Unfortunately this solution is not possible to use because the all EJB and Web services must work in the same security domain. My security domain uses my own login module and I have to use this login module to authorize the Web service clients. So the problem is how I have to configurate the jBoss security to check authorization of Web service client by my own LoginModule? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4022896#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...