Integration Server 10.15 | Integration Server Administrator's Guide | Connecting Integration Server to Database Components in an External RDBMS | Using Kerberos Authentication for Outbound Connections to a Database | Addressing JAAS Conflicts for Kerberos
 
Addressing JAAS Conflicts for Kerberos
A JAAS conflict with another component can prevent Integration Server JDBC pools from using Kerberos to successfully connect to the database. This occurs after a JDBC connection establishes a Kerberos connection using the Oracle ojdbc8 driver. Integration Server JDBC pools are not able to use Kerberos to connect to the database. All connection attempts fail with the message:
No LoginModules configured for loginConfigName from database URL.
The connection attempts fail because there is a JAAS conflict in which the Integration Server JAAS configuration has been wiped out by another component.
To address this issue, you can configure Integration Server to programmatically run JAAS to obtain Subject and then use that Subject to establish a connection to the database. To use this functionality, the following must be true:
*The server configuration parameter watt.server.jdbc.datadirect.useJaasSubjectForKerberos must bet set to true.The parameter specifies that Integration Server uses the Subject in a JAAS configuration when using Kerberos with JDBC pool connections. You do not need to restart Integration Server for changes to this parameter to take effect.
*The Database URL for the JDBC Connection Pool alias must contain AuthenticationMethod=Kerberos.