Using Kerberos Constrained Delegation
TDV JDBC driver can also be configured to use Kerberos Constrained Delegation. This feature allows a service to obtain service tickets to a restricted list of other services running on specific servers on the network after it has been presented with a service ticket. For more details on the process see: https://technet.microsoft.com/en-ca/library/cc995228.aspx.
The userGSSCredential connection property can be used in the connection URL to pass in a GSSCredential object. The following sample code shows how to use the property to pass the GSSCredential into the driver using JDBC:
GSSCredential impersonatedUserCredential = [userCredential]
Properties driverProperties = new Properties();
Driver driver = (Driver) Class.forName("cs.jdbc.driver.CompositeDriver").newInstance();
driverProperties.setProperty("authenticationMethod", "kerberos");
driverProperties.put("userGSSCredential", impersonatedUserCredential);
Connection conn = DriverManager.getConnection(CONNECTION_URL, driverProperties);
GSSCredential impersonatedUserCredential = [userCredential]
CompositeDataSource datasource = new CompositeDataSource();
datasource.setURL(CONNECTION_URL);
datasource.setUserGSSCredential(impersonatedUserCredential);
Connection conn = datasource.getConnection();