This might be related to
Maybe you could create a JIRA issue and attach a sample deployment that allows us to reproduce what you are seeing. Idealy, the sample deployment is a webapp packaged as a war that will show the issue when we click on a link. The war should also contain the sources.
Thank you for your help but, I solved this issue by using the login() method of LoginContext. This seems to correctly add the Authorization MimeHeader as well as adding the JBoss specific username and password SOAP Headers.