hi j2ee_junkie, I know ClientLofinModules hasn't any authenticacton logic, I'm following what it's said in this document, point 8.4.1: http://docs.jboss.org/jbossas/jboss4guide/r2/html/ch8.chapter.html Login client side has done sucessfully and after doing lc.login() () if I put this line lc.getSubject().getPrincipals() I get as principal the name I have filled in the username field. In the second step it is said that if i obtain the EJB home interface and create a bean, this results in a home interface method invocation being sent to the JBoss server. The invocation includes the method arguments passed by the client along with the user identity and credentials from the client-side JAAS login performed in step 1. To invoke create method calls first setEJBContext (EJBContext ctx) but ctx is null and then invokeHome method. If i want to do an authentication in the server side I need to know the principal and the credential obtained in first step. How can i get the principal obtained in the first step in security proxy without sending them as parameters when i invoke create method if ctx is null in sec proxy? Thanks View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3964665#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...