I do not know the cause of the error, but authentication is performed for remote invocations of EJBs on the server side. The client side ORB puts an authenticator in the iiop msg. The server side ORB extracts the authenticator, and validates it against the application's authentication realm. The authentication realm is implemented using a JAAS login module. On the client side, your ORB will need to be capable of injecting the required authenticator. This is no small task. the appclient container will do this for you. If you were to use a pluggable login module on the client side, it would effectively be limited to collecting the username and password, since as I described above, the network authentication happens at the server side ORB.
hope that helps,
Ron
[Message sent by forum member 'monzillo' (monzillo)]
http://forums.java.net/jive/thread.jspa?messageID=283779