dbeaver icon indicating copy to clipboard operation
dbeaver copied to clipboard

Published 20 hours ago verified publisher icon dbeaver

Unable to Authenticate to Azure SQL with Active Directory MFA

Open geuss opened this issue 2 years ago • 1 comments

System information:

  • Operating system (distribution) and version: Windows 10 PRO
  • DBeaver version: CE 22.0.2 (EA) , but also with stable version
  • Additional extensions: none

Connection specification:

  • Database name and version: Micosoft SQL Azure
  • Driver name: com.microsoft.sqlserver.jdbc.SQLServerDriver 9.2.0
  • Do you use tunnels or proxies (SSH, SOCKS, etc)? No

Describe the problem you're observing:

When I try to connect to the database, DBeaver return this the error:

Unexpected driver error occurred while connecting to the database com.microsoft.aad.msal4j.MsalClientException: java.net.UnknownHostException: login.windows.net com.microsoft.aad.msal4j.MsalClientException: java.net.UnknownHostException: login.windows.net java.net.UnknownHostException: login.windows.net java.net.UnknownHostException: login.windows.net login.windows.net login.windows.net

image

This is my driver configuration: image

image

Steps to reproduce, if exist:

Include any warning/errors/backtraces from the logs

!ENTRY org.jkiss.dbeaver.model 4 0 2022-04-08 14:41:24.021 !MESSAGE login.windows.net !SUBENTRY 1 org.jkiss.dbeaver.model 4 0 2022-04-08 14:41:24.021 !MESSAGE login.windows.net !STACK 0 java.net.UnknownHostException: login.windows.net at java.base/java.net.AbstractPlainSocketImpl.connect(Unknown Source) at java.base/java.net.SocksSocketImpl.connect(Unknown Source) at java.base/java.net.Socket.connect(Unknown Source) at java.base/sun.security.ssl.SSLSocketImpl.connect(Unknown Source) at java.base/sun.net.NetworkClient.doConnect(Unknown Source) at java.base/sun.net.www.http.HttpClient.openServer(Unknown Source) at java.base/sun.net.www.http.HttpClient.openServer(Unknown Source) at java.base/sun.net.www.protocol.https.HttpsClient.(Unknown Source) at java.base/sun.net.www.protocol.https.HttpsClient.New(Unknown Source) at java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(Unknown Source) at java.base/sun.net.www.protocol.http.HttpURLConnection.plainConnect0(Unknown Source) at java.base/sun.net.www.protocol.http.HttpURLConnection.plainConnect(Unknown Source) at java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source) at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown Source) at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source) at java.base/java.net.HttpURLConnection.getResponseCode(Unknown Source) at java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(Unknown Source) at com.microsoft.aad.msal4j.DefaultHttpClient.readResponseFromConnection(DefaultHttpClient.java:107) at com.microsoft.aad.msal4j.DefaultHttpClient.executeHttpGet(DefaultHttpClient.java:47) at com.microsoft.aad.msal4j.DefaultHttpClient.send(DefaultHttpClient.java:35) at com.microsoft.aad.msal4j.HttpHelper.executeHttpRequestWithRetries(HttpHelper.java:86) at com.microsoft.aad.msal4j.HttpHelper.executeHttpRequest(HttpHelper.java:64) at com.microsoft.aad.msal4j.AadInstanceDiscoveryProvider.httpRequest(AadInstanceDiscoveryProvider.java:175) at com.microsoft.aad.msal4j.AadInstanceDiscoveryProvider.sendInstanceDiscoveryRequest(AadInstanceDiscoveryProvider.java:157) at com.microsoft.aad.msal4j.AadInstanceDiscoveryProvider.doInstanceDiscoveryAndCache(AadInstanceDiscoveryProvider.java:221) at com.microsoft.aad.msal4j.AadInstanceDiscoveryProvider.getMetadataEntry(AadInstanceDiscoveryProvider.java:56) at com.microsoft.aad.msal4j.AccountsSupplier.get(AccountsSupplier.java:26) at com.microsoft.aad.msal4j.AccountsSupplier.get(AccountsSupplier.java:11) at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.run(Unknown Source) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.base/java.lang.Thread.run(Unknown Source)

geuss avatar Apr 08 '22 12:04 geuss

Hi,I installed the last version of DBEAVER ( 22.3.4.202302060909), tryed to reinstall all drivers... and the error is changed.

Here's all steps, after requesting a Connection from DBEAVER:

Inserting my credential: Immagine1

Authenticate with Microsoft Authenticator: Immagine2

There no response from server: Immagine3

If I open Microsoft Edge Dev Tools there's this problem: Immagine4

..and Dbeaver shows me this error: Immagine5

Here's debug logs: dbeaver-debug.log

Thanks!

geuss avatar Feb 08 '23 09:02 geuss

Thank you for update.

E1izabeth avatar Feb 16 '23 15:02 E1izabeth

Hello @geuss

Please try to do this:

Go to "Edit Driver Settings," click the "Libraries" tab, then click "Add Artifact," then add the Maven dependency declaration:

<!-- https://mvnrepository.com/artifact/com.microsoft.azure/msal4j --> <dependency> <groupId>com.microsoft.azure</groupId> <artifactId>msal4j</artifactId> <version>1.11.3</version> </dependency>

https://github.com/dbeaver/dbeaver/issues/15446#issuecomment-1097140996

LonwoLonwo avatar Feb 27 '23 12:02 LonwoLonwo

Thanks Anastasiya, It worked!! Only I had to specify a fixed address of "login.windows.net" on my hosts file:

20.190.159.69 login.windows.net

Without this configuration I had this error:

!ENTRY org.jkiss.dbeaver.model 4 0 2023-02-27 14:39:57.544 !MESSAGE java.net.UnknownHostException: login.windows.net !SUBENTRY 1 org.jkiss.dbeaver.model 4 0 2023-02-27 14:39:57.544 !MESSAGE java.net.UnknownHostException: login.windows.net !STACK 0 java.lang.RuntimeException: java.net.UnknownHostException: login.windows.net at com.microsoft.sqlserver.jdbc.SQLServerMSAL4JUtils.getCorrectedException(SQLServerMSAL4JUtils.java:230) at com.microsoft.sqlserver.jdbc.SQLServerMSAL4JUtils.getSqlFedAuthTokenInteractive(SQLServerMSAL4JUtils.java:195) at com.microsoft.sqlserver.jdbc.SQLServerConnection.getFedAuthToken(SQLServerConnection.java:5569) at com.microsoft.sqlserver.jdbc.SQLServerConnection.onFedAuthInfo(SQLServerConnection.java:5419) at com.microsoft.sqlserver.jdbc.SQLServerConnection.processFedAuthInfo(SQLServerConnection.java:5306) at com.microsoft.sqlserver.jdbc.TDSTokenHandler.onFedAuthInfo(tdsparser.java:306) at com.microsoft.sqlserver.jdbc.TDSParser.parse(tdsparser.java:126) at com.microsoft.sqlserver.jdbc.TDSParser.parse(tdsparser.java:37) at com.microsoft.sqlserver.jdbc.SQLServerConnection.sendLogon(SQLServerConnection.java:6299) at com.microsoft.sqlserver.jdbc.SQLServerConnection.logon(SQLServerConnection.java:4911) at com.microsoft.sqlserver.jdbc.SQLServerConnection$LogonCommand.doExecute(SQLServerConnection.java:4849) at com.microsoft.sqlserver.jdbc.TDSCommand.execute(IOBuffer.java:7620) at com.microsoft.sqlserver.jdbc.SQLServerConnection.executeCommand(SQLServerConnection.java:3916) at com.microsoft.sqlserver.jdbc.SQLServerConnection.connectHelper(SQLServerConnection.java:3358) at com.microsoft.sqlserver.jdbc.SQLServerConnection.login(SQLServerConnection.java:2950) at com.microsoft.sqlserver.jdbc.SQLServerConnection.connectInternal(SQLServerConnection.java:2790) at com.microsoft.sqlserver.jdbc.SQLServerConnection.connect(SQLServerConnection.java:1663) at com.microsoft.sqlserver.jdbc.SQLServerDriver.connect(SQLServerDriver.java:1064) at org.jkiss.dbeaver.model.impl.jdbc.JDBCDataSource.lambda$0(JDBCDataSource.java:206) at org.jkiss.dbeaver.model.impl.jdbc.JDBCDataSource.lambda$1(JDBCDataSource.java:225) at org.jkiss.dbeaver.utils.SecurityManagerUtils.wrapDriverActions(SecurityManagerUtils.java:96) at org.jkiss.dbeaver.model.impl.jdbc.JDBCDataSource.openConnection(JDBCDataSource.java:223) at org.jkiss.dbeaver.model.impl.jdbc.JDBCExecutionContext.connect(JDBCExecutionContext.java:103) at org.jkiss.dbeaver.model.impl.jdbc.JDBCRemoteInstance.initializeMainContext(JDBCRemoteInstance.java:102) at org.jkiss.dbeaver.model.impl.jdbc.JDBCRemoteInstance.(JDBCRemoteInstance.java:61) at org.jkiss.dbeaver.model.impl.jdbc.JDBCDataSource.initializeRemoteInstance(JDBCDataSource.java:128) at org.jkiss.dbeaver.model.impl.jdbc.JDBCDataSource.(JDBCDataSource.java:106) at org.jkiss.dbeaver.model.impl.jdbc.JDBCDataSource.(JDBCDataSource.java:97) at org.jkiss.dbeaver.ext.mssql.model.SQLServerDataSource.(SQLServerDataSource.java:80) at org.jkiss.dbeaver.ext.mssql.SQLServerDataSourceProvider.openDataSource(SQLServerDataSourceProvider.java:137) at org.jkiss.dbeaver.registry.DataSourceDescriptor.openDataSource(DataSourceDescriptor.java:1195) at org.jkiss.dbeaver.registry.DataSourceDescriptor.connect(DataSourceDescriptor.java:1060) at org.jkiss.dbeaver.runtime.jobs.ConnectJob.run(ConnectJob.java:70) at org.jkiss.dbeaver.runtime.jobs.ConnectJob.runSync(ConnectJob.java:98) at org.jkiss.dbeaver.ui.actions.datasource.DataSourceHandler.connectToDataSource(DataSourceHandler.java:109) at org.jkiss.dbeaver.ui.actions.datasource.UIServiceConnectionsImpl.initConnection(UIServiceConnectionsImpl.java:87) at org.jkiss.dbeaver.model.navigator.DBNDataSource.initializeNode(DBNDataSource.java:158) at org.jkiss.dbeaver.model.navigator.DBNDatabaseNode.getChildren(DBNDatabaseNode.java:225) at org.jkiss.dbeaver.model.navigator.DBNDatabaseNode.getChildren(DBNDatabaseNode.java:1) at org.jkiss.dbeaver.model.navigator.DBNUtils.getNodeChildrenFiltered(DBNUtils.java:80) at org.jkiss.dbeaver.ui.navigator.database.load.TreeLoadService.evaluate(TreeLoadService.java:49) at org.jkiss.dbeaver.ui.navigator.database.load.TreeLoadService.evaluate(TreeLoadService.java:1) at org.jkiss.dbeaver.ui.LoadingJob.run(LoadingJob.java:88) at org.jkiss.dbeaver.ui.LoadingJob.run(LoadingJob.java:72) at org.jkiss.dbeaver.model.runtime.AbstractJob.run(AbstractJob.java:105) at org.eclipse.core.internal.jobs.Worker.run(Worker.java:63)

(perhaps a proxy issue...)

geuss avatar Feb 27 '23 13:02 geuss

I close this issue.

geuss avatar Feb 27 '23 13:02 geuss

image

Here my driver artifacts configuration (for all those with the same problem)

geuss avatar Feb 27 '23 13:02 geuss

Thanks for the answer @geuss

LonwoLonwo avatar Feb 27 '23 14:02 LonwoLonwo

I still get the error. What else can I do?

paulstegmann avatar Feb 28 '23 07:02 paulstegmann

Hello @paulstegmann

Please provide the screen of your drivers. You can find this window in your connections settings -> Driver settings -> Libraries

LonwoLonwo avatar Mar 27 '23 14:03 LonwoLonwo

HI @LonwoLonwo,

sure: image

paulstegmann avatar Mar 27 '23 14:03 paulstegmann

Hello @paulstegmann

Could you please try to update the msal4j library version? To 1.12.0

Additionally, you can try our DBeaver PRO version, which has special support for the Azure MFA. Try for free: https://dbeaver.com/trial/

LonwoLonwo avatar Mar 30 '23 17:03 LonwoLonwo

Hi @LonwoLonwo,

thanks a lot, thats it! dbeaver is working again now.

Best!

paulstegmann avatar Mar 31 '23 07:03 paulstegmann

Thanks for the answer @paulstegmann

LonwoLonwo avatar Mar 31 '23 07:03 LonwoLonwo

Got the same problem in May, update the msal4j library version to 1.13.8, then problem is resolved.

84drizzt avatar May 31 '23 03:05 84drizzt

Hello @geuss

Please try to do this:

Go to "Edit Driver Settings," click the "Libraries" tab, then click "Add Artifact," then add the Maven dependency declaration:

<!-- https://mvnrepository.com/artifact/com.microsoft.azure/msal4j --> <dependency> <groupId>com.microsoft.azure</groupId> <artifactId>msal4j</artifactId> <version>1.11.3</version> </dependency>

#15446 (comment)

Thanks a lot, you save me.

paleo avatar Aug 21 '23 13:08 paleo