I encountered problem and I don't know how to resolve it. I have an application deployed on jboss-4.0.5GA (jbossws upgaded to jbossws-1.2.1.GA). Part of application is stateless session bean deployed as WebService. @WebService(name = "CtxManager", serviceName = "CtxManagerService", targetNamespace = WSConstants.TARGET_NAMESPACE) @WebContext(contextRoot = ctxWS, authMethod = "BASIC", transportGuarantee = "CONFIDENTIAL", secureWSDLAccess = true) @Stateless @SecurityDomain("myApplicationPolicyName") @RolesAllowed("cuser") public class CtxManagerBean implements CtxManager{ ... @WebMethod public boolean hasActiveCall(@WebParam(name = "dialNumber"){...} ... } Same application also has seam component: @Stateless @Name("orgUnitBrowser") @Restrict("#{s:hasRole('cuser')}") public class OrgUnitBrowserBean implements OrgUnitBrowserLocal{...} When I try to invoke CtxManagerBean.hasActiveCall method from orgUnitBroswer I get authorization failure ([RoleBasedAuthorizationInterceptor] Insufficient permissions, principal=null, requiredRoles=[cuser], principalRoles=[]). When I invoke WS method from my WS client, authentication/authorization works fine. Web page (a JSF page that invokes orgUnitBrowser method that invokes ctxManager method) is also protected. login-config.xml: ... | <application-policy name = "myApplicationPolicyName"> | <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" | flag = "required"> | <module-option name = "unauthenticatedIdentity">guest</module-option> | <module-option name = "dsJndiName">java:/myDataSource</module-option> | <module-option name = "principalsQuery">SELECT password FROM USERS WHERE username=?</module-option> | <module-option name = "rolesQuery">SELECT r.description, 'Roles' | FROM USERS u | JOIN USERS_ROLE ur ON ur.users_id=u.id | JOIN ROLE r ON ur.roles_id=r.id | AND u.username=? | </module-option> | </login-module> | <login-module code = "org.jboss.security.ClientLoginModule" flag = "required"/> | </authentication> | </application-policy> | ... components.xml: ... | <drools:rule-base name="securityRules"> | <drools:rule-files> | <value>/security.drl</value> | </drools:rule-files> | </drools:rule-base> | | <security:identity jaas-config-name="myApplicationPolicyName" | security-rules="#{securityRules}"/> | ... page.xml: ... | <page view-id="/cuser/*" login-required="true"> | <restrict>#{s:hasRole('cuser')}</restrict></page> | ... What else should I define/change, to resolve problem? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4044946#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...