Hi, I am Pulkit!
Designer.
Developer.
Dreamer.
Jack of all Trades
Breadth of Software Development
Depth of Artificial Intelligence
Master of One
22 year young Computer Science Engineer building AI for the future. Working towards a MS in Computer Science from The Ohio State University pursuing research in developing better Dialogue Systems.
How to specify Kerberos credentials cache file for JDBC SQL Server driver
What is Kerberos Authentiction?
Kerberos authentication is a network authentication protocol that provides a secure method for users and services to authenticate each other over a non-secure network. It relies on a trusted third party, known as the Key Distribution Center (KDC), to facilitate authentication between clients and servers without transmitting passwords over the network. Kerberos uses tickets to prove the identity of users and services, helping to prevent unauthorized access and protect sensitive information.
How is it useful?
Kerberos authentication enables passwordless access to a resource. This is made possible through credential caches created by authenticating with a ticket granting authority. When connecting to a database via Kerberos authentication, you must specify a credential cache file to be used.
How to specify which cCache file to use?
The SQLServer JDBC driver does not expose a method to set the path to the credentials cache file that should be used for making the connection. Oracle JDBC drivers uses a system/driver property "oracle.net.kerberos5_cc_name" to set the credentials cache path. Internally the SQLServer driver refers to the same property value to locate the cache file.
By setting this property, you can specify a path to the credential cache file for Oracle JDBC as well as MSSQL JDBC drivers.
Example:
This is extremely useful in scenarios where you have multiple cCache files and need to specify which one to chose for a DB connection.
References:
- Using Kerberos Authentiction to connection to SQL Server
- MSSQL JDBC Driver source code
- ORACLE JDBC Constant Values