Hi, I have an ear that deploys on JBoss Portal. I created a custom login module and it correctly authenticates me. However, when I try to call an EJB method from another page I get the following exception: | ................. | javax.ejb.EJBAccessException: Authentication failure | at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.handleGeneralSecurityException(Ejb3AuthenticationInterceptor.java:68) | at org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:71) | at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) | at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:47) | at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) | at org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:106) | at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) | at org.jboss.ejb3.stateless.StatelessContainer.localInvoke(StatelessContainer.java:181) | at org.jboss.ejb3.stateless.StatelessLocalProxy.invoke(StatelessLocalProxy.java:79) | ................. | I suspect the problem is related to the principal propagation, but I don't know how to fix it. I added the following entries in our login-config.xml file , but with no success: | <?xml version="1.0" encoding="UTF-8"?> | <!DOCTYPE policy PUBLIC | "-//JBoss//DTD JBOSS Security Config 3.0//EN" | "http://www.jboss.org/j2ee/dtd/security_config.dtd"> | <policy> | <application-policy name="emp-mft"> | <authentication> | <login-module code = "org.jboss.security.ClientLoginModule" | flag = "required"> | </login-module> | //my login module here | </authentication> | </application-policy> | </policy> | Any ideas ? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3978129#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...