How to do this?
I need to authenticate client appliacation and it's user.
So I have 3 atributtes: login, password,applicationName.
How to do this in JBoss?

other question is is there any possibility to not use security annotations but put all permisssions in xml descriptor?

I found JAAS difficult to me. Is there any good to authentication and authorization for remote clients? where I don't have web tier only ejb3 session and entity beans.
Thanks in advance.