A Kerberos environment must include a Java Authentication and Authorization Service (JAAS) login configuration file. This login configuration file specifies the JAAS login module for Kerberos authentication.

During installation, the JDBCDriverLogin.conf file is installed in the /lib directory of the product installation directory. The driver uses this file as a JAAS login configuration file unless a login configuration file has been specified with the java.security.auth.login.config system property directly in the application.

If you choose to specify a login configuration file with the java.security.auth.login.config system property, you may use the JDBCDriverLogin.conf installed with the driver or a login configuration file of your choosing.

Whether you are using the JDBCDriverLogin.conf file or another file, the login configuration file must contain the entry JDBC_DRIVER_01 with JAAS login module information. The following examples show that the JAAS login module information depends on your JRE.

Oracle JRE

JDBC_DRIVER_01 {
  com.sun.security.auth.module.Krb5LoginModule required useTicketCache=true;
};

IBM JRE

JDBC_DRIVER_01 {
  com.ibm.security.auth.module.Krb5LoginModule required useDefaultCcache=true;
};

See "Configuring the Driver for Kerberos Authentication" for step-by-step instructions.

Refer to "JAAS Login Configuration File" in your Java documentation for information about setting options in the login configuration file.