so...yeah, problem still not resolved. The problem occurs when entering incorrect credentials, but the client does NOT get any feedback. Needless to say, hard to handle credential requests from the client-side when you have no feedback if the credential was incorrect because the server-side swallows it with a NotSerializableException. Is this a bug? The server side is just EJB3 annotations, hard to do something wrong I would think. | @SecurityDomain("testLdap") | .... | @RolesAllowed("good") | public String returnGood(){return "good!";} | @RolesAllowed("bad") | public String returnBad(){return "this should not work";} | Please, really stuck here.... View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3989341#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...