Hi,
it seems that I found the solution.
I added the sun-application.xml descriptor to my EAR module.
There I repeated the security role mapping and now access is granted.
My sun-applicaiton.xml looks like this:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE sun-application PUBLIC "-//Sun Microsystems, Inc.//DTD Application Server 9.0 Java EE Application 5.0//EN" "
http://www.sun.com/software/appserver/dtds/sun-application_5_0-0.dtd">
<sun-application>
<security-role-mapping>
<role-name>MANAGERACCESS</role-name>
<group-name>Imixs_IX_Demo_Manager</group-name>
<principal-name>manager1</principal-name>
</security-role-mapping>
<realm>imixsrealm</realm>
</sun-application>
I think declaring security role mapping in sun-ejb-jar.xml is now dispensable. But I am not sure for that.
ralph
[Message sent by forum member 'rsoika' (rsoika)]
http://forums.java.net/jive/thread.jspa?messageID=270254