skip to main content
Using the Driver : Authentication : Configuring the Driver for Kerberos Authentication : The JAAS Login Configuration File
  

Try DataDirect Drivers Now
The JAAS Login Configuration File
The Java Authentication and Authorization Service (JAAS) login configuration file contains one or more entries that specify authentication technologies to be used by applications. To establish Kerberos connections with the driver, the login configuration file must be referenced either by setting the java.security.auth.login.config system property or by setting up a default configuration using the Java security properties file. In addition, the login configuration file must include an entry for the driver. (See "Configuring the Driver for Kerberos Authentication" for details.)
You can create your own JAAS login configuration file, or you can use the JDBCDriverLogin.conf file installed with the driver. This file is installed in the /lib directory of the product installation directory. In either case, the login configuration file must include an entry that specifies the authentication technology to be used by the driver to establish a Kerberos connection.
JAAS login configuration file entries begin with an entry name followed by one or more LoginModule items. Each LoginModule item contains information that is passed to the LoginModule. A login configuration file entry takes the following form.
entry_name {
login_module flag_value module_options
};
where:
entry_name
is the name of the login configuration file entry. The driver's LoginConfigName connection property can be used to specify the name of this entry. JDBC_DRIVER_01 is the default entry name for the JDBCDriverLogin.conf file installed with the driver.
login_module
is the fully qualified class name of the authentication technology used with the driver.
flag_value
specifies whether the success of the module is required, requisite, sufficient, or optional.
module_options
specifies available options for the LoginModule. These options vary depending on the LoginModule being used.
The following examples show that the LoginModule used for a Kerberos implementation depends on your JRE.
Oracle JRE
JDBC_DRIVER_01 {
com.sun.security.auth.module.Krb5LoginModule required useTicketCache=true;
};
IBM JRE
JDBC_DRIVER_01 {
com.ibm.security.auth.module.Krb5LoginModule required useDefaultCcache=true;
};
Refer to Java Authentication and Authorization Service documentation for information about the JAAS login configuration file and implementing authentication technologies.