I'm using JBoss 4.2.2 and having two protected EJBs (say A and B) running on two different boxes. All non-timer-callback methods from B can access A without any problem. However if I schedule a timer using timer service on B to invoke a method from A then I get "EJBAccessException: Authentication failure".
Both applications on both boxes do support unauthenticatedIdentity and invoking ejbContext.getCallerPrincipal() from inside timer's callback method returns the expected principal.
I'm confused and don't know what I'm missing here. Does anybody know what the problem is?