Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

JAVA-691: Removed authentication mechanism negotiation. Renamed Mongo…

…AuthenticationProtocol to MongoAuthenticationMechanism
  • Loading branch information...
commit 6ab647834716d5aa5e8fa9ae38d1a8f961cf1d16 1 parent 3784566
Jeff Yemin jyemin authored
8 examples/GSSAPICredentialsExample.java
View
@@ -14,8 +14,9 @@
* limitations under the License.
*/
+import com.mongodb.BasicDBObject;
import com.mongodb.DB;
-import com.mongodb.MongoAuthenticationProtocol;
+import com.mongodb.MongoAuthenticationMechanism;
import com.mongodb.MongoClient;
import com.mongodb.MongoClientOptions;
import com.mongodb.MongoCredential;
@@ -45,7 +46,7 @@
// auth.login.defaultCallbackHandler=name of class that implements javax.security.auth.callback.CallbackHandler
public static void main(String[] args) throws UnknownHostException, InterruptedException {
// Set this property to avoid the default behavior where the program prompts on the command line for username/password
- Security.setProperty("auth.login.defaultCallbackHandler", "DefaultSecurityCallbackHandler");
+// Security.setProperty("auth.login.defaultCallbackHandler", "DefaultSecurityCallbackHandler");
String server = args[0];
String user = args[1];
@@ -68,10 +69,11 @@ public static void main(String[] args) throws UnknownHostException, InterruptedE
System.out.println();
MongoClient mongoClient = new MongoClient(new ServerAddress(server),
- Arrays.asList(new MongoCredential(user, MongoAuthenticationProtocol.GSSAPI)),
+ Arrays.asList(new MongoCredential(user, MongoAuthenticationMechanism.GSSAPI)),
new MongoClientOptions.Builder().socketKeepAlive(true).socketTimeout(30000).build());
DB testDB = mongoClient.getDB(databaseName);
+ System.out.println("Insert result: " + testDB.getCollection("test").insert(new BasicDBObject()));
System.out.println("Count: " + testDB.getCollection("test").count());
}
}
48 ...ples/NegotiatedAuthenticationProtocolExample.java → examples/MongoCredentialsExample.java
View
@@ -1,22 +1,23 @@
-/**
- * Copyright (c) 2008 - 2012 10gen, Inc. <http://10gen.com>
- * <p/>
+/*
+ * Copyright (c) 2008 - 2013 10gen, Inc. <http://10gen.com>
+ *
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- * <p/>
- * http://www.apache.org/licenses/LICENSE-2.0
- * <p/>
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
+ *
*/
import com.mongodb.BasicDBObject;
import com.mongodb.DB;
-import com.mongodb.MongoAuthenticationProtocol;
+import com.mongodb.MongoAuthenticationMechanism;
import com.mongodb.MongoClient;
import com.mongodb.MongoClientOptions;
import com.mongodb.MongoCredential;
@@ -25,28 +26,27 @@
import java.net.UnknownHostException;
import java.util.Arrays;
-/**
- * Example usage of NEGOTIATE authentication protocol.
- * <p>
- * Usage:
- * </p>
- * <pre>
- * java NegotiatedAuthenticationProtocolExample server userName password databaseName
- * </pre>
- */
-public class NegotiatedAuthenticationProtocolExample {
- public static void main(String[] args) throws UnknownHostException, InterruptedException {
+public class MongoCredentialsExample {
+ public static void main(String[] args) throws UnknownHostException {
String server = args[0];
String user = args[1];
- String pwd = args[2];
- String db = args[3];
+ String password = args[2];
+ String databaseName = args[3];
+
+ System.out.println("server: " + server);
+ System.out.println("user: " + user);
+ System.out.println("database: " + databaseName);
- MongoCredential credentials = new MongoCredential(user, pwd.toCharArray(), MongoAuthenticationProtocol.NEGOTIATE, db);
+ System.out.println();
- MongoClient mongoClient = new MongoClient(new ServerAddress(server), Arrays.asList(credentials), new MongoClientOptions.Builder().build());
+ MongoClient mongoClient = new MongoClient(new ServerAddress(server),
+ Arrays.asList(new MongoCredential(user, password.toCharArray(), MongoAuthenticationMechanism.MONGO_CR, "test")),
+ new MongoClientOptions.Builder().socketKeepAlive(true).socketTimeout(30000).build());
+ DB testDB = mongoClient.getDB(databaseName);
- DB testDB = mongoClient.getDB(db);
- testDB.getCollection("test").insert(new BasicDBObject());
System.out.println("Count: " + testDB.getCollection("test").count());
+
+ System.out.println("Insert result: " + testDB.getCollection("test").insert(new BasicDBObject()));
+
}
}
2  src/main/com/mongodb/DB.java
View
@@ -614,7 +614,7 @@ public synchronized CommandResult authenticateCommand(String username, char[] pa
}
private CommandResultPair authenticateCommandHelper(String username, char[] password) {
- MongoCredential credentials = new MongoCredential(username, password, MongoAuthenticationProtocol.NEGOTIATE, getName());
+ MongoCredential credentials = new MongoCredential(username, password, MongoAuthenticationMechanism.MONGO_CR, getName());
if (getAuthenticationCredentials() != null) {
if (getAuthenticationCredentials().equals(credentials)) {
12 src/main/com/mongodb/DBPort.java
View
@@ -313,12 +313,12 @@ protected void close(){
CommandResult authenticate(Mongo mongo, final MongoCredential credentials) {
Authenticator authenticator;
- if (credentials.getProtocol() == MongoAuthenticationProtocol.NEGOTIATE) {
- authenticator = getStrongestAuthenticator(mongo, credentials);
- } else if (credentials.getProtocol().equals(MongoAuthenticationProtocol.GSSAPI)) {
+ if (credentials.getMechanism() == MongoAuthenticationMechanism.MONGO_CR) {
+ authenticator = new NativeAuthenticator(mongo, credentials);
+ } else if (credentials.getMechanism().equals(MongoAuthenticationMechanism.GSSAPI)) {
authenticator = new GSSAPIAuthenticator(mongo, credentials);
} else {
- throw new IllegalArgumentException("Unsupported authentication protocol: " + credentials.getProtocol());
+ throw new IllegalArgumentException("Unsupported authentication protocol: " + credentials.getMechanism());
}
CommandResult res = authenticator.authenticate();
authenticatedDatabases.add(credentials.getSource());
@@ -459,8 +459,8 @@ public void handle(final Callback[] callbacks) throws IOException, UnsupportedCa
GSSAPIAuthenticator(final Mongo mongo, final MongoCredential credentials) {
super(mongo, credentials);
- if (!this.credentials.getProtocol().equals(MongoAuthenticationProtocol.GSSAPI)) {
- throw new MongoException("Incorrect mechanism: " + this.credentials.getProtocol());
+ if (!this.credentials.getMechanism().equals(MongoAuthenticationMechanism.GSSAPI)) {
+ throw new MongoException("Incorrect mechanism: " + this.credentials.getMechanism());
}
}
36 ...main/com/mongodb/MongoAuthenticationProtocol.java → ...ain/com/mongodb/MongoAuthenticationMechanism.java
View
@@ -18,9 +18,9 @@
package com.mongodb;
/**
- * An enumeration of the supported authentication protocols.
+ * An enumeration of the supported authentication mechanisms.
*/
-public enum MongoAuthenticationProtocol {
+public enum MongoAuthenticationMechanism {
/**
* The GSSAPI protocol, to support Kerberos v5 via a SASL-based authentication protocol
*/
@@ -33,19 +33,29 @@
public String getDefaultSource() {
return "$external";
}
+
+ @Override
+ public String getMechanismName() {
+ return "GSSAPI";
+ }
},
/**
- * Negotiate the strongest available protocol available. This is the default protocol.
+ * The native MongoDB authentication mechanism. This is an abbreviation for MongoDB Challenge Response.
*/
- NEGOTIATE {
+ MONGO_CR {
/**
* The default source is the "admin" database.
- * @return
+ * @return the "admin" database
*/
@Override
public String getDefaultSource() {
return "admin";
}
+
+ @Override
+ public String getMechanismName() {
+ return "MONGO-CR";
+ }
};
/**
@@ -54,4 +64,20 @@ public String getDefaultSource() {
* @return the default database for this protocol
*/
public abstract String getDefaultSource();
+
+ /**
+ * Gets the mechanism name.
+ * @return the name
+ */
+ public abstract String getMechanismName();
+
+ public static MongoAuthenticationMechanism byMechanismName(String name) {
+ if (name.equals(GSSAPI.getMechanismName())) {
+ return GSSAPI;
+ }
+ if (name.equals(MONGO_CR.getMechanismName())) {
+ return MONGO_CR;
+ }
+ throw new IllegalArgumentException("Invalid authentication mechanism name: " + name);
+ }
}
7 src/main/com/mongodb/MongoClientURI.java
View
@@ -127,7 +127,8 @@
* </ul>
* <p>Authentication configuration:</p>
* <ul>
- * <li>{@code authProtocol=NEGOTIATE|GSSAPI}: The authentication protocol to use. The default is NEGOTIATE.
+ * <li>{@code authProtocol=MONGO-CR|GSSAPI}: The authentication protocol to use if a credential was supplied.
+ * The default is MONGO-CR, which is the native MongoDB Challenge Response mechanism.
* </li>
* <li>{@code authSource=string}: The source of the authentication credentials. This is typically the database that
* the credentials have been created. The value defaults to the database specified in the path portion of the URI.
@@ -388,7 +389,7 @@ private MongoCredential createCredentials(Map<String, List<String>> optionsMap,
return null;
}
- MongoAuthenticationProtocol protocol = MongoAuthenticationProtocol.NEGOTIATE;
+ MongoAuthenticationMechanism protocol = MongoAuthenticationMechanism.MONGO_CR;
String authSource = database;
for (String key : authKeys) {
@@ -399,7 +400,7 @@ private MongoCredential createCredentials(Map<String, List<String>> optionsMap,
}
if (key.equals("authprotocol")) {
- protocol = MongoAuthenticationProtocol.valueOf(value);
+ protocol = MongoAuthenticationMechanism.byMechanismName(value);
} else if (key.equals("authsource")) {
authSource = value;
}
70 src/main/com/mongodb/MongoCredential.java
View
@@ -23,99 +23,99 @@
/**
* Represents credentials to authenticate to a mongo server, as well as the source of the credentials and
- * the authentication protocol to use.
+ * the authentication mechanism to use.
*
* @since 2.11.0
*/
@Immutable
public class MongoCredential {
- private final MongoAuthenticationProtocol protocol;
+ private final MongoAuthenticationMechanism mechanism;
private final String userName;
private final char[] password;
private final String source;
/**
- * Constructs a new instance using the given user name and password and the default protocol and source.
+ * Constructs a new instance using the given user name and password and the default mechanism and source.
*
* @param userName the user name
* @param password the password
*/
public MongoCredential(final String userName, final char[] password) {
- this(userName, password, MongoAuthenticationProtocol.NEGOTIATE);
+ this(userName, password, MongoAuthenticationMechanism.MONGO_CR);
}
/**
- * Constructs a new instance using the given user name, password and source and the default protocol.
+ * Constructs a new instance using the given user name, password and source and the default mechanism.
*
* @param userName the user name
* @param password the password
* @param source the source of the credentials
*/
public MongoCredential(final String userName, final char[] password, String source) {
- this(userName, password, MongoAuthenticationProtocol.NEGOTIATE, source);
+ this(userName, password, MongoAuthenticationMechanism.MONGO_CR, source);
}
/**
- * Constructs a new instance using the given user name, password and protocol and the default source for that protocol.
+ * Constructs a new instance using the given user name, password and mechanism and the default source for that mechanism.
*
* @param userName the user name
* @param password the password
- * @param protocol the protocol to use for authentication
+ * @param mechanism the mechanism to use for authentication
*/
- public MongoCredential(final String userName, final char[] password, MongoAuthenticationProtocol protocol) {
- this(userName, password, protocol, null);
+ public MongoCredential(final String userName, final char[] password, MongoAuthenticationMechanism mechanism) {
+ this(userName, password, mechanism, null);
}
/**
- * Constructs a new instance using the given user name and protocol. This really only applies to the GSSAPI
- * protocol, since it's the only one that doesn't require a password.
+ * Constructs a new instance using the given user name and mechanism. This really only applies to the GSSAPI
+ * mechanism, since it's the only one that doesn't require a password.
*
* @param userName the user name
- * @param protocol the protocol to use for authentication
+ * @param mechanism the mechanism to use for authentication
*/
- public MongoCredential(final String userName, final MongoAuthenticationProtocol protocol) {
- this(userName, null, protocol);
+ public MongoCredential(final String userName, final MongoAuthenticationMechanism mechanism) {
+ this(userName, null, mechanism);
}
/**
/**
- * Constructs a new instance using the given user name, password, protocol, and source.
+ * Constructs a new instance using the given user name, password, mechanism, and source.
*
* @param userName the user name
* @param password the password
- * @param protocol the protocol
+ * @param mechanism the mechanism
* @param source the source of the credentials
*/
- public MongoCredential(final String userName, final char[] password, MongoAuthenticationProtocol protocol, String source) {
+ public MongoCredential(final String userName, final char[] password, MongoAuthenticationMechanism mechanism, String source) {
if (userName == null) {
throw new IllegalArgumentException();
}
- if (protocol == null) {
+ if (mechanism == null) {
throw new IllegalArgumentException();
}
- if (protocol == MongoAuthenticationProtocol.NEGOTIATE && password == null) {
- throw new IllegalArgumentException("password can not be null for " + MongoAuthenticationProtocol.NEGOTIATE);
+ if (mechanism == MongoAuthenticationMechanism.MONGO_CR && password == null) {
+ throw new IllegalArgumentException("password can not be null for " + MongoAuthenticationMechanism.MONGO_CR);
}
- if (protocol == MongoAuthenticationProtocol.GSSAPI && password != null) {
- throw new IllegalArgumentException("password must be null for " + MongoAuthenticationProtocol.GSSAPI);
+ if (mechanism == MongoAuthenticationMechanism.GSSAPI && password != null) {
+ throw new IllegalArgumentException("password must be null for " + MongoAuthenticationMechanism.GSSAPI);
}
this.userName = userName;
this.password = password;
- this.source = source != null ? source : getDefaultDatabase(protocol);
- this.protocol = protocol;
+ this.source = source != null ? source : getDefaultDatabase(mechanism);
+ this.mechanism = mechanism;
}
/**
* Gets the mechanism
*
- * @return the mechanism. Can be null if the mechanism should be negotiated.
+ * @return the mechanism.
*/
- public MongoAuthenticationProtocol getProtocol() {
- return protocol;
+ public MongoAuthenticationMechanism getMechanism() {
+ return mechanism;
}
/**
@@ -140,7 +140,7 @@ public String getUserName() {
}
/**
- * Gets the source, which is usually the name of the database that the credentials are stored in..
+ * Gets the source, which is usually the name of the database that the credentials are stored in.
*
* @return the source.
*/
@@ -156,7 +156,7 @@ public boolean equals(final Object o) {
final MongoCredential that = (MongoCredential) o;
if (!Arrays.equals(password, that.password)) return false;
- if (protocol != that.protocol) return false;
+ if (mechanism != that.mechanism) return false;
if (!source.equals(that.source)) return false;
if (!userName.equals(that.userName)) return false;
@@ -165,7 +165,7 @@ public boolean equals(final Object o) {
@Override
public int hashCode() {
- int result = protocol.hashCode();
+ int result = mechanism.hashCode();
result = 31 * result + userName.hashCode();
result = 31 * result + (password != null ? Arrays.hashCode(password) : 0);
result = 31 * result + source.hashCode();
@@ -175,18 +175,18 @@ public int hashCode() {
@Override
public String toString() {
return "MongoCredentials{" +
- "protocol=" + protocol +
+ "mechanism=" + mechanism +
", userName='" + userName +
", password=" + "<hidden>" +
", source='" + source +
'}';
}
- private String getDefaultDatabase(final MongoAuthenticationProtocol protocol) {
- if (protocol == null) {
+ private String getDefaultDatabase(final MongoAuthenticationMechanism mechanism) {
+ if (mechanism == null) {
return "admin";
} else {
- return protocol.getDefaultSource();
+ return mechanism.getDefaultSource();
}
}
}
9 src/test/com/mongodb/MongoClientURITest.java
View
@@ -21,8 +21,8 @@
import org.testng.annotations.Test;
import javax.net.SocketFactory;
-import java.net.UnknownHostException;
import javax.net.ssl.SSLSocketFactory;
+import java.net.UnknownHostException;
public class MongoClientURITest extends TestCase {
@@ -86,10 +86,13 @@ public void testUserPass() {
assertEquals("host", u.getHosts().get(0));
assertEquals("user", u.getUsername());
assertEquals("pass", new String(u.getPassword()));
- assertEquals(new MongoCredential("user", "pass".toCharArray(), MongoAuthenticationProtocol.NEGOTIATE, "bar"), u.getCredentials());
+ assertEquals(new MongoCredential("user", "pass".toCharArray(), MongoAuthenticationMechanism.MONGO_CR, "bar"), u.getCredentials());
u = new MongoClientURI("mongodb://user@host/?authProtocol=GSSAPI");
- assertEquals(new MongoCredential("user", MongoAuthenticationProtocol.GSSAPI), u.getCredentials());
+ assertEquals(new MongoCredential("user", MongoAuthenticationMechanism.GSSAPI), u.getCredentials());
+
+ u = new MongoClientURI("mongodb://user:pass@host/?authProtocol=MONGO-CR");
+ assertEquals(new MongoCredential("user", "pass".toCharArray(), MongoAuthenticationMechanism.MONGO_CR), u.getCredentials());
u = new MongoClientURI("mongodb://user:pass@host/?authSource=test");
assertEquals(new MongoCredential("user", "pass".toCharArray(), "test"), u.getCredentials());
22 src/test/com/mongodb/MongoCredentialTest.java
View
@@ -34,42 +34,42 @@ public void testCredentials() {
credentials = new MongoCredential("user", "pwd".toCharArray());
assertEquals("user", credentials.getUserName());
assertArrayEquals("pwd".toCharArray(), credentials.getPassword());
- assertEquals(MongoAuthenticationProtocol.NEGOTIATE, credentials.getProtocol());
+ assertEquals(MongoAuthenticationMechanism.MONGO_CR, credentials.getMechanism());
assertEquals("admin", credentials.getSource());
credentials = new MongoCredential("user", "pwd".toCharArray(), "test");
assertEquals("user", credentials.getUserName());
assertArrayEquals("pwd".toCharArray(), credentials.getPassword());
- assertEquals(MongoAuthenticationProtocol.NEGOTIATE, credentials.getProtocol());
+ assertEquals(MongoAuthenticationMechanism.MONGO_CR, credentials.getMechanism());
assertEquals("test", credentials.getSource());
- credentials = new MongoCredential("user", "pwd".toCharArray(), MongoAuthenticationProtocol.NEGOTIATE);
+ credentials = new MongoCredential("user", "pwd".toCharArray(), MongoAuthenticationMechanism.MONGO_CR);
assertEquals("user", credentials.getUserName());
assertArrayEquals("pwd".toCharArray(), credentials.getPassword());
- assertEquals(MongoAuthenticationProtocol.NEGOTIATE, credentials.getProtocol());
+ assertEquals(MongoAuthenticationMechanism.MONGO_CR, credentials.getMechanism());
assertEquals("admin", credentials.getSource());
- credentials = new MongoCredential("user", MongoAuthenticationProtocol.GSSAPI);
+ credentials = new MongoCredential("user", MongoAuthenticationMechanism.GSSAPI);
assertEquals("user", credentials.getUserName());
assertNull(credentials.getPassword());
- assertEquals(MongoAuthenticationProtocol.GSSAPI, credentials.getProtocol());
+ assertEquals(MongoAuthenticationMechanism.GSSAPI, credentials.getMechanism());
assertEquals("$external", credentials.getSource());
- credentials = new MongoCredential("user", "pwd".toCharArray(), MongoAuthenticationProtocol.NEGOTIATE, "test");
+ credentials = new MongoCredential("user", "pwd".toCharArray(), MongoAuthenticationMechanism.MONGO_CR, "test");
assertEquals("user", credentials.getUserName());
assertArrayEquals("pwd".toCharArray(), credentials.getPassword());
- assertEquals(MongoAuthenticationProtocol.NEGOTIATE, credentials.getProtocol());
+ assertEquals(MongoAuthenticationMechanism.MONGO_CR, credentials.getMechanism());
assertEquals("test", credentials.getSource());
try {
- new MongoCredential("user", null, MongoAuthenticationProtocol.NEGOTIATE, "test");
- fail("STRONGEST must have a password");
+ new MongoCredential("user", null, MongoAuthenticationMechanism.MONGO_CR, "test");
+ fail("MONGO-CR must have a password");
} catch (IllegalArgumentException e) {
// all good
}
try {
- new MongoCredential("user", "a".toCharArray(), MongoAuthenticationProtocol.GSSAPI);
+ new MongoCredential("user", "a".toCharArray(), MongoAuthenticationMechanism.GSSAPI);
fail("GSSAPI must not have a password");
} catch (IllegalArgumentException e) {
// all good
2  src/test/com/mongodb/MongoURITest.java
View
@@ -32,7 +32,7 @@ public void testGetters() {
MongoURI mongoURI = new MongoURI( "mongodb://user:pwd@localhost/test.mongoURITest?safe=false");
assertEquals("user", mongoURI.getUsername());
assertEquals("pwd", new String(mongoURI.getPassword()));
- assertEquals(new MongoCredential("user", "pwd".toCharArray(), MongoAuthenticationProtocol.NEGOTIATE, "test"), mongoURI.getCredentials());
+ assertEquals(new MongoCredential("user", "pwd".toCharArray(), MongoAuthenticationMechanism.MONGO_CR, "test"), mongoURI.getCredentials());
assertEquals(Arrays.asList("localhost"), mongoURI.getHosts());
assertEquals("test", mongoURI.getDatabase());
assertEquals("mongoURITest", mongoURI.getCollection());
Please sign in to comment.
Something went wrong with that request. Please try again.