Most likely you are just missing some JAR files in your client's classpath. You should have jbossall-client.jar, your client's JAR file and a JAR file containing the interface(s) for your EJB(s).
thanks for the quick answer.
Am I right, if I say ejb3 applications do not need a specific security configuration, they just run like servlets or JSPs on a JBoss 5.0 ?
I think that is comparing apples and oranges. Using a stand-alone Java client to access an EJB is more like using a stand-alone client to access RMI, a JMS destination, or a web service. Servlets and JSPs, on the other hand are typically accessed via a browser.
The so-called security error you got is a common error when you are missing JAR files. I think what happens is that the JVM recognizes you are attempting to access a remote method and thus assumes the reason for the failure is security-related, but it usually is not.
Ok, I got it.
org.jboss.proxy.ejb.SecurityContextInterceptor (no security manager: RMI class loader disabled)
don't mean there is a security problem, but give a hint that jars are missing within my client runtime enviroment, here maybe jndi.jar
Ok, I had a jbossall-client.jar belonging to my example and there were obviously things missing. The jbossall-client.jar I found in the %jboss_home%/client directory only keeps a manifest file, that lists all jars available in the /client directory. I copied the contents of %jboss_home/client to the /lib directory of my example and started the client again from the /classes directory of my example .... and it worked !!
Thanks for all