Hi Alexander. Thanks for your opinion. However I wanted detail solution. :-) To solve this problem, I performed below steps.
1) I made a security domain.(login-config.xml) <application-policy name = "Extra"> <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required"> <!--<module-option name = "unauthenticatedIdentity">guest</module-option>--> <module-option name = "dsJndiName">java:/ExtraDS</module-option> <module-option name = "principalsQuery">SELECT PW FROM EJB_USER WHERE ID=?</module-option> <module-option name = "rolesQuery">SELECT ROLE, 'ROLES' FROM EJB_ROLE WHERE ID=?</module-option> </login-module> </application-policy> 2) I created table for roles and users and put corresponding informations with my environment. 3) I set security domain(jboss.xml) <security-domain>java:/jaas/Extra</security-domain> 4) I edited a ejb.jar <assembly-descriptor > <security-role> <role-name>MyRole</role-name> </security-role> <method-permission> <role-name>MyRole</role-name> <ejb-name>FrontSample</ejb-name> <method-name>*</method-name> <ejb-name>Sample</ejb-name> <method-name>*</method-name> </method-permission> </assembly-descriptor> ... <security-identity><use-caller-identity/></security-identity> <security-role-ref> <role-name>MyRole</role-name> </security-role-ref> ... <security-role-ref> <role-name>MyRole</role-name> </security-role-ref> 5) My remote client code is : lookupProp.put(Context.INITIAL_CONTEXT_FACTORY,"org.jnp.interfaces.NamingContextFactory"); lookupProp.put(Context.PROVIDER_URL, "jnp://" + prop.get("SERVER_IP") + ":" + prop.get("LOOKUP_PORT")); lookupProp.put(Context.SECURITY_PRINCIPAL, "admin"); lookupProp.put(Context.SECURITY_CREDENTIALS, "admin"); ctx = new InitialContext(lookupProp); ... code for lookup 6) Finally, A exception message(when called create() method) is : java.rmi.ServerException: RemoteException occurred in server thread; nested exception is: java.rmi.ServerException: EJBException:; nested exception is: javax.ejb.EJBException: checkSecurityAssociation; CausedByException is: Authentication exception, principal=null Now, I have a question. It is how to set id and password authenticating identity. Above code(no 5) uses Context.SECURITY_PRINCIPAL and Context.SECURITY_CREDENTIALS to set id and password but as result, such approach seems invalid. Otherwise I may use LoginContext to authenticate indentity but It also seems to not support function for remote server. How can I solve this problem? Please help me. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3859213#3859213 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3859213 ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user