The JAAS Howto in this forum has an example of an unauthenticated servlet accessing a secured ejb.
Thank you! If I understand right, you use a LoginFilter as a workaround.
So JBoss ignores the unauthenticatedIdentity option, right?
Does this change with newer versions?
No, that is not right.