The JCA specification lists four options for determining the resource principal when container managed sign-on is used. One of these options is Caller Impersonation, whereby the resource principal acts on behalf of the Caller principal.
I can't find any mention of Caller Impersonation in the JBOSS documentation. Is this option supported? If so, how can it be configured?
Look at conf/login-config.xml
You will see examples of using the
ConfiguredIdentity login module.
You also need to link to it in your MCF.
See the datasource examples