Skip site navigation (1) Skip section navigation (2)

Trying to accomplish SSO from Windows

From: Bryan Montgomery <monty(at)english(dot)net>
To: pgsql-jdbc(at)postgresql(dot)org
Subject: Trying to accomplish SSO from Windows
Date: 2010-07-22 17:32:08
Message-ID: AANLkTimZ5uVuWvY6ddzba9XB8TRAJ3tdcgKwcD6ZdlDr@mail.gmail.com (view raw or flat)
Thread:
Lists: pgsql-jdbc
On Fri, Jul 9, 2010 at 7:30 PM, Kris Jurka <books(at)ejurka(dot)com> wrote:

>
>
> On Fri, 9 Jul 2010, Bryan Montgomery wrote:
>
>  That got me a step further - I have a new direction to look at next week.
>> I
>> added the system properties and ended up with:
>>
>> Caused by: GSSException: No valid credentials provided (Mechanism level:
>> Failed to find any Kerberos tgt)
>>
>
> I don't know anything about that error message, but a quick look at Java's
> GSS troubleshooting guide has a potential solution for that exception.
>
>
> http://download.oracle.com/docs/cd/E17476_01/javase/1.5.0/docs/guide/security/jgss/tutorials/Troubleshooting.html
>
> Kris Jurka
>
Hello,
>From some help here and on the sun forums, I've made some progress in my
mission! I can log in to the database through psql if I have
PGKRBSRVNAME=HTTP, however I'm stuck when using JDBC. I originally was just
using montgomeryb as my user name but got an exception with that and by
trying other code found that when I didn't supply a user id, it defaulted to
the user(at)domain value.

Hopefully someone can help with this latest problem. I've copied the code I
execute below and the response I get:

Properties p = new Properties();
p.put("user","MontgomeryB(at)LAB2K(dot)NET");
p.put("kerberosServerName","HTTP");
Connection conn = DriverManager.getConnection("jdbc:postgresql://
poe3b.lab2k.net/"
         + "nrgdb?loglevel=2&jaasApplicationName=LoginJaas", p);

>>>KRBError:
         sTime is Thu Jul 22 08:38:18 EDT 2010 1279802298000
         suSec is 112913
         error code is 7
         error Message is Server not found in Kerberos database
         realm is LAB2K.NET
         sname is HTTP/172.16.118.89
         msgType is 30

org.postgresql.util.PSQLException: GSS Authentication failed
        at org.postgresql.gss.GssAction.run(MakeGSS.java:152)


The one thing that seems strange to me is that the server name is being
replaced by the ip address. I tried changing the host name to HTTP/
poe3b.lab2k.net but then the error had

sname is HTTP/172.16.118.89/poe3b.lab2k.net

I did find another posting that talked about the setup in Active Directory
with the user logon name and first name. I was given a screen shot that
shows the user logon name as HTTP/poe3b.lab2k.net @lab2k.net and the User
logonname(pre-windows 2000) as poe3b.

Thanks - Byan.

In response to

pgsql-jdbc by date

Next:From: Kris JurkaDate: 2010-07-22 19:49:39
Subject: Re: Trouble with COPY IN
Previous:From: Matthew WakelingDate: 2010-07-22 17:30:02
Subject: Re: Trouble with COPY IN

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group