Got problem with JBoss AS7 / EAP6. In MDB, when I lookup for SSB and call its method, the call is always anonymous, i.e. sessionContext.getCallerPrincipal() returns Principal(anonymous). Always... In AS5 everything was fine.
How can I fix it to make a call with an authenticated user?
MDB don't have a client and hence don't run in a specific security context. If you want to invoke the SLSB from the MDB, in a security context, you can use the @RunAs annotation on the MDB and specify the role that you want to run as.
It's answered here https://community.jboss.org/message/827894#827894. Instead of the deployment descriptor, you can even use JBoss specific @org.jboss.ejb3.annotation.RunAsPrincipal annotation to specify a principal to be used when you do an outgoing EJB invocation from a MDB.