JavaEE中的标准方式是让应用程序用户访问数据库并实现基于用户的访问权限通过应用程序中的角色。

The 'standard' way in JavaEE is to have an application user for accessing the database and achieve user-based access-rights through roles in your application.

如果您需要依赖现有的数据库用户，您唯一的机会是为每个用户或每个请求建立连接。然后，实体管理器会消耗一些内存，因为它被设计为应用程序的持久化上下文（因此也就是某种缓存）。

If you need to rely on existing database user, your only chance is to establish a connection per user or per request. The entity manager would then indeed consume some memory as it's designed to be your application's persistence context (and thus some sort of cache).

也许你可以做一些权衡这里通过普通JDBC访问那些真正必须基于用户的部分，以及具有扩展权限的某些应用程序用户可能执行的数据库程序和其他部分，以确保以编程方式进行必要的用户限制。

Maybe you can have some trade-off here by accessing those parts which really have to be user-based by plain JDBC and potential execution of database procedures and others by some application user with extended rights which ensures the necessary user restrictions programmatically.