Thanks for your reply. Empty password is intentional and is specified in users.properties as such as shown below. An exception is caused and login does fail if I specify a non-empty password in users.properties: | fm_full= | roles.properties is: | fm_full=FullUser | Here is an excerpt from trace/debug log output. As you can see login is happening. However, the servlet, after doing the login is dispatching to jsp and what is disturbing is "runAs: null". Could this be the problem and what can be done to resolve this? | 2006-10-26 06:23:23,804 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] commit, loginOk=true | 2006-10-26 06:23:23,804 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Checking user: fm_full, roles string: FullUser | 2006-10-26 06:23:23,804 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Adding to Roles: FullUser | 2006-10-26 06:23:23,804 TRACE [org.jboss.security.ClientLoginModule] commit, subject=Subject: | Principal: fm_full | Principal: Roles(members:FullUser) | | 2006-10-26 06:23:23,804 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Subject: | Principal: fm_full | Principal: Roles(members:FullUser) | , sc=org.jboss.security.SecurityAssociation$SubjectContext@2fb8d6{principal=fm_full,subject=17825859} | . | . | . | 2006-10-26 06:23:23,914 DEBUG [org.apache.catalina.core.ApplicationDispatcher] servletPath=/FleetAdminViewGroups.jsp, pathInfo=null, queryString=null, name=null | 2006-10-26 06:23:23,914 DEBUG [org.apache.catalina.core.ApplicationDispatcher] Path Based Forward | 2006-10-26 06:23:23,914 TRACE [org.jboss.web.tomcat.security.RunAsListener] jsp, runAs: null | 2006-10-26 06:23:23,914 TRACE [org.jboss.web.tomcat.security.RunAsListener] jsp, runAs: null | | To reiterate, I am expecting the call to the EJB method to fail as I have specified a non-existing roles in @RolesAllowed. Thanks View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3981008#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...