I am testing a project on Jboss 4.0.3sp1, that currently runs ok on jboss 3.2.6
The problem is that SecurityAssociation.getSubject() returns null in a stateless ejb when running on jboss 4.0.3 sp1.
I am runing without a securitymanager.
I think the problem is the changes in the 1.52 (1.46.4.7) revision in jboss/ejb/plugins/SecurityInterceptor.java, checkSecurityAssociation method
The change to use pushSubjectContext, always pushes a null as subject.
I am using subject.getPublicCredentials() to retrieve some extra information, the loginmodule stores.
"SecurityAssociation Changes"
http://wiki.jboss.org/wiki/Wiki.jsp?page=402UpgradeIssues