Permalink
Browse files

JAVA-691: Replacing authentication mechanism enum with String, so tha…

…t it's extensible in the future
  • Loading branch information...
1 parent 2ed798f commit a12d953a9d525f883565a361bc342c97d852d580 @jyemin jyemin committed Feb 13, 2013
@@ -16,7 +16,6 @@
import com.mongodb.BasicDBObject;
import com.mongodb.DB;
-import com.mongodb.MongoAuthenticationMechanism;
import com.mongodb.MongoClient;
import com.mongodb.MongoClientOptions;
import com.mongodb.MongoCredential;
@@ -69,7 +68,7 @@ public static void main(String[] args) throws UnknownHostException, InterruptedE
System.out.println();
MongoClient mongoClient = new MongoClient(new ServerAddress(server),
- Arrays.asList(new MongoCredential(user, MongoAuthenticationMechanism.GSSAPI)),
+ Arrays.asList(MongoCredential.createGSSAPICredential(user)),
new MongoClientOptions.Builder().socketKeepAlive(true).socketTimeout(30000).build());
DB testDB = mongoClient.getDB(databaseName);
@@ -17,7 +17,6 @@
import com.mongodb.BasicDBObject;
import com.mongodb.DB;
-import com.mongodb.MongoAuthenticationMechanism;
import com.mongodb.MongoClient;
import com.mongodb.MongoClientOptions;
import com.mongodb.MongoCredential;
@@ -40,7 +39,7 @@ public static void main(String[] args) throws UnknownHostException {
System.out.println();
MongoClient mongoClient = new MongoClient(new ServerAddress(server),
- Arrays.asList(new MongoCredential(user, password.toCharArray(), MongoAuthenticationMechanism.MONGO_CR, "test")),
+ Arrays.asList(MongoCredential.createMongoCRCredential(user, "test", password.toCharArray())),
new MongoClientOptions.Builder().socketKeepAlive(true).socketTimeout(30000).build());
DB testDB = mongoClient.getDB(databaseName);
@@ -614,8 +614,8 @@ public synchronized CommandResult authenticateCommand(String username, char[] pa
}
private CommandResultPair authenticateCommandHelper(String username, char[] password) {
- MongoCredential credentials = new MongoCredential(username, password, MongoAuthenticationMechanism.MONGO_CR, getName());
-
+ MongoCredential credentials =
+ MongoCredential.createMongoCRCredential(username, getName(), password);
if (getAuthenticationCredentials() != null) {
if (getAuthenticationCredentials().equals(credentials)) {
if (authenticationTestCommandResult != null) {
@@ -42,7 +42,6 @@
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
-import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.atomic.AtomicLong;
@@ -313,9 +312,9 @@ protected void close(){
CommandResult authenticate(Mongo mongo, final MongoCredential credentials) {
Authenticator authenticator;
- if (credentials.getMechanism() == MongoAuthenticationMechanism.MONGO_CR) {
+ if (credentials.getMechanism().equals(MongoCredential.MONGO_CR_MECHANISM)) {
authenticator = new NativeAuthenticator(mongo, credentials);
- } else if (credentials.getMechanism().equals(MongoAuthenticationMechanism.GSSAPI)) {
+ } else if (credentials.getMechanism().equals(MongoCredential.GSSAPI_MECHANISM)) {
authenticator = new GSSAPIAuthenticator(mongo, credentials);
} else {
throw new IllegalArgumentException("Unsupported authentication protocol: " + credentials.getMechanism());
@@ -335,30 +334,6 @@ void checkAuth(Mongo mongo) throws IOException {
}
}
- private Authenticator getStrongestAuthenticator(final Mongo mongo, MongoCredential credentials) {
- if (useCRAMAuthenticationProtocol == null) {
- cacheStrongestAuthenticationProtocol(mongo);
- }
-
- if (useCRAMAuthenticationProtocol) {
- return new GenericSaslAuthenticator(mongo, credentials, GenericSaslAuthenticator.CRAM_MD5);
- } else {
- return new NativeAuthenticator(mongo, credentials);
- }
- }
-
- // Since the driver currently only support CRAM-MD5 as a generic SASL authenticator, simple determine whether
- // that is a supported mechanism.
- private void cacheStrongestAuthenticationProtocol(final Mongo mongo) {
- try {
- CommandResult res = runCommand(mongo.getDB("admin"), new BasicDBObject("saslStart", 1).append("mechanism", ""));
- useCRAMAuthenticationProtocol = res.get("supportedMechanisms") != null &&
- ((List) res.get("supportedMechanisms")).contains(GenericSaslAuthenticator.CRAM_MD5);
- } catch (IOException e) {
- throw new MongoException.Network("IOException authenticating the connection", e);
- }
- }
-
/**
* Gets the pool that this port belongs to.
* @return the pool that this port belongs to.
@@ -416,7 +391,7 @@ public DBPortPool getPool() {
protected SaslClient createSaslClient() {
try {
return Sasl.createSaslClient(new String[]{mechanism},
- credentials.getUserName(), MONGODB_PROTOCOL,
+ credential.getUserName(), MONGODB_PROTOCOL,
serverAddress().getHost(), null, new CredentialsHandlingCallbackHandler());
} catch (SaslException e) {
throw new MongoException("Exception initializing SASL client", e);
@@ -425,7 +400,7 @@ protected SaslClient createSaslClient() {
@Override
protected DB getDatabase() {
- return mongo.getDB(credentials.getSource());
+ return mongo.getDB(credential.getSource());
}
@Override
@@ -439,12 +414,12 @@ public void handle(final Callback[] callbacks) throws IOException, UnsupportedCa
for (Callback callback : callbacks) {
if (callback instanceof NameCallback) {
NameCallback nameCallback = (NameCallback) callback;
- nameCallback.setName(credentials.getUserName());
+ nameCallback.setName(credential.getUserName());
}
if (callback instanceof PasswordCallback) {
PasswordCallback passwordCallback = (PasswordCallback) callback;
- String hashedPassword = new String(NativeAuthenticationHelper.createHash(credentials.getUserName(),
- credentials.getPassword()));
+ String hashedPassword = new String(NativeAuthenticationHelper.createHash(
+ credential.getUserName(), credential.getPassword()));
passwordCallback.setPassword(hashedPassword.toCharArray());
}
}
@@ -454,23 +429,23 @@ public void handle(final Callback[] callbacks) throws IOException, UnsupportedCa
class GSSAPIAuthenticator extends SaslAuthenticator {
public static final String GSSAPI_OID = "1.2.840.113554.1.2.2";
- public static final String GSSAPI_MECHANISM = "GSSAPI";
+ public static final String GSSAPI_MECHANISM = MongoCredential.GSSAPI_MECHANISM;
GSSAPIAuthenticator(final Mongo mongo, final MongoCredential credentials) {
super(mongo, credentials);
- if (!this.credentials.getMechanism().equals(MongoAuthenticationMechanism.GSSAPI)) {
- throw new MongoException("Incorrect mechanism: " + this.credentials.getMechanism());
+ if (!this.credential.getMechanism().equals(MongoCredential.GSSAPI_MECHANISM)) {
+ throw new MongoException("Incorrect mechanism: " + this.credential.getMechanism());
}
}
@Override
protected SaslClient createSaslClient() {
try {
Map<String, Object> props = new HashMap<String, Object>();
- props.put(Sasl.CREDENTIALS, getGSSCredential(credentials.getUserName()));
+ props.put(Sasl.CREDENTIALS, getGSSCredential(credential.getUserName()));
- return Sasl.createSaslClient(new String[]{GSSAPI_MECHANISM}, credentials.getUserName(), MONGODB_PROTOCOL,
+ return Sasl.createSaslClient(new String[]{GSSAPI_MECHANISM}, credential.getUserName(), MONGODB_PROTOCOL,
serverAddress().getHost(), props, null);
} catch (SaslException e) {
throw new MongoException("Exception initializing SASL client", e);
@@ -481,7 +456,7 @@ protected SaslClient createSaslClient() {
@Override
protected DB getDatabase() {
- return mongo.getDB(credentials.getSource());
+ return mongo.getDB(credential.getSource());
}
@Override
@@ -565,12 +540,12 @@ private CommandResult sendSaslContinue(final int conversationId, final byte[] ou
@Override
public CommandResult authenticate() {
try {
- DB db = mongo.getDB(credentials.getSource());
+ DB db = mongo.getDB(credential.getSource());
CommandResult res = runCommand(db, NativeAuthenticationHelper.getNonceCommand());
res.throwOnError();
- res = runCommand(db, NativeAuthenticationHelper.getAuthCommand(credentials.getUserName(),
- credentials.getPassword(), res.getString("nonce")));
+ res = runCommand(db, NativeAuthenticationHelper.getAuthCommand(credential.getUserName(),
+ credential.getPassword(), res.getString("nonce")));
res.throwOnError();
return res;
} catch (IOException e) {
@@ -581,11 +556,11 @@ public CommandResult authenticate() {
abstract class Authenticator {
protected final Mongo mongo;
- protected final MongoCredential credentials;
+ protected final MongoCredential credential;
- Authenticator(Mongo mongo, MongoCredential credentials) {
+ Authenticator(Mongo mongo, MongoCredential credential) {
this.mongo = mongo;
- this.credentials = credentials;
+ this.credential = credential;
}
abstract CommandResult authenticate();
@@ -1,83 +0,0 @@
-/*
- * Copyright (c) 2008 - 2013 10gen, Inc. <http://10gen.com>
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-
-package com.mongodb;
-
-/**
- * An enumeration of the supported authentication mechanisms.
- */
-public enum MongoAuthenticationMechanism {
- /**
- * The GSSAPI protocol, to support Kerberos v5 via a SASL-based authentication protocol
- */
- GSSAPI {
- /**
- * The default source for GSSAPI is a reserved name that doesn't correspond to any database.
- * @return the default source.
- */
- @Override
- public String getDefaultSource() {
- return "$external";
- }
-
- @Override
- public String getMechanismName() {
- return "GSSAPI";
- }
- },
- /**
- * The native MongoDB authentication mechanism. This is an abbreviation for MongoDB Challenge Response.
- */
- MONGO_CR {
- /**
- * The default source is the "admin" database.
- * @return the "admin" database
- */
- @Override
- public String getDefaultSource() {
- return "admin";
- }
-
- @Override
- public String getMechanismName() {
- return "MONGO-CR";
- }
- };
-
- /**
- * Gets the default source for this mechanism, usually a database name.
- *
- * @return the default database for this protocol
- */
- public abstract String getDefaultSource();
-
- /**
- * Gets the mechanism name.
- * @return the name
- */
- public abstract String getMechanismName();
-
- public static MongoAuthenticationMechanism byMechanismName(String name) {
- if (name.equals(GSSAPI.getMechanismName())) {
- return GSSAPI;
- }
- if (name.equals(MONGO_CR.getMechanismName())) {
- return MONGO_CR;
- }
- throw new IllegalArgumentException("Invalid authentication mechanism name: " + name);
- }
-}
@@ -389,7 +389,11 @@ private MongoCredential createCredentials(Map<String, List<String>> optionsMap,
return null;
}
- MongoAuthenticationMechanism protocol = MongoAuthenticationMechanism.MONGO_CR;
+ if (database == null) {
+ database = "admin";
+ }
+
+ String mechanism = MongoCredential.MONGO_CR_MECHANISM;
String authSource = database;
for (String key : authKeys) {
@@ -400,13 +404,18 @@ private MongoCredential createCredentials(Map<String, List<String>> optionsMap,
}
if (key.equals("authprotocol")) {
- protocol = MongoAuthenticationMechanism.byMechanismName(value);
+ mechanism = value;
} else if (key.equals("authsource")) {
authSource = value;
}
}
- return new MongoCredential(userName, password, protocol, authSource);
+ if (mechanism.equals(MongoCredential.GSSAPI_MECHANISM)) {
+ return MongoCredential.createGSSAPICredential(userName);
+ }
+ else {
+ return MongoCredential.createMongoCRCredential(userName, authSource, password);
+ }
}
private String getLastValue(final Map<String, List<String>> optionsMap, final String key) {
Oops, something went wrong.

0 comments on commit a12d953

Please sign in to comment.