Ok, i've tried it with new jboss 5.0.1.GA with same result above. Please look at the TRACE-log. Normaly there shoud be not the unauthenticated principal, but the principal how tries to login is not in the SecurityAssociation. On client side all looks ok, i've debugged from my custom login module to the jboss client login modul, and it has a valid principal. By the way i'can't find any resource which describe to 'use security context approach'. Anils blog http://anil-identity.blogspot.com/2008/12/as5-pluggable-access-control-ej... says that i've nothing to change to run the normal authorization stack. Anybody, how can help me out ? 00:37:36,310 WARN [SecurityAssociation] You are using deprecated api to getPrincipal. Use security context based approach | 00:37:36,311 WARN [SecurityAssociation] You are using deprecated api to getCredential. Use security context based approach | 00:37:36,391 TRACE [SecurityRolesAssociation] Setting threadlocal:null | 00:37:36,396 TRACE [SecurityRolesAssociation] Setting threadlocal:null | 00:37:44,413 TRACE [SecurityRolesAssociation] Setting threadlocal:{} | 00:37:44,430 TRACE [lisa] Begin isValid, principal:null, cache info: org.jboss.security.plugins.auth.JaasSecurityManagerBase$DomainInfo@b6023d[Subject(32542938).principals=org.jboss.security.SimplePrincipal@10428909(LisaUnauthenticated)org.jboss.security.SimpleGroup(a)18997348(LisaUser(members)),credential.class=null,expirationTime=1236470796304] | 00:37:44,431 TRACE [lisa] Begin validateCache, info=org.jboss.security.plugins.auth.JaasSecurityManagerBase$DomainInfo@b6023d[Subject(32542938).principals=org.jboss.security.SimplePrincipal@10428909(LisaUnauthenticated)org.jboss.security.SimpleGroup(a)18997348(LisaUser(members)),credential.class=null,expirationTime=1236470796304];credential.class=null | 00:37:44,431 TRACE [lisa] End validateCache, isValid=true | 00:37:44,431 TRACE [lisa] End isValid, true | 00:37:44,432 TRACE [LogAuditProvider] [Success]Source=org.jboss.security.javaee.EJBAuthenticationHelper;principal=null;method=create; | 00:37:44,432 TRACE [SecurityRolesAssociation] Setting threadlocal:{} | 00:37:44,433 TRACE [JBossAuthorizationContext] Control flag for entry:org.jboss.security.authorization.config.AuthorizationModuleEntry{org.jboss.security.authorization.modules.DelegatingAuthorizationModule:{}REQUIRED}is:[REQUIRED] | 00:37:44,434 TRACE [EJBPolicyModuleDelegate] method=public abstract de.ebcot.bsctool.ejb.ManagerRemote de.ebcot.bsctool.ejb.ManagerRemoteHome.create(java.lang.String,int,java.lang.Integer) throws javax.ejb.CreateException,javax.security.auth.login.LoginException,java.rmi.RemoteException,de.ebcot.tools.util.LoginTwiceException, interface=Home, requiredRoles=Roles(LisaUser,) | 00:37:44,434 TRACE [EJBPolicyModuleDelegate] Exception:Insufficient method permissions, principal=admin, ejbName=Manager, method=create, interface=Home, requiredRoles=Roles(LisaUser,), principalRoles=Roles() | 00:37:44,435 TRACE [JBossAuthorizationContext] REQUIRED failed for Name=org.jboss.security.authorization.modules.DelegatingAuthorizationModule:subject=Betreff: | Principal: LisaUnauthenticated | Principal: LisaUser(members) | :role=Roles() | 00:37:44,436 TRACE [JBossAuthorizationContext] Error in authorize: | org.jboss.security.authorization.AuthorizationException: Authorization Failed: | at org.jboss.security.plugins.authorization.JBossAuthorizationContext.invokeAuthorize(JBossAuthorizationContext.java:263) | at org.jboss.security.plugins.authorization.JBossAuthorizationContext.access$000(JBossAuthorizationContext.java:67) | at org.jboss.security.plugins.authorization.JBossAuthorizationContext$1.run(JBossAuthorizationContext.java:152) | at java.security.AccessController.doPrivileged(Native Method) | at org.jboss.security.plugins.authorization.JBossAuthorizationContext.authorize(JBossAuthorizationContext.java:148) | at org.jboss.security.plugins.JBossAuthorizationManager.internalAuthorization(JBossAuthorizationManager.java:474) | at org.jboss.security.plugins.JBossAuthorizationManager.authorize(JBossAuthorizationManager.java:124) | at org.jboss.security.plugins.javaee.EJBAuthorizationHelper.authorize(EJBAuthorizationHelper.java:116) | at org.jboss.ejb.plugins.SecurityActions$14.run(SecurityActions.java:557) | at org.jboss.ejb.plugins.SecurityActions$14.run(SecurityActions.java:555) | at java.security.AccessController.doPrivileged(Native Method) | at org.jboss.ejb.plugins.SecurityActions.authorize(SecurityActions.java:553) | at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityContext(SecurityInterceptor.java:361) | at org.jboss.ejb.plugins.SecurityInterceptor.process(SecurityInterceptor.java:243) | at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:205) | at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invokeHome(CachedConnectionInterceptor.java:187) | at org.jboss.ejb.plugins.StatefulSessionInstanceInterceptor.invokeHome(StatefulSessionInstanceInterceptor.java:148) | at org.jboss.ejb.plugins.CallValidationInterceptor.invokeHome(CallValidationInterceptor.java:56) | at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:125) | at org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.java:350) | at org.jboss.ejb.plugins.TxInterceptorCMT.invokeHome(TxInterceptorCMT.java:161) | at org.jboss.ejb.plugins.security.PreSecurityInterceptor.process(PreSecurityInterceptor.java:136) | at org.jboss.ejb.plugins.security.PreSecurityInterceptor.invokeHome(PreSecurityInterceptor.java:88) | at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:132) | at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invokeHome(ProxyFactoryFinderInterceptor.java:107) | at org.jboss.ejb.SessionContainer.internalInvokeHome(SessionContainer.java:639) | at org.jboss.ejb.Container.invoke(Container.java:1046) | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) | at java.lang.reflect.Method.invoke(Method.java:597) | at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:157) | at org.jboss.mx.server.Invocation.dispatch(Invocation.java:96) | at org.jboss.mx.server.Invocation.invoke(Invocation.java:88) | at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264) | at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:668) | at org.jboss.invocation.http.server.HttpInvoker.invoke(HttpInvoker.java:154) | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) | at java.lang.reflect.Method.invoke(Method.java:597) | at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:157) | at org.jboss.mx.server.Invocation.dispatch(Invocation.java:96) | at org.jboss.mx.server.Invocation.invoke(Invocation.java:88) | at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264) | at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:668) | at org.jboss.invocation.http.servlet.InvokerServlet.processRequest(InvokerServlet.java:162) | at org.jboss.invocation.http.servlet.InvokerServlet.doPost(InvokerServlet.java:224) | at javax.servlet.http.HttpServlet.service(HttpServlet.java:637) | at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) | at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) | at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:235) | at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) | at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:190) | at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:433) | at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92) | at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126) | at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70) | at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) | at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) | at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158) | at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) | at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330) | at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829) | at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:601) | at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) | at java.lang.Thread.run(Thread.java:619) | 00:37:44,441 TRACE [EJBAuthorizationHelper] Error in authorization: | org.jboss.security.authorization.AuthorizationException: Authorization Failed: | at org.jboss.security.plugins.authorization.JBossAuthorizationContext.invokeAuthorize(JBossAuthorizationContext.java:263) | at org.jboss.security.plugins.authorization.JBossAuthorizationContext.access$000(JBossAuthorizationContext.java:67) | at org.jboss.security.plugins.authorization.JBossAuthorizationContext$1.run(JBossAuthorizationContext.java:152) | at java.security.AccessController.doPrivileged(Native Method) | at org.jboss.security.plugins.authorization.JBossAuthorizationContext.authorize(JBossAuthorizationContext.java:148) | at org.jboss.security.plugins.JBossAuthorizationManager.internalAuthorization(JBossAuthorizationManager.java:474) | at org.jboss.security.plugins.JBossAuthorizationManager.authorize(JBossAuthorizationManager.java:124) | at org.jboss.security.plugins.javaee.EJBAuthorizationHelper.authorize(EJBAuthorizationHelper.java:116) | at org.jboss.ejb.plugins.SecurityActions$14.run(SecurityActions.java:557) | at org.jboss.ejb.plugins.SecurityActions$14.run(SecurityActions.java:555) | at java.security.AccessController.doPrivileged(Native Method) | at org.jboss.ejb.plugins.SecurityActions.authorize(SecurityActions.java:553) | at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityContext(SecurityInterceptor.java:361) | at org.jboss.ejb.plugins.SecurityInterceptor.process(SecurityInterceptor.java:243) | at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:205) | at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invokeHome(CachedConnectionInterceptor.java:187) | at org.jboss.ejb.plugins.StatefulSessionInstanceInterceptor.invokeHome(StatefulSessionInstanceInterceptor.java:148) | at org.jboss.ejb.plugins.CallValidationInterceptor.invokeHome(CallValidationInterceptor.java:56) | at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:125) | at org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.java:350) | at org.jboss.ejb.plugins.TxInterceptorCMT.invokeHome(TxInterceptorCMT.java:161) | at org.jboss.ejb.plugins.security.PreSecurityInterceptor.process(PreSecurityInterceptor.java:136) | at org.jboss.ejb.plugins.security.PreSecurityInterceptor.invokeHome(PreSecurityInterceptor.java:88) | at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:132) | at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invokeHome(ProxyFactoryFinderInterceptor.java:107) | at org.jboss.ejb.SessionContainer.internalInvokeHome(SessionContainer.java:639) | at org.jboss.ejb.Container.invoke(Container.java:1046) | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) | at java.lang.reflect.Method.invoke(Method.java:597) | at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:157) | at org.jboss.mx.server.Invocation.dispatch(Invocation.java:96) | at org.jboss.mx.server.Invocation.invoke(Invocation.java:88) | at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264) | at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:668) | at org.jboss.invocation.http.server.HttpInvoker.invoke(HttpInvoker.java:154) | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) | at java.lang.reflect.Method.invoke(Method.java:597) | at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:157) | at org.jboss.mx.server.Invocation.dispatch(Invocation.java:96) | at org.jboss.mx.server.Invocation.invoke(Invocation.java:88) | at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264) | at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:668) | at org.jboss.invocation.http.servlet.InvokerServlet.processRequest(InvokerServlet.java:162) | at org.jboss.invocation.http.servlet.InvokerServlet.doPost(InvokerServlet.java:224) | at javax.servlet.http.HttpServlet.service(HttpServlet.java:637) | at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) | at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) | at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:235) | at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) | at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:190) | at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:433) | at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92) | at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126) | at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70) | at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) | at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) | at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158) | at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) | at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330) | at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829) | at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:601) | at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) | at java.lang.Thread.run(Thread.java:619) | 00:37:44,448 TRACE [LogAuditProvider] [Error]Source=org.jboss.security.plugins.javaee.EJBAuthorizationHelper;Exception:=Authorization Failed: ;Resource:=[org.jboss.security.authorization.resources.EJBResource:contextMap={policyRegistration=org.jboss.security.plugins.JBossPolicyRegistration@1dc3dfb}:method=public abstract de.ebcot.bsctool.ejb.ManagerRemote de.ebcot.bsctool.ejb.ManagerRemoteHome.create(java.lang.String,int,java.lang.Integer) throws javax.ejb.CreateException,javax.security.auth.login.LoginException,java.rmi.RemoteException,de.ebcot.tools.util.LoginTwiceException:ejbMethodInterface=Home:ejbName=Manager:ejbPrincipal=admin:MethodRoles=Roles(LisaUser,):securityRoleReferences=null:callerSubject=Betreff: | Principal: LisaUnauthenticated | Principal: LisaUser(members) | :callerRunAs=null:callerRunAs=null:ejbRestrictionEnforcement=false:ejbVersion=null];policyRegistration=org.jboss.security.plugins.JBossPolicyRegistration@1dc3dfb; | 00:37:44,449 ERROR [SecurityInterceptor] Error in Security Interceptor | java.lang.SecurityException: Denied: caller with subject=Betreff: | Principal: LisaUnauthenticated | Principal: LisaUser(members) | and security context post-mapping roles=null: ejbMethod=public abstract de.ebcot.bsctool.ejb.ManagerRemote de.ebcot.bsctool.ejb.ManagerRemoteHome.create(java.lang.String,int,java.lang.Integer) throws javax.ejb.CreateException,javax.security.auth.login.LoginException,java.rmi.RemoteException,de.ebcot.tools.util.LoginTwiceException | at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityContext(SecurityInterceptor.java:368) | at org.jboss.ejb.plugins.SecurityInterceptor.process(SecurityInterceptor.java:243) | at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:205) | at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invokeHome(CachedConnectionInterceptor.java:187) | at org.jboss.ejb.plugins.StatefulSessionInstanceInterceptor.invokeHome(StatefulSessionInstanceInterceptor.java:148) | at org.jboss.ejb.plugins.CallValidationInterceptor.invokeHome(CallValidationInterceptor.java:56) | at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:125) | at org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.java:350) | at org.jboss.ejb.plugins.TxInterceptorCMT.invokeHome(TxInterceptorCMT.java:161) | at org.jboss.ejb.plugins.security.PreSecurityInterceptor.process(PreSecurityInterceptor.java:136) | at org.jboss.ejb.plugins.security.PreSecurityInterceptor.invokeHome(PreSecurityInterceptor.java:88) | at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:132) | at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invokeHome(ProxyFactoryFinderInterceptor.java:107) | at org.jboss.ejb.SessionContainer.internalInvokeHome(SessionContainer.java:639) | at org.jboss.ejb.Container.invoke(Container.java:1046) | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) | at java.lang.reflect.Method.invoke(Method.java:597) | at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:157) | at org.jboss.mx.server.Invocation.dispatch(Invocation.java:96) | at org.jboss.mx.server.Invocation.invoke(Invocation.java:88) | at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264) | at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:668) | at org.jboss.invocation.http.server.HttpInvoker.invoke(HttpInvoker.java:154) | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) | at java.lang.reflect.Method.invoke(Method.java:597) | at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:157) | at org.jboss.mx.server.Invocation.dispatch(Invocation.java:96) | at org.jboss.mx.server.Invocation.invoke(Invocation.java:88) | at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264) | at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:668) | at org.jboss.invocation.http.servlet.InvokerServlet.processRequest(InvokerServlet.java:162) | at org.jboss.invocation.http.servlet.InvokerServlet.doPost(InvokerServlet.java:224) | at javax.servlet.http.HttpServlet.service(HttpServlet.java:637) | at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) | at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) | at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:235) | at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) | at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:190) | at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:433) | at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92) | at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126) | at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70) | at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) | at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) | at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158) | at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) | at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330) | at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829) | at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:601) | at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) | at java.lang.Thread.run(Thread.java:619) View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4215967#... Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&a...