See Thread at: http://www.techienuggets.com/Detail?tx=21643 Posted on behalf of a User I am having the same problem. were you able to solve it? thanks a lot. In Response To: Hi, I have a JBoss 4.2.2.GA WebService application, where the WebServices should be secured. So I wrote a custom LoginModule for JBoss 4.2.2.GA which extends the org.jboss.security.auth.spi.UsernamePasswordLoginModule. I defined an <application-policy> in the login-config.xml and I use the @SecurityDomain annotation for the secured @WebService beans So far so good: My LoginModule is called correctly. Inside the LoginModule I want to call a local @Stateless bean which provides methods to retrieve the user/roles via Hibernate from the database. But how to access this bean? I tried the @EJB annotation => no success I tried a lookup via JNDI => no success (NameNotFoundException) MyLoginModule: | public class MyLoginModule extends UsernamePasswordLoginModule | { | private MyAuthenticationService myAuthenticationService; | | @Override | public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) | { | super.initialize(subject, callbackHandler, sharedState, options); | try { | Context jndiContext = new InitialContext(); | this.myAuthenticationService = (MyAuthenticationService) jndiContext.lookup("java:comp/env/ejb/MyAuthenticationServiceImpl"); // does not work (ejb not bound) | // does not work: I tried all name combinations | // jndiContext.lookup("java:comp.ejb3/env/ejb/MyAuthenticationServiceImpl") => does not work (ejb not bound) | // jndiContext.lookup("ejb/MyAuthenticationServiceImpl") => does not work (ejb not bound) | // jndiContext.lookup("MyAuthenticationServiceImpl") => does not work (MyAuthenticationServiceImpl not bound) | } | catch (NamingException ex) { | // TODO Auto-generated catch block | ex.printStackTrace(); | } | } | | @Override | protected Principal createIdentity(String username) throws Exception | { | MyUser user = this.myAuthenticationService.retrieveUserByLoginName(username); | return user; | } | | @Override | protected String getUsersPassword() throws LoginException | { | MyUser myUser = (MyUser) this.getIdentity(); | return myUser.getPassword(); | } | | @Override | protected Group[] getRoleSets() throws LoginException | { | Group roles = new SimpleGroup("Roles"); // "Roles" is the expected GroupName for the roles | | for (Principal role : ((MyUser) this.getIdentity()).getRoles()) { | roles.addMember(role); | } | | return new Group[] { roles }; | } | | @EJB // has no effect | public void setMyAuthenticationService(MyAuthenticationService myAuthenticationService) | { | this.myAuthenticationService = myAuthenticationService; | } | | } | | MyAuthenticationServiceImpl: | @Stateless | public class MyAuthenticationServiceImpl implements MyAuthenticationService | { | | // ... | | public MyUser retrieveUserByLoginName(String loginName) throws LoginException | { | // here the DAO is called which uses the EntityManager | } | | // ... | | } | MyAuthenticationService: | public interface JaasService | { | // ... | public MyUser retrieveUserByLoginName(String loginName) throws LoginException; | // ... | } | What is wrong?