Kerberized DBMS's Available

Bruce Stewart BruceS at
Fri Oct 6 08:29:02 EDT 2006

We have developed  Kerberos patch for the jTDS JDBC driver (MS SQL Server 2000+) based on the GSS-API (JDK 1.4+).  It is not officially part of the jTDS release.  If SQL Server/Sybase is an option for you, drop me a mail.  I know I'd really appreciate comment/criticism so that I can improve the docs.

-----Original Message-----
From: kerberos-bounces at [mailto:kerberos-bounces at]On
Behalf Of Henry B. Hotz
Sent: 05 October 2006 19:57
To: kerberos at
Subject: Kerberized DBMS's Available

I'm looking for a DBMS that supports Kerberos for user authentication  
and has a JDBC client.  It appears that I may have to write the  
support myself, unless someone can add something I haven't been able  
to find out.

The "big three" I know about are:

MySQL -- market leader, but no Kerberos support.  Also AFAIK no  
ability to use the identity from an SSH or SSL tunnel.  SASL/GSSAPI  
patches probably acceptable if offered.

PostgreSQL -- supports Kerberos directly with the MIT API.  No SASL/ 
GSSAPI support so Kerberos support doesn't work with the JDBC client,  
or on Windows (unless you build against KfW presumably).  GSSAPI  
patches probably acceptable if done "cleanly".

Oracle -- supports Kerberos directly using some pre-release MIT code  
independent of available any outside Kerberos libraries.  Not sure if  
our site license allows export of the client, or if they have a  
Kerberos aware JDBC client.  I expect not for at least one of those.

The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz at, or hbhotz at

Kerberos mailing list           Kerberos at

This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to which they are addressed.  If you have received this e-mail in error please notify NSFAS immediately.  Please note that any views or opinions presented in this e-mail are solely those of the author and do not necessarily represent those of the organisation.

More information about the Kerberos mailing list