Open mdeguzis opened 6 years ago
How long this feature will be develop? Make kinit every day is completely disappointment.
SSPI support is already present and implemented. What's the problem? Put the waffle jna libraries on the classpath and use gsslib=sspi
. See https://github.com/pgjdbc/pgjdbc/blob/master/docs/documentation/head/connect.md .
@ringerc ok, that's all well and good, but how secure is this? Keep in mind that orgs that require approvals/compliance/red-tape can't just (or should not) grab any old library and place it in use. DBeaver is approved where I am using this. I would hope then that this application could perhaps take a look at the Waffle libraries, and if they meet proper standards, implement them (as you say). I wasn't sure if you were suggesting the DBever Team or I, as a user, to download extra libraries.
Both. I am telling you, as a user, to download waffle-jna
and put it in your DBeaver lib
directory or whatever other location it'll search for libraries.
I am also suggesting that the DBeaver team bundle the waffle-jna
library alongside the PgJDBC driver in DBeaver, or as an optional download offered via DBeaver's driver installer. Based on https://github.com/dbeaver/dbeaver/wiki/Admin-Manage-Drivers it looks like they could just put waffle-jna as an extra library there, or offer an alternative downloadable driver variant "pgjdbc-full" that includes optional libraries.
Explanation: My understanding is that DBeaver bundles PgJDBC, and you want to use the bundled PgJDBC since that means it's covered by whatever blessing your organisation offers. You cannot download additional libs and you aren't using Maven, you're presumably using some kind of bundled installer. Right? Or some additional-drivers installer for DBeaver?
You can produce a build of PgJDBC that bundles the waffle libraries if that will make your relevant red-tape specialists happier. See the PgJDBC pom: https://github.com/pgjdbc/pgjdbc/blob/master/pgjdbc/pom.xml#L243 . Remove the filters there.
If you need this to be "official" PgJDBC, it's probably not hard to produce a second PgJDBC jar variant that bundles Waffle. You'd have to convince Dave that it's worth the hassle for the project, and that there's a reason to do that rather than just having DBeaver include the libraries.
After all, DBeaver is just as likely to use the PgJDBC driver without the bundled waffle libraries to save on installer size, then you'd be back where you started. I really don't see the point.
You need the waffle-jna
that matches the PgJDBC parent-pom. It's irritating that Maven offers no good way to expose this in the main driver's manifest. For parent pom http://central.maven.org/maven2/org/postgresql/pgjdbc-versions/1.1.5/pgjdbc-versions-1.1.5.pom we have <waffle-jna.version>1.7.5</waffle-jna.version>
so you want https://mvnrepository.com/artifact/com.github.dblock.waffle/waffle-jna/1.7.5 .
BTW I've also set up a PR to update to a newer waffle https://github.com/pgjdbc/pgjdbc/issues/1382
Do you have any news?
Reference: https://github.com/serge-rider/dbeaver/issues/1953
SSPI auth / integration should be possible (as seen in other projects). This is expecially helpful for folks on the Hadoop platform utilizing Kerberos on their instances of HiveServer2 and makes security departments more happy over storing passwords in the program :)