will try to read Security from Context ( Threadlocal ? ), and if there is one, use it to Authenticate on Server Side Realm...
I'm familiar with picketbox on JBoss AS 7.1, where I wrote some custom JAAS Login Modules/Valve ... just need a hint what is possible from Client Side to plug Security for remote calls. Guest one way will be to take closer look on source code of jboss-ejb-client... right?
Mabe you have a Link to a blog with few words about the concept...
Kind regards
Radek Rodak