Please explain the deployment environment of your application  and
the technologies that you used for implementing  your server  and
client. For different platforms and different implementations, different
soloutions and technologies may be used for implementing and managing security  domains and policies.

we use
J2EE
IntellijIdea 6.0
Jboss4

I hope it is useful to say:

There are some managements like admin, merchant, ... in web layer and
now we want to run them seperately on diferent servers;
1_We have some shared resources and files.
2_It is important to being careful about redunduncy because a trivial
change may bring about to change all managements' sourcecodes.

If you just want to put access  limit to files and resources or services,
you do not need to deply and run your application  on different servers.
You can use JBoss security  and login  modules for put access limit on resouces and services  in both web layer and ejb layer. You can define and configure users and roles for your system and configure resource access policy for web resources and components using jboss login module for web layer. Also you can do the same for services in ejb layer and identify the services that each user with specified system role, can access and execute. If you have a constraint to run system on different servers, you can use ejb clustering that JBoss proviedes and for each ejb server  configure different security policy.

are you trying to cluster the app server  or partition the system resources? because what you ask is clustering but the note you pasted at the end is about partitioning,

answer to clustering is obvious so I make an assumption that you want to do the latter (partitioning). I have a few suggestions:

1) one solution  would be use to app server partitioning. this bounds to the functionalities that the your app server provides when partitioning the app server. every partition is configured to have its own set of resources and security  configuration. this seems to be a flexible solution

2) however depending on your deployment strategy, you might also want to use the OS capabilities. in unix based systems, you might consider 'zone' or 'rbac' and to deploy the app server on different zones and that will give you the freedom of configuring zone specific  privileges which would then be specific to the app server deployed on that zone

3) another thing that comes to mind is to do this on an ldap server to dispatch the requests to appropriate set of functionalities. but this means to actually implement the dispatcher for this on ldap server. this solution seems to be a bit exhaustive but you might get benefits of specific implementations of ldap that has this built-in

some might say to enlist privileges in deployment desc, which I guess could be a bad idea  cause it might screw up the functionality flows and it is hard to control

I think repository engines will help you to achieve secured partitioned automatic version controlled resources. All redundant documents and resources are trace able too. Jackrabbit is well known and rich in API for example.