| title | description | author | ms.author | ms.date | ms.service | ms.subservice | ms.topic |
|---|---|---|---|---|---|---|---|
Get Mutual Kerberos Authentication |
Get Mutual Kerberos Authentication |
markingmyname |
maghan |
03/14/2017 |
sql |
native-client |
reference |
[!INCLUDESQL Server Azure SQL Database Synapse Analytics PDW]
This sample shows how to get mutual Kerberos authentication by using ODBC in [!INCLUDEssNoVersion] Native Client.
This sample will not work with any version of [!INCLUDEssNoVersion] earlier than [!INCLUDEsql2008-md].
For more information, see Service Principal Name (SPN) Support in Client Connections.
If you will build and run this sample as a 32-bit application on a 64-bit operating system, you must create the ODBC data source with the ODBC Administrator in %windir%\SysWOW64\odbcad32.exe.
This sample connects to your computer's default [!INCLUDEssNoVersion] instance. To connect to a named instance, change the definition of the ODBC data source to specify the instance using the following format: server\namedinstance. By default, [!INCLUDEssExpress] installs to a named instance.
Change "MyServer" to a machine name that has an instance of [!INCLUDEsql2008-md] (or later).
You will also have to specify a customer-provided SPN. Change " CP_SPN " to a customer-provided SPN.
Compile with /EHsc, /D "_UNICODE", /D "UNICODE", and odbc32.lib. Make sure your INCLUDE environment variable includes the directory that contains sqlncli.h.
// compile with: /EHsc /D "_UNICODE" /D "UNICODE" odbc32.lib
#define WIN32_LEAN_AND_MEAN
#include <tchar.h>
#include <windows.h>
#include <stdio.h>
#include <sql.h>
#include <sqlext.h>
#define _SQLNCLI_ODBC_
#include <sqlncli.h>
#define SUCCESS(x) (!((x) & 0xFFFE))
#define CHKRC(stmt) do \
{ \
rc = (stmt); \
if (!SUCCESS(rc)) \
throw (RETCODE) rc; \
} while(0);
void PrintError(SQLSMALLINT HandleType, SQLHANDLE Handle) {
RETCODE rc = SQL_SUCCESS;
SQLTCHAR szSqlState[6], szMessage[1024];
SQLSMALLINT i = 1, msgLen = 0;
SQLINTEGER NativeError;
do {
i = 1;
while (SQL_NO_DATA != (rc = SQLGetDiagRec(HandleType, Handle, i, szSqlState, &NativeError,
szMessage, sizeof(szMessage)/sizeof(SQLTCHAR), &msgLen)) && SUCCESS(rc)) {
_tprintf(_T("SQLState=%s, NativeError=%ld, Message=%s\r\n"), szSqlState, NativeError, szMessage);
i++;
}
}
while (SQL_NO_DATA != (rc = SQLMoreResults(Handle)) && SUCCESS(rc));
}
int _tmain(int argc, _TCHAR* argv[]) {
RETCODE rc = SQL_SUCCESS;
HENV henv = SQL_NULL_HENV;
HDBC hdbc = SQL_NULL_HDBC;
SQLHSTMT hstmt = SQL_NULL_HSTMT;
SQLTCHAR * pszConnection = _T("DRIVER={SQL Server Native Client 10.0};")
_T("Server=MyServer;") // server with SQL Server 2008 (or later)
_T("Trusted_Connection=Yes;")
_T("ServerSPN=CP_SPN"); // customer-provided SPN
TCHAR szIntgAuthMethod[64];
SQLSMALLINT fMutuallyAuth = 0;
try {
CHKRC(SQLAllocHandle(SQL_HANDLE_ENV, SQL_NULL_HENV, &henv));
CHKRC(SQLSetEnvAttr(henv, SQL_ATTR_ODBC_VERSION, (SQLPOINTER)SQL_OV_ODBC3, 0));
CHKRC(SQLAllocHandle(SQL_HANDLE_DBC, henv, &hdbc));
CHKRC(SQLDriverConnect( hdbc, NULL, pszConnection, SQL_NTS, NULL, 0, NULL, SQL_DRIVER_NOPROMPT));
CHKRC(SQLGetConnectAttr(hdbc, SQL_COPT_SS_INTEGRATED_AUTHENTICATION_METHOD, szIntgAuthMethod, sizeof(szIntgAuthMethod)/sizeof(szIntgAuthMethod[0]), NULL));
CHKRC(::SQLGetConnectAttrW(hdbc, SQL_COPT_SS_MUTUALLY_AUTHENTICATED, &fMutuallyAuth, SQL_IS_SMALLINT, NULL));
_tprintf(_T("Authentication method: %s\r\n"), szIntgAuthMethod);
_tprintf(_T("Mutually authenticated: %s\r\n"), fMutuallyAuth?_T("yes"):_T("no"));
}
catch (RETCODE retcode) {
rc = retcode;
}
if (!SUCCESS(rc)) {
if (hstmt)
PrintError(SQL_HANDLE_STMT, hstmt);
else if (hdbc)
PrintError(SQL_HANDLE_DBC, hdbc);
else if(henv)
PrintError(SQL_HANDLE_ENV, henv);
}
if (hstmt)
SQLFreeHandle(SQL_HANDLE_STMT, hstmt);
if (hdbc) {
SQLDisconnect(hdbc);
SQLFreeHandle(SQL_HANDLE_DBC, hdbc);
}
if (henv)
SQLFreeHandle(SQL_HANDLE_ENV, henv);
}