We believe that found the problem area. When we come back from a JMS call, the currently authenticated user is no longer the one that was active before the call. This is all on the server. When we setup the server, we left the JBOSS messaging security settings as is. We are assuming that "guest" or null was used since the active user is not known to the JMS "messaging" realm. The message was sent with a null principal, which is fine for us. However, when the call comes back from the send, the principal is null. I would have assumed that it would do a runAs and pop the prior active principal but it does not seem to do so. One way around this is to have the messaging system use our security realm. Our realm has no concept of an unauthenticated user and we do not want to introduce such a thing. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4252407#... Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&a...