JDBC Connection To MS SQL With Windows Authentication
Jun 30, 2005
Environment -
I am using Tomcat as my servlet engine and IIS as the Server. Additionally, I am using MS SQL 2000 as my DB. The DB resides on a seperate machine, and have created an ODBC JDBC connection on the local machine to access it. Additionally, the authentication for the DB is set to "Windows Authentication".
Problem -
Everything works fine if I simply run tomcat and access the databse. Also, things run fine when I run tomcat via IIS too. However, when I try accessing the database, I get the error
Login failed for user '<username>'
Now, the funny part is, this username is actually the username of the local machine on which the application has been placed. It is not the username that I am providing in
con=DriverManager.getConnection("jdbc : odbc : DBName","username","password"); /* had to add in extra spaces to stop this site from substituting :+D.etc to smiles*/
Can someone please help me figure it out?? Why is it working when I run the tomcat (Apache) and run the application from there, but ones I run it via IIS, it fails. Also, why is it taking the username from the local machine and not the one that I am providing out there?
I am having MSSQLServer2000 on Win2k and Win2k3 server. i have to connect these servers from a application using JDBC driver and AD Authentication.
I have programmed all the things needed for AD authentication in my application(changed url , using integratedSecurity=true), and it is working fine when my application connects to MSSQLServer2k5 on WinXP(which is added to same domain of my application).
But when i try to connect MSSQL2000 server on Win2000 server it failes and gives error as follows. Apr 18, 2008 12:39:51 PM com.microsoft.sqlserver.jdbc.AuthenticationJNI SNISecGenClientContextINFO: Failed to get the SPNcom.microsoft.sqlserver.jdbc.SQLServerException: Connection reset at com.microsoft.sqlserver.jdbc.SQLServerConnection.terminate(Unknown Source) at com.microsoft.sqlserver.jdbc.TDSChannel.read(Unknown Source) at com.microsoft.sqlserver.jdbc.TDSReader.readPacket(Unknown Source) at com.microsoft.sqlserver.jdbc.TDSReader.readPacket(Unknown Source) at com.microsoft.sqlserver.jdbc.TDSReader.readResponse(Unknown Source) at com.microsoft.sqlserver.jdbc.TDSCommand.startResponse(Unknown Source) at com.microsoft.sqlserver.jdbc.TDSCommand.startResponse(Unknown Source) at com.microsoft.sqlserver.jdbc.SQLServerConnection.sendLogon(Unknown Source) at com.microsoft.sqlserver.jdbc.SQLServerConnection.logon(Unknown Source) at com.microsoft.sqlserver.jdbc.SQLServerConnection.access$000(Unknown Source) at com.microsoft.sqlserver.jdbc.SQLServerConnection$LogonCommand.doExecute(Unknown Source) at com.microsoft.sqlserver.jdbc.TDSCommand.execute(Unknown Source) at com.microsoft.sqlserver.jdbc.SQLServerConnection.executeCommand(Unknown Source) at com.microsoft.sqlserver.jdbc.SQLServerConnection.connectHelper(Unknown Source) at com.microsoft.sqlserver.jdbc.SQLServerConnection.loginWithoutFailover(Unknown Source) at com.microsoft.sqlserver.jdbc.SQLServerConnection.connect(Unknown Source) at com.microsoft.sqlserver.jdbc.SQLServerDriver.connect(Unknown Source) at ChangePassword.process(ChangePassword.java:33) at ChangePassword.main(ChangePassword.java:14)
I am using following code for connection -- String url = "jdbcqlserver://172.16.1.243\dbaudit;portNumber=1034;integratedSecurity=true"; Class dbDriverClass = Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver"); Driver driver = (Driver) dbDriverClass.newInstance();
Properties props = new Properties(); conn=driver.connect(url, props);
In testing new patches, I tried Windows 2003 Server SP2 and our JDBC connections stopped working. I uninstalled SP2 and they started working again. Anyone know where the problem is?
I have already read pages of documentation, but I will keep looking. Please let me know if you know the setting that needs to be changed. I'm assuming it is a new "security enhancement" but I'm just not sure exactly where.
I belive this issue maybe to do with the domain or the network, but since I don't know how to diagnose the problem exactly I've posted here as the starting point.
When connecting to Sql Server 2005 using Windows Authentication, the first attempt will fail, but subsiquent attempts suceed.
It fails with a message of the connection attempt timeing out.
This happens when directly using SMO or using the Management Studio (which I belive also uses SMO but at a more raw internal level).
If I use Sql Authentication then I can log on fine.
Also when in Management Studio frequently opening a diagram or modifying a table and other general tasks will take an unsually long time.
Other things like outlook (working with exchange) are also playing up a bit which leads me to think its a domain problem. Recently all passwords were changed so maybe something somewhere needs flushing?
Does anyone have any suggestions for helping to diagnose the problem?
I have a domain user account through which I can log on a machine. The machine allows me to use this domain user account to create DB in SQL Server using windows authentication. How can I define a connection string to connect SQL Server? My connection string is like: string str = "server=(local);uid='"+userName+"';password='"+password+"';database='master';connection timeout=15";
This one works on another machine where I use SA account. But this one does not work using windows authentication. I tried to use domainnamemyname as user name, but failed. Could any one give me some suggestion?
I am not able to connect to SQL Database server using windows authentication when I am connected through VPN connection.However I am able to connect to same server using SQL server authentication and also able to do RDP to DB server machine.
I found a resolution in one of the forum suggesting to change UserRasCredentials to 0 value in *.pdk file.Since VPN connection which I am using generates instant proxy this resolution doesn't work.
Also application which I am using does windows authentication connection it is required for me to impersonate windows authetication when connected using VPN.
Hi there,I have installed MS SQL Server 2005 on my machine with windows authentication. But now I want to switch the authentication mode to SQL Authentication. I am unable to switch, I can’t find the proper way to do so here in 2005.Could any one help me in doing this?Thank you,-Ahsan
(Using win2k, sqlserver2k, framework 1.1) I have an fairly data-heavy application that uses Windows authentication (Trusted connection/aspnet account) to connect to Sql Server. The site uses IIS basic authentication.
On the dev server everything works fine but when I move to the live server things get strange and it starts to crawl along. (Pages load OK but then it just crawls as it loads the datagrids etc. Sometimes it brings back incomplete/incorrect data )
BUT When I use Sql Authentication to connect to Sql Server and there is no problem at all!
Ok, there is something obviously wrong with the live server (which is identical setup to dev)but I dont know where to start.
I've got two applications which both have a database on my MS SQL 2000 server. The problem is, one application must use Windows Integrated Authentication (which it is currently using and cannot be changed) whilst the other application which I'm trying to configure must use a SQL password.
Since the server has already been configured to use Windows Integrated Authentication for the existing database and application, how do I configure the other database to use the SQL password?
My work is using a shared application which accesses a MSSQL 2000 database. To access the application, the folder on the Windows 2003 Server is shared and users can access the folder through a shared drive.
For the application to access the database, it uses an ODBC connection to the MSSQL server which originally used the SA password.
We have recently switched to using Windows Integrated Authentication because we believe it offers a higher level of security. However the only way in which we have been able to enable this is to add the windows users to the SQL server.
The problem with this is that the application sets permissions for individual users on what records they can see within the database. We have found that by adding the windows users to the SQL Server, they can bypass the permissions the set by the application by simply using any application that can use an ODBC connection, such as Enterprise Manager, and see all the database.
One way around this would be to set up domains of users with access privileges to the tables which reflect the permissions set by the application, and configuring a view of the data so they may only see the records that they have permissions to. However to do this would require a high administrative cost to ensure that changes made in the application are reflected in the privileges of the SQL server.
Instead, is there a way the SQL server can authenticate that the ODBC connection is coming from the correct application using Windows Integrated Authentication?
This would allow the applcation to determine security, and stop users from connecting to the SQL server using other applications.
Alternatively, can the SQL server, using Windows Integrated Authentication, also ask the application to supply a username and password?
Any help with this matter would be greatly appreciated.
I just upgraded from Windows XP Pro to Windows Vista Bussiness and tried to reinstall SQL Server 2005 Developers Edition. After the installation i downloaded (using microsoft windows update) and installed all the service packs for sql and vista available.
My problem is when i open sql server management studio and try to connect to my default instance using windows authentication and database engine, an 18456 error occurs.
I enabled all the protocols and all the ports I disabled windows firewall and antivirus (eset nod32) I installed all service packs available I have also installed Visual Studio 2005 without installing sqlexpress
But nothing happens!
Please i am very desperate, any information will be gratefully accepted.
This is my installation Information
Code Snippet
Microsoft SQL Server Management Studio 9.00.3042.00 Microsoft Analysis Services Client Tools 2005.090.3042.00 Microsoft Data Access Components (MDAC) 6.0.6001.18000 (longhorn_rtm.080118-1840) Microsoft MSXML 3.0 5.0 6.0 Microsoft Internet Explorer 7.0.6001.18000 Microsoft .NET Framework 2.0.50727.1434 Operating System 6.0.6001
Say, I have configured my SQL to use Mixed Authentication. Now, I have a applicaiton which uses my SQL Server. The application just creates a database in SQL Server and uses the database to store its information.
This application also has a SYSTEM DSN under ODBC through which it accesses the database. For the application to access this database, should I only use SA (as my SQL instance is configured to use Mixed Authentication) or can I use Windows Authentcation too...
If I should only use SA, do we have a documentation which talks about this.
For using different services of SQL SERVER 2005 which is better... Windows Authentication or SQL Server Authentication? what are the advantages and disadvantages of both?
I wonder if it is possible to set forms authentication for report manager but leave report server "as it is". I need to authenticate users from external LDAP and can't use windows authentication for report manager, but I would also like to leave report server open for anonymous users. In that way authenticated administrators could create reports which anonymous users could read.
I tested the Security Extension Sample and got it working when I rewrote the authentication part with my own LDAP authentication.
If I have understood correctly, the report manager is just application inside report server so is it possible to use forms authentication with one application but still leave the report server with Windows authentication?
I am using sqljdbc41.jar to connect with MSSQL database, it is working fine on my local machine.Where as on the remote server, same class giving me error
Login failed for user '<domain><windows loginID>' My connection string is URL...
I am using sqljdbc41.jar and on 64 bit processor , I am using following command which included path for sqljdbc_auth.dll java -Djava.library.path= C: sqljdbc_4.1enuauthx64 TestDao and error is Login failed for user '<domain><windows loginID>' why it is not picking up username passed in connection string. I have 2 machines, one is local and other is remote. on both machine I login using my domain, it is working absolutely fine on local then why the error is coming on remote machine.Both the machines are identical.
When using jdbc with IntegratedSecurity, I run into this problem when the machine is not part of a domain & gets its IP address via dhcp. Is this expected behavior or a bug in the jdbc driver.
The SQLServer and client application are installed on the same machine and a local admin is logged in, running the client app.
If I change one of the two parameters mentioned above, the connection can be established leading me to believe this may be intentional for security issues. Am I correct?
I am trying to connect to an SQL database with a Java program compiled in NetBeans IDE. I have copied the proper .dll in the auth folder to the same folder as the .jar file required. I have tried a lot of things for a lot of hours, and am still coming up with the message "Driver is not configured for integrated security and "could not load the xxxxx.dll
Has anyone come up with a solution or a workaround to this problem. Please help. I have read the documentation until I am blue in the face. Please only respond if you have a 64 bit machine.
I am in the process of rolling out a sql server 2005 enterprise install and had a question regarding authentication. We will be providing sql hosting for a number of groups on our campus, many who are not using our campus-wide active directory, though they all have an AD account.
Windows authentication via the management studio appears to use your AD authentication tokens and will not allow them to enter a username/password combo. Is there any way to configure this?
I would like to use our campus AD for obvious reasons but if there is a requirement for passing tokens this isn't going to work right? It's also going to make database mirroring more of a challenge.
My SQLExpress seems to be set for windows authentication and not sql server authentication ... I am not quite sure why it is set to windows authentication - I installed this with Visual Studio 2005 and it just seemed to be set that way.Am I able to change this - if I choose sql authentication when connecting I get an errorIf someone could answer this point I would be most grateful !!Patrick
In an effort to eliminate the need to code accounts and passwords into the VB Com calling stored procedures, I would like to use Windows Authentication. I have setup the account that the com is running under to have access to the database. How does this change my connection string. Do I just drop the account and password parameters or do I need to let it know somehow that I want to use Windows Authentication?
I'm having problems with windows authentication. I'm new to using using Microsoft SQL Server. I just migrated from powerbuilder 8 to powerbuilder 10. I'm using OLE DB and can't get the windows authentication to work within the application. Can anyone help....
Hi, I am wondering that do we need to create the separate login at SQL SERVER (server) for all the user using the application for the windows authentication?
How do the windows authentication works? I have a apllication and SQL SERVER (SERVER) running on the same machine. Any user from the same domain can access the application. Application is interacting with the DB through Windows Authentication. Now my question is whether do we need to authenticate each user from the domain at the DB level. That is to craete the login id for all the user for windows authentication.
I remove the windows authentication from enterprise manager. and Now i want to re-assign the the windows authentication . so can i do it from query analyzer.
Hi all,You're all stars, really helpful. Maybe one day i can be :)My question is regarding the authentication in Windows SQL Server 2005.We have setup a sa account. We purchase software from a third partythat runs on it. Before their software logs on the sql server as sa,and does its own access control, windows autentication takes over. Itslogs users on correctly i guess, using a more secure link via thedomain. However, I am probably blind, but where can we assign rights toeach domain user? I.e. stop XXY dropping tables, but allow ABC to droptables?I had a brief look through but could not find anything that stood out,in the SQL Manager.ThanksDavidP.S This is SQL Server 2005 Workgroup edition running on a 2003 windowsdomain server. Alongside a SQL 2000 server, which is running fine usingsa accounts.For those in the same timezones as me... have a good evening.
Hi! Happy New Year!I'm having windows authetication connection problem. Although I cansee all the servers by using SQL Server authentication conncection, Ican see only some of the SQL family servers by using windowsauthentication connection. I checked the servers' properties of that Ican and can't see, but couldn't find any difference. Can someone giveme a direction that will enable me to debugg?If the servers are not in the same domain, how can I see them (windowsauthentication) from the same PC (client)?For some SQL server I even can not login via windows authentication atterminal server. Is any specific setup I should do at server?Thanks!Saiyou
Hello,We have a SQL 2000 installation (running on NT4 SP6a) with a databaseaccessed by a client application. Currently the application logs into thedatabase using a the SA account. I'd like to move the client access over toWindow Authentication. Each user has their own NT account. What steps do Ineed to take to achieve this?Any help would be greatly appreciated.James G.
