How does the SQL Server JDBC Trusted Connection Authentication work?

How does the SQL Server JDBC Trusted Connection Authentication work? (ie how does the trusted connection authenticate the logged in AD user in such a transparent and elegant fashion and how can I implement a similar authentication solution for my client-server applications in Java without a database connection or any use of the existing SQL Server solution.)

Assumptions * Working within a Windows 2003 domain * You have access to the Windows API via JNI/JNA

Asked by: Chester356 | Posted: 28-01-2022

Answer 1

It depends on the client. For example if you have a Web Browser, it can use the NTLM Authentication to pass the domain authentication of your current client to the server. In this case the browser like IE or FF supports this, and you web server needs the support for NTLM. For example here for Tomcat:

There is also the SPNEGO protcol in combination with Kerberos, as explained here:

If you have your own client, it depends on the client's framework if it is able to use the local user's security context and is able to pass it on. The page above describes this at least for a kerberos scenario.

Greetings Bernd

PS: I am not sure if you can pass the authentication context established with the jcifs/ntmlm solution to a backend component like SQL Server. It should work with Kerberos tickets (if configured).

Answered by: Audrey430 | Posted: 01-03-2022

Answer 2

jTDS and Microsoft JDBC Driver both offer native Windows Authentication.

Answered by: Adelaide746 | Posted: 01-03-2022

Answer 3

Have you looked at this question? The situation seems to be similar to yours (connecting to a SQL Server database using Windows authentication).

Answered by: Melanie125 | Posted: 01-03-2022

Similar questions

java - Tomcat JMX connection - Authentication failed

I am having some problems setting up Tomcat for JMX. I added the following properties to CATALINA_OPTS="$CATALINA_BASE/conf/jmxremote.password -Dcom.sun .management.jmxremote.ssl=false" And have added the jmxremote.password file in to the conf directory. I wrote a client tool that connect...

java - openning http connection behind proxy which requires authentication but does not return 407

Our applet is behind Microsoft ISA Server which has integrated proxy authentication.Isa Proxy server returns http 405(NOT 407) for connections which has no authentication credentials on it.There for my class does not get called. how can i authenticate my connections to the proxy server in this situation? Applet is signed and compiled with java1....

java - Jsoup connection with basic access authentication

Is there a way in Jsoup to load a document from a website with basic access authentication?

How to use LDAP authentication for the Exchange Web Services connection in Java?

I try to write a Java application that access an Exchange Web Services in order to read emails. Thus, I use the Exchange Web Services (EWS) Java API provided by Microsoft. I already had several issues with it, and I finally found that the authentication should be done using...

java - Separate TCP/SSL connection for authentication while UDP for main traffic?

I am currently writing a on a small client/server software, where the server runs on PC/Mac (Java) and the client on Android. The client is sending many small packets to the server, where low latency is important and single packet drops dont matter, which is why I want to use UDP for that. The problem is that I want some authentication, since the server should only accept packets from a known device (a third party ...

Java Mail authentication and connection

While I am trying to connect through java mail the server is responding unexpected the problem is that sometimes the same program connects and get the mails but some times it throws javax.mail.AuthenticationFailedException: EOF on socket at com.sun.mail.pop3.POP3Store.protocolConnect( at javax.mail.Service.connect( at javax.mail.Service.connect(Servi...

java - Connection Authentication Failure Occured

I am trying to load the derby sample database on my machine through NetBeans and populate a table. Unfortunately I am getting an error about userid or password being invalid. This is the default derpy sample database and i an unable to find out where a username and password could be located. The index file: <%@page import="webstoreUtils.*,java.sql.*,org.apache.derby.jdbc.*"%> <%@ include ...

Java SOAP web service over SSL with basic authentication, connection refused

I am trying to send a SOAP request over SSL with my own little Java client and it fails with " Connection refused". The same request sent with SOAPUI does not fail, I get a valid response from the server. This is the code I am trying to run: public static void main(String[] args) throws MalformedURLException { System.setProperty("

Authentication during connection to MongoDB server instance using Java

Is it possible to make something like : MongoClient mongo = new MongoClient(ip, port, usrName, password) in JAVA similar to the MongoVUE or other SQL based databases' authentication method. There the authentication is done during connection to DB instance. I don't see an appropriate instance method in

Java: establish SSL connection without authentication

I am trying to create an application where I have a server that hosts files and a client that wants to retrieve those files. I am currently trying to establish a SSL connection between the client and the server, however, I only want the encryption part of SSL not the authentication (I do not want to go through the troubles of creating and managing keystores etc). All the sample code I have found has used TL...

java - Searching for a safe way to do authentication from a mobile app

I've inherited a mobile app which sends auth credentials (userid/password) in the clear. I'd imagine that I have 2 choices: a) use TLS. b) write my own auth protocol. If I choose (b) what are the key guidelines that I must follow to make it it secure. e.g. how to avoid replay attacks, encryption strategies.

Secure Java SOAP web service - Active Directory authentication Trust

I want to build a secure web-service betweeen a Java producer and a Java consumer. I want to authenticate using Active Directory using the domain accounts that the producer and consumer are running under. Could you give me an example of this? (ie: AD trusted automated alternative to manual keystores.)

java - JAX-WS authentication against a database

I'm implementing a JAX-WS webservice that will be consumed by external Java and PHP clients. The clients have to authenticate with a username and password stored in a database per client. What authentication mechanism is best to use to make sure that misc clients can use it?

authentication - Authenticating against Active Directory with Java on Linux

I have a simple task of authenticating against Active Directory using Java. Just verifying credentials and nothing else. Let's say my domain is "", OU path is unknown, and username/password is testu/testp. I know there's a few Java libraries out there that simplify this task, but I wasn't successful at implementing them. Most examples that I've found addressed LDAP in general, not specifically Active Di...

security - Java EE Authentication Error Handling

We are currently trying to implement a web application which is using the Java EE authentication mechanism with a FORM-based login, inside the Websphere 6.1 web container. If the authentication is successful, we have everything working; the LDAP membership groups are being retrieved, the group to role mapping is being performed, and the roles are being returned to and correctly interpreted by the web application. ...

authentication - How to throttle login attemps in Java webapp?

I want to implement an efficient mechanism to throttle login attemps in my Java web application, to prevent brute-force attacks on user accounts. Jeff explained the why, but not the how. Simon Willison showed an implementation in Python for Djang...

java - Specify authentication in container rather than web.xml

We distribute our web-application to our customers as a .war file. That way, the user can just deploy the war to their container and they're good to go. The problem is that some of our customers would like authentication, and use the username as a parameter to certain operations within the application. I know how to configure this using web.xml, but that would mean we either have to tell our customers ...

java - ACEGI Authentication available in tomcat 404 error handler

I'm using spring and acegi in a webapp that's deployed in tomcat 5.5.26. I want to see if the user is logged in on the 404 page, so that we can show their name if they're logged in, and a login link otherwise. I have the HttpSessionContextIntegrationFilter, in the filters on the REQUEST dispatcher. I also have it in the ERROR dispatcher. The code path appears that the request goes into my app, throu...

authentication - How to authenticate against native OS in Java and without using JNI?

My Java RCP application prompts the user for username and password upon start-up. How could I use these credentials to do authentication against the native OS without using JNI to port some C libraries? Thanks! PS. If possible, pure Java implementation without using third-party libraries will be very much preferable.

smartcard - Common Access Card (CAC) Authentication Using Java

I'm bascially looking for someplace to start learning how to interface with a government CAC card using java. Ultimately, my goal is to find out how to use CAC card authentication (by PIN number) to authorize access to a website hosted using a Tomcat/J2EE server. But I'll need somewhere to start. So I figure I'd start by writing a small java program to simply read the CAC card information f...

Still can't find your answer? Check out these amazing Java communities for help...

Java Reddit Community | Java Help Reddit Community | Java Community | Java Discord | Java Programmers (Facebook) | Java developers (Facebook)