Has anyone seen this?

In the embedded container I get this exception from the sessionContext:

Caused by: java.lang.NullPointerException
 at org.jboss.security.plugins.JaasSecurityManager.getPrincipal(JaasSecurityManager.java:348)
 at org.jboss.ejb3.BaseSessionContext.getCallerPrincipal(BaseSessionContext.java:177)
 at net.pay.security.service.PaymentServiceBean.save(PaymentServiceBean.java:97)

I set up the initial ctx with the user/pwd and the slsb is annotated with the RolesAllowed and SecurityDomain.

The interesting thing is that if I comment out the annotations then getCallerPrincipal() works fine.