I have jboss2.4.4_Tomcat4.0.1 set up with jaas based authentication (database login module) and ssl. Normally this is great, but I have an additional requirement that all database access be logged and audited (using the build in funtionality of oracle). This means that the user must login to the db as themselves (not as the default user of the connection pool). Well this also seems easy enough ecept I need to be able to access the username and password that the user logged into the application with to log them into the database through the connection pool with Datasource.getconnection(username,password) from jdbc (I'm doing mostly BMP).

Thus, I would like to be able to access the Subject for the current caller and obtain the username and password Principals from it and from within the ejb (so I can keep all of this on the server side and separate from the client, so I can hook up a web client or Gui with out specialized code).

Is this possible? If so how do I do this? Is there an alternative way to get this same effect (each user loggin ito the database as themselves not the database pool username)?

Thanks in advance...
Mike