Whenever an exception is raised from my Entity EJB, the Principals for my Subject mysteriously disappear.

I have a Custom login module that is chained together with the DatabaseLoginModule (via the login-config.xml). My custom login module inherits from AbstractLoginModule, and inserts a Principal into the subject's Principals set upon login.

Next, I created a class that implements SecurityProxy that protects my Entity EJB by checking the active subject for the Principal added by my Custom login module.

Everything works great until an exception is raised by my EJB (i.e. when the EJB recognizes some illegal business contraint). Once the exception propogates from the server to the client, subsequent invocations fail my SecurityProxy. The Principal placed into the Subject by my Custom login module is gone.

Funny thing is, the JaasSecurityManager still has a Subject entry for the caller in its domainCache -- but the Subject's principals set is cleared of the Principal placed in it by my Custom Login Module.

Does anyone have an idea what is causing this?

I've stepped through all the server code and I noticed that the EntitySynchronizationInterceptor (part of the Entity Container) sets the Entity context to "invalid" whenever an exception is thrown from the Bean. Subsequent calls to the bean causes the container to re-load the Entity using a separate instance.

Could this also clear the Subject's Principals Set?

I'm stumped.