I found a solution, maybe it will help.
Using subject.doAs(...) causes troubles. Each action to perform was provided as parameter to this method. First action allways succed but every next one - no. So it looks like jboss sx differs a little from its 4.2.3 implementation.
Anyway the solution is not to use "subject.doAS"!
makes that every thread on client side is authenticated (more precisely: every thread in jvm instance - that's default value).
And every next call will be authenticated..