I have a very strange problem occuring.

I am using jboss 4.0.1 and am using a secure ejb. My application-policy looks as follows:

 <application-policy name = "esubmit">
 <authentication>
 <login-module
 code="org.jboss.security.auth.spi.UsersRolesLoginModule"
 flag="required">
 <module-option name="usersProperties">
 users.properties
 </module-option>
 <module-option name="rolesProperties">
 roles.properties
 </module-option>
 </login-module>
 </authentication>
 </application-policy>

As soon as I enter the ejb, I perform a isCallerInRole("Administrator") which returns true, I then pass the SessionContext object to a static class which makes the same call and returns false. I changed the log settings to TRACE and discovered that when I make the call from the EJB it uses my application-policy, but when I make it from the static class it uses the "HsqlDbRealm" application-policy.

Here is the log portion:

2005-02-03 12:37:45,807 DEBUG [au.edu.vut.esubmit.ejbcontainer.services.domain.ejb.SubjectFacadeEJB] Admin role: true
2005-02-03 12:37:45,807 TRACE [org.jboss.security.plugins.JaasSecurityManager.esubmit] doesUserHaveRole(Set), subject: Subject:
 Principal: cam
 Principal: Roles(members:Administrator)
2005-02-03 12:37:45,807 TRACE [org.jboss.security.plugins.JaasSecurityManager.esubmit] roles=Roles(members:Administrator)
2005-02-03 12:37:45,807 TRACE [org.jboss.security.plugins.JaasSecurityManager.esubmit] hasRole=false
2005-02-03 12:37:45,807 DEBUG [au.edu.vut.esubmit.ejbcontainer.services.domain.ejb.SubjectFacadeEJB] User role: false
2005-02-03 12:37:45,807 DEBUG [au.edu.vut.esubmit.ejbcontainer.domain.datatransferfactories.SubjectDTOFactory] getSubjectDTO(SessionContext, String) - start
2005-02-03 12:37:45,807 TRACE [org.jboss.security.plugins.JaasSecurityManager.esubmit] isValid, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@5eb650[Subject(1265354).principals=[cam, Roles(members:Administrator)]]
2005-02-03 12:37:45,807 TRACE [org.jboss.security.plugins.JaasSecurityManager.esubmit] validateCache, info=org.jboss.security.plugins.JaasSecurityManager$DomainInfo@5eb650[Subject(1265354).principals=[cam, Roles(members:Administrator)]]
2005-02-03 12:37:45,807 DEBUG [org.jboss.ejb.plugins.cmp.jdbc.JDBCFindByPrimaryKeyQuery.Subject#findByPrimaryKey] Executing SQL: SELECT t0_Subject.id FROM SUBJECT t0_Subject WHERE t0_Subject.id=?
2005-02-03 12:37:45,807 TRACE [org.jboss.security.plugins.JaasSecurityManager.HsqlDbRealm] isValid, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@780af5[Subject(18314684).principals=[sap]]
2005-02-03 12:37:45,807 TRACE [org.jboss.security.plugins.JaasSecurityManager.HsqlDbRealm] validateCache, info=org.jboss.security.plugins.JaasSecurityManager$DomainInfo@780af5[Subject(18314684).principals=[sap]]
2005-02-03 12:37:45,807 DEBUG [au.edu.vut.esubmit.ejbcontainer.domain.datatransferfactories.BaseDTOFactory] checkForRight(SessionContext, SubjectLocal, ArrayList) - start
2005-02-03 12:37:45,807 TRACE [org.jboss.security.plugins.JaasSecurityManager.esubmit] doesUserHaveRole(Set), subject: Subject:
 Principal: sap
 Private Credential: javax.resource.spi.security.PasswordCredential@e4e
2005-02-03 12:37:45,807 TRACE [org.jboss.security.plugins.JaasSecurityManager.esubmit] roles=null
2005-02-03 12:37:45,807 TRACE [org.jboss.security.plugins.JaasSecurityManager.esubmit] hasRole=false
2005-02-03 12:37:45,807 TRACE [org.jboss.security.plugins.JaasSecurityManager.esubmit] doesUserHaveRole(Set), subject: Subject:

I have no idea what's going on. Is there some problem with passing the SessionContext around? Also, this code works fine under JBoss 4.0.1RC1.

Any help would be greatly appreciated.

Regards
Rob