Issue with connecting from tomcat to MSSQL using DB ID from Active Directory
Hello,
We have procured a new DB ID that was part of Active Directory. Test connectivity was validated fine using SSMS. But when we try to use the same string to connect to DB from the tomcat appserver, we are seeing the error mentioned below.
We are using the below string in the tomcat context.xml
<!-- Default set of monitored resources. If one of these changes, the -->
<!-- web application will be reloaded. -->
<WatchedResource>WEB-INF/web.xml</WatchedResource><WatchedResource>WEB-INF/tomcat-web.xml</WatchedResource><WatchedResource>${catalina.base}/conf/web.xml</WatchedResource>
<!-- Uncomment this to disable session persistence across Tomcat restarts -->
Hello,
We have procured a new DB ID that was part of Active Directory. Test connectivity was validated fine using SSMS. But when we try to use the same string to connect to DB from the tomcat appserver, we are seeing the error mentioned below.
We are using the below string in the tomcat context.xml
<!-- Default set of monitored resources. If one of these changes, the -->
<!-- web application will be reloaded. -->
<WatchedResource>WEB-INF/web.xml</WatchedResource><WatchedResource>WEB-INF/tomcat-web.xml</WatchedResource><WatchedResource>${catalina.base}/conf/web.xml</WatchedResource>
<!-- Uncomment this to disable session persistence across Tomcat restarts -->
<Manager pathname=""><SessionIdGenerator sessionIdLength="32"/></Manager><Resource password="***" username=" Proprietary information hidden" url="jdbc:sqlserver://pega-dev-eus-asql.database.windows.net:1433;authentication=ActiveDirectoryPassword;encrypt=true;hostNameInCertificate=*.database.windows.net;databaseName=pegadeveusasqldb01;selectMethod=cursor;sendStringParametersAsUnicode=false" driverClassName="com.microsoft.sqlserver.jdbc.SQLServerDriver" maxWaitMillis="10000" maxIdle="30" maxTotal="100" type="javax.sql.DataSource" auth="Container" name="jdbc/PegaRULES"/><Environment type="java.lang.String" name="prconfig/database/databases/PegaRULES/defaultSchema" value="PegaRULES"/><Environment type="java.lang.String" name="prconfig/database/databases/PegaDATA/defaultSchema" value="PegaDATA"/><Environment type="java.lang.String" name="url/initialization/explicittempdir" value="D:\Pega\Temp"/></Context>
Error:
22-Jan-2020 13:08:42.732 SEVERE [main] com.pega.pegarules.internal.bootstrap.PRBootstrapDataSource. Unable to connect to database. Will only use properties from file.
java.sql.SQLException: Cannot create PoolableConnectionFactory (Failed to authenticate the user Proprietary information hidden in Active Directory (Authentication=ActiveDirectoryPassword).)
at org.apache.tomcat.dbcp.dbcp2.BasicDataSource.createPoolableConnectionFactory(BasicDataSource.java:735)
at org.apache.tomcat.dbcp.dbcp2.BasicDataSource.createDataSource(BasicDataSource.java:605)
at org.apache.tomcat.dbcp.dbcp2.BasicDataSource.getConnection(BasicDataSource.java:794)
at com.pega.pegarules.internal.bootstrap.PRBootstrapDataSource.getBootstrapPropertiesFromDB(PRBootstrapDataSource.java:660)
at com.pega.pegarules.internal.bootstrap.PRBootstrapDataSource.getBootstrapPropertiesFromDB(PRBootstrapDataSource.java:643)
at com.pega.pegarules.internal.bootstrap.PRBootstrapDataSource.getBootstrapProperties(PRBootstrapDataSource.java:620)
at com.pega.pegarules.internal.bootstrap.PRBootstrapDataSource.getBootstrapProperties(PRBootstrapDataSource.java:614)
at com.pega.pegarules.internal.bootstrap.PRBootstrap.<clinit>(PRBootstrap.java:120)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at com.pega.pegarules.boot.internal.extbridge.AppServerBridgeToPega.checkForStartup(AppServerBridgeToPega.java:117)
at com.pega.pegarules.boot.internal.extbridge.AppServerBridgeToPega.invokeMethodPropagatingThrowable(AppServerBridgeToPega.java:223)
at com.pega.pegarules.boot.internal.extbridge.AppServerBridgeToPega.invokeMethod(AppServerBridgeToPega.java:273)
at com.pega.pegarules.internal.web.servlet.WebAppLifeCycleListenerBoot.contextInitialized(WebAppLifeCycleListenerBoot.java:92)
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4682)
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5150)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:713)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:690)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:695)
at org.apache.catalina.startup.HostConfig.deployDirectory(HostConfig.java:1133)
at org.apache.catalina.startup.HostConfig$DeployDirectory.run(HostConfig.java:1868)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorService.java:75)
at java.util.concurrent.AbstractExecutorService.submit(Unknown Source)
at org.apache.catalina.startup.HostConfig.deployDirectories(HostConfig.java:1045)
at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:429)
at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1577)
at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:309)
at org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.java:123)
at org.apache.catalina.util.LifecycleBase.setStateInternal(LifecycleBase.java:424)
at org.apache.catalina.util.LifecycleBase.setState(LifecycleBase.java:367)
at org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:929)
at org.apache.catalina.core.StandardHost.startInternal(StandardHost.java:831)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1377)
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1367)
at java.util.concurrent.FutureTask.run(Unknown Source)
at org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorService.java:75)
at java.util.concurrent.AbstractExecutorService.submit(Unknown Source)
at org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:902)
at org.apache.catalina.core.StandardEngine.startInternal(StandardEngine.java:262)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
at org.apache.catalina.core.StandardService.startInternal(StandardService.java:423)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
at org.apache.catalina.core.StandardServer.startInternal(StandardServer.java:928)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
at org.apache.catalina.startup.Catalina.start(Catalina.java:634)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:350)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:492)
Caused by: com.microsoft.sqlserver.jdbc.SQLServerException: Failed to authenticate the user Proprietary information hidden in Active Directory (Authentication=ActiveDirectoryPassword).
at com.microsoft.sqlserver.jdbc.SQLServerConnection.getFedAuthToken(SQLServerConnection.java:3677)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.onFedAuthInfo(SQLServerConnection.java:3605)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.processFedAuthInfo(SQLServerConnection.java:3572)
at com.microsoft.sqlserver.jdbc.TDSTokenHandler.onFedAuthInfo(tdsparser.java:290)
at com.microsoft.sqlserver.jdbc.TDSParser.parse(tdsparser.java:94)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.sendLogon(SQLServerConnection.java:4346)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.logon(SQLServerConnection.java:3160)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.access$100(SQLServerConnection.java:43)
at com.microsoft.sqlserver.jdbc.SQLServerConnection$LogonCommand.doExecute(SQLServerConnection.java:3123)
at com.microsoft.sqlserver.jdbc.TDSCommand.execute(IOBuffer.java:7505)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.executeCommand(SQLServerConnection.java:2445)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.connectHelper(SQLServerConnection.java:1981)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.login(SQLServerConnection.java:1628)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.connectInternal(SQLServerConnection.java:1459)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.connect(SQLServerConnection.java:773)
at com.microsoft.sqlserver.jdbc.SQLServerDriver.connect(SQLServerDriver.java:1168)
at org.apache.tomcat.dbcp.dbcp2.DriverConnectionFactory.createConnection(DriverConnectionFactory.java:53)
at org.apache.tomcat.dbcp.dbcp2.PoolableConnectionFactory.makeObject(PoolableConnectionFactory.java:355)
at org.apache.tomcat.dbcp.dbcp2.BasicDataSource.validateConnectionFactory(BasicDataSource.java:116)
at org.apache.tomcat.dbcp.dbcp2.BasicDataSource.createPoolableConnectionFactory(BasicDataSource.java:731)
... 56 more
Caused by: com.microsoft.sqlserver.jdbc.SQLServerException: Error code 0xCAA82F8F; state 10.
at com.microsoft.sqlserver.jdbc.SQLServerConnection.getFedAuthToken(SQLServerConnection.java:3673)
... 75 more
Caused by: com.microsoft.sqlserver.jdbc.DLLException: One or more errors were found in the Secure Sockets Layer (SSL) certificate sent by the server.
at com.microsoft.sqlserver.jdbc.AuthenticationJNI.ADALGetAccessToken(Native Method)
at com.microsoft.sqlserver.jdbc.AuthenticationJNI.getAccessToken(AuthenticationJNI.java:81)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.getFedAuthToken(SQLServerConnection.java:3637)
... 75 more
***Moderator Edit-Vidyaranjan: Updated SR details***
Pegasystems Inc.
US
Looks like possible certificate issue: https://docs.microsoft.com/en-us/sql/connect/jdbc/connecting-with-ssl-encryption?view=sql-server-ver15. Also check your jdbc driver version is what is required per Microsoft.
NFCU
US
We are able to fix the issue after installing the root certificate. But we are now getting null pointer exception during startup. We have opened a new SR SR-D78298 for the same.