Page History
...
This authentication scheme is based on the fact that the account that a component is operated for is already authenticated by the OS and can therefore can access a database without specifying user/password credentials.
...
The following prerequisites apply:
- a domain account has to be set up a domain account before installation of the JOC Cockpit installation for the user account that connects to the database,
- to set up a Hibernate configuration file, see JS7 - Database:
- Users can create an individual Hibernate configuration file and make the installer use this file. The
hibernate.connection.url
property in this file has to include theIntegratedSecurity=true
setting, no user name and no or password must has to be specified. This configuration will implicitly use the domain account that JOC Cockpit is operated for.
Code Block title Add IntegratedSecurity=true property <property name"hibernate.connection.url">jdbc:sqlserver://[servername]:[port];IntegratedSecurity=true;sendStringParametersAsUnicode=falsetrue;selectMethod=cursor;databaseName=[databasename]</property> <property name="hibernate.connection.username"></property> <property name="hibernate.connection.password"></property>
- Users can create an individual Hibernate configuration file and make the installer use this file. The
...
The SQL Server® JDBC Driver distribution usually ships with a library for authentication purposes with a name such as sql_jdbc.dll
or mssql-jdbc_auth-9.2.1.x64.dll
or similar. This library should be added to a location that is specified with the Windows PATH
environment variable for the JOC Cockpit Windows Service or . Alternatively, it can simply be stored to in the C:\Windows\System32
directory or to the bin
directory of the Java JDK/JRE in use.
...
Rumor says that Integrated Security with Linux operating systems should be possible by use of using the Kerberos integration layer.
...
If you modified an existing Hibernate configuration file to use a connection to SQL Server® with a Windows domain account then it might occur during installation happen that you receive an error message like this during installation:
Code Block |
---|
SQLException: Login failed for user 'DOMAIN\USER' |
A check of the SQL Server® logs might indicate that the given User ID that tried to establish the connection presented itself as an SQL\USER
account, instead of a DOMAIN\USER
account.
Consider to use using the IntegratedSecurity=true
setting with your Hibernate configuration file:
modify
JETTY_BASE/resources/joc/hibernate.cfg.xml
:Code Block title Add IntegratedSecurity=true property <property name"hibernate.connection.url">jdbc:sqlserver://[servername]:[port];IntegratedSecurity=true;sendStringParametersAsUnicode=falsetrue;selectMethod=cursor;databaseName=[databasename]</property>
...