When I have a ejb jar, the security deployer creates a JaccPolicy Bean for the top level deployment and adds it to the deployment as follows: | //Create a Service Bean for the JACC Policy | ServiceMetaData jaccPolicy = new ServiceMetaData(); | jaccPolicy.setCode(JaccPolicy.class.getName()); | try | { | jaccPolicy.setObjectName(new ObjectName(JaccPolicy.BASE_OBJECT_NAME + contextId)); | } | catch (Exception e) | { | } | | //Now add this service bean to the unit | ServiceDeployment sd = new ServiceDeployment(); | sd.setServices(services); | unit.addAttachment("jboss.jaccpolicy", sd, ServiceDeployment.class); | I then expect an injection of JaccPolicyMBean into EJBModule. This is not happening. Scott, I think your last cycle of changes may have had an effect on this? Simplest way to test this: Create a jacc server configuration by running the target "ant tests-jacc-security" and then run the following. | ant -Dtest=org.jboss.test.jacc.test.CallerInRoleUnitTestCase one-test | This is the primary reason for the jacc failures in the test suite. I think the call "unit.addAttachment" needs to be looked at. The same phenomenon is probably applicable to web deployments also. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4032311#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...