![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(51.2, 55.00000000000001%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMS%3C/text%3E%3C/svg%3E)
Azure SQL Database
An Azure relational database service.
based on the following references
https://stackoverflow.com/questions/38641309/azure-sql-database-connection-issues
Specifically, the class com.microsoft.aad.msal4j.AcquireTokenByAuthorizationGrantSupplier is responsible for acquiring tokens using an authorization grant, and its execution has failed.
Some possible solutions suggested by users who have encountered similar issues include:
- If you're running Java version 13 or above, you can add the JVM option -Dsun.security.jgss.native=true to enable the new GSSAPI.
- You can change the registry value \HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters\AllowTgtSessionKey to 1.
- You can run kinit in a command prompt, which will cache a Kerberos ticket in C:\Users<user>\krb5cc_<user>, and Java should be able to use it.
- Another potential solution (though it has not been tested by the user who suggested it) is to disable Credential Guard.
Note that apart from the first solution, the security implications are not clear, so you should carefully consider these solutions and test them in a controlled environment before deploying them in a production environment.
As for connecting to an Azure SQL database, recommended best practices include:
- Ensuring you have the latest version of your client drivers.
- Turning on encryption and turning off the 'trust server certificate' setting.
- Opening ports #1433 and #1100-114999.
- Setting a 30s connection timeout.
- Explicitly specifying the TCP protocol (as SQL DB only supports TCP).
- Using a connection pool.