To use Kerberos authentication, the application and driver code bases must be granted security permissions in the security policy file of the Java Platform as shown in the following code example.

grant codeBase "file:/install_dir/lib/60/-" {
   permission javax.security.auth.AuthPermission
      "createLoginContext.DDTEK-JDBC";
   permission javax.security.auth.AuthPermission "doAs";
   permission javax.security.auth.kerberos.ServicePermission 
      "krbtgt/your_realm@your_realm", "initiate";
   permission javax.security.auth.kerberos.ServicePermission 
      "principal_name/db_hostname@your_realm", "initiate";
};

where:

install_dir
is the product installation directory.
your_realm
is the Kerberos realm (or Windows Domain) to which the database host machine belongs.
principal_name
is the service principal name registered with the Key Distribution Center (KDC) that identifies the database service.
db_hostname
is the host name of the machine running the database.