I have tried this with SP1 & with 4.0.5GA as suggested and still encountered the same problem.
Just to clarify: Before we make the remote call, we can see the original user: org.jboss.security.SecurityAssociation.pushSubjectContext,subject=Subject: Principal:AdminPrincipal:Roles(members:Admin),[EMAIL PROTECTED],subject=7645779} org.jboss.security.SecurityAssociation.getSubject,[EMAIL PROTECTED],subject=7645779} And then when we make the remote call, we can see the remote user being setup: org.jboss.security.SecurityAssociation.setCredential,[EMAIL PROTECTED],subject=null} org.jboss.security.SecurityAssociation.setPrincipal,p=remoteAdmin,server=true org.jboss.security.SecurityAssociation.setPrincipal,[EMAIL PROTECTED],subject=null} org.jboss.security.SecurityAssociation.getPrincipal,principal=remoteAdmin And then we see the original security logs I posted before. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3993731#3993731 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3993731 _______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
