Just posting a copy in this forum, in case you didn't read my reply in the other forum.
I might have found a solution for you. Instead of using 'run-as role', you manually login to the ejb security layer from your servlet using a user-id and password which belong to that role.
This article will clarify:
You could use the ClientLoginModule (described in the article) from your servlet to log in to the ejb security layer. Since your servlet is unsecured, you cannot get the user-id and password from the HttpSession as described in the article. Instead, you could use a fixed user-id and password, probably passed as init-parameters to the servlet from web.xml. This user-id should have the role required for the ejb.
Let me know if this works for you.