Azure SQL Server Datastore with Active Directory Password Authentication

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Azure SQL Server Datastore with Active Directory Password Authentication

Matt Barclay
Hello,

I am trying to configure GeoServer 2.15.0 to talk to our Azure SQL Server instance using ActiveDirectoryPassword authentication.  I have installed the Microsoft SQLJDBC 7.2.1.0 driver, and I can see "Microsoft SQL Server" as an option in the datastore configuration page.  However, when I configure my server, I get the following error:

java.lang.RuntimeException: Unable to obtain connection: Cannot create PoolableConnectionFactory (Cannot open server "mydomain.net" requested by the login.  The login failed.

My configuration looks like:

Port:  1433
Database:  my_database_test
Schema:  dbo
Passwd:  XxXxXxX


In Python-land, the connection string looks like this:

Driver={ODBC Driver 17 for SQL Server};Encrypt=yes;TrustServerCertificate=no;ConnectionTimeout=5;Authentication=ActiveDirectoryPassword;Server=mydomain-test.database.windows.net;Database=my_database_test;Uid=[hidden email];Pwd=XxXxXxX;

Is there any way to enable ActiveDirectoryPassword authentication in GeoServer?

Thanks,

Matt




_______________________________________________
Geoserver-users mailing list

Please make sure you read the following two resources before posting to this list:
- Earning your support instead of buying it, but Ian Turton: http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines: http://geoserver.org/comm/userlist-guidelines.html

If you want to request a feature or an improvement, also see this: https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer


[hidden email]
https://lists.sourceforge.net/lists/listinfo/geoserver-users
Reply | Threaded
Open this post in threaded view
|

Re: Azure SQL Server Datastore with Active Directory Password Authentication

geowolf
On Thu, Apr 11, 2019 at 2:22 AM Matt Barclay <[hidden email]> wrote:
In Python-land, the connection string looks like this:

Driver={ODBC Driver 17 for SQL Server};Encrypt=yes;TrustServerCertificate=no;ConnectionTimeout=5;Authentication=ActiveDirectoryPassword;Server=mydomain-test.database.windows.net;Database=my_database_test;Uid=[hidden email];Pwd=XxXxXxX;

Is there any way to enable ActiveDirectoryPassword authentication in GeoServer?

Assuming that the JDBC driver can do something similar (you'll have to check) it should be possible to get where you want by changing this class:

If you modify it and the change is of general utility, pull requests are welcomed, see here:

Cheers
Andrea

==

GeoServer Professional Services from the experts! Visit http://goo.gl/it488V for more information. == Ing. Andrea Aime @geowolf Technical Lead GeoSolutions S.A.S. Via di Montramito 3/A 55054 Massarosa (LU) phone: +39 0584 962313 fax: +39 0584 1660272 mob: +39 339 8844549 http://www.geo-solutions.it http://twitter.com/geosolutions_it ------------------------------------------------------- Con riferimento alla normativa sul trattamento dei dati personali (Reg. UE 2016/679 - Regolamento generale sulla protezione dei dati “GDPR”), si precisa che ogni circostanza inerente alla presente email (il suo contenuto, gli eventuali allegati, etc.) è un dato la cui conoscenza è riservata al/i solo/i destinatario/i indicati dallo scrivente. Se il messaggio Le è giunto per errore, è tenuta/o a cancellarlo, ogni altra operazione è illecita. Le sarei comunque grato se potesse darmene notizia. This email is intended only for the person or entity to which it is addressed and may contain information that is privileged, confidential or otherwise protected from disclosure. We remind that - as provided by European Regulation 2016/679 “GDPR” - copying, dissemination or use of this e-mail or the information herein by anyone other than the intended recipient is prohibited. If you have received this email by mistake, please notify us immediately by telephone or e-mail.



_______________________________________________
Geoserver-users mailing list

Please make sure you read the following two resources before posting to this list:
- Earning your support instead of buying it, but Ian Turton: http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines: http://geoserver.org/comm/userlist-guidelines.html

If you want to request a feature or an improvement, also see this: https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer


[hidden email]
https://lists.sourceforge.net/lists/listinfo/geoserver-users
Reply | Threaded
Open this post in threaded view
|

Re: Azure SQL Server Datastore with Active Directory Password Authentication

Matt Barclay
Thanks, Andrea.  I'll take this to the geotools-devel list to work on implementation.

Regards,
Matt

photo
Matt Barclay
Senior Software Engineer
206.250.8960  | growers.ag



On Thu, Apr 11, 2019 at 1:34 AM Andrea Aime <[hidden email]> wrote:
On Thu, Apr 11, 2019 at 2:22 AM Matt Barclay <[hidden email]> wrote:
In Python-land, the connection string looks like this:

Driver={ODBC Driver 17 for SQL Server};Encrypt=yes;TrustServerCertificate=no;ConnectionTimeout=5;Authentication=ActiveDirectoryPassword;Server=mydomain-test.database.windows.net;Database=my_database_test;Uid=[hidden email];Pwd=XxXxXxX;

Is there any way to enable ActiveDirectoryPassword authentication in GeoServer?

Assuming that the JDBC driver can do something similar (you'll have to check) it should be possible to get where you want by changing this class:

If you modify it and the change is of general utility, pull requests are welcomed, see here:

Cheers
Andrea

==

GeoServer Professional Services from the experts! Visit http://goo.gl/it488V for more information. == Ing. Andrea Aime @geowolf Technical Lead GeoSolutions S.A.S. Via di Montramito 3/A 55054 Massarosa (LU) phone: +39 0584 962313 fax: +39 0584 1660272 mob: +39 339 8844549 http://www.geo-solutions.it http://twitter.com/geosolutions_it ------------------------------------------------------- Con riferimento alla normativa sul trattamento dei dati personali (Reg. UE 2016/679 - Regolamento generale sulla protezione dei dati “GDPR”), si precisa che ogni circostanza inerente alla presente email (il suo contenuto, gli eventuali allegati, etc.) è un dato la cui conoscenza è riservata al/i solo/i destinatario/i indicati dallo scrivente. Se il messaggio Le è giunto per errore, è tenuta/o a cancellarlo, ogni altra operazione è illecita. Le sarei comunque grato se potesse darmene notizia. This email is intended only for the person or entity to which it is addressed and may contain information that is privileged, confidential or otherwise protected from disclosure. We remind that - as provided by European Regulation 2016/679 “GDPR” - copying, dissemination or use of this e-mail or the information herein by anyone other than the intended recipient is prohibited. If you have received this email by mistake, please notify us immediately by telephone or e-mail.



_______________________________________________
Geoserver-users mailing list

Please make sure you read the following two resources before posting to this list:
- Earning your support instead of buying it, but Ian Turton: http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines: http://geoserver.org/comm/userlist-guidelines.html

If you want to request a feature or an improvement, also see this: https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer


[hidden email]
https://lists.sourceforge.net/lists/listinfo/geoserver-users