Hi, We have recently switched from JAAS to Keycloak. Application is JavaEE application with EJBs & MDBs. Set keycloak login module in WildFly to propagate user from wen to EJB & it worked. But facing issue when an EJB is called from MDB. There is anonymoius user in MDB when message received. So that user don't have permission to invoke EJB protected by: In JAAS version, we have programmatic login using dedicated mdb user. loginContext = new LoginContext("ldap", new CallbackHandler() { @Override public void handle(Callback[] callbacks) { int len = callbacks.length; Callback cb; for (int i = 0; i < len; i++) { cb = callbacks[i]; if (cb instanceof NameCallback) { NameCallback ncb = (NameCallback) cb; ncb.setName(mdbuserName); } else if (cb instanceof PasswordCallback) { PasswordCallback pcb = (PasswordCallback) cb; pcb.setPassword(mdbUsrPass); } } } }); loginContext.login(); This have user with required permission. Since now moved to Keycloak, this code will not work. What is the option to prevent permission issue in calling EJB from MDB? Thanks!