I have created JAXWS webservice using @WebService annotation. Also I us WS-Security for authentication. and the same class is used as EJB bean with @SecurityDomain on it. So far so good.

@WebService(name = "Test", serviceName = "TestService", targetNamespace = "http://certipost.be/server")
@SOAPBinding(style = SOAPBinding.Style.DOCUMENT)
@BindingType(value = javax.xml.ws.soap.SOAPBinding.SOAP12HTTP_BINDING)
@HandlerChain(file = "resource://config/ServerHandlers.xml", name = "SecureHandlerChain")
@Stateless
@Remote(ServerInterface.class)
@SecurityDomain("CertiOneComms")
public class Server implements ServerInterface {

...
}

but now I want to invoke EJB on another JBOSS server and propagate credentials to it.
So like it is written in WIKI I did:
String contextFactory = "org.jnp.interfaces.NamingContextFactory";

props.put(Context.INITIAL_CONTEXT_FACTORY, contextFactory);
props.put(Context.URL_PKG_PREFIXES,
"org.jboss.naming:org.jnp.interfaces");
props.put(Context.PROVIDER_URL, serverUrl);
props.put(Context.SECURITY_PRINCIPAL, SecurityAssociation
.getPrincipal());
props.put(Context.SECURITY_CREDENTIALS, SecurityAssociation
.getCredential());
InitialContext ctx = new InitialContext(props);
....

But then I got following error:

java.io.NotSerializableException: org.jboss.ws.wsse.SimplePrincipal
at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1075)
at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java:291)
at org.jboss.aop.util.MarshalledValue.<init>(MarshalledValue.java:73)
at org.jboss.aop.metadata.SimpleMetaData.writeExternal(SimpleMetaData.java:226)
at java.io.ObjectOutputStream.writeExternalData(ObjectOutputStream.java:1304)
at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java:1282)
at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1073)
at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java:291)
at org.jboss.aop.joinpoint.MethodInvocation.writeExternal(MethodInvocation.java:321)
at java.io.ObjectOutputStream.writeExternalData(ObjectOutputStream.java:1304)
at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java:1282)
at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1073)
at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java:1369)
at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java:1341)
at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java:1284)
at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1073)
at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java:291)
at org.jboss.remoting.serialization.impl.java.JavaSerializationManager.sendObject(JavaSerializationManager.java:81)
at org.jboss.remoting.marshal.serializable.SerializableMarshaller.write(SerializableMarshaller.java:84)
at org.jboss.remoting.transport.socket.SocketClientInvoker.transport(SocketClientInvoker.java:273)
at org.jboss.remoting.RemoteClientInvoker.invoke(RemoteClientInvoker.java:143)
at org.jboss.remoting.Client.invoke(Client.java:525)
at org.jboss.remoting.Client.invoke(Client.java:488)
at org.jboss.aspects.remoting.InvokeRemoteInterceptor.invoke(InvokeRemoteInterceptor.java:55)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
at org.jboss.aspects.tx.ClientTxPropagationInterceptor.invoke(ClientTxPropagationInterceptor.java:61)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
at org.jboss.aspects.security.SecurityClientInterceptor.invoke(SecurityClientInterceptor.java:55)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
at org.jboss.ejb3.remoting.IsLocalInterceptor.invoke(IsLocalInterceptor.java:78)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
at org.jboss.ejb3.stateless.StatelessRemoteProxy.invoke(StatelessRemoteProxy.java:102)
at $Proxy467.authenticate(Unknown Source)
at be.certipost.certione.jboss.auth.CertioneLoginModule.login(CertioneLoginModule.java:150)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:601)
at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:535)
at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:344)
at org.jboss.aspects.security.AuthenticationInterceptor.authenticate(AuthenticationInterceptor.java:121)
at org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:67)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:47)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
at org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:106)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
at org.jboss.ejb3.stateless.StatelessContainer.dynamicInvoke(StatelessContainer.java:227)
at org.jboss.ejb3.remoting.IsLocalInterceptor.invoke(IsLocalInterceptor.java:59)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
at org.jboss.ejb3.stateless.StatelessRemoteProxy.invoke(StatelessRemoteProxy.java:102)
at $Proxy252.getNetworkProperties(Unknown Source)
at be.certipost.jc.accesspoint.server.impl.Server.pushToAPPServer(Unknown Source)

Is it possible to make that objects serializable ?