I really tried everything and earned just kidding. Please can anyone help ?? I tried to secure NamingService with AuthenticationInterceptor and UsersRolesLoginModule as described in docs and wiki (including JRMPProxyFactory config for NamingService). It has no effect at all. Then I tried to secure InvokerAdaptorService with AuthenticationInterceptor and UsersRolesLoginModule. The same problem occured. I still can retrieve the Naming Proxy, the JRMPInvokerProxy and of course can call invoke() without authentication. There are no log messages or Exceptions about the problem (org.jboss is on DEBUG level). Sending login information via LoginInitialContextFactory has no effect too. I also have configured SecureConfig, XMLLoginConfig, and JaasSecurityManager in a own SAR and server.log says that they are started successfully. MBean attributes of those services look fine. Maybe I have not configured depending MBeans? My server is configured with the following service: AttributePersistenceService ThreadPool Log4jService NamingBeanImpl NamingService JRMPInvoker JRMPProxyFactory for InvokerAdaptorService JRMPProxyFactory for NamingService MBeanProxyRemote NamingAlias InvokerAdaptorService URLDeploymentScanner TransactionManagerService WorkManagerThreadPool WorkManager RARDeployer XSLSubDeployer CachedConnectionManager WebServer SecurityConfig XMLLoginConfig JaasSecurityManager one MailService jboss-local-jdbc.rar one DataSource any idea ?? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4098192#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...