I don't know J2EE deep enough to be sure... but I don't think you can, I'm affraid.
Web applications have concepts like "HttpRequest" with which you can get things like IP addresses... but AFAIK there is no such concept in EJB.
Anyway, I think the point in J2EE applications is to grant or deny access through the concepts of authentication, authoritation, users, roles... I don't know of a specific security mechanism in which IP addresses is in mind...
I see... I'm sorry I can't help you further. I don't know much abuout JBoss specific configuration.
However, I'll keep an eye on this thread as your question is very interesting :-)
Good luck, xmedeko!!
An AOP interceptor can access the client address: https://jira.jboss.org/jira/browse/JBREM-758.
It's not yet available through an EJB API yet: https://jira.jboss.org/jira/browse/EJBTHREE-902.
So you can write an AOP interceptor, put it into ejb3-interceptors-aop.xml and push the client address somewhere where you can pick it up in the bean.
Well, the client address is accessible from thread name :-). So, I can write the Around Invoke Interceptor Method to check this IP. I was just asking if there is some nice JBoss solution for this. You know, some config with IP addresses like 10.1.1.128/20 :-)
BTW. about accessing IP from session beans: I think BEA or Oracle AS put client IP somewhere into the session context. Or I was thinking that some ThreadLocal variable could do the trick. But it is solution for the JEE session beans, that would not work for the JBoss service bean, I guess.