Posts Java kerberos SQLServer login
Post
Cancel

Java kerberos SQLServer login

Posted Jan 30, 2021 2021-01-30T11:00:00+02:00 by Rahul Chandna
Updated Aug 14, 2021 2021-08-14T14:23:34+02:00
  • All imports
1
2
3
4
5
6
7
8
9
10

import com.microsoft.sqlserver.jdbc.SQLServerDriver;

import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.PrintStream;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.Statement;
  • Maven dependency
1
2
3
4
5

<dependency>
    <groupId>com.microsoft.sqlserver</groupId>
    <artifactId>mssql-jdbc</artifactId>
    <version>9.2.0.jre11</version>
</dependency>
  • Code to generate temporary keytab file
1
2
3
4
5
6
7
8
9
10
11

    private File generateKrb5Conf() throws IOException {
        final File temporaryKrb5Conf = File.createTempFile("krb5.conf", null);
        final PrintStream printStream = new PrintStream(new FileOutputStream(temporaryKrb5Conf));
        printStream.print(String.format(
                "[libdefaults]\n" +
                        "default_realm = YOUR_ORG_DOMAIN"
        ));
        printStream.close();
        temporaryKrb5Conf.deleteOnExit();
        return temporaryKrb5Conf;
    }
  • Code to generate temporary jass login file
1
2
3
4
5
6
7
8
9
10
11

    private File generateJaasConf() throws IOException {
        final File jaasConfFile = File.createTempFile("jaas.conf", null);
        final PrintStream printStream = new PrintStream(new FileOutputStream(jaasConfFile));
        // KRB5
        //printStream.print(String.format("Krb5LoginContext { com.sun.security.auth.module.Krb5LoginModule required refreshKrb5Config=true useTicketCache=true debug=true ; };"));
        //For SQLServer Kerberos Login
        printStream.print(String.format("SQLSERVER { com.sun.security.auth.module.Krb5LoginModule required refreshKrb5Config=true useTicketCache=true debug=true ; };"));
        printStream.close();
        jaasConfFile.deleteOnExit();
        return jaasConfFile;
    }
  • Code to configure Kerberos system parameters
1
2
3
4
5
6
7

    private void configureKerberosSystemParameters() throws IOException {
        System.setProperty("java.security.krb5.conf", generateKrb5Conf().getAbsolutePath());
        System.setProperty("java.security.auth.login.config", generateJaasConf().getAbsolutePath());
        System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");
        System.setProperty("sun.security.krb5.debug", "true");
        System.setProperty("sun.security.jgss.debug", "true");
    }
  • Code to test SQLServer login
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

configureKerberosSystemParameters();

Class.forName(SQLServerDriver.class.getName());
String connectionURL = "jdbc:sqlserver://SERVER.YOUR_ORG_DOMAIN\\INSTANCE;databaseName=DBNAME;integratedSecurity=true;authenticationScheme=JavaKerberos;username=USER_NAME;password=PASSWORD";
try (Connection connection = DriverManager.getConnection(connectionURL)) {
    try (Statement statement = connection.createStatement()) {
        final String query = "SELECT COLUMN1, COLUMN2, COLUMN3 FROM [DBNAME].[dbo].[TABLE_NAME] (NOLOCK)";
        try (ResultSet resultSet = statement.executeQuery(query)) {
            System.out.println();
            System.out.println("running query: \n[\n" + query + "\n] :");
            System.out.println("");
            System.out.println("Output:");
            System.out.println();
            System.out.println("COLUMN1, COLUMN2, COLUMN3");
            while (resultSet.next()) {
                System.out.println(resultSet.getString(1) + ", " + resultSet.getString(2) + ", " + resultSet.getString(3));
            }
        }
    }
}
My Notes
java kerberos sqlserver integratedSecurity JavaKerberos
This post is licensed under CC BY 4.0 by the author.

Recent Update

Contents

Java retrieve kerberos ticket

Understanding Statistics - Research Methods Part-1