通过 JDBC 从 Linux 机器使用 Windows 身份验证连接到 SQL Server

Question

I want to be able to connect to a SQL Server using jdbc and windows authentication. I saw some answers on the internet saying i should add the following property to the connection string:

integratedSecurity=true;

And also add

sqljdbc_auth.dll

To the java path.

But this, as far as i understand applies only when i'm connecting from a Windows machine. When i try this on a Linux machine i get:

java.sql.SQLException: This driver is not configured for integrated authentication

My question is how do I do it from a Linux machine.

Thanks

Answer 1

Well, eventually I answer my own question: This is not possible to use Windows authentication from a linux machine using the Microsoft JDBC driver. This is possible using the jTDS JDBC driver using the following connection string:

jdbc:jtds:sqlserver://host:port;databaseName=dbname;domain=domainName;useNTLMv2=true;

Thank you all for all the comments

Answer 2

TL;DR

It is not possible to use native Windows Authentication for JDBC connections to MSSQL from a JVM running on Linux.

---

This MSDN article explains the authentiation methods with JDBC on Linux, potential errors, and available options:

https://blogs.msdn.microsoft.com/psssql/2015/01/09/jdbc-this-driver-is-not-configured-for-integrated-authentication/

...in the JDBC 4.0 driver, you can use the authenticationScheme connection property to indicate how you want to use Kerberos to connect to SQL. There are two settings here.

• NativeAuthentication (default) – This uses the sqljdbc_auth.dll and is specific to the Windows platform. This was the only option prior to the JDBC 4.0 driver.

• JavaKerberos – Makes use of the Java API's to invoke kerberos and does not rely on the Windows Platform. This is java specific and not bound to the underlying operating system, so this can be used on both Windows and Linux platforms.

...

The following document outlines how to use Kerberos with the JDBC Driver and walks through what is needed to get JavaKerberos working properly.

Using Kerberos Integrated Authentication to Connect to SQL Server http://msdn.microsoft.com/en-us/library/gg558122%28v=sql.110%29.aspx

Answer 3

I know this is kind of an older topic but in case Google sends people here:

There are two main JDBC drivers for SQL Server. One is from Microsoft and the other from jTDS. jTDS can, amazingly, connect using Windows auth (NTLM) from other platforms, including Linux, as described here: http://jtds.sourceforge.net/faq.html#windowsAuth . It can, of course, also use SQL-authenticated logins. SQL-authenticated logins are no harder to use from any OS than any other, so don't forget about those an option.

The version provided by Microsoft is the one from which @mjn provided a quote from the documentation. It is able to connect using Windows authentication by specifying integratedSecurity=true , authenticationScheme=javaKerberos , and authentication=NotSpecified .

It is tricky to get this working even if you don't go out of your way to find more confusion, so always keep in mind which driver you are using - and tell us in these posts so that you can get more specific help.

Answer 4

For those who are using DBeaver the way to connect to the SQL Server Database is:

In order to connect to the SQL Server from Linux Debian using DBeaver

1.- Select SQL Server jTDS driver

2.- Enter the connection information

3.- Go to Driver Properties tab and add the domain, user, password

Just as a note, in some post I found that they needed to change the property USENTLMV2 to TRUE but it worked for me either by putting the USERTLNMV2 in true or false.

A problem that I found was that when I was trying to connect to the database using my user and password the next error was thrown:

Login failed. The login is from an untrusted domain and cannot be used with Windows authentication.

This error was thrown because of my user was about to expire. I tried with another AD user and it could connect.

Answer 5

This JDBC URL is validated to work with latest Microsoft SQL Server JDBC driver:

jdbc:sqlserver://[server]:[port];database=[db\;trustServerCertificate=true;integratedSecurity=true;user=[user without domain];password=[pw];authenticationScheme=NTLM;domain=[domain];authentication=NotSpecified

Example:

jdbc:sqlserver://mysql.myorg.com:1433;database=mydb;trustServerCertificate=true;integratedSecurity=true;user=myuser;password=mypwd;authenticationScheme=NTLM;domain=ad.myorg.com;authentication=NotSpecified

Answer 6

I was able to connect to a SQL Server 2016 Data Mart and JDBC connection Microsoft JDBC Driver using Windows Authentication using the following script on a Ubuntu Linux Docker Image running on Windows 10.

# initializes spark session
from pyspark.sql import SparkSession
spark = SparkSession\
    .builder\
    .master('local[*]')\
    .appName('FDM')\
    .config("spark.driver.extraClassPath","pyspark_jars/*")\
    .config('spark.executor.memory', '4g')\
    .config('spark.driver.memory', '16g')\
    .config('spark.executor.cores', '4')\
    .getOrCreate()

jdbc_url = '''jdbc:sqlserver://SERVER;databaseName=DBNAME;trustServerCertificate=true;integratedSecurity=true;user=USERID;password=PASSWORD;authenticationScheme=NTLM;domain=US;authentication=NotSpecified'''


spark_df = spark.read\
    .format("jdbc")\
    .option("url", jdbc_url)\
    .option("driver","com.microsoft.sqlserver.jdbc.SQLServerDriver")\
    .option("query", 'select top(1000) * from SCHEMA.TABLE')\
    .option("fetchsize", 100000)\
    .load()

spark_df.write.csv('TEST.csv', mode = "overwrite", header=True)