You can configure an enterprise bean’s run-as, or propagated, security identity by using the @RunAs annotation, which defines the role of the application during execution in a Java EE container. The annotation can be specified on a class, allowing developers to execute an application under a particular role. The role must map to the user/group information in the container’s security realm. The @RunAs annotation specifies the name of a security role as its parameter.
Here is some example code that demonstrates the use of the @RunAs annotation.
@RunAs("Admin") public class Calculator { //.... }
You will have to map the run-as role name to a given principal defined on the GlassFish Server if the given roles are associated with more than one user principal.