Hi Krister,
two things that come into my mind:
a) does your EJB have any "secured" method?
@RolesAllowed(value={"administrator"} )
public void myMethod()
{
}
Maybe you have to add such a security declaration to "checkRole". Otherwise JBoss might think that you are accessing unsecured content and is not performing login.
b) did you activate logging of the security layer? See http://community.jboss.org/wiki/SecurityFAQ - question 4. If there is some config error, this might help.
The rest of your config looks OK.
Best regards
Wolfgang