Sorry, I'm not sure I understand your response. Are you saying that jaas security cannot be applied to a webservice packaged as a jar (dropped into apps)?
If you have a minute :), try the example webservice-security project and see if you can get it working. I tried in both 1.5.1 and 1.5.2 with no luck. -- View this message in context: http://openejb.979440.n4.nabble.com/webservice-security-basic-auth-tp4662743p4662878.html Sent from the OpenEJB User mailing list archive at Nabble.com.