Aurora PostgreSQL with Kerberos Authentication

KristiCloudEngKristiCloudEng Posts: 1 New member
edited August 9, 2024 1:28PM in PostgreSQL
We are experiencing issues with active directory (Kerberos) authentication with Flyway Desktop. We are able to authenticate with a local database user, no problem, however we are unable to authenticate with active directory.


Unable to obtain connection from database (jdbc:postgresql://clustname:5432/databasename?gssEncMode=require&gsslib=gssapi&ssl&sslmode=prefer&sslrootcert=C:\Users\username\Cert\oot.pem) for user 'UserName@domainname': An error occurred while setting up the GSS Encoded connection.

-----------------------------------------------------------------------------------------------------------------------------------------------------------------

SQL State : 08P01 Error Code : 0 Message : An error occurred while setting up the GSS Encoded connection. Caused by: An error occurred while setting up the GSS Encoded connection.


We have tried a few different connection string configurations as recommended by support:
jdbc:postgresql://your_server:your_port/your_database?gssEncMode=require&gsslib=gssapi


JAAS configuration file is present and pointed in the environment variables:
-Djava.security.auth.login.config=/etc/jaas.conf


pgjdbc
{
  com.sun.security.auth.module.Krb5LoginModule required
  doNotPrompt=true
  useTicketCache=true
  debug=true
  client=true;
};


klist returns the correct Kerberos ticket. 



Has anyone else bumped into this issue? 



· Share on Twitter

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Format
SpoilerCodeQuote
Heading 2Heading 1
Emoji
:):D;):\:/:o:s:p:'-(:|:-|B)o:)<38-)=)>_<:3:{/\:(`,`:‑J*|*<|>=}:[]:$B^D8D:‑D:O:'(>:O;‑]%‑);^)=p(~)=]xx:]
Url
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file
Home PostgreSQL Comment As ...