Fork me on GitHub
Slack Archive

This page is not created by, affiliated with, or supported by Slack Technologies, Inc.

2021-01-20

Channels

#sql
<
2021-01-20
>
voortuck15:01:42

I've got a database where access is controlled not with a password but with kerberos. Are there any examples of connecting to a database like this with clojure?

seancorfield17:01:23

@bill.h.tucker_slack Look up how to access it via JDBC. You should be able to apply that to Clojure.

3
voortuck07:01:22

I guess if I was a real clojure person, I should. I'm still pretty inexperienced. I have a java example that runs a query using jdbc. But it uses Oracle's DriverManager and sets some properties (System.setProperty(<k5 stuff>). Here's the java getting a connection object using a Properties props object with a url: 

DriverManager.registerDriver(new OracleDriver());
		  Connection conn = DriverManager.getConnection(url, props);
I looked at next.jdbc: https://cljdoc.org/d/seancorfield/next.jdbc/1.1.613/api/next.jdbc.connection and I don't see anything similar for setting these properties. Looking at https://github.com/seancorfield/next-jdbc/blob/develop/src/next/jdbc/connection.clj it looks like the pieces are all there. It's just not obvious to me how to combine them properly. Let me know if you have any other breadcrumbs for me to follow or examples I can explore to research creating a connection using kerberos with clojure. The java examples are from here: https://www.rgagnon.com/javadetails/java-oracle-jdbc-connect-with-kerberos.html

seancorfield16:01:03

Sorry @bill.h.tucker_slack I just meant, if you know the properties used for JDBC, just pass them in a hash map for Clojure: 

props.setProperty(
      OracleConnection.CONNECTION_PROPERTY_THIN_NET_AUTHENTICATION_SERVICES,
      "( " + AnoServices.AUTHENTICATION_KERBEROS5 + " )");
    props.setProperty(
      OracleConnection.CONNECTION_PROPERTY_THIN_NET_AUTHENTICATION_KRB5_MUTUAL,
      "true");
That's the relevant bit so it is looking for 
{:dbtype "oracle", 
 :dbname "yourdb", 
 OracleConnection/CONNECTION_PROPERTY_THIN_NET_AUTHENTICATION_SERVICES (str "(" AnoServices/AUTHENTICATION_KERBEROS5 ")"),
 OracleConnection/CONNECTION_PROPERTY_THIN_NET_AUTHENTICATION_KRB5_MUTUAL "true"}
and you also need to invoke 
(System/setProperty "java.security.krb5.conf" "path/to/your/krb5.conf")
before you call next.jdbc/get-datasource on that db-spec hash map.

seancorfield16:01:31

Something like that should work.