Issue

• When an EJB3.1 WebService based WAR is deployed on EAP6 then after enabling the TRACE logging it is always observed that the "other" security-domain is being used and the "security-domain" defined inside the "WEB-INF/jboss-web.xml" is completely ignored while accessing those EJB3.1.
• Following are the TRACE logging on the server while accessing the EJB3.1 based WebServices, NOTICE Begin getAppConfigurationEntry(other)

20:51:43,544 TRACE [org.jboss.security] (http-/127.0.0.1:8080-1) PBOX000354: Setting security roles ThreadLocal: null
20:51:52,972 TRACE [org.jboss.security] (http-/127.0.0.1:8080-1) PBOX000200: Begin isValid, principal: user1, cache entry: null
20:51:52,973 TRACE [org.jboss.security] (http-/127.0.0.1:8080-1) PBOX000209: defaultLogin, principal: user1
20:51:52,977 TRACE [org.jboss.security] (http-/127.0.0.1:8080-1) PBOX000221: Begin getAppConfigurationEntry(other), size: 4
20:51:52,988 TRACE [org.jboss.security] (http-/127.0.0.1:8080-1) PBOX000224: End getAppConfigurationEntry(other), AuthInfo: 

• The "WEB-INF/jboss-web.xml" is used as following:

<?xml version="1.0" encoding="UTF-8"?>
 <jboss-web xmlns="http://www.jboss.com/xml/ns/javaee"
           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
           xsi:schemaLocation="http://www.jboss.com/xml/ns/javaee http://www.jboss.org/j2ee/schema/jboss-web_7_0.xsd"
           version="7.0">                                     
    <security-domain>TestSecurityDomain</security-domain>
</jboss-web>

• EJB3.1 Web Service class looks like following:

package ejbs;
import javax.ejb.*;
import javax.jws.*;
@Stateless
@WebService
public class TestEJB
  {
    public String sayHello(String name)
      {
         System.out.println("[TestEJB] sayHelo("+name+") invoked.");
         return "Hello Mr. "+name;
      }
  }