That won't help as the org.jboss.jms.client.container.SessionAspect which is being used for the ClientSession createMessage method for example is the target of the call, not the code that you see disassembled here. Its the joinpoint code generated by aop that should include a privileged block to allow for a getClassLoader permission assignment. Your correct to say this can be pushed to aop. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190728#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...