It depends on your resource-adapter (RA) implementation. The pools are smart to use single RA connection across various (Teiid) user queries, but in this scenario, they are using a single credential to the authenticate (if authentication is in play) to the data source. If you are looking at the different connection for different users i.e. credential flow, then you need to look into "securitydomain" definition on the resource-adapter. Depending upon the type of RA and authentication type it may be that you need handle certain parts of the passing of credentials in the RA.
Thanks again, Ramesh. I believe the security-domain does the job.
I found that example and it seems to work for my resource adapter.
<security-domain name="my-security-domain" cache-type="default">
<login-module code="org.picketbox.datasource.security.CallerIdentityLoginModule" module="org.picketbox" flag="required">
<module-option name="password-stacking" value="useFirstPass"/>
<module-option name="userName" value="guest"/>
<module-option name="password" value="guest"/>