How should I write my connection string in jdbc when I want to connect to a SQL server where windows authentication is needed and I am connecting to a named instance?
So I have my connection string like
jdbc:sqlserver://sqlserver4\Test;datebaseName=TestDB;user=g\John;password=hello123
I have also tried with sqlserver4;namedInstance=Testinstead of sqlserver4\Test
I have tried under
Control Panel -> Administrative Tools -> ODBC Data Source
Shift Right-Click -> Run as different user
login as user=g\John password=hello123 with this test I can connect successfuly, but in my jdbc connection string I get Login failed for user g\John.
Do I have to setup my connection string in a specific way when using Windows User Authentication and named instance in the DB?
According to: https://msdn.microsoft.com/en-us/library/bsz5788z.aspx
If your application runs on a Windows-based intranet, you might be able to use Windows integrated authentication for database access. Integrated security uses the current Windows identity established on the operating system thread to access the SQL Server database. You can then map the Windows identity to a SQL Server database and permissions.
To connect to SQL Server using Windows integrated authentication, you must identify the Windows identity under which your ASP.NET application is running. You must also be sure that the identity has been granted access to the SQL Server database. This topic includes a code example that displays the current Windows identity of the ASP.NET application.
So try maybe adding this:
integratedSecurity=true;
At the end of your connection string and removing username and password
In Production system, all the database servers/hosts will have application specific user ids like report_app_user, dev_app_user,dev_env_user,test_env_user,uat_env_user and the JDBC api will connect it promptly.
Please talk to ITsupport team/db admin to get a application specific user id.
Otherwise, you will not be able to use db user which is tied with windows authentication.
I have tried all that, but it seems that I have to implement some spring security and setup an LDAP server to be able to connect through an AD user, with MuleESB. But thanks anyway :).
Related
Need it for connecting to the database in different environments(LOCAL, DEV, QA, etc) through Karate Framework. I have configured the JDBC Connection URL from karate-config.js file, but cannot expose the URL directly in the file since it has sensitive information such as username and password. Can you propose some way to use the URL and connect to the database in such a way that the password would not be exposed?
Use environment variables passed into the test at run-time. This what most teams do: https://stackoverflow.com/a/52821230/143475
And if you really want to - you can call custom code to do encryption / decryption using Java interop: https://stackoverflow.com/a/61675057/143475
I am trying to authenticate Azure SQL Database using access token, Problem is, the access token(and refresh token) is generated on the different machine and SQL server authentication java code is on another machine. My application on 2nd machine picks the refresh token from the properties file. I am able to get the access token using refresh token but not able to authenticate the Azure SQL DB using that. However, everything works fine if I do the whole process on the same machine.
Are access token generated IP bound or machine bound?
Error: Database connection failed: Error message: Login failed for user ''. ClientConnectionId:321ad51b-77d5-4681-a162-d6c8afd477aa
The issue has been resolved, it was due to wrong (pretty old) version of MSSQL JDBC jar.
Each user has a default database. When you connect to computer that's running Microsoft SQL Server, and you do not specify a login database, the default database is used. However, if the default database is unavailable at the time of the connection, you may not be able to connect
I have an application developed in MS Access, and I'm currently switching it to a web application with Apache Tomcat.
The Access application has our SQL Server database fully linked, so it has entire control of the data.
The application is running a hidden process by passing the ActiveDirectory authentication to the SQL Server, so the users never type their passwords.
But from Tomcat, I tried to connect on the SQL Server using JDBC driver and Windows authentication (jdbc:sqlserver://SERVERADDRESS;integratedSecurity=true;) in just one jsp file to test the database connection.
The problem here is instead of passing the user login which launched the app through his web browser, it passes the Server identifier (Which is DOMAIN\SERVERNAME).
Can I get the username with this way, or do I need to completely change my connection system?
Impossible without credential delegation/S4U services for Kerberos. Especially, if you don't use Java's Kerberos implementation, but the one from Windows SSPI.
Start your users to authenticate via SPNEGO first, then come back.
I have written a java servlet in app engine that i am trying to connect to a cloud sql, i am working in eclipse kepler on windows. in the google cloud console i have authorized by app to access the database, they are both stored in the US.
To enable cloud sql for my app in eclipse i am going to google>app engine settings...
i try to configure the cloud sql instance, i am using the appropriate instance name : and i have specified the correct database name username and password, i have also tried with a blank password, and both a blank password and user niether have worked. additionally, i am using the same email account across my database and app engine and eclipse. the error i receive is:
Could not connect to Profile (<project>.GoogleCloudSQL.AppEngineInstance).
Error creating SQL Model Connection connection to
Profile(<project>.GoogleCloudSQL.AppEngineInstance). (Error: Not authorized to access
instance: <instance:database>)
Not authorized to access instance: <instance:database>
Error creating Google Cloud SQL Connection factory connection to Profile
(<project>.GoogleCloudSQL.AppEngineInstance). (Error: Not authorized to access
instance: <instance:database>)
Not authorized to access instance: <instance:database>
i then tried to test the database using the google_sql.sh script provided in the bin folder of the appengine sdk. i sent me to a url to get an authorization code, after entering the authorization code i was just given the script fails stating "the provided authorization grant is invalid, expired, revoked etc.".
i just want my app engine java servlet to be able to access my cloud sql database...does anyone have any advice? a solution? a similar problem?
Please take a look at the following link for the recommended way to connect to your CloudSQL instance from dev purposes.
https://developers.google.com/appengine/docs/java/cloud-sql/#connect_and_post
In short, just get an IP address for the CloudSQL instance using admin API or cloud console, authorize your network to access the CloudSQL instance through Cloud console, and point your application to it.
I'm part of a Java Spring Web app which should be very secure. So far, on test environment we're loading database username & password from a property file which lies on classpath. The password is encrypted with a key which we load from local file system.
My job is to find a better way(more secure one) using software tools only. I was thinking about supplying the db username and password on startup of webapp or smth like that(But still does not seem ok because the DB admin should be present on startup). Other than that I'm stuck.
What is the best way to deal with this issue?
You need to lock down the database so that only the app can talk to it with minimal creds as possible.
One way is restrict it so that only app servers private IP is only accepted. Make it so the database only listens to private (internal) network connections.
The password is a red herring.