The Kerberos Realm used to authenticate the user.
The Kerberos properties are used when using SPNEGO or Windows Authentication. The Kerberos Realm is used to authenticate the user with the Kerberos Key Distribution Service (KDC). The Kerberos Realm can be configured by an administrator to be any string, but conventionally it is based on the domain name.
If Kerberos Realm is not specified, the driver will attempt to detect these properties automatically from the following locations:
- KRB5 Config File (krb5.ini/krb5.conf): If the KRB5_CONFIG environment variable is set and the file exists, the driver will obtain the default realm from the specified file. Otherwise, it will attempt to read from the default MIT location based on the OS: C:\ProgramData\MIT\Kerberos5\krb5.ini (Windows) or /etc/krb5.conf (Linux)
- Java System Properties: Using the system properties java.security.krb5.realm and java.security.krb5.kdc.
- Domain Name and Host: If the Kerberos Realm and Kerberos KDC could not be inferred from another location, the driver will infer them from the user-configured domain name and host. This might work in some Windows environments.