Purpose

Determines which authentication method the driver uses when establishing a connection. If the specified authentication method is not supported by the database server, the connection fails and the driver throws an exception.

Valid Values

ActiveDirectoryPassword | auto | kerberos | ntlm | ntlmjava | ntlm2java | userIdPassword

Behavior

If set to ActiveDirectoryPassword, the driver uses Azure Active Directory (Azure AD) authentication when establishing a connection to an Azure SQL Database data store. In addition to specifying a user ID and password, a value must be specified for the HostNameInCertificate property. All communications to the service are encrypted using SSL.

If set to auto, the driver uses SQL Server authentication, Kerberos authentication, or NTLM authentication when establishing a connection. The driver selects an authentication method based on a combination of criteria, such as whether the application provides a user ID, the driver is running on a Windows platform, and the driver can load the DLL required for NTLM authentication.

If set to kerberos, the driver uses Kerberos authentication. The driver ignores any user ID or password specified. This value is supported only when connecting to Microsoft SQL Server 2000 or higher.

If set to ntlm, the driver uses NTLM authentication if the DLL required for NTLM authentication can be loaded. If the driver cannot load the DLL, the driver throws an exception. User ID and password are optional. If user ID and password are specified, those credentials will be used. Otherwise, the current OS user credentials will be used. This value is supported for Windows clients only.

If set to ntlmjava, the driver uses NTLMv1 or NTLMv2 depending on the size of the NTLM password. NTLMv1 is used if the password is 14 bytes or less; NTLMv2 is used if the password is more than 14 bytes. A user ID and password must also be specified. This value is supported for Windows and UNIX/Linux clients.

If set to ntlm2java, the driver uses NTLMv2 authentication. A user ID and password must also be specified. This value is supported for Windows and UNIX/Linux clients.

If set to userIdPassword, the driver uses SQL Server authentication when establishing a connection. If a user ID is not specified, the driver throws an exception.

Notes

  • Azure AD authentication (AuthenticationMethod=ActiveDirectoryPassword) requires Java SE 7 or higher.
  • When using Azure AD authentication (AuthenticationMethod=ActiveDirectoryPassword), the driver requires root CA certificates to establish an SSL connection to a database. The driver determines the location of the truststore containing the required certificates by using the default JRE cacerts file, unless a different file has been specified by the javax.net.ssl.trustStore java system property. The truststore location cannot be specified using the driver's Truststore property.
  • If you specify AuthenticationMethod=ntlmjava when the LMCompatabilityLevel has been restricted to NTLMv2, an error will be returned. When the LMCompatabilityLevel has been restricted to NTLMv2, AuthenticationMethod must be set to ntlm2java.
  • If you specify AuthenticationMethod=ntlmjava or AuthenticationMethod=ntlm2java, you must specify the name of the domain server that administers the database. You can specify the domain server using the Domain property. If the Domain property is not specified, the driver tries to determine the domain server from the User property. If the driver cannot determine the domain server name, it throws an exception.
  • The User property provides the user ID. The Password property provides the password.
  • The values type4, type2, and none are deprecated, but are recognized for backward compatibility. Use the kerberos, ntlm, and userIdPassword value, respectively, instead.
  • NTLM authentication requires Microsoft SQL Server 2000, Service Pack 3 or higher.

Default

userIdPassword

Data Type

String

See also