diff --git a/impl/src/main/java/org/glassfish/soteria/authorization/spi/impl/SubjectParser.java b/impl/src/main/java/org/glassfish/soteria/authorization/spi/impl/SubjectParser.java
index a37e71d..bdb9708 100644
--- a/impl/src/main/java/org/glassfish/soteria/authorization/spi/impl/SubjectParser.java
+++ b/impl/src/main/java/org/glassfish/soteria/authorization/spi/impl/SubjectParser.java
@@ -514,7 +514,8 @@ private Principal getVendorCallerPrincipal(Principal principal, boolean isEjb) {
                 break;
         }
 
-        if (CallerPrincipal.class.isAssignableFrom(principal.getClass())) {
+        // do not require a principal from EJBContext to be assignable from CallerPrincipal
+        if (isEjb || CallerPrincipal.class.isAssignableFrom(principal.getClass())) {
             return principal;
         }