Radek Rodak [http://community.jboss.org/people/rodakr] created the discussion "Re: Remote EJB Client with SASL and Kerberos Authentication fails on jboss-as-7.1.0.Final-SNAPSHOT ( 02.02.2012)" To view the discussion, visit: http://community.jboss.org/message/644584#644584 -------------------------------------------------------------- Thanks for Information. My thoughts was Stand Alone Client over Jboss Remote3 Security Propagation  will work same ( or similare ) way for calling  remote EJB between EJB Containers. I guest remote3 will be used also for this. I have working example of  Java Client ( java 6 ), which does JAAS Login ( krb5 ) and call an SPNEGO Protected URL on Jboss AS 7, SPNEGO ( picketbox valve ) take place over HTTP and standard Java JAAS Login Module configured on JBoss AS 7 Server Side successfully authenticates the Users. I thought mabe , calling EJB after successful JAAS Login over remote3 , remote 3 ( or the jboss-ejb-client Layer above ) will try to read Security from Context ( Threadlocal ? ), and if there is one, use it to Authenticate on Server Side Realm... I'm familiar with picketbox on JBoss AS 7.1, where I wrote some custom JAAS Login Modules/Valve ... just need a hint what is possible from Client Side to plug Security for remote calls. Guest one way will be to take closer look on source code of jboss-ejb-client... right? Mabe you have a Link to a blog with few words about the concept... Kind regards Radek Rodak -------------------------------------------------------------- Reply to this message by going to Community [http://community.jboss.org/message/644584#644584] Start a new discussion in JBoss AS 7 Development at Community [http://community.jboss.org/choose-container!input.jspa?contentType=1&...]