Hey I am having trouble connecting to an SQL Server with Java code that is running on Linux.
If I set integratedSecurity=true, then the java code fails with the following error:
WARNING: Failed to load the sqljdbc_auth.dll cause : no sqljdbc_auth in java.library.path
com.microsoft.sqlserver.jdbc.SQLServerException: This driver is not configured for integrated authentication. ClientConnectionId:b030b480-453d-4007-8151-a552150f74cd
which makes sense as there will be no sqljdbc.dll file on Linux.
But if I set integratedSecurity=false, then I get the following error:
com.microsoft.sqlserver.jdbc.SQLServerException: Login failed for user 'IT_DEV_USER'.
So does anyone know how I can connect to SQL Server with integratedSecurity set to false? (Note that I cant even connect when the Java code is running on Windows when integratedSecurity is set to false.)
If not, is there any way I can get integratedSecurity working on Linux?
If you want to use integrated security and using JDBC Driver 4.0 or greater then you add the following in your jdbc connection string.
integratedSecurity=true;authenticationScheme=JavaKerberos
More information: http://blogs.msdn.com/b/psssql/archive/2015/01/09/jdbc-this-driver-is-not-configured-for-integrated-authentication.aspx
Adding authenticationScheme=JavaKerberos works for me in Linux, but make sure to remove integratedSecurity=true since you are not using Windows.
You can't use integratedSecurity feature from Linux system, as it tied to windows system and uses your windows authentication. However, if you enable both SQL Server and Windows Authentication mode on your SQL Server, then you can create a login, map to corresponding database and use it in java from Linux.
To enable SQL Server authentication:
Right click on your server in management studio
Properties
Security
Server authentication -> SQL Server and Windows Authentication mode
If you dont want Integrated Security connection, then set that parameter to false and instead provide user and password in the connURL as below:
String connectionUrl = "jdbc:sqlserver://localhost:port;databaseName=DB_NAME;integratedSecurity=false;user=login_user;password=login_pwd;";
Related
I am currently investigating how to make a connection to a SQL Server database from my Java EE web application using Windows Authentication instead of SQL Server authentication. I am running this app off of Tomcat 6.0, and am utilizing the Microsoft JDBC driver. My connection properties file looks as follows:
dbDriver = com.microsoft.sqlserver.jdbc.SQLServerDriver
dbUser = user
dbPass = password
dbServer = localhost:1433;databaseName=testDb
dbUrl = jdbc:sqlserver://localhost:1433
I have zero problems with connecting to a SQL Server database in this fashion when using SQL Server authentication.
Is there any way I can retrieve the credentials of the user's Windows Authentication and use that authentication for SQL Server?
UPDATE: I know in ASP.net there is a way to set up Windows Authentication for access to the webapp, which is exactly what I am looking for, except I want to pass that token off to SQL Server for access to the database.
I do not think one can push the user credentials from the browser to the database (and does it makes sense ? I think not)
But if you want to use the credentials of the user running Tomcat to connect to SQL Server then you can use Microsoft's JDBC Driver.
Just build your JDBC URL like this:
jdbc:sqlserver://localhost;integratedSecurity=true;
And copy the appropriate DLL to Tomcat's bin directory (sqljdbc_auth.dll provided with the driver)
MSDN > Connecting to SQL Server with the JDBC Driver > Building the Connection URL
look at
http://jtds.sourceforge.net/faq.html#driverImplementation
What is the URL format used by jTDS?
The URL format for jTDS is:
jdbc:jtds:<server_type>://<server>[:<port>][/<database>][;<property>=<value>[;...]]
...
domain
Specifies the Windows domain to authenticate in. If present and the user name and password are provided, jTDS uses Windows (NTLM) authentication instead of the usual SQL Server authentication (i.e. the user and password provided are the domain user and password). This allows non-Windows clients to log in to servers which are only configured to accept Windows authentication.
If the domain parameter is present but no user name and password are provided, jTDS uses its native Single-Sign-On library and logs in with the logged Windows user's credentials (for this to work one would obviously need to be on Windows, logged into a domain, and also have the SSO library installed -- consult README.SSO in the distribution on how to do this).
This actually works for me:
Per the README.SSO that comes with the jtdsd distribution:
In order for Single Sign On to work, jTDS must be able to load the native SPPI library ntlmauth.dll. Place this DLL anywhere in the system path (defined by the PATH system variable) and you're all set.
I placed it in my jre/bin folder
I configured a port dedicated the sql server instance (2302) to alleviate the need for an instance name - just something I do. lportal is my database name.
jdbc.default.url=jdbc:jtds:sqlserver://192.168.0.147:2302/lportal;useNTLMv2=true;domain=mydomain.local
Unless you have some really compelling reason not to, I suggest ditching the MS JDBC driver.
Instead, use the jtds jdbc driver. Read the README.SSO file in the jtds distribution on how to configure for single-sign-on (native authentication) and where to put the native DLL to ensure it can be loaded by the JVM.
I was having issue with connecting to MS SQL 2005 using Windows Authentication. I was able to solve the issue with help from this and other forums. Here is what I did:
Install the JTDS driver
Do not use the "domain= " property in the jdbc:jtds:://[:][/][;=[;...]] string
Install the ntlmauth.dll in c:\windows\system32 directory (registration of the dll was not required) on the web server machine.
Change the logon identity for the Apache Tomcat service to a domain User with access to the SQL database server (it was not necessary for the user to have access to the dbo.master).
My environment:
Windows XP clinet hosting Apache Tomcat 6 with MS SQL 2005 backend on Windows 2003
I am trying to connect to a db2 database in Java. Below the driver and the connection string and the driver details i am giving
Class.forName("COM.ibm.db2.jdbc.net.DB2Driver");
String url="jdbc:db2://hostname:portnumber/databasename";
sourceConnection=DriverManager.getConnection(url,"username","password");
But I am getting the below exception
"COM.ibm.db2.jdbc.DB2Exception: [IBM][JDBC Driver] CLI0615E Error receiving from socket, server is not responding. SQLSTATE=08S01"
I also tried changing the connection string to
String url="jdbc:db2:hostname:portnumber/databasename";
Still it is resulting the same exception above while trying to get the Connection.
And i have tried the below option also using JDBC app driver
Class.forName("COM.ibm.db2.jdbc.app.DB2Driver");
DB2DataSource db2ds = new DB2DataSource();
db2ds.setServerName("hostname");
db2ds.setPortNumber(portnumber);
db2ds.setDatabaseName("databasename");
db2ds.setUser("username");
db2ds.setPassword("password");
sourceConnection=db2ds.getConnection();
For the above two connection I used the jar "db2java.jar"
And i have tried using the JCC driver:
Class.forName("com.ibm.db2.jcc.DB2Driver");
String url="jdbc:db2://hostname:portnumber/databasename";
sourceConnection=DriverManager.getConnection(url,"username","password");
For this connection i have added the below jars
1)db2jcc.jar
2)db2jcc_license_cu.jar
This time around I am getting the below error,
"com.ibm.db2.jcc.am.go: [jcc][t4][201][11237][3.57.82] Connection authorization failure occurred.
Reason: Security mechanism not supported. ERRORCODE=-4214, SQLSTATE=28000"
I tried to connect to the same db2 source using "Quest for DB2" tool and the connection was successful.
Am i missing something in the code and is it a problem with DB2 drivers or connection string?
Can someone please guide me.
Thanks in advance.
Cause:
If the DB2® instance where InfoSphere Optim Performance Manager is running has the authentication configuration parameter set to DATA_ENCRYPT, you cannot log in to the web console.
Resolving the problem:
Do the following steps:
On the DB2 instance where Optim Performance Manager is running, set the authentication configuration parameter to SERVER by issuing the following command:
db2 update dbm cfg using authentication server
Restart the DB2 instance and InfoSphere Optim Performance Manager.
For more details visit here.
Your first two attempts were not supposed to work. You're using the JCC driver URL format, so it wouldn't be valid for either "net" or "app" drivers, which are deprecated anyway.
Use the JCC driver (com.ibm.db2.jcc.DB2Driver) and the URL format of "jdbc:db2://hostname:portnumber/databasename" and see this technote for the solution to the "Security mechanism not supported" problem. In short, you need to use a supported JDK.
i'm trying to connect to a newly installed SQLServer instance by my java application using jdbc.
When i try to open a connection the server return this error:
com.microsoft.sqlserver.jdbc.SQLServerException: Login failed for user 'sa'.
Error Stack trace:
com.microsoft.sqlserver.jdbc.SQLServerException: Login failed for user 'sa'. at
com.microsoft.sqlserver.jdbc.SQLServerException.makeFromDatabaseError(SQLServerException.java:197) at
com.microsoft.sqlserver.jdbc.TDSTokenHandler.onEOF(tdsparser.java:246)
I've already enabled "SQL Server and Windows Authentication mode" option.
I also tried to connect to the database server with SquirreL but i had the same problem, but with SQL Server Management Studio i can connect to the db.
I have a SQLServer 2008 R2 express, jdk 6u41 and sqljdbc4.jar JDBC connectors.
I've tried the same application in an environment with SQLServer 2008 R2 express, jdk 6u33 and sqljdbc4.jar JDBC connectors and it work fine.
Are there some SQL server configuration that i need to modify?
I think, you have configured the SQL Server in Windows Authentication mode on the time of installation but, changing the settings in the program would not change it from Windows Authentication mode.
Can you do one thing? Remove the SQL Server 2008 and all related programs from your machine and install a fresh copy, this time with SQL Server Authentication. It will work...
I trying to test the connection with my local sql DB. I have this code:
try{
Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver").newInstance();
DriverManager.getConnection("jdbc:sqlserver://localhost:1433;databaseName=SocialFamilyTree;user=SOSCOMP");
}catch(Exception e){
System.out.println("Couldn't get database connection.");
e.printStackTrace();
}
I tried many users. my windows user is SOSCOMP and doesn't have a password. I also know that SQL 2008 create users as "sys" "dbo", I tried these too. I'm always getting:
Couldn't get database connection.
com.microsoft.sqlserver.jdbc.SQLServerException: Login failed for user 'SOSCOMP'.
at com.microsoft.sqlserver.jdbc.SQLServerException.makeFromDatabaseError(SQLServerException.java:196)
at com.microsoft.sqlserver.jdbc.TDSTokenHandler.onEOF(tdsparser.java:246)
at com.microsoft.sqlserver.jdbc.TDSParser.parse(tdsparser.java:83)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.sendLogon(SQLServerConnection.java:2532)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.logon(SQLServerConnection.java:1929)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.access$000(SQLServerConnection.java:41)
at com.microsoft.sqlserver.jdbc.SQLServerConnection$LogonCommand.doExecute(SQLServerConnection.java:1917)
at com.microsoft.sqlserver.jdbc.TDSCommand.execute(IOBuffer.java:4026)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.executeCommand(SQLServerConnection.java:1416)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.connectHelper(SQLServerConnection.java:1061)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.login(SQLServerConnection.java:833)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.connect(SQLServerConnection.java:716)
at com.microsoft.sqlserver.jdbc.SQLServerDriver.connect(SQLServerDriver.java:841)
at java.sql.DriverManager.getConnection(DriverManager.java:579)
at java.sql.DriverManager.getConnection(DriverManager.java:243)
at FT_Receiver.FT_Receiver.main(FT_Receiver.java:12)
Any ideas?
Thanks
If you try to connect with database which is using windows authentication, you can use 'integratedSecurity' option in your connection string.
DriverManager.getConnection("jdbc:sqlserver://localhost:1433;databaseName=SocialFamilyTree;integratedSecurity=true;");
Having been through this very recently the steps I took to solve pretty much the same problem were
use SQL Server Management Studio to log in with the desired account and confirm access to read (and write if necessary)
Use SQL Server Configuration Manager to confirm that the server instance is listening on the IP address being targetted
Disable the firewall to check that isn't getting in the way (and add an exception if necessary for future use)
The absolute kicker for me was understanding what IP addresses and ports the instance was set to listen on so that when I constructed the connection string the connection wasn't being rejected.
Also, if you want to connect using Windows logins you need to ensure the SQL instance is configured for mixed mode authentication (i.e. to allow Windows and SQL logins)
Since you get this error,the Sql server correctly listens to the port.
Open Sql Server Management Studio connect to your Server.
right click on the server's icon and choose properties.
Go to the security tab and tick Sql Server and Windows
Authentication mode.
If you want to define a user,go from the tree, to Security->Logins,right click on logins folder and click "New Login".
Now your server should work with this Url String.
Use the log file of the Server that may help you understand its working.
Re: Did it. still WARNING: Failed to load the sqljdbc_auth.dll cause :- no sqljdbc_auth in java.library.path – Mike Oct 7 at 14:03
you have to add the path to sqljdbc_auth.dll by adding this under VM arguments in Eclipse or commandline if you're running from the shell:
-Djava.library.path="\MS SQL Server JDBC Driver 3.0\sqljdbc_3.0\enu\auth\x86"
that's if you're running 32 bit Windows. else the final subdir changes accordingly.
I think this might be a better answer though, to setting up SQL Server user based authentication:
Connecting SQL Server 2008 to Java: Login failed for user error
(I try to summarize it here: http://silveira.wikidot.com/sql-server)
I also faced the same issue, In my case the following things are configured wrongly
Two SQL (versions) servers are running in my system --> Sol: Please check ourselves which server we are pointing.
Ports are configured as dynamic --> Sol: we should set port 1433 and dynamic port should be 0, if we are connected to specific port.
While creating the new login (user) I have selected the option " change password after first login "--> Sol: we should not select this option while creating the new login, if we are trying connecting from some other service like Openfire.
Is it possible to connect to SQL Server using Windows authentication/integrated security from a Mac? I am using the type 4 JDBC driver provided by Microsoft. The front end (a form application) is coded in Java. Everything works perfectly on Windows but one person in the office uses a Mac.
Is this possible? FYI, I have never used Macs so I am very much the novice with them. I have searched all over the Internet but have not found a solution.
Thank you in advance.
This information is hard to come by in my experience. All of my searches turned up wrong (outdated) information since Microsoft changed the rules and added the authenticationScheme parameter. In the interest of helping the next person, here is an example of a connection string that works:
jdbc:jtds:sqlserver://123.123.123;instance=server1;databaseName=students;integratedSecurity=true;authenticationScheme=JavaKerberos
Also in driver properties set "Domain". Do not include the domain in any user name setting.
This was tested using Squirrel SQL (Java) with jtds on Mac OSX. Hopefully the previous sentence has the search terms someone might use who needs to know this information.
Using Kerberos Integrated Authentication to Connect to SQL Server
Beginning in Microsoft JDBC Driver 4.0 for SQL Server, an application
can use the authenticationScheme connection property to indicate that
it wants to connect to a database using type 4 Kerberos integrated
authentication.
The jTDS JDBC driver for SQL Server supports Windows authentication simply using the domain property as described in the FAQ.
domain
Specifies the Windows domain to authenticate in. If present and the user name and
password are provided, jTDS uses Windows (NTLM)
authentication instead of the usual SQL Server authentication (i.e.
the user and password provided are the domain user and password). This
allows non-Windows clients to log in to servers which are only
configured to accept Windows authentication.
If the domain parameter is present but no user name and password are provided, jTDS uses its native Single-Sign-On library and logs in
with the logged Windows user's credentials (for this to work one would
obviously need to be on Windows, logged into a domain, and also have
the SSO library installed -- consult README.SSO in the distribution on
how to do this).
I use jTDS on a mac (10.9).
Using this driver you need to specify the username and password like always, the only difference is that you need to specify domain=WHATEVERTHENTDOMAIN in the connection string (or connection properties if you rather).
So a sample connection string is:
jdbc:jtds:sqlserver://db_server:1433/DB_NAME;domain=NT_DOMAIN_NAME
The jTDS driver then uses NTLM to login to the specified domain with the username and password.
This is an old post but may be relevant for some people. See this other SO post that describes how to connect to a SQL Server with Windows Authentication from a Linux machine through JDBC. This will work on mac as well.
jTDS is inferior to Microsoft's JDBC driver (in particular, it cannot figure out the types of parameters in a prepared statement)
Yes, you can authenticate to MS SQL Server using Active Directory authentication, as Active Directory is just Kerberos + LDAP, which are open source and implemented on Mac
Kerberos config /etc/krb5.conf :
[libdefaults]
default_realm = YOUR_REALM.NET
[realms]
YOUR_REALM.NET = {
kdc = host.your-domain.net
}
I needed to use the fully qualified domain name of the KDC, not just the domain name
JDBC Connection String:
jdbc:sqlserver://$host;database=$db;integratedSecurity=true;authenticationScheme=JavaKerberos
If $host does not have an SPN of MSSQLSrv/$host, add serverSp=$SPN to the JDBC connection string
It is not correct to say that one driver can determine the data types and another driver can't. Any driver has to look at the implied type based on the arguments passed. Both jTDS and Microsoft's driver do this. This is a limitation of the protocol - the database cannot tell the driver which type is correct, because in many queries it can't know what you intend.
In each version, jTDS and Microsoft's driver each have different issues and different advantages. The "best" choice depends on exactly which version of each you look at, and exactly what your needs are. I've had to switch back and forth as different versions come out - Microsoft breaking in a certain way, then later adding something I wanted.
The following connection string worked for me
jdbc:jtds:sqlserver://server_name:port_name;useLOBs=false;databaseName=db_name;useNTLMv2=true;domain=domain_name;
I'm using jTDS 1.3.2 and SQuirreL SQL Client.