Configuring Kerberos for jConnect

Review the instructions to configure jConnect to use Kerberos security mechanism.

Prerequisites

There are several prerequisites for configuring Kerberos for jConnect:

  • JDK 6 or later

  • A Java Generic Security Services (GSS) Manager:

    • The default GSS Manager, which is part of the JDK, or

    • Wedgetail JCSI Kerberos version 2.6 or later, or

    • CyberSafe TrustBroker Application Security Runtime Library version 3.1.0 or later, or

    • A GSS Manager implementation from another vendor.

  • A key distribution center(KDC) that is supported and interoperable at the server side with your GSS library and at the client side with your GSSManager.

Task
  1. Set the REQUEST_KERBEROS_SESSION property to true.
  2. Set the SERVICE_PRINCIPAL_NAME property to the name that your Adaptive Server Enterprise is running under. In general, this is the name set with the -s option when the server is started. The service principal name must also be registered with the KDC. If you do not set a value for this property, jConnect uses the host name of the client machine.
  3. (Optional) Set the GSSMANAGER_CLASS property.
    For more information on the REQUEST_KERBEROS_SESSION and SERVICE_PRINCIPAL_NAME, see the jConnect Connection Properties
Parent topic: Kerberos
Related concepts
GSSMANAGER_CLASS Connection Property
Programming Information