我为Postgres 9.6设置了kerberos / GSSAPI身份验证。它可以在Linux DB服务器上成功运行,但是从Windows桌面DBeaver应用程序连接时失败。 pg_log中的错误消息如下。有什么想法吗?
2018-10-25 00:34:59 CDT [61935]: [3-1] [murali] [mdtest] FATAL: 28000: GSSAPI authentication failed for user "murali"
2018-10-25 00:34:59 CDT [61935]: [4-1] [murali] [mdtest] DETAIL: Connection matched pg_hba.conf line 85: "host all all 0.0.0.0/0 gss include_realm=1 map=gss krb_realm=COMPANY.COM"
2018-10-25 00:34:59 CDT [61935]: [5-1] [murali] [mdtest] LOCATION: auth_failed, auth.c:307
我的krb5.conf-
[libdefaults]
default_realm = COMPANY.ORG
[realms]
COMPANY.ORG = {
kdc = kdc.company.org
kdc = kdc2.company.org
admin_server = kdc.company.org
}
[domain_realm]
company.org = COMPANY.ORG
.company.org = COMPANY.ORG
[login]
krb4_convert = true
krb4_get_tickets = false
我的jaas.conf
pgjdbc {
com.sun.security.auth.module.Krb5LoginModule required
refreshKrb5Config=true
doNotPrompt=True
useTicketCache=True
renewTGT=True
useKeyTab=true
keyTab="c:\users\public\kerb\postgres.keytab"
debug=true
client=true
principal="murali@COMPANY.COM";
};
dbeaver.ini
-startup
plugins/org.eclipse.equinox.launcher_1.5.100.v20180827-1352.jar
--launcher.library
plugins/org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.800.v20180827-1352
-showsplash
-vmargs
-XX:+IgnoreUnrecognizedVMOptions
--add-modules=ALL-SYSTEM
-Xms64m
-Xmx1024m
-Dsun.locale.formatasdefault=true
-Djava.security.auth.login.config=C:\Users\public\kerb\jaas.conf
-Djava.security.krb5.conf=C:\Users\public\kerb\krb5.conf
-Dsun.security.krb5.debug=true
pg_ident.conf
gss /^(.*)@COMPANY\.ORG$ \1
gss /^(.*)@COMPANY\.ORG$ murali