thank you for all of your help david. i spent some time this weekend looking through the jca code in jboss-all and jboss-head, and i must admit i'm a bit overwhelmed. =) there's a lot more there than i expected. i was thinking it would be a simple extension of some base class and then resolving that class in the oracle-ds.xml, but i'm not so sure that's how it works now.
i was hoping to be able and use the CallerIdentityLoginModule in order to have the user log in through JAAS (hopefully an ldap server), and then when getConnection() is called, extract that principal and call the stored procedure with that user name. the slightly misleading piece to this is that the actual connection to the database is still made as a generic accout specific in the oracle-ds.xml. here's the sequence of events that i'm trying to create (as i understand it). 1. user logs into JAAS login module to set principal (ldap in my case). 2. user queries database and BMP object calls getConnection(). 3. datasource is configured to connect to database as a specific account (using config-properties in the oracle-ds.xml) 4. before returning the connection to the BMP object, the following code needs to be executed: String sql = "BEGIN contexts.set_username( ? ) ; END ;"; stmt = connection.prepareCall(sql) ; stmt.setString(1, the_logged_in_username); stmt.execute(); return connection; if possible to use the CallerIdentityLoginModule, where can i intercept the getConnection() call and run this statement before returning the connection to the caller. if i have misunderstood how the JBossCX module operates, please feel free to clarify. thank you again. Ryan -----Original Message----- From: David Jencks [mailto:[EMAIL PROTECTED]] Sent: Friday, January 17, 2003 5:50 PM To: [EMAIL PROTECTED] Subject: Re: [JBoss-dev] Oracle specific jca adapter I would imagine this would need to be called whenever the user changes. This can be detected when getConnection is called on ManagedConnection. I'd check to see if the user has actually changed. If you implement this you should change the pooling parameter "Criteria" to "ByNothing" for this adapter because this basically means Oracle is supporting reauthentication. To actually use this feature you will need to do application managed security (bad idea IMO) (i.e. calling datasource.getConnection(user, pw)) or use a login module that supplies more than one Subject such as the CallerIdentityLoginModule. Good luck! I'll be mostly offline till monday or tuesday when I can probably answer more questions. david jencks ------------------------------------------------------- This SF.NET email is sponsored by: FREE SSL Guide from Thawte are you planning your Web Server Security? Click here to get a FREE Thawte SSL guide and find the answers to all your SSL security issues. http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0026en _______________________________________________ Jboss-development mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-development