Page History
Table of Contents | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|
|
Set up a domain account during installation
Display feature availability | ||
---|---|---|
|
Jira | ||||||||
---|---|---|---|---|---|---|---|---|
|
Introduction
Usually, a user name and password are specified when connecting to a database.
- Such configurations are considered insecure as passwords are stored in clear text in external files or in job parameters.
- The SQL Server® provides a means to connect to a database without specifying a user account and password.
Integrated Security
This authentication scheme is based on the fact that the account that a component is operated for is already authenticated by the OS and therefore can access a database without specifying user/password credentials.
Use of Integrated Security during Installation
There are two prerequisites:
- to set up a domain account before installation for the user account that performs the installation.
- to set up a Hibernate configuration file, see JS7 - Database:
- Users can create an individual Hibernate
...
- configuration file and make the installer use this file. The
hibernate.connection.url
property in this file should include theIntegratedSecurity=true
setting, no user name and password
- configuration file and make the installer use this file. The
...
- must be specified.
- This configuration will implicitly use the domain account that
...
- JOC Cockpit is operated for.
Code Block title Add IntegratedSecurity=true property <property name"hibernate.connection.url">jdbc:sqlserver://[servername]:[port];IntegratedSecurity=true;sendStringParametersAsUnicode=false;selectMethod=cursor;databaseName=[databasename]</property>
Use of Integrated Security for an existing Installation
If you want
Set up a domain account for an existing JobSchedule installation
If you wanted to use a connection to a an SQL Server for JobScheduler with a Windows domain account then it could might happen that during installation you receive an error during set-upmessage like this:
Code Block |
---|
SQLException: Login failed for user 'DOMAIN\USER' |
The given userid that is used by this connection presents itself as a SQL\USER account, instead of a DOMAIN\USER account.
A check on the of SQL Server indicates logs will indicate that the given userid User ID that was used tried to establish the connection presents presented itself as a an SQL\USER
account, instead of a DOMAIN\USER
account.You can continue the set-up but the database tables will not be created and the JobScheduler doesn't start.
Follow these steps to fix the problem after the set-up
edit $SCHEDULER_DATA/config/sos_settings.ini
Code Block | ||
---|---|---|
| ||
url = jdbc:sqlserver://[servername]:1433;IntegratedSecurity=true;sendStringParametersAsUnicode=false;selectMethod=cursor;databaseName=[databasename]
|
Code Block | ||
---|---|---|
| ||
url = jdbc:jtds:sqlserver://[servername]:1433;domain=[domainname];sendStringParametersAsUnicode=false;selectMethod=cursor;databaseName=[databasename]
|
Then start $SCHEDULER_HOME\install\scheduler_install_tables.cmd to create the database tables.
Apply the following modification to your Hibernate configuration file:
modify
JETTY_BASE/resources/joc/hibernate.cfg.xml
:Code Block title Add IntegratedSecurity=true property
...
edit $SCHEDULER_DATA/config/factory.ini
Code Block | ||
---|---|---|
| ||
db = jdbc -class... jdbc:sqlserver://[servername]:1433;IntegratedSecurity=true;sendStringParametersAsUnicode=false;selectMethod=cursor;databaseName=[databasename] -user=... -password=...
|
Code Block | ||
---|---|---|
| ||
db = jdbc -class... jdbc:jtds:sqlserver://[servername]:1433;domain=[domainname];sendStringParametersAsUnicode=false;selectMethod=cursor;databaseName=[databasename] -user=... -password=...
|
edit $SCHEDULER_DATA/config/hibernate.cfg.xml
...
<property name"hibernate.connection.url">jdbc:sqlserver://[servername]:
...
[port];IntegratedSecurity=true
...
title | for jTDS JDBC driver add domain=<domainname> |
---|
...
;sendStringParametersAsUnicode=false;selectMethod=cursor;databaseName=[databasename]</property>