To use Kerberos authentication with a Security Manager on a Java Platform, the application and driver code bases must be granted security permissions in the Java security policy file.

The following example shows how driver security permission can be granted for the Oracle driver.
grant codeBase "file:/install_dir/lib/60/-" {
   permission javax.security.auth.AuthPermission
      "createLoginContext.DDTEK-JDBC";
   permission javax.security.auth.AuthPermission "doAs";
   permission javax.security.auth.kerberos.ServicePermission 
      "krbtgt/your_realm@your_realm", "initiate";
   permission javax.security.auth.kerberos.ServicePermission 
      "principal_name/db_hostname@your_realm", "initiate";
};

where

install_dir
is the product installation directory.
your_realm
is the Kerberos realm (or Windows Domain) to which the database host machine belongs.
principal_name
is the service principal name registered with the Key Distribution Center (KDC) that identifies the database service.
db_hostname
is the host name of the machine running the database.

For more information about configuring your driver for Kerberos, see "Configuring the Driver for Kerberos Authentication".