Secure an Entity bean from writing

I'd like only a certain role to be able to write/create/delete certain entity beans, but everyone to be able to read them.
Is there a simple way to add such security constraint? (weblogic and websphere). It complains trying to put a role on things like ejbCreate, so I'm not sure if it is at all possible. Any help would be appriciated.

I think you could use facade to maitain the security of your entities, I mean one remote session and serveral local entities