I figured it out in the end just in case others would like to know the answer. Intially I was using
to retreive a SecurityContext to make a call to
getUtil().createSubjectInfo(principal, password, subject);
But this didn't seem to propagate down to EJB and the prinicpal still ended up being the anonymous principal name. By using
to retrieve the SecurityContext instead of using the SecurityFactory's establishSecurityContext method, and then calling the createSubjectInfo as before, the principal propagate correctly as expected.