I am developing a client server app using JBoss and ejb3. I have a client based on eclipse and they work very nicely together. I was using an existing login mechanisim but decided to start using the new ejb3 security annotations etc. instead. My question here is what is the best pratice with ejb3. I have set up a custom JAAS login handler module with a LoginContext connecting to my backend database which is fine. The problem I see though is that the logged in principal etc is not propagated to subsequent ejb access once a successful login has occurred. When I use the JNDI InitialContext method the login works fine, the principal is also propagated via the initialContext lookups. What is the best approach here? Should I be mixing JNDI and JAAS but how do I propagate the principle etc. Comments !!!!! View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3983831#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...