Note: original scenario involves domain users and Kerberos, here it is simplified using local Windows users on non-domain machine with gssapi.

Install MariaDB on Windows. Make sure GSSAPI authentication plugin is loaded (in 10.11+ nothing needs to be done)

Install DBeaver on the same machine.

Create a user with GSSAPI authentication

CREATE USER <name> IDENTIFIED VIA gssapi

1. Try to connect as this user using DBeaver with MariaDB JDBC driver - the error is ""Unable to obtain principal name for authentication"

2. Add waffle-jna to the list of client libraries to enable native Windows SSPI
Menu Database/Driver Manager/MariaDB, chose Edit, then Libraries, add Artifact to add com.github.waffle:waffle-jna version 1.9.1
Then Download/update
3. Try to connect again. Class loader is unhappy.

Unexpected driver error occurred while connecting to the database

  loader constraint violation: loader org.jkiss.dbeaver.registry.driver.DriverClassLoader @65b79332 wants to load class com.sun.jna.Pointer. A different class with the same name was previously loaded by org.eclipse.osgi.internal.loader.EquinoxClassLoader @35af1558. (com.sun.jna.Pointer is in unnamed module of loader org.eclipse.osgi.internal.loader.EquinoxClassLoader @35af1558, parent loader 'platform')

I "think" original scenario, with Kerberos and Domain env can be solved somehow, without waffle-jna, using Java-native Kerberos, but if this involves typing password in kinit.exe, this is quite a bad experience. So, it would be much more interesting to get DBeaver to use waffle SSPI support, especially since for DBeave/Postgres SSPI it might already work (https://github.com/dbeaver/dbeaver/issues/17268)

Perhaps it is not a bug, or rather not our bug, but I do not know enough to be sure. Maybe there is a workaround for class loader problems

Possibly relevant : https://bugs.openjdk.org/browse/JDK-8214079 (Native GSSAPI on Windows), seems to have been implemented in latest Java, perhaps it can be used from Connector/J