Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add sample java app to access sql using krb auth #158

Merged
merged 1 commit into from
Jan 15, 2025
Merged

Add sample java app to access sql using krb auth #158

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
53 changes: 53 additions & 0 deletions sample/java-sample-app/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
# SQL Server Kerberos Authentication Java Application

A simple Java application that connects to Microsoft SQL Server using Kerberos authentication and executes a simple Select command on the database.

## Prerequisites

- Java 11 or higher
- Microsoft JDBC Driver for SQL Server (JDBC driver used to create this app is ```mssql-jdbc-12.8.1.jre8.jar```)
- Valid Kerberos ticket (can be verified using `klist`)
- SQL Server configured for Kerberos authentication

## Files Required

1. `SQLServerKerberosConnection.class` - The compiled Java class file
2. `mssql-jdbc-12.8.1.jre8.jar` - Microsoft JDBC driver for SQL Server

## Environment Setup

1. Ensure you have a valid Kerberos ticket:
```
klist
```

2. set the ```KRB5CCNAME``` in the environment to the krb5cc directory of a ticket. For example:
```
export KRB5CCNAME=/var/credentials-fetcher/krbdir/<lease_id>/WebApp01/krb5cc
```
Verify that the variable has been set correctly using ```echo $KRB5CCNAME```

3. Compile and run the Java file like so
```
javac --release 11 -cp .:mssql-jdbc-12.8.1.jre8.jar SQLServerKerberosConnection.java
java -cp .:mssql-jdbc-12.8.1.jre8.jar SQLServerKerberosConnection
```

4. You should see the following output
```
Connected successfully using Kerberos authentication.
+---------------------------+---------------------------+---------------------------+---------------------------+---------------------------+
| EmpID | EmpName | Designation | Department | JoiningDate |
+---------------------------+---------------------------+---------------------------+---------------------------+---------------------------+
| 1 | CHIN YEN | LAB ASSISTANT | LAB | 2022-03-05 03:57:09.967 |
+---------------------------+---------------------------+---------------------------+---------------------------+---------------------------+
| 2 | MIKE PEARL | SENIOR ACCOUNTANT | ACCOUNTS | 2022-03-05 03:57:09.967 |
+---------------------------+---------------------------+---------------------------+---------------------------+---------------------------+
| 3 | GREEN FIELD | ACCOUNTANT | ACCOUNTS | 2022-03-05 03:57:09.967 |
+---------------------------+---------------------------+---------------------------+---------------------------+---------------------------+
| 4 | DEWANE PAUL | PROGRAMMER | IT | 2022-03-05 03:57:09.967 |
+---------------------------+---------------------------+---------------------------+---------------------------+---------------------------+
| 5 | MATTS | SR. PROGRAMMER | IT | 2022-03-05 03:57:09.967 |
+---------------------------+---------------------------+---------------------------+---------------------------+---------------------------+
| 6 | PLANK OTO | ACCOUNTANT | ACCOUNTS | 2022-03-05 03:57:09.967 |
```
64 changes: 64 additions & 0 deletions sample/java-sample-app/SQLServerKerberosConnection.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
import java.sql.*;

// Replace user, domain name, and server name before compiling

public class SQLServerKerberosConnection {
public static void main(String[] args) {

System.setProperty("java.security.krb5.principal", "<user>@<domain_name>");

String connectionUrl = "jdbc:sqlserver://<server_name>:1433;"
+ "databaseName=EmployeesDB;"
+ "integratedSecurity=true;"
+ "authenticationScheme=JavaKerberos;"
+ "userName=<user>@<DOMAIN_NAME>;"
+ "serverSpn=MSSQLSvc/<server_name>:1433;"
+ "trustServerCertificate=true";

try {
// Ensure the JDBC driver is loaded
Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver");

// Establish the connection
try (Connection connection = DriverManager.getConnection(connectionUrl)) {
System.out.println("Connected successfully using Kerberos authentication.");

// Perform a simple query
try (Statement statement = connection.createStatement();
ResultSet resultSet = statement.executeQuery("SELECT * from EmployeesDB.dbo.EmployeesTable")) {

ResultSetMetaData metaData = resultSet.getMetaData();
int columnCount = metaData.getColumnCount();

String[] columns = new String[columnCount];
for (int i = 0; i < columnCount; i++) {
columns[i] = metaData.getColumnName(i + 1);
}
printRow(columns);

// Display data rows
while (resultSet.next()) {
String[] row = new String[columnCount];
for (int i = 0; i < columnCount; i++) {
row[i] = resultSet.getString(i + 1);
}
printRow(row);
}
}
}
} catch (ClassNotFoundException e) {
System.err.println("Error loading JDBC driver: " + e.getMessage());
} catch (SQLException e) {
System.err.println("Error connecting to the database: " + e.getMessage());
}
}


private static void printRow(String[] row) {
System.out.println("+---------------------------".repeat(row.length) + "+");
for (String col : row) {
System.out.printf("| %-25s ", col != null ? col : "NULL");
}
System.out.println("|");
}
}