Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

JAVA-691: Fixed a bug in CRAM-MD5 privilege acquisition

  • Loading branch information...
commit 393bb8b72dec1d159a5a1dd228e62b3c5777e494 1 parent 6cc2351
@jyemin jyemin authored
Showing with 14 additions and 2 deletions.
  1. +14 −2 src/main/com/mongodb/DBPort.java
View
16 src/main/com/mongodb/DBPort.java
@@ -414,13 +414,18 @@ protected Object getMechanism() {
return CRAM_MD5_MECHANISM;
}
+ @Override
+ protected String getUserNameForMechanism() {
+ return mongo.getCredentials().getDatabase() + "$" + mongo.getCredentials().getUserName();
+ }
+
class CredentialsHandlingCallbackHandler implements CallbackHandler {
public void handle(final Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (Callback callback : callbacks) {
if (callback instanceof NameCallback) {
NameCallback nameCallback = (NameCallback) callback;
- nameCallback.setName(mongo.getCredentials().getDatabase() + "$" + mongo.getCredentials().getUserName());
+ nameCallback.setName(getUserNameForMechanism());
}
if (callback instanceof PasswordCallback) {
PasswordCallback passwordCallback = (PasswordCallback) callback;
@@ -483,6 +488,11 @@ protected Object getMechanism() {
return GSSAPI_MECHANISM;
}
+ @Override
+ protected String getUserNameForMechanism() {
+ return mongo.getCredentials().getUserName();
+ }
+
private GSSCredential getGSSCredential(String userName) throws GSSException {
Oid krb5Mechanism = new Oid(GSSAPI_OID);
GSSManager manager = GSSManager.getInstance();
@@ -554,6 +564,8 @@ void authenticate() {
protected abstract Object getMechanism();
+ protected abstract String getUserNameForMechanism();
+
private CommandResult sendSaslStart(final byte[] outToken) throws IOException {
DBObject cmd = new BasicDBObject("saslStart", 1).append("mechanism", getMechanism()).append("payload",
outToken != null ? outToken : new byte[0]);
@@ -572,7 +584,7 @@ public void acquirePrivilegeForDatabase(final DB db) throws IOException {
if (authorizeDatabases.get(db) == null) {
BasicDBObject acquirePrivilegeCmd = new BasicDBObject("acquirePrivilege", 1).
- append("principal", db.getMongo().getCredentials().getUserName()).
+ append("principal", getUserNameForMechanism()).
append("resource", db.getName()).
append("actions", Arrays.asList("oldWrite"));
CommandResult res = runCommand(db.getSisterDB("admin"), acquirePrivilegeCmd);
Please sign in to comment.
Something went wrong with that request. Please try again.