Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.

Close

#711 Kerberos Cross Realm Issue

v1.3
open
momo
kerberos (1)
3
2013-07-27
2013-07-27
Adams
No

Great to know jTDS1.3.1 supporting kerberos, but there is one problem about using it in cross realm, described as follows.
SQLServer runs on realm under foo.com, with pricipal name MSSQLSvc/host:port@foo.com
but the client runs on bar.com
jTDS always picks up the default realm to construct service principal name, which is MSSQLSvc/host:port@bar.com
as a result, the principal used to get service ticket will be MSSQLSvc/host:port@bar.com instead of MSSQLSvc/host:port@foo.com, so authentication would fail with error message "No server found in database"
For fixing this issue, would you please add one property to let user specifying SQLServer principal name from outside, just taking it as the common property as host or port.

Discussion