Review the instructions to run ConnectKerberos.java file sample application.
Windows – you can establish Kerberos credentials for a machine in an Active Directory environment by successfully logging in using Kerberos authentication.
UNIX or Linux – you can establish Kerberos credentials for a UNIX or Linux machine using the kinit utility for your Kerberos client. If you do not obtain an initial credential using kinit, you are prompted for a user name and password when you attempt to run the sample application.
Windows – for a machine running in an Active Directory environment, Kerberos credentials are stored in an in-memory ticket cache.
UNIX or Linux – for a UNIX or Linux machine using the JRE supplied, CyberSafe, Solaris, or MIT implementations of Kerberos, kinit places credentials by default in /tmp/krb5cc_{user_id_number}, where {user_id_number} is unique to your user name.
If the credentials are placed elsewhere, specify that location in the sample2/exampleLogin.conf file by setting the ticketCache property.
SAP recommends that you use a Kerberos configuration file, which allows for more control of the Kerberos environment, including the ability to specify to Java the type of encryption to request during authentication.
If you do not use a Kerberos configuration file, and your Kerberos configuration is not set up to use DNS SRV records, you can specify the realm and KDC using the java.security.krb5.realm and java.security.krb5.kdc system properties.
Ensure that you are using JDK version 6 or later. Read through the source code comments, and ensure the jconn4.jar from your jConnect installation is specified in your CLASSPATH environment variable.
java ConnectKerberos
Ensure that you are using the Java version 6 executable. The sample application output explains that a successful connection has been established and executes the SQL:
select 1
To execute the sample without using a Kerberos configuration file, use:
java -Djava.security.krb5.realm=your_realm -Djava.security.krb5.kdc=your_kdc ConnectKerberos
where your_realm is your default realm, and your_kdc is your KDC.
If necessary, you can run the sample application in debug mode to see debug output from the Java Kerberos layer:
java -Dsun.security.krb5.debug=true ConnectKerberos
You can also make a Kerberos connection using IsqlApp, the Java version of isql, located in the jConnect-16_0/classes directory:
java IsqlApp -S jdbc:sybase:Tds:hostName:portNum -K service_principal_name -F path_to_JAAS_login_module_config_file