I have a remote bean (on Tomcat) that connects to an EJB 3.0 on JBoss 4.2.2.GA. For Audit purpose, I pass the Principal of my Tomcat users with every lookup JNDI. I use org.jboss.security.jndi.JndiLoginInitialContextFactory.
My problem is that Principals are cached in JBoss. The first user that does a JNDI lookup successfully sends his Principal. But then, all the invocations (with org.jboss.security.jndi.JndiLoginInitialContextFactory or org.jnp.interfaces.NamingContextFactory) uses this first Principal.