JS7 JobScheduler

Space shortcuts

Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

Introduction

  • Usually, a user name and password are specified when connecting to a database.

  • Such configurations are considered insecure as passwords are stored in clear text in external files or in job parameters.
  • The SQL Server® provides a means to connect to a database without specifying a user account and password.

Integrated Security

This authentication scheme is based on the fact that the account that a component is operated for is already authenticated by the OS and therefore can access a database without specifying user/password credentials.

Use of Integrated Security during Installation



There are two prerequisites:

  • to set up a domain account before installation for the user account that performs the installation.
  • to set up a Hibernate configuration file, see JS7 - Database:
    • Users can create an individual Hibernate configuration file and make the installer use this file. The hibernate.connection.url property in this file should include the IntegratedSecurity=true setting, no user name and password must be specified.
    • This configuration will implicitly use the domain account that JOC Cockpit is operated for.
    • Add IntegratedSecurity=true property
       <property name"hibernate.connection.url">jdbc:sqlserver://[servername]:[port];IntegratedSecurity=true;sendStringParametersAsUnicode=false;selectMethod=cursor;databaseName=[databasename]</property>

Use of Integrated Security for an existing Installation

If you want to use a connection to an SQL Server with a Windows domain account then it might happen that during installation you receive an error message like this:

 SQLException: Login failed for user 'DOMAIN\USER'

The given userid that is used by this connection presents itself as a SQL\USER account, instead of a DOMAIN\USER account.

A check of SQL Server logs will indicate that the given User ID that tried to establish the connection presented itself as an SQL\USER account, instead of a DOMAIN\USER account.

Apply the following modification to your Hibernate configuration file:

  • modify JETTY_BASE/resources/joc/hibernate.cfg.xml:

    Add IntegratedSecurity=true property
     <property name"hibernate.connection.url">jdbc:sqlserver://[servername]:[port];IntegratedSecurity=true;sendStringParametersAsUnicode=false;selectMethod=cursor;databaseName=[databasename]</property>


  • No labels