However, while my driver is being loaded by JBoss and is referenced in my -ds.xml file, it doesn't actually seem to be getting used. It is also being initialized with the hsqldb URL instead of the one in my -ds.xml file.
I don't understand this clearly, you need to explain it in detail.
You application can read the password from the jca MBean e.g
[vicky@posh bin]$ ./twiddle.sh -u admin -p admin invoke jboss.jca:name=DefaultDS,service=ManagedConnectionFactory getManagedConnectionFactoryAttribute userName sa
For password you need to replace userName with password !
For our application, the password can and does change. Part of the design included some audit requirement that restrict developers from having access on the production system. However, sometimes we are granted temporary access in order to diagnose problems. The database password is stored in an external file controlled by the DBA. When our temporary access is revoked, the password is changed. Our application (not JBoss) uses a Hibernate ConnectionProvider to wrap the datasource (which is just an extended Oracle pooled datasource) to change all getConnection(user,password) into getConnection(user,lookupPassword(user))
There are other details like interlocking access to the password file (multiple readers, single writer) to avoid race conditions on reading the password and establishing a connection, but the above is the main issue. The password is not under application/developer control, it needs to be read from an external resource and can and does change.
So what I need is some way to do the equivalent of our current non-JBoss setup, grabbing the password from this external resource (file) every time I need to open a new connection.
You need to write a JCA JAAS login module that retrieves the subject from your file,
configure it in conf/login-config.xml and then reference it using the <security-domain> in your -ds.xml
There isn't one that explicitly does what you want, but they aren't that difficult to write - current impls are here:
I am having the same issue as
I need to instantiate a data source connection pool with a proxy user and at the session level switch the connection on behalf of the authenticated user.
I have a jaas security realm implmentation to create a custom principle,
I have a custom driver that wraps an oracle oci driver in order to inject properties from the custom principal configured in a a datasource
the issue is that the custom jdbc driver when set in a -ds.xml is ignored and the driver-url is the only element used to make the connection. The custom driver is never loaded.
I am using Pete Bennett's example in
http://community.jboss.org/wiki/IntegratingOracleVPDandJBoss with a custom JAAS realm
I have tried JBOSS 4.2 with JDK 1.6 on solaris
as well as JBOSS 5.0 with JDK 1.6 on solaris
The realm works, the datasource works, the application works, a custom jsp page can interrogate the underlying connection to see that it is a WrappedConnection but the driver never loads and worse yet never errors out
I see the reference to a jms /jca configuration and I have tried to set up the message queue but I don't see how it applies to the problem Roland and I are encountering. Is there a more fleshed out discussion regarding interrogating a principle to inject it's properties to the datasource driver?