How do i propagate security to my independent web service enterprise application?

I created a simple web application which contains web pages and one enterprise application which contains web services and EJBs fo开发者_开发知识库r my web application. I managed to configure security for my web application. But now how do i propagate this security to my enterprise application on my EJB method methods? so that i can use annotations like @RolesAllowed("") etc?

In your web application when you search for beans by JNDI, you have to pass user/password information to the InitialContext constructor (code from there: http://schuchert.wikispaces.com/EJB3+Tutorial+6+-+Security)

public InitialContext getInitialContextFor(final String user,
            final String password) throws NamingException {
        final Properties p = new Properties();
        p.setProperty(Context.SECURITY_PRINCIPAL, user);
        p.setProperty(Context.SECURITY_CREDENTIALS, password);
        p.setProperty(Context.INITIAL_CONTEXT_FACTORY,
                "org.jboss.security.jndi.JndiLoginInitialContextFactory");
        return new InitialContext(p);
}

If you wanted your web app container to do it automatically for you - I don't know how to do it.

BTW - are you using the same container for both web app and ejbs?