Since I switched to WAR packaging, I could not set security-domain for my application. After some investigation, it seems to break when I include a jar containing JAX-WS EJBs - the single act of removing this jar solves the issue. How can I specify security-domain in my application without changing the default security-domain in standalone.xml while including JAX-WS EJBs?
Running Jboss EAP 6.1 alpha also known as Jboss 7.2.
EDIT: Using @org.jboss.ejb3.annotation.SecurityDomain on the JAX-WS EJB "solves" it. It seems like the EJB hijacks the configuration for the web module. I do not want them to use the same security domain though - the Web service should be available without authentication.