forgot to mention that I removed the security on the member...added that code..then executed...otherwise it doesn't execute that member when I require the role guest.
Two things seem not right here.
First, your login config application policy does not contain org.jboss.security.ClientLoginModule. I think you need this in order for the authenticated principal info to get propagated to the server when you access an ejb.
Second, the unathenticatedIdentity of guest is used to create a principal that has no roles. So a call to isCallerInRole('guest') should return false. Correct?
However, this is pure speculation on my part after reading the server guide as I have never used this LoginModule.
Does this help?