This is a quick blog post about one error that I encountered earlier last week. One customer has a web application from VMWare uses jDTS open source JDBC driver to connect with SQL Server, and it failed with the following error message:
2013-07-17 17:33:22.01 Logon Error: 17806, Severity: 20, State: 14.
2013-07-17 17:33:22.01 Logon SSPI handshake failed with error code 0x80090302, state 14 while establishing a connection with integrated security; the connection has been closed. Reason: AcceptSecurityContext failed. The Windows error code indicates the cause of failure. [CLIENT: xxx.xxx.xxx.xxx].
2013-07-17 17:33:22.01 Logon Error: 18452, Severity: 14, State: 1.
2013-07-17 17:33:22.01 Logon Login failed. The login is from an untrusted domain and cannot be used with Windows authentication. [CLIENT: xxx.xxx.xxx.xxx]
We think this might be a Kerberos authentication issue in the first place, however, after we configured the SPN which works for ODBC-JDBC and .Net Native Client drivers, but still not works for jTDS. We then involved VMware in this case, and find out that we need to add "useNTLMv2=TRUE" to force the jTDS application to use NTMLv2 protocol while using Windows Authentication.
Hope this helps if you got the same issue.