I have MS SQL setup with default instance in Windows authentication mode. Also I have Kerberos implemented with ServerSpn
as MSSQlSvc.
I am trying to access the SQL Server remotely from my Java client on a Windows OS.
The Java client is executed with following JVM Paramters:
-Djava.security.auth.login.config=path_to_file/client.conf
-Djava.security.krb5.conf=path_to_file/krb5.ini
The URL I am using looks like follows:
jdbc:sqlserver://MSSQLSvc/FQDN_OF_SQL_Server:PORT;integratedSecurity=true;authenticationScheme=JavaKerberos
But I am getting the following error:
com.microsoft.sqlserver.jdbc.SQLServerException: The TCP/IP connection to the host MSSQLSvc/FQDN_OF_SQL_Server, port 1433 has failed. Error: "null. Verify the connection properties. Make sure that an instance of SQL Server is running on the host and accepting TCP/IP connections at the port. Make sure that TCP connections to the port are not blocked by a firewall.". at com.microsoft.sqlserver.jdbc.SQLServerException.makeFromDriverError(SQLServerException.java:191) at com.microsoft.sqlserver.jdbc.SQLServerException.ConvertConnectExceptionToSQLServerException(SQLServerException.java:242) at com.microsoft.sqlserver.jdbc.SocketFinder.findSocket(IOBuffer.java:2293) at com.microsoft.sqlserver.jdbc.TDSChannel.open(IOBuffer.java:506) at com.microsoft.sqlserver.jdbc.SQLServerConnection.connectHelper(SQLServerConnection.java:1523) at com.microsoft.sqlserver.jdbc.SQLServerConnection.login(SQLServerConnection.java:1204) at com.microsoft.sqlserver.jdbc.SQLServerConnection.connectInternal(SQLServerConnection.java:1040) at com.microsoft.sqlserver.jdbc.SQLServerConnection.connect(SQLServerConnection.java:554) at com.microsoft.sqlserver.jdbc.SQLServerDriver.connect(SQLServerDriver.java:1019) at java.sql.DriverManager.getConnection(Unknown Source) at java.sql.DriverManager.getConnection(Unknown Source) at microsoftJdbcDriver.getConnection(microsoftJdbcDriver.java:32) at microsoftJdbcDriver.displayDbProperties(microsoftJdbcDriver.java:51) at microsoftJdbcDriver.main(microsoftJdbcDriver.java:93)
The client.conf
file:
SQLJDBCDriver {
com.sun.security.auth.module.Krb5LoginModule required
useTicketCache=true
doNotPrompt=true
};
The kb5.ini
:
[libdefaults]
default_realm = MYDOMAIN.COM
clockskew = 300
[realms]
MYDOMAIN.COM = {
kdc = MYDOMAIN.COM
admin_server = MYDOMAIN.COM
}
[domain_realm]
.domain.com = MYDOMAIN.COM
domain.com> = <MYDOMAIN.COM
[appdefaults]
autologin = true
forward = true
forwardable = true
encrypt = true'
Also note:
- The firewall is not an issue the same thing works well with native
authentication, using
sql_auth.dll
. - The SQL Management Studio can also access the instance