By default, Windows does not allow the session key of a TGT to be accessed. The registry key must be configured on the Windows platform if you use JDBC with SSO.
For Windows XP and Windows 2000, the registry key and value should be:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\Kerberos Value Name: allowtgtsessionkey ValueType: REG_DWORD Value: 0x01
For Windows 2003 and Windows Vista, the registry key and value should be:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\Kerberos\Parameters Value Name: allowtgtsessionkey ValueType: REG_DWORD Value: 0x01