Postgres Pro
Downloads
Home   >   mailing lists

Re: JDBC and GSSAPI/Krb5 - Mailing list pgsql-jdbc

From Peter Koczan
Subject Re: JDBC and GSSAPI/Krb5
Date
Msg-id 4544e0330801291236u7d7384b2s262b3b07c8dffff3@mail.gmail.com
Whole thread Raw
In response to Re: JDBC and GSSAPI/Krb5  (Kris Jurka <books@ejurka.com>)
Responses Re: JDBC and GSSAPI/Krb5
List pgsql-jdbc
Tree view 
> I've put up the current patch and a test jar file at:
>
> http://ejurka.com/pgsql/jars/gss
>
> At the moment it doesn't offer any of the configurability previously
> discussed except for the fact that it will use the password supplied in
> the connection request to try to acquire a ticket if none is cached.
>
> The application name for the JAAS LoginContext is "pgjdbc".
>
> It only support V3 protocol connections (default for 7.4+ servers).  Let
> me know how it works and what else you would need for production use.

Where I work, we can use a simple connection string, devoid of any
user or password information, to connect via psql or DBD::Pg, and
Kerberos works its magic to authenticate to the database server
properly. I wouldn't mind telling people that they need to specify a
username with JDBC, but this behavior would mimic that of other
Kerberos/GSSAPI-enabled interfaces. It's possibly something to keep in
mind, but if it's too much work or not very feasible or
non-JDBC-compliant, I wouldn't worry about it.

However, I'm having a bit of trouble authenticating with a simple
program (see below). Granted, I'm still a bit new to JDBC, so please
point out any stupid mistakes, maybe I forgot a config step. I did
follow the docs, but no combination of username/password would work,
not even my true Kerberos password. (I can still connect via an
MD5-based user account).

The file:

import java.sql.*; // import the JDBC
import java.util.*;

public class Jdbc {
    public static void main (String[] args) {
      try {
        Class.forName("org.postgresql.Driver"); // Load the PostgreSQL JDBC driv
er

        // Connect to the database
        Properties props = new Properties();
        props.setProperty("user", "koczan");
        props.setProperty("password", "[password]");
        // props.setProperty("ssl", "true"); // I'll get this working later
        Connection conn =
DriverManager.getConnection("jdbc:postgresql://mitchell.cs.wisc.edu:5434/postgres",
props);

        Statement st = conn.createStatement();
        ResultSet rs = st.executeQuery("select datname from
pg_database order by 1");
        while (rs.next()) {
            System.out.print("Database name returned: ");
            System.out.println(rs.getString(1));
        }
        rs.close();
        st.close();

      } catch (Throwable ex) {
        System.err.println("Uncaught exception in main...");
        ex.printStackTrace();
      }
    }
}

The output was:
$ export CLASSPATH=/s/postgresql-8.3-beta/src/postgresql-jdbc-8.3dev-601.src/jars/postgresql-8.3dev-gss.jdbc3g.jar
$ javac Jdbc.Java
$ java Jdbc
Uncaught exception in main...
org.postgresql.util.PSQLException: GSS Authentication failed
        at org.postgresql.gss.MakeGSS.authenticate(MakeGSS.java:36)
        at org.postgresql.Driver.makeGSS(Driver.java:775)
        at org.postgresql.core.v3.ConnectionFactoryImpl.doAuthentication(ConnectionFactoryImpl.java:373)
        at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:98)
        at org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:66)
        at org.postgresql.jdbc2.AbstractJdbc2Connection.<init>(AbstractJdbc2Connection.java:124)
        at org.postgresql.jdbc3.AbstractJdbc3Connection.<init>(AbstractJdbc3Connection.java:30)
        at org.postgresql.jdbc3g.Jdbc3gConnection.<init>(Jdbc3gConnection.java:24)
        at org.postgresql.Driver.makeConnection(Driver.java:386)
        at org.postgresql.Driver.connect(Driver.java:260)
        at java.sql.DriverManager.getConnection(DriverManager.java:525)
        at java.sql.DriverManager.getConnection(DriverManager.java:140)
        at Jdbc.main(Jdbc.java:16)
Caused by: java.lang.SecurityException: Unable to locate a login configuration
        at com.sun.security.auth.login.ConfigFile.<init>(ConfigFile.java:97)
        at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
        at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
        at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
        at java.lang.reflect.Constructor.newInstance(Constructor.java:494)
        at java.lang.Class.newInstance0(Class.java:350)
        at java.lang.Class.newInstance(Class.java:303)
        at javax.security.auth.login.Configuration$3.run(Configuration.java:216)
        at java.security.AccessController.doPrivileged(Native Method)
        at javax.security.auth.login.Configuration.getConfiguration(Configuration.java:210)
        at javax.security.auth.login.LoginContext$1.run(LoginContext.java:237)
        at java.security.AccessController.doPrivileged(Native Method)
        at javax.security.auth.login.LoginContext.init(LoginContext.java:234)
        at javax.security.auth.login.LoginContext.<init>(LoginContext.java:403)
        at org.postgresql.gss.MakeGSS.authenticate(MakeGSS.java:29)
        ... 12 more
Caused by: java.io.IOException: Unable to locate a login configuration
        at com.sun.security.auth.login.ConfigFile.init(ConfigFile.java:206)
        at com.sun.security.auth.login.ConfigFile.<init>(ConfigFile.java:95)
        ... 26 more

I expected:

$ java Jdbc
Database name returned: postgres
Database name returned: template0
Database name returned: template1

pgsql-jdbc by date:

Previous
From: Euler Taveira de Oliveira
Date:
Subject: pt_BR translation updates
Next
From: Devrim GÜNDÜZ
Date:
Subject: 8.3 driver status