SourceForge has been redesigned. Learn more.
Close

#101 Kerberos Authentication

v1.3
closed
momo
None
7
2013-06-08
2009-02-04
BruceS
No

I previously submitted this patch under a different SF account as patch #1579599. That patch was not created against a tagged version of jtds so it was difficult to apply to the source.

This patch is for the 1.2.2 release.

The jTDS Kerberos implementation comprises three main
changes to the jTDS code:
1. A new class net.sourceforge.jtds.jdbc.JtdsGSS.
2. Changes to a few lines of the
TdsCore.sendMSLoginPkt method.
3. Addition of a new property - "useKerberos"
(boolean) - I used the "useNTLMV2" property as an
example (i.e. changes to Driver, JtdsDataSource,
Messages.properties etc.).

Documentation is in ./html/kerberos.html.

Discussion

  • BruceS

    BruceS - 2009-02-04

    JtdsGSS unified diff patch for 1.2.2

     
  • momo

    momo - 2010-04-19

    This feature has been requested a number of time, maybe there is a Java 1.3 compliant solution?

     
  • momo

    momo - 2012-08-22
    • milestone: --> v1.3
     
  • momo

    momo - 2013-06-08
    • status: open --> closed
     
  • momo

    momo - 2013-06-08

    Kerberos support has been added with jTDS 1.3.1.

     
    • Comment has been marked as spam. 
      Undo

      You can see all pending comments posted by this user  here

      Anonymous

      Anonymous - 2013-07-22

      Great to know jTDS1.3.1 supporting kerberos, but there is one problem about using it in cross realm, described as follows.

      1. SQLServer runs on realm under foo.com, with pricipal name MSSQLSvc/host:port@foo.com
      2. but the client runs on bar.com
      3. jTDS always picks up the default realm to construct service principal name, which is MSSQLSvc/host:port@bar.com

      as a result, the principal used to get service ticket will be MSSQLSvc/host:port@bar.com instead of MSSQLSvc/host:port@foo.com, so authentication would fail with error message "No server found in database"

      For fixing this issue, would you please add one property to let user specifying SQLServer principal name from outside, just taking it as the common property as host or port.

       

Anonymous
Anonymous

Cancel  Add attachments