I am trying to call a secured ejb from the esb. normally when my client code calls the ejb, it uses an auth.conf file and a login context. Is this the preferred way for the esb actions to get at authenticated ejbs or is there a better mechanism for setting the principal that should be used to access the ejbs?
At present you need to configure it the same way as a normal EJB client.
We are working on including tighter security support in the 4.4 release of the project, which will handle this issue automatically.