I feel your pain! We've been struggling with this exact same problem.
Here are a few other threads that talk about similar struggles by others (none seem to have a complete solution unfortunately :P):
I am very surprised this is not spelled out clearly in the documentation for either tomcat or jboss since I would think that many people would want to split their web tier & ejb tier for security reasons?!? We also purchased the JBoss doc to no avail.
Please post here if you do find a good solution.
> Can someone please tell me how to configure a standalone Catalina server to propagate the user credentials to a standalone Jboss server.
I think the simple answer is that you can't :).
At least I don't think anyone has written a tomcat 4 security interceptor, realm or whatever which passes credentials obtained through tomcat's security infrastructure to a remote JBoss. It was relatively straightforward in tomcat 3...
Thank you very much for answering my question Luke, at least I can stop banging my head for now.
Would you please describe steps showing how to
pass credentials obtained through a standalone tomcat's (tomcat 3.2.3) security infrastructure to a remote JBoss?