I'm calling a stateless EJB using RMI from a non-managed environment (java program).
The first issue I raised was:
java.security.AccessControlException: access denied (java.lang.RuntimePermission org.jboss.security.SecurityAssociation.getPrincipalInfo)
I've researched this forum and found the solution to disable the SecurityInterceptors (Home + Bean) in conf/standardjboss.xml.
The second issue raised was an exception at the client side:
java.security.AccessControlException: access denied (java.io.SerializablePermission enableSubstitution)
This one has been removed by editing the java.policy file and adding:
permission java.io.SerializablePermission "enableSubstitution";
Is there another way but disabling the SecurityInterceptors? (I've found some hints regarding writing LoginModules, but no code sample for it)