From 4370dfcd5aa41cff75c2d74925f4c8861f1064d3 Mon Sep 17 00:00:00 2001
From: Jeremy Long <jeremy.long@gmail.com>
Date: Fri, 6 Oct 2017 05:46:16 -0400
Subject: [PATCH] allow integrated security

---
 .../dependencycheck/data/nvdcve/ConnectionFactory.java     | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/ConnectionFactory.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/ConnectionFactory.java
index f21972f82..2ff080d5d 100644
--- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/ConnectionFactory.java
+++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/ConnectionFactory.java
@@ -153,7 +153,12 @@ public final class ConnectionFactory {
             LOGGER.debug("Database User: {}", userName);
 
             try {
-                conn = DriverManager.getConnection(connectionString, userName, password);
+                if (connectionString.toLowerCase().contains("integrated security=true")
+                        || connectionString.toLowerCase().contains("trusted_connection=true")) {
+                    conn = DriverManager.getConnection(connectionString);
+                } else {
+                    conn = DriverManager.getConnection(connectionString, userName, password);
+                }
             } catch (SQLException ex) {
                 if (ex.getMessage().contains("java.net.UnknownHostException") && connectionString.contains("AUTO_SERVER=TRUE;")) {
                     connectionString = connectionString.replace("AUTO_SERVER=TRUE;", "");