I don't see where the Ejb3AuthenticationInterceptorv2 is being configured in a AS deployment, so I don't see how that can be addressed as a JBAS issue. I guess its this AuthenticationInterceptorFactory in ejb3-interceptors-aop.xml that is creating the interceptor: | <interceptor factory="org.jboss.ejb3.security.AuthenticationInterceptorFactory" scope="PER_CLASS"/> | but then that needs to be updated to allow for injection, or more likely the stack of interceptors needs to be created directly as beans. What's the state of the -aop.xml supporting fully configured stack of beans rather than using this older factory based creation? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4196044#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...