A principal is the java.security.Principal that is returned from getCallerPrincipal to identify the invoker of the bean instance's EJB object.