Just a precision. The exception is thrown only on the method call of the bean ( not in the lookup).
Is it possible that the lookup is successful if the client has not been authenticated. I think the problem does not depend on the realm but on identity propagation.
[Message sent by forum member 'franck_mosse' (franck_mosse)]
http://forums.java.net/jive/thread.jspa?messageID=225207