"anil.saldhana(a)jboss.com" wrote : JBossWS creates a transient webapp to deal with ws invocations. The original problem was that this web app metadata was not being fed to the security deployer which happens very early in the pipeline of deployers. For this reason, we generated the JACC permissions for this particular transient web app in the webservices module. | Yes, this is how it works now. Almost all JBossWS deployers (except WSDescriptorDeployer)) are REAL stage deployers. "anil.saldhana(a)jboss.com" wrote : | The fix would be to get the metadata of this transient web app to go through the chain of deployers just like regular standard web apps that get deployed in AS. OK, I'll investigate whether our dependency on EJB real deployers is really necessary or not and I will try to move our deployers to lower stage. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4250791#... Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&a...