You can use the Application Deployment Descriptor editor to replace redundant or unnecessary security roles with preferred roles.
For example, you have a security role Boss that is defined in the enterprise application. The Boss security role is serving the same purpose as another security role called Manager that is gathered from the EJB module. To remove the redundancy, you can replace all usages of the role Manager with the role Boss. After the Manager role is replaced by Boss, the Manager role is removed from the application and is deleted. The Manager role is also removed from the EJB module where it was gathered from and replaced with the Boss role in the module.
To replace security roles: