While trying to call a component the authentication information is not being propagated.Source of the class where this exception apeears is

http://www.docjar.com/html/api/org/jboss/security/identity/plugins/SimpleRoleGroup.java.html at line 168 where the iterated list of <Role> objects

is modified by a parallel thread.The problem is treated here http://community.jboss.org/wiki/SecurityFAQ.

The stacktrace is :

[DelegatingAuthorizationModule] Error with delegate:
java.util.ConcurrentModificationException
       at java.util.AbstractList$Itr.checkForComodification(AbstractList.java:372)
       at java.util.AbstractList$Itr.next(AbstractList.java:343)
       at
org.jboss.security.identity.plugins.SimpleRoleGroup.containsAtleastOneRole(SimpleRoleGroup.java:168)
       at
org.jboss.security.authorization.modules.ejb.EJBPolicyModuleDelegate.process(EJBPolicyModuleDelegate.java:156)
       at
org.jboss.security.authorization.modules.ejb.EJBPolicyModuleDelegate.authorize(EJBPolicyModuleDelegate.java:112)
       at
org.jboss.security.authorization.modules.AbstractAuthorizationModule.invokeDelegate(AbstractAuthorizationModule.java:143)
       at
org.jboss.security.authorization.modules.DelegatingAuthorizationModule.authorize(DelegatingAuthorizationModule.java:53)
       at
org.jboss.security.plugins.authorization.JBossAuthorizationContext.invokeAuthorize(JBossAuthorizationContext.java:220)
       at
org.jboss.security.plugins.authorization.JBossAuthorizationContext.access$000(JBossAuthorizationContext.java:67)
       at
org.jboss.security.plugins.authorization.JBossAuthorizationContext$1.run(JBossAuthorizationContext.java:152)
       at java.security.AccessController.doPrivileged(Native Method)
       at
org.jboss.security.plugins.authorization.JBossAuthorizationContext.authorize(JBossAuthorizationContext.java:148)
       at
org.jboss.security.plugins.JBossAuthorizationManager.internalAuthorization(JBossAuthorizationManager.java:474)
       at
org.jboss.security.plugins.JBossAuthorizationManager.authorize(JBossAuthorizationManager.java:124)
       at
org.jboss.security.plugins.javaee.EJBAuthorizationHelper.authorize(EJBAuthorizationHelper.java:116)
       at
org.jboss.ejb3.security.RoleBasedAuthorizationInterceptorv2.invoke(RoleBasedAuthorizationInterceptorv2.java:189)
       at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
       at
org.jboss.ejb3.security.Ejb3AuthenticationInterceptorv2.invoke(Ejb3AuthenticationInterceptorv2.java:186)
       at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
       at
org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:41)
       at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
       at
org.jboss.ejb3.BlockContainerShutdownInterceptor.invoke(BlockContainerShutdownInterceptor.java:67)
       at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
       at
org.jboss.aspects.currentinvocation.CurrentInvocationInterceptor.invoke(CurrentInvocationInterceptor.java:67)
       at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
       at
org.jboss.ejb3.session.SessionSpecContainer.invoke(SessionSpecContainer.java:176)
       at
org.jboss.ejb3.session.SessionSpecContainer.invoke(SessionSpecContainer.java:216)
       at
org.jboss.ejb3.proxy.impl.handler.session.SessionProxyInvocationHandlerBase.invoke(SessionProxyInvocationHandlerBase.java:207)
       at
org.jboss.ejb3.proxy.impl.handler.session.SessionProxyInvocationHandlerBase.invoke(SessionProxyInvocationHandlerBase.java:164)
       at $Proxy608.queryByReceivedAndGreaterThanValidUntil(Unknown Source)
org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:549



Would it be necessary to add the CLient LoginModule configuration to all of our application-policies?