I have an application (war) with access to ebjs in other application (ear). The security is based on jaas. The access to the beans is no problem, but I didn?t find any way to check for the security-role defined in the bean before jaas do it. Does any body know how I can compare the roles of the user and the roles defined by the access restriction of the ejb? (corresponding XDoclet Property: @ejb.security-role-ref)

Regards,
Reto