AFAIK, exactly how depends on the DB you're using, but when you create the JDBC connection you should be able to enter username & password there.
Or perhaps by "actual user" you mean the user who has invoked the service? If so, the username/password would have to passed in the request and you would have to programmatically connect to the DB. This doesn't sound very EJB'ish but it might be doable, but I don't know how.
[Message sent by forum member 'matterbury' (matterbury)]
http://forums.java.net/jive/thread.jspa?messageID=335541