On an initial glance it looks like we've reached the limit what we can do without proper security integration. The security deployer currently only works with EJB 2 meta data and EJB 3 meta data isn't being augmented with annotations yet. So as a work around the EJB registration deployer tells the security deployer to ignore this deployment. We need the unified meta model before we can move on. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4064862#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...