I have been struggling since morning in order to try to connect my java web application to the database which is on a different system (using windows auth).
I managed to access it from my SSMS, I went to windows credentials manager and created the same credentials as of other system where the SQL server is installed, below are the details:
Now when I use the IP(192.168.2.172) in SSMS as a server name then I am able to connect using windows auth but can not access the same from my Java web app.
I am using jtds with the below string but its not working. Please help
<property name="url" value="jdbc:jtds:sqlserver://192.168.2.172:1433/realtime;useNTLMv2=true" />
I am constantly getting this error:
Caused by: java.sql.SQLException: Login failed. The login is from an untrusted domain and cannot be used with Windows authentication.
at net.sourceforge.jtds.jdbc.SQLDiagnostic.addDiagnostic(SQLDiagnostic.java:372)
at net.sourceforge.jtds.jdbc.TdsCore.tdsErrorToken(TdsCore.java:2988)
at net.sourceforge.jtds.jdbc.TdsCore.nextToken(TdsCore.java:2421)
at net.sourceforge.jtds.jdbc.TdsCore.login(TdsCore.java:649)
at net.sourceforge.jtds.jdbc.JtdsConnection.<init>(JtdsConnection.java:371)
at net.sourceforge.jtds.jdbc.Driver.connect(Driver.java:184)
at org.apache.commons.dbcp.DriverConnectionFactory.createConnection(DriverConnectionFactory.java:38)
at org.apache.commons.dbcp.PoolableConnectionFactory.makeObject(PoolableConnectionFactory.java:582)
at org.apache.commons.dbcp.BasicDataSource.valida
The Microsoft JDBC Driver for SQL Server supports Windows Auth through Kerberos on all platforms, and on Windows using Kerberos or NTLM using the Type 2 authentication dll: Connecting with integrated authentication On Windows.
Related
Thanks in advance!
I am new to gcp and am trying to use Cloud SQL Postgres.
I have a database that is created and would want to create/update/delete tables into it using either java or scala.
I am trying to use postgres-socket-factory from 'com.google.cloud.sql' package.
But while creating a connection I get an error that
"java.sql.SQLException: No suitable driver found for jdbc:postgres://google/"
Here is my code
def getConnection(url:String) : Connection = {
Class.forName("org.postgresql.Driver")
import java.sql.DriverManager
DriverManager.getConnection(url)
}
What is the means for Java/Scala clients to access db from Cloud SQL?
Yes after following instructions from comments and changing the url it worked but fails with
Caused by: java.lang.RuntimeException: Unable to obtain credentials to communicate with the Cloud SQL API
at com.google.cloud.sql.core.SslSocketFactory$ApplicationDefaultCredentialFactory.create(SslSocketFactory.java:600)
at com.google.cloud.sql.core.SslSocketFactory.getInstance(SslSocketFactory.java:147)
at com.google.cloud.sql.postgres.SocketFactory.createSocket(SocketFactory.java:91)
at org.postgresql.core.PGStream.<init>(PGStream.java:62)
at org.postgresql.core.v3.ConnectionFactoryImpl.tryConnect(ConnectionFactoryImpl.java:91)
at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:192)
at org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:49)
at org.postgresql.jdbc.PgConnection.<init>(PgConnection.java:195)
at org.postgresql.Driver.makeConnection(Driver.java:454)
at org.postgresql.Driver.connect(Driver.java:256)
... 6 more
Caused by: java.io.IOException: The Application Default Credentials are not available. They are available if running on Google App Engine, Google Compute Engine, or Google Cloud Shell. Otherwise, the environment variable GOOGLE_APPLICATION_CREDENTIALS must be defined pointing to a file defining the credentials. See https://developers.google.com/accounts/docs/application-default-credentials for more information.
at com.google.api.client.googleapis.auth.oauth2.DefaultCredentialProvider.getDefaultCredential(DefaultCredentialProvider.java:98)
at com.google.api.client.googleapis.auth.oauth2.GoogleCredential.getApplicationDefault(GoogleCredential.java:213)
at com.google.api.client.googleapis.auth.oauth2.GoogleCredential.getApplicationDefault(GoogleCredential.java:191)
at com.google.cloud.sql.core.SslSocketFactory$ApplicationDefaultCredentialFactory.create(SslSocketFactory.java:598)
... 15 more
How to address this failure?
Regards,
Most libraries on GCP use the Application Default Credentials (ADC) strategy for handling credentials. The README for this project mentions this library does as well. The Cloud SQL JDBC Socket Factory uses these credentials to authenticate the connections against your database.
The quickest way is to use gcloud auth application-default login, which will set your personal credentials as the default. However, the safest and most secure way is to create a Service Account for the application, grant it the "Cloud SQL Client" IAM role, and use GOOGLE_APPLICATION_CREDENTIALS environment variable to pass the location of the service account key to the library.
I am trying to connect to my database using JDBC driver. I have to use my another windows domain credential to connect and getting login failed error. Thought of testing it with my actual windows credential and it worked. I have used integratedSecurity = true.
String connectionUrl = "jdbc:sqlserver://server;databaseName=DB;integratedSecurity=true";
My desired connection string to use my another windows domain credential looks like the below:
String connectionUrl = "jdbc:sqlserver://server;databaseName=DB;user=domain\\user;password=test!123;"
I did the following things and in need of help:
Placed the sqljdbc_auth inside jdk/bin and jre/bin
SQL Server has been kept under the mixed auth mode (both Windows and SQL Auth).
Using my another domain ID, I tried to execute a query in MS SQL Studio and it worked.
Using the Microsoft JDBC driver, you can:
Connect with SQL Auth, using user and password
Connect with Window Auth, using integratedSecurity=true, which will use the Windows user that is running the Java program
Connect with Kerberos Auth, but that is complex to setup: Using Kerberos Integrated Authentication to Connect to SQL Server
If you want to do a simple NTLM connect using domain, user and password, then you need to use the jTDS JDBC driver.
I am using the jTDS driver in order to connect to an SQL Server database from my Android application, which uses the Windows Authentication. As advised in the FAQs, I read the READMESSO file and as told, I placed the native SPPI library (ntlmauth.dll) in the system path (defined by the PATH system variable)
However, when I try to connect to the database using the following code:
String driver = "net.sourceforge.jtds.jdbc.Driver";
Class.forName(driver).newInstance();
String connString = "jdbc:jtds:sqlserver://192.168.56.1/MyMovies;";
Conncection conn = DriverManager.getConnection(connString);
I get the following exception:
java.sql.SQLException: Single-Sign-On is only supported on Windows. Please specify a user name.
Since you are connecting from an android device, you would not be able to get the SSO credentials required by the driver to connect to SQL server. The setting you referred to works only if the java program trying to connect to the DB is on a windows machine, which is clearly mentioned by the error message.
Unless your application has authorization based on the SSO user connecting to the DB, you should have an SQL Server user-based authentication mechanism to connect to the server and all authorization procedures should be tied to this user.
You might have to give the username also.
"jdbc:jtds:sqlserver://192.168.56.1/MyMovies;instance=SQLEXPRESS;user=foo"
I am working with a web application that connects to a SQL Server database with this:
jdbc.url=jdbc:jtds:sqlserver://127.0.0.1/MyDatabase
jdbc.username=sa
jdbc.password=password
I am relatively new to SQL Server, however I have successfully accessed a SQLEXPRESS instance through the SQL Server Management Studio.
I can see from the Security->Login folder there is a "sa" entry
However when I run the web application I am getting this error:
PropertyAccessException 1: org.springframework.beans.MethodInvocationException: Property
'dataSource' threw exception; nested exception is
org.apache.commons.dbcp.SQLNestedException: Cannot create
PoolableConnectionFactory (Network error IOException: Connection
refused: connect)
I seems that the user: "sa" is not authenticated to access the database?
If so, how can I use the SQL Server management studio to fix this?
Make sure authentication mode is set to Mixed. It's set to Windows authentication mode as default which disables sa account. See here: http://msdn.microsoft.com/en-us/library/ms143705%28v=sql.90%29.aspx
Edit: as Jacob suggested, make sure you can connect via TCP/IP (I assume it's used by the driver). To do so launch SQL Management Studio and in connection preferences set: Authentication - SQL Server authentication, login - sa, password - your password. Then click Options, connection properties and select tcp/ip as protocol. Check if you can login.
Also check these things:
http://msdn.microsoft.com/en-us/library/bb909712(v=vs.90).aspx
http://msdn.microsoft.com/en-us/library/bb909725(v=vs.90).aspx
To check whether TCP/IP is enabled and the port is not blocked you can use "telnet 1433". Until telnet doesn't connect, jTDS won't either.
e.g, c:>telnet servername 1433
to enable telnet client on windows
http://social.technet.microsoft.com/wiki/contents/articles/910.how-to-enable-telnet-client-in-windows-7.aspx
I am currently investigating how to make a connection to a SQL Server database from my Java EE web application using Windows Authentication instead of SQL Server authentication. I am running this app off of Tomcat 6.0, and am utilizing the Microsoft JDBC driver. My connection properties file looks as follows:
dbDriver = com.microsoft.sqlserver.jdbc.SQLServerDriver
dbUser = user
dbPass = password
dbServer = localhost:1433;databaseName=testDb
dbUrl = jdbc:sqlserver://localhost:1433
I have zero problems with connecting to a SQL Server database in this fashion when using SQL Server authentication.
Is there any way I can retrieve the credentials of the user's Windows Authentication and use that authentication for SQL Server?
UPDATE: I know in ASP.net there is a way to set up Windows Authentication for access to the webapp, which is exactly what I am looking for, except I want to pass that token off to SQL Server for access to the database.
I do not think one can push the user credentials from the browser to the database (and does it makes sense ? I think not)
But if you want to use the credentials of the user running Tomcat to connect to SQL Server then you can use Microsoft's JDBC Driver.
Just build your JDBC URL like this:
jdbc:sqlserver://localhost;integratedSecurity=true;
And copy the appropriate DLL to Tomcat's bin directory (sqljdbc_auth.dll provided with the driver)
MSDN > Connecting to SQL Server with the JDBC Driver > Building the Connection URL
look at
http://jtds.sourceforge.net/faq.html#driverImplementation
What is the URL format used by jTDS?
The URL format for jTDS is:
jdbc:jtds:<server_type>://<server>[:<port>][/<database>][;<property>=<value>[;...]]
...
domain
Specifies the Windows domain to authenticate in. If present and the user name and password are provided, jTDS uses Windows (NTLM) authentication instead of the usual SQL Server authentication (i.e. the user and password provided are the domain user and password). This allows non-Windows clients to log in to servers which are only configured to accept Windows authentication.
If the domain parameter is present but no user name and password are provided, jTDS uses its native Single-Sign-On library and logs in with the logged Windows user's credentials (for this to work one would obviously need to be on Windows, logged into a domain, and also have the SSO library installed -- consult README.SSO in the distribution on how to do this).
This actually works for me:
Per the README.SSO that comes with the jtdsd distribution:
In order for Single Sign On to work, jTDS must be able to load the native SPPI library ntlmauth.dll. Place this DLL anywhere in the system path (defined by the PATH system variable) and you're all set.
I placed it in my jre/bin folder
I configured a port dedicated the sql server instance (2302) to alleviate the need for an instance name - just something I do. lportal is my database name.
jdbc.default.url=jdbc:jtds:sqlserver://192.168.0.147:2302/lportal;useNTLMv2=true;domain=mydomain.local
Unless you have some really compelling reason not to, I suggest ditching the MS JDBC driver.
Instead, use the jtds jdbc driver. Read the README.SSO file in the jtds distribution on how to configure for single-sign-on (native authentication) and where to put the native DLL to ensure it can be loaded by the JVM.
I was having issue with connecting to MS SQL 2005 using Windows Authentication. I was able to solve the issue with help from this and other forums. Here is what I did:
Install the JTDS driver
Do not use the "domain= " property in the jdbc:jtds:://[:][/][;=[;...]] string
Install the ntlmauth.dll in c:\windows\system32 directory (registration of the dll was not required) on the web server machine.
Change the logon identity for the Apache Tomcat service to a domain User with access to the SQL database server (it was not necessary for the user to have access to the dbo.master).
My environment:
Windows XP clinet hosting Apache Tomcat 6 with MS SQL 2005 backend on Windows 2003