change the krb-keytabcachefile param name to krb5-credcachefile

README.md

@@ -88,7 +88,7 @@ The package supports authentication via 3 methods.
 
 * Credential Cache - Specify the krb5.conf file path and credential cache file path.
 
-      authenticator=krb5;server=DatabaseServerName;database=DBName;krb5-configfile=/etc/krb5.conf;krb5-keytabcachefile=~/MyUserNameCachedCreds 
+      authenticator=krb5;server=DatabaseServerName;database=DBName;krb5-configfile=/etc/krb5.conf;krb5-credcachefile=~/MyUserNameCachedCreds 
 
 * Raw credentials - Specity krb5.confg, Username, Password and Realm.
 
@@ -100,7 +100,7 @@ The package supports authentication via 3 methods.
 * `krb5-configfile` (mandatory) - path to kerberos configuration file. 
 * `krb5-realm` (required with keytab and raw credentials) - Domain name for kerberos authentication. 
 * `krb5-keytabfile` - path to Keytab file.
-* `krb5-keytabcachefile` - path to Credential cache.
+* `krb5-credcachefile` - path to Credential cache.
 * `krb5-dnslookupkdc` - Optional parameter in all contexts. Set to lookup KDCs in DNS. Boolean. Default is true. 
 * `krb5-udppreferencelimit` - Optional parameter in all contexts. 1 means to always use tcp. MIT krb5 has a default value of 1465, and it prevents user setting more than 32700. Integer. Default is 1.
 
@@ -137,15 +137,15 @@ For further information on usage:
 
     ```
 
-* `sqlserver://username@host/instance?krb5-configfile=path/to/file&krb5-keytabcachefile=/path/to/cache`
+* `sqlserver://username@host/instance?krb5-configfile=path/to/file&krb5-credcachefile=/path/to/cache`
     * `sqlserver://username@host/instance?krb5-configfile=path/to/file&krb5-realm=domain.com&krb5-keytabfile=/path/to/keytabfile`
 
 2. ADO: `key=value` pairs separated by `;`. Values may not contain `;`, leading and trailing whitespace is ignored.
      Examples:
 
     * `server=localhost\\SQLExpress;user id=sa;database=master;app name=MyAppName`
     * `server=localhost;user id=sa;database=master;app name=MyAppName`
-    * `server=localhost;user id=sa;database=master;app name=MyAppName;krb5-configfile=path/to/file;krb5-keytabcachefile=path/to/cache;authenticator=krb5`
+    * `server=localhost;user id=sa;database=master;app name=MyAppName;krb5-configfile=path/to/file;krb5-credcachefile=path/to/cache;authenticator=krb5`
     * `server=localhost;user id=sa;database=master;app name=MyAppName;krb5-configfile=path/to/file;krb5-realm=domain.com;krb5-keytabfile=path/to/keytabfile;authenticator=krb5`
 
 
@@ -167,7 +167,7 @@ For further information on usage:
     * `odbc:server=localhost;user id=sa;password=foo}bar`   // Literal `}`, password is "foo}bar"
     * `odbc:server=localhost;user id=sa;password={foo{bar}` // Literal `{`, password is "foo{bar"
     * `odbc:server=localhost;user id=sa;password={foo}}bar}` // Escaped `} with`}}`, password is "foo}bar"
-    * `odbc:server=localhost;user id=sa;database=master;app name=MyAppName;krb5-configfile=path/to/file;krb5-keytabcachefile=path/to/cache;authenticator=krb5`
+    * `odbc:server=localhost;user id=sa;database=master;app name=MyAppName;krb5-configfile=path/to/file;krb5-credcachefile=path/to/cache;authenticator=krb5`
     * `odbc:server=localhost;user id=sa;database=master;app name=MyAppName;krb5-configfile=path/to/file;krb5-realm=domain.com;krb5-keytabfile=path/to/keytabfile;authenticator=krb5`
 
 ### Azure Active Directory authentication

integratedauth/krb5/krb5.go

@@ -24,7 +24,7 @@ import (
 const (
 	keytabConfigFile   = "krb5-configfile"
 	keytabFile         = "krb5-keytabfile"
-	keytabCache        = "krb5-keytabcachefile"
+	credCacheFile      = "krb5-credcachefile"
 	realm              = "krb5-realm"
 	dnsLookupKDC       = "krb5-dnslookupkdc"
 	udpPreferenceLimit = "krb5-udppreferencelimit"
@@ -39,8 +39,8 @@ var (
 	ErrKrb5ConfigFileRequiredWithKeytab              = errors.New("krb5-configfile is required to login with krb5 when using krb5-keytabfile")
 	ErrKrb5ConfigFileDoesNotExist                    = errors.New("krb5-configfile does not exist")
 	ErrKeytabFileDoesNotExist                        = errors.New("krb5-keytabfile does not exist")
-	ErrKrb5ConfigFileRequiredWithKeytabCache         = errors.New("krb5-configfile is required to login with krb5 when using krb5-keytabcachefile")
-	ErrKeytabCacheFileDoesNotExist                   = errors.New("krb5-keytabcachefile does not exist")
+	ErrKrb5ConfigFileRequiredWithCredCache           = errors.New("krb5-configfile is required to login with krb5 when using krb5-credcachefile")
+	ErrCredCacheFileDoesNotExist                     = errors.New("krb5-credcachefile does not exist")
 )
 
 var (
@@ -84,7 +84,7 @@ const (
 type krb5Login struct {
 	Krb5ConfigFile     string
 	KeytabFile         string
-	KeytabCacheFile    string
+	CredCacheFile      string
 	Realm              string
 	UserName           string
 	Password           string
@@ -99,7 +99,7 @@ func readKrb5Config(config msdsn.Config) (*krb5Login, error) {
 	login := &krb5Login{
 		Krb5ConfigFile:     config.Parameters[keytabConfigFile],
 		KeytabFile:         config.Parameters[keytabFile],
-		KeytabCacheFile:    config.Parameters[keytabCache],
+		CredCacheFile:      config.Parameters[credCacheFile],
 		Realm:              config.Parameters[realm],
 		UserName:           config.User,
 		Password:           config.Password,
@@ -168,14 +168,14 @@ func validateKrb5LoginParams(krbLoginParams *krb5Login) error {
 		return nil
 
 	// using a credential cache file
-	case krbLoginParams.KeytabCacheFile != "":
+	case krbLoginParams.CredCacheFile != "":
 		if krbLoginParams.Krb5ConfigFile == "" {
-			return ErrKrb5ConfigFileRequiredWithKeytabCache
+			return ErrKrb5ConfigFileRequiredWithCredCache
 		}
 		if ok, err := fileExists(krbLoginParams.Krb5ConfigFile, ErrKrb5ConfigFileDoesNotExist); !ok {
 			return err
 		}
-		if ok, err := fileExists(krbLoginParams.KeytabCacheFile, ErrKeytabCacheFileDoesNotExist); !ok {
+		if ok, err := fileExists(krbLoginParams.CredCacheFile, ErrCredCacheFileDoesNotExist); !ok {
 			return err
 		}
 		krbLoginParams.loginMethod = cachedCredentialsFile
@@ -305,9 +305,9 @@ func clientFromKeytab(krb5Login *krb5Login, cfg *config.Config) (*client.Client,
 	return client.NewWithKeytab(krb5Login.UserName, krb5Login.Realm, kt, cfg, client.DisablePAFXFAST(true)), nil
 }
 
-// loads credential cache file specified in keytabCache parameter and creates a client
+// loads credential cache file specified in credCacheFile parameter and creates a client
 func clientFromCredentialCache(krb5Login *krb5Login, cfg *config.Config) (*client.Client, error) {
-	cache, err := credentials.LoadCCache(krb5Login.KeytabCacheFile)
+	cache, err := credentials.LoadCCache(krb5Login.CredCacheFile)
 	if err != nil {
 		return nil, err
 	}
@@ -332,4 +332,4 @@ func canonicalize(service string) string {
 	}
 	// Put service back together with cname (stripped of trailing .) and port
 	return parts[0] + net.JoinHostPort(cname[:len(cname)-1], port)
-}
+}

integratedauth/krb5/krb5_test.go

@@ -15,7 +15,7 @@ func TestReadKrb5ConfigHappyPath(t *testing.T) {
 		Parameters: map[string]string{
 			"krb5-configfile":         "krb5-configfile",
 			"krb5-keytabfile":         "krb5-keytabfile",
-			"krb5-keytabcachefile":    "krb5-keytabcachefile",
+			"krb5-credcachefile":      "krb5-credcachefile",
 			"krb5-realm":              "krb5-realm",
 			"krb5-dnslookupkdc":       "false",
 			"krb5-udppreferencelimit": "1234",
@@ -36,8 +36,8 @@ func TestReadKrb5ConfigHappyPath(t *testing.T) {
 		t.Errorf("Expected KeytabFile %v, found %v", config.Parameters[keytabFile], actual.KeytabFile)
 	}
 
-	if actual.KeytabCacheFile != config.Parameters[keytabCache] {
-		t.Errorf("Expected KeytabCacheFile %v, found %v", config.Parameters[keytabCache], actual.KeytabCacheFile)
+	if actual.CredCacheFile != config.Parameters[credCacheFile] {
+		t.Errorf("Expected CredCacheFile %v, found %v", config.Parameters[credCacheFile], actual.CredCacheFile)
 	}
 
 	if actual.Realm != config.Parameters[realm] {
@@ -236,38 +236,38 @@ func TestValidateKrb5LoginParams(t *testing.T) {
 		{
 			name: "happy credential cache",
 			input: &krb5Login{
-				KeytabCacheFile: "exists",
-				Krb5ConfigFile:  "exists",
+				CredCacheFile:  "exists",
+				Krb5ConfigFile: "exists",
 			},
 			expectedLoginMethod: cachedCredentialsFile,
 			expectedError:       nil,
 		},
 		{
 			name: "credential cache, missing Krb5ConfigFile",
 			input: &krb5Login{
-				KeytabCacheFile: "exists",
-				Krb5ConfigFile:  "",
+				CredCacheFile:  "exists",
+				Krb5ConfigFile: "",
 			},
 			expectedLoginMethod: none,
-			expectedError:       ErrKrb5ConfigFileRequiredWithKeytabCache,
+			expectedError:       ErrKrb5ConfigFileRequiredWithCredCache,
 		},
 		{
 			name: "credential cache, Krb5ConfigFile file not found",
 			input: &krb5Login{
-				KeytabCacheFile: "exists",
-				Krb5ConfigFile:  "missing",
+				CredCacheFile:  "exists",
+				Krb5ConfigFile: "missing",
 			},
 			expectedLoginMethod: none,
 			expectedError:       ErrKrb5ConfigFileDoesNotExist,
 		},
 		{
-			name: "credential cache, KeytabCacheFile file not found",
+			name: "credential cache, CredCacheFile file not found",
 			input: &krb5Login{
-				KeytabCacheFile: "missing",
-				Krb5ConfigFile:  "exists",
+				CredCacheFile:  "missing",
+				Krb5ConfigFile: "exists",
 			},
 			expectedLoginMethod: none,
-			expectedError:       ErrKeytabCacheFileDoesNotExist,
+			expectedError:       ErrCredCacheFileDoesNotExist,
 		},
 		{
 			name:                "no login method math",
@@ -347,8 +347,8 @@ func TestGetAuth(t *testing.T) {
 		t.Errorf("Expected KeytabFile %v, found %v", config.Parameters[keytabFile], actual.krb5Config.KeytabFile)
 	}
 
-	if actual.krb5Config.KeytabCacheFile != config.Parameters[keytabCache] {
-		t.Errorf("Expected KeytabCacheFile %v, found %v", config.Parameters[keytabCache], actual.krb5Config.KeytabCacheFile)
+	if actual.krb5Config.CredCacheFile != config.Parameters[credCacheFile] {
+		t.Errorf("Expected CredCacheFile %v, found %v", config.Parameters[credCacheFile], actual.krb5Config.CredCacheFile)
 	}
 
 	if actual.krb5Config.Realm != config.Parameters[realm] {
@@ -374,4 +374,4 @@ func TestGetAuth(t *testing.T) {
 	if actual.krb5Config.UDPPreferenceLimit != 1234 {
 		t.Errorf("Expected UDPPreferenceLimit %v, found %v", 1234, actual.krb5Config.UDPPreferenceLimit)
 	}
-}
+}