From: <glassfish_at_javadesktop.org>
Date: Wed, 11 Mar 2009 01:12:48 PDT

Your granted.policy is missing an EJBRoleRefPermission entry.

http://java.sun.com/javaee/5/docs/api/javax/security/jacc/EJBRoleRefPermission.html

And so the exception you are seeing in the call to isCallerInRole seems valid.

http://java.sun.com/developer/technicalArticles/J2EE/security_annotation/

Can you add an @DecalreRoles annotation, because this is required for isCallerInRole checks.

@DeclareRoles :

Defines roles for security checking. To be used by EJBContext.isCallerInRole, HttpServletRequest.isUserInRole, and WebServiceContext.isUserInRole.
[Message sent by forum member 'kumarjayanti' (kumarjayanti)]

http://forums.java.net/jive/thread.jspa?messageID=336261