I don't think that you will be able to 100% assure that a customer will be unable to copy, adapt and run your application to another server. First, an ear file is just a ZIP file, and classes inside are also easy to decompile and compile again, even if the EAR would be signed. So a lot of space to do some funny business :)
If you just wish to protect the customer from "accidentally" deploy your EAR on a second server, a first, easy and cheap step could be to link/insert the predicted host name (perhaps even the ip address) during the stage phase to a manifest or even java file (to make things more static). Then add an once initialized, later cached interceptor around all methods you would like to protect and check the local system (ie with InetAddress.getLocalHost()) against your preconfigured & linked host information. Still, very weak :/