What's the fully qualified classname of the @SecurityDomain annotation that you are using? Also what does your web.xml and jboss-web.xml look like?
it's org.jboss.ejb3.annotation.SecurityDomain and javax.annotation.security.RolesAllowed
Well I've commented both the <security-constraint> block in web.xml and the <security-domain>java:/jaas/mydomain</security-domain> in jboss-web.xml. I thought that annotations would replace enterely the configuration in XML files. Am I wrong ?
Thanks a lot