IBM webMethods Hybrid Integration

 View Only

 Using Service account for connecting to Cloud DB's

Jump to  Best Answer
Ragav Jayaraman's profile image
Ragav Jayaraman posted Thu October 23, 2025 06:48 AM

Hi Team,

We have a requirement to connecto a PostGre SQL present in Google Cloud platform and we are being asked to use google service accounts instead of direct user accounts.

Is there a way for this to be done via our JDBC Adapters ? It does works fine if we use a user name password as expected.

The only other option is to use Cloud SQL Auth Proxy(link) in the VM machine and write a custom JAVA code to use that and connect. This will internally use the service account configured.

Kindly share any details on this for us to try and work it out.

Thanks

Ragav J

Selim Calik's profile image
Selim Calik posted Wed November 12, 2025 02:10 PM  Best Answer

Here are the practical methods to connect WebMethods to Cloud SQL PostgreSQL using service accounts:

Method 1: Cloud SQL Java Connector (Recommended)

Step 1: Add Required JAR Files

Copy these JAR files to your WebMethods server:

  • Download from Maven Central:

    • postgres-socket-factory-1.14.1.jar

    • postgresql-42.6.0.jar

    • google-auth-library-oauth2-http-1.19.0.jar

Copy to: IntegrationServer/instances/default/packages/WmJDBCAdapter/code/jars/

Restart Integration Server after adding JARs.

Step 2: Configure JDBC Connection in WebMethods

In WebMethods Administrator:

  1. Go to Administration → Adapters → JDBC Adapter

  2. Create new Database Connection

  3. Use these settings:

text
Database Type: PostgreSQL
Driver Class: org.postgresql.Driver
Connection URL: jdbc:postgresql:///<YOUR_DATABASE_NAME>?socketFactory=com.google.cloud.sql.postgres.SocketFactory&cloudSqlInstance=YOUR_PROJECT:YOUR_REGION:YOUR_INSTANCE_NAME&enableIamAuth=true&sslmode=require
User Name: YOUR_IAM_DATABASE_USER@YOUR_PROJECT.iam
Password: [leave empty]

Example Connection URL:

text
jdbc:postgresql:///orders_db?socketFactory=com.google.cloud.sql.postgres.SocketFactory&cloudSqlInstance=myproject:us-central1:production-instance&enableIamAuth=true&sslmode=require

Step 3: Set Up Service Account

  1. Create service account key JSON file

  2. Set environment variable on server:

bash
export GOOGLE_APPLICATION_CREDENTIALS="/opt/softwareag/credentials/service-account.json"

Method 2: Cloud SQL Auth Proxy

Step 1: Install and Run Auth Proxy

bash
# Download
wget https://dl.google.com/cloudsql/cloud_sql_proxy.linux.amd64 -O cloud_sql_proxy
chmod +x cloud_sql_proxy

# Run with service account
./cloud_sql_proxy -instances="your-project:region:instance-name"=tcp:5432 -credential_file=/path/to/service-account.json &

Step 2: WebMethods JDBC Configuration

text
Driver Class: org.postgresql.Driver
Connection URL: jdbc:postgresql://localhost:5432/your_database
User Name: your-iam-database-user@your-project.iam
Password: [leave empty]

Prerequisites Checklist

1. Cloud SQL Setup:

  • Enable IAM DB Authentication on Cloud SQL instance

  • Create IAM database user:

sql
CREATE USER "your-sa@your-project.iam" WITH LOGIN;
GRANT ALL PRIVILEGES ON DATABASE your_db TO "your-sa@your-project.iam";

2. IAM Permissions:

Service account needs these roles:

  • roles/cloudsql.client

  • Project IAM permissions

3. Network:

  • Allow incoming connections from your WebMethods server IP

  • Configure Cloud SQL authorized networks if using public IP

Testing the Connection

  1. Create a simple flow service in WebMethods

  2. Use pub.adapters.jdbc:executeUpdate or pub.adapters.jdbc:executeQuery

  3. Test with simple SQL: SELECT 1 as test

Troubleshooting Common Issues

Class Not Found:

  • Verify JAR files are in correct location

  • Check JAR versions compatibility

  • Restart Integration Server

Authentication Failed:

  • Verify service account has correct IAM roles

  • Check IAM database user exists in Cloud SQL

  • Confirm service account key file path is correct

Connection Timeout:

  • Check firewall rules

  • Verify Cloud SQL instance name format: project:region:instance

  • Test network connectivity to Cloud SQL

This approach works reliably in production environments with WebMethods JDBC adapter. The Java Connector method (Method 1) is preferred as it doesn't require maintaining additional proxy processes.

Related Content