Kerberos authentication using JTDS

[AP]

Can someone help me in which version of JTDS jar , the kerberos support was added? I am checking through many posts but still I could not get a clear info.

Also if possible please post a sample code of kerberos in JTDS. Appreciating your help! Thanks

[Bernd Eckenfels]

Why would you want to use any version older than 1.3.1? Anyway, the Kerberos readme was added in 2.x and since this is not yet available it was backported to 1.3.x here: https://sourceforge.net/p/jtds/code/1236/ which is not included in 1.3.0

[AP]

I am using below code with jtds-1.3.1.jar and getting some error

try {
           String filePath = System.getProperty("user.dir") + File.separator + "KerberosConfDir";
           Driver d = (Driver)Class.forName("net.sourceforge.jtds.jdbc.Driver").newInstance();
           System.setProperty("java.security.krb5.debug", "true");
           System.setProperty("java.security.auth.login.config", filePath+File.separator+"login.conf");
           System.setProperty("java.security.krb5.conf", filePath+File.separator+"krb5.ini");
           System.setProperty("javax.security.auth.useSubjectCredsOnly", "true");
           Properties dbConProp = new Properties();
           dbConProp.setProperty("user",user);
           dbConProp.setProperty("password",pwd);
           String connectionUrl = "jdbc:jtds:sqlserver://"+hostName+":"+port+"/master;instance="+instanceName+";domain="+mydomain+";useNTLMv2=true;useKerberos=true;";
           con = d.connect(connectionUrl, dbConProp);
           rs = con.createStatement().executeQuery("select auth_scheme from sys.dm_exec_connections where session_id=@@spid");
           if(rs.next()) {
               System.out.println("auth_scheme : "+rs.getString("auth_scheme"));
               if(rs.getString("auth_scheme").equalsIgnoreCase("KERBEROS")) {
                   System.out.println("%%%%%%%%%%%%%%%%%%%%%%  JTDS : KERBEROS Connection successful %%%%%%%%%%%%%%%%%%%%%%");
               } else {
                   System.out.println("%%%%%%%%%%%%%%%%%%%%%%  JTDS : KERBEROS Connection failed %%%%%%%%%%%%%%%%%%%%%%");
               }
           }
        } catch (Exception exp) {
            exp.printStackTrace();
        } finally {
            try {
                if(rs != null) {
                    rs.close();
                }
            } catch(Exception e) {
               e.printStackTrace();
            }
            try {
                if(con != null) {
                    con.close();
                }
            } catch(Exception e) {
                e.printStackTrace();
            }
        }

---

Debug is true storeKey true useTicketCache true useKeyTab true doNotPrompt true ticketCache is null isInitiator true KeyTab is C:/Users/XYZ/KerberosConfDir/app1.keytab refreshKrb5Config is false principal is http/annapoorani.mse2.com tryFirstPass is false useFirstPass is false storePass is false clearPass is false
Acquire TGT from Cache
Principal is http/user.domain.com@DOMAIN.COM
null credentials from Ticket Cache
[Krb5LoginModule] authentication failed
Pre-authentication information was invalid (24)
java.sql.SQLException: I/O Error: GSS Failed: No valid credentials provided (Mechanism level: Attempt to obtain new INITIATE credentials failed! (null))
at net.sourceforge.jtds.jdbc.TdsCore.login(TdsCore.java:654)
at net.sourceforge.jtds.jdbc.JtdsConnection.<init>(JtdsConnection.java:371)
at net.sourceforge.jtds.jdbc.Driver.connect(Driver.java:184)
at JDBCKerberosTest.main(JDBCKerberosTest.java:84)
Caused by: java.io.IOException: GSS Failed: No valid credentials provided (Mechanism level: Attempt to obtain new INITIATE credentials failed! (null))
at net.sourceforge.jtds.jdbc.TdsCore.sendMSLoginPkt(TdsCore.java:1976)
at net.sourceforge.jtds.jdbc.TdsCore.login(TdsCore.java:617)
... 3 more</init>

Please help me on this