Skip site navigation (1) Skip section navigation (2)

Trying to accomplish SSO from Windows

From: Bryan Montgomery <monty(at)english(dot)net>
To: pgsql-jdbc(at)postgresql(dot)org
Subject: Trying to accomplish SSO from Windows
Date: 2010-07-22 17:32:08
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-jdbc
On Fri, Jul 9, 2010 at 7:30 PM, Kris Jurka <books(at)ejurka(dot)com> wrote:

> On Fri, 9 Jul 2010, Bryan Montgomery wrote:
>  That got me a step further - I have a new direction to look at next week.
>> I
>> added the system properties and ended up with:
>> Caused by: GSSException: No valid credentials provided (Mechanism level:
>> Failed to find any Kerberos tgt)
> I don't know anything about that error message, but a quick look at Java's
> GSS troubleshooting guide has a potential solution for that exception.
> Kris Jurka
>From some help here and on the sun forums, I've made some progress in my
mission! I can log in to the database through psql if I have
PGKRBSRVNAME=HTTP, however I'm stuck when using JDBC. I originally was just
using montgomeryb as my user name but got an exception with that and by
trying other code found that when I didn't supply a user id, it defaulted to
the user(at)domain value.

Hopefully someone can help with this latest problem. I've copied the code I
execute below and the response I get:

Properties p = new Properties();
Connection conn = DriverManager.getConnection("jdbc:postgresql://"
         + "nrgdb?loglevel=2&jaasApplicationName=LoginJaas", p);

         sTime is Thu Jul 22 08:38:18 EDT 2010 1279802298000
         suSec is 112913
         error code is 7
         error Message is Server not found in Kerberos database
         realm is LAB2K.NET
         sname is HTTP/
         msgType is 30

org.postgresql.util.PSQLException: GSS Authentication failed

The one thing that seems strange to me is that the server name is being
replaced by the ip address. I tried changing the host name to HTTP/ but then the error had

sname is HTTP/

I did find another posting that talked about the setup in Active Directory
with the user logon name and first name. I was given a screen shot that
shows the user logon name as HTTP/ and the User
logonname(pre-windows 2000) as poe3b.

Thanks - Byan.

In response to

pgsql-jdbc by date

Next:From: Kris JurkaDate: 2010-07-22 19:49:39
Subject: Re: Trouble with COPY IN
Previous:From: Matthew WakelingDate: 2010-07-22 17:30:02
Subject: Re: Trouble with COPY IN

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group