This week's book giveaway is in the OCAJP 8 forum. We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line! See this thread for details.
21.3.4 Specification of security identities in the deployment descriptor 220.127.116.11 Run-as
The Application Assembler should specify the requirements for the caller�s principal management of enterprise bean invocations by means of the security-identity deployment descriptor element and as part of the description. If use-caller-identity is specified as the value of the security- identity element, the caller principal is propagated from the caller to the callee. (That is, the called enterprise bean will see the same returned value of the EJBContext.getCallerPrincipal() as the calling enterprise bean.) If the run-as element is specified, a security principal that has been assigned to the specified security role will be used for the execution of the bean�s methods and will be visible as the caller principal in the callee.
You can you use-caller-identity or run-as element for make a call to another method in which role. hope this help...