具有 Kerberos 身份验证和 ServerSpn 的 Microsoft JDBC 驱动程序 URL
Microsoft JDBC driver URL with Kerberos authentication and ServerSpn
我在 Windows 身份验证模式下使用默认实例设置了 MS SQL。我还使用 ServerSpn 作为 MSSQlSvc.
实现了 Kerberos
我正在尝试从我在 Windows OS 上的 Java 客户端远程访问 SQL 服务器。
Java 客户端使用以下 JVM 参数执行:
-Djava.security.auth.login.config=path_to_file/client.conf
-Djava.security.krb5.conf=path_to_file/krb5.ini
我正在使用的 URL 如下所示:
jdbc:sqlserver://MSSQLSvc/FQDN_OF_SQL_Server:PORT;integratedSecurity=true;authenticationScheme=JavaKerberos
但我收到以下错误:
com.microsoft.sqlserver.jdbc.SQLServerException: The TCP/IP connection
to the host MSSQLSvc/FQDN_OF_SQL_Server, port 1433 has failed. Error: "null.
Verify the connection properties. Make sure that an instance of SQL
Server is running on the host and accepting TCP/IP connections at the
port. Make sure that TCP connections to the port are not blocked by a
firewall.". at
com.microsoft.sqlserver.jdbc.SQLServerException.makeFromDriverError(SQLServerException.java:191)
at
com.microsoft.sqlserver.jdbc.SQLServerException.ConvertConnectExceptionToSQLServerException(SQLServerException.java:242)
at
com.microsoft.sqlserver.jdbc.SocketFinder.findSocket(IOBuffer.java:2293)
at com.microsoft.sqlserver.jdbc.TDSChannel.open(IOBuffer.java:506)
at
com.microsoft.sqlserver.jdbc.SQLServerConnection.connectHelper(SQLServerConnection.java:1523)
at
com.microsoft.sqlserver.jdbc.SQLServerConnection.login(SQLServerConnection.java:1204)
at
com.microsoft.sqlserver.jdbc.SQLServerConnection.connectInternal(SQLServerConnection.java:1040)
at
com.microsoft.sqlserver.jdbc.SQLServerConnection.connect(SQLServerConnection.java:554)
at
com.microsoft.sqlserver.jdbc.SQLServerDriver.connect(SQLServerDriver.java:1019)
at java.sql.DriverManager.getConnection(Unknown Source) at
java.sql.DriverManager.getConnection(Unknown Source) at
microsoftJdbcDriver.getConnection(microsoftJdbcDriver.java:32) at
microsoftJdbcDriver.displayDbProperties(microsoftJdbcDriver.java:51)
at microsoftJdbcDriver.main(microsoftJdbcDriver.java:93)
client.conf 文件:
SQLJDBCDriver {
com.sun.security.auth.module.Krb5LoginModule required
useTicketCache=true
doNotPrompt=true
};
kb5.ini:
[libdefaults]
default_realm = MYDOMAIN.COM
clockskew = 300
[realms]
MYDOMAIN.COM = {
kdc = MYDOMAIN.COM
admin_server = MYDOMAIN.COM
}
[domain_realm]
.domain.com = MYDOMAIN.COM
domain.com> = <MYDOMAIN.COM
[appdefaults]
autologin = true
forward = true
forwardable = true
encrypt = true'
另请注意:
- 防火墙不是问题,同样的事情也适用于本机
身份验证,使用
sql_auth.dll。
- SQL Management Studio 也可以访问实例
我的URL不正确。令人惊讶的是,一些试验和错误奏效了:
"jdbc:sqlserver://HOST_NAME:1433;ServerSpn=MSSQLSvc/FQDN_OF_THE_HOST:1433@REALM_NAME_IN_CAPS;integratedSecurity=true;authenticationScheme=JavaKerberos;EncryptionMethod=ssl"
我在 Windows 身份验证模式下使用默认实例设置了 MS SQL。我还使用 ServerSpn 作为 MSSQlSvc.
我正在尝试从我在 Windows OS 上的 Java 客户端远程访问 SQL 服务器。
Java 客户端使用以下 JVM 参数执行:
-Djava.security.auth.login.config=path_to_file/client.conf
-Djava.security.krb5.conf=path_to_file/krb5.ini
我正在使用的 URL 如下所示:
jdbc:sqlserver://MSSQLSvc/FQDN_OF_SQL_Server:PORT;integratedSecurity=true;authenticationScheme=JavaKerberos
但我收到以下错误:
com.microsoft.sqlserver.jdbc.SQLServerException: The TCP/IP connection to the host MSSQLSvc/FQDN_OF_SQL_Server, port 1433 has failed. Error: "null. Verify the connection properties. Make sure that an instance of SQL Server is running on the host and accepting TCP/IP connections at the port. Make sure that TCP connections to the port are not blocked by a firewall.". at com.microsoft.sqlserver.jdbc.SQLServerException.makeFromDriverError(SQLServerException.java:191) at com.microsoft.sqlserver.jdbc.SQLServerException.ConvertConnectExceptionToSQLServerException(SQLServerException.java:242) at com.microsoft.sqlserver.jdbc.SocketFinder.findSocket(IOBuffer.java:2293) at com.microsoft.sqlserver.jdbc.TDSChannel.open(IOBuffer.java:506) at com.microsoft.sqlserver.jdbc.SQLServerConnection.connectHelper(SQLServerConnection.java:1523) at com.microsoft.sqlserver.jdbc.SQLServerConnection.login(SQLServerConnection.java:1204) at com.microsoft.sqlserver.jdbc.SQLServerConnection.connectInternal(SQLServerConnection.java:1040) at com.microsoft.sqlserver.jdbc.SQLServerConnection.connect(SQLServerConnection.java:554) at com.microsoft.sqlserver.jdbc.SQLServerDriver.connect(SQLServerDriver.java:1019) at java.sql.DriverManager.getConnection(Unknown Source) at java.sql.DriverManager.getConnection(Unknown Source) at microsoftJdbcDriver.getConnection(microsoftJdbcDriver.java:32) at microsoftJdbcDriver.displayDbProperties(microsoftJdbcDriver.java:51) at microsoftJdbcDriver.main(microsoftJdbcDriver.java:93)
client.conf 文件:
SQLJDBCDriver {
com.sun.security.auth.module.Krb5LoginModule required
useTicketCache=true
doNotPrompt=true
};
kb5.ini:
[libdefaults]
default_realm = MYDOMAIN.COM
clockskew = 300
[realms]
MYDOMAIN.COM = {
kdc = MYDOMAIN.COM
admin_server = MYDOMAIN.COM
}
[domain_realm]
.domain.com = MYDOMAIN.COM
domain.com> = <MYDOMAIN.COM
[appdefaults]
autologin = true
forward = true
forwardable = true
encrypt = true'
另请注意:
- 防火墙不是问题,同样的事情也适用于本机
身份验证,使用
sql_auth.dll。 - SQL Management Studio 也可以访问实例
我的URL不正确。令人惊讶的是,一些试验和错误奏效了:
"jdbc:sqlserver://HOST_NAME:1433;ServerSpn=MSSQLSvc/FQDN_OF_THE_HOST:1433@REALM_NAME_IN_CAPS;integratedSecurity=true;authenticationScheme=JavaKerberos;EncryptionMethod=ssl"