Role-mapping information is available in Sun-specific XML (for example, sun-ejb-jar.xml), and authentication is okay, but the following error message is displayed:
[...INFO|sun-appserver-pe8.0|javax.enterprise.system.container.ejb|...| javax.ejb.AccessLocalException: Client not authorized for this invocation. at com.sun.ejb.containers.BaseContainer.preInvoke(BaseContainer.java:... at com.sun.ejb.containers.EJBObjectInvocationHandler.invoke(...)
Check whether the EJB module (.jar) or web module (.war) is packaged in an application (.ear) and does not have role-mapping information in application level, Sun-specific, sun-application.xml. For any application (.ear), security role-mapping information must be specified in sun-application.xml. It is acceptable to have both module-level XML and application-level XML.