Which JBoss version are you using?
Any particular reason why you are not just using BASIC or FORM based authentication in your web application?
With JBoss 4.0.2, with both BASIC and FORM based authentication, you do not have to write your own login logic and user identity is automatically propagated to the EJB layer.
I am using JBOSS 3.2.6, I have very complex model of roles - that is why I have to use my own login module.
Is there any configuration that I need to do with EJB components (in file ejb-xml)
And another thing yet,
I login my user in filter servlet - maybe it cause some troubles ?
The fact that you have a complex role model and that you need your own JAAS login module does not mean that you need to do your own programmatic login.
You can define your own JBoss security domain (conf/login-config.xml) that will use your JAAS login module. You can then associate your war file with this security domain (in the jboss-wev.xml) and JBoss/Tomcat will take care of calling your login module when needed.
I also think that with JBoss 3.2.6, identity propagation with backend EJB will work as well.
If you still think that you need to call LoginContext.login by yourslef, I think you will have to dig into the JBoss code to understand how to propagate the security identity properly. You can find a few posts in this forum explianing you that by using the JBoss ClientLoginModule in your JAAS configuration, this will work, but this is valid on a per-request only (I think), which is making it not very usable, I think.