Okay, so I'm designing a stand-alone web service (using RestLET as my framework). My application is divided in to 3 layers:

• Data Layer (just above the database, provides APIs for connecting to/querying database, and a database object)
• Object layer (responsible for serialization from the data layer... provides objects which the client layer can use without worrying about database)
• Client layer (This layer is the RestLET web service... basically just creates objects from the object layer and fulfills webservice request)

Now, for each object I create in the object layer, I want to use different credentials (so I can sandbox each object...). The object layer should not know the exact credentials (IE the login/pw/DB URL etc).

What would be the best way to manage this? I'm thinking that I should have a super class Database object in my data layer... and each subclass will contain the required log-in information... this way my object layer can just go Database db = new SubDatabase(); and then continue using that database.

On the client level, they would just be able to go ItemCollection items = new ItemCollection(); and have no idea/control over the database that gets connected.

I'm asking this because I am trying to make my platform extensible, so that others can easily create services off of my platform.

If anyone has any experience with these architectural problems or how to manage this sort of thing I'd appreciate any insight or advice...

Feel free to ask questions if this is confusing. Thanks!

My platform is Java, the REST framework I'm using is RestLET, my database is MySQL.