JAVA-691: Removed authentication mechanism negotiation. Renamed MongoAuthenticationProtocol to MongoAuthenticationMechanism

Author: jyemin

examples/GSSAPICredentialsExample.java

@@ -14,8 +14,9 @@
  * limitations under the License.
  */
 
+import com.mongodb.BasicDBObject;
 import com.mongodb.DB;
-import com.mongodb.MongoAuthenticationProtocol;
+import com.mongodb.MongoAuthenticationMechanism;
 import com.mongodb.MongoClient;
 import com.mongodb.MongoClientOptions;
 import com.mongodb.MongoCredential;
@@ -45,7 +46,7 @@ public class GSSAPICredentialsExample {
     // auth.login.defaultCallbackHandler=name of class that implements javax.security.auth.callback.CallbackHandler
     public static void main(String[] args) throws UnknownHostException, InterruptedException {
         // Set this property to avoid the default behavior where the program prompts on the command line for username/password
-        Security.setProperty("auth.login.defaultCallbackHandler", "DefaultSecurityCallbackHandler");
+//        Security.setProperty("auth.login.defaultCallbackHandler", "DefaultSecurityCallbackHandler");
 
         String server = args[0];
         String user = args[1];
@@ -68,10 +69,11 @@ public static void main(String[] args) throws UnknownHostException, InterruptedE
         System.out.println();
 
         MongoClient mongoClient = new MongoClient(new ServerAddress(server),
-                        Arrays.asList(new MongoCredential(user, MongoAuthenticationProtocol.GSSAPI)),
+                        Arrays.asList(new MongoCredential(user, MongoAuthenticationMechanism.GSSAPI)),
                 new MongoClientOptions.Builder().socketKeepAlive(true).socketTimeout(30000).build());
         DB testDB = mongoClient.getDB(databaseName);
 
+        System.out.println("Insert result: " + testDB.getCollection("test").insert(new BasicDBObject()));
         System.out.println("Count: " + testDB.getCollection("test").count());
     }
 }

examples/NegotiatedAuthenticationProtocolExample.java renamed to examples/MongoCredentialsExample.java

@@ -1,22 +1,23 @@
-/**
- * Copyright (c) 2008 - 2012 10gen, Inc. <http://10gen.com>
- * <p/>
+/*
+ * Copyright (c) 2008 - 2013 10gen, Inc. <http://10gen.com>
+ *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
- * <p/>
- * http://www.apache.org/licenses/LICENSE-2.0
- * <p/>
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
+ *
  */
 
 import com.mongodb.BasicDBObject;
 import com.mongodb.DB;
-import com.mongodb.MongoAuthenticationProtocol;
+import com.mongodb.MongoAuthenticationMechanism;
 import com.mongodb.MongoClient;
 import com.mongodb.MongoClientOptions;
 import com.mongodb.MongoCredential;
@@ -25,28 +26,27 @@
 import java.net.UnknownHostException;
 import java.util.Arrays;
 
-/**
- * Example usage of NEGOTIATE authentication protocol.
- * <p>
- * Usage:
- * </p>
- * <pre>
- *     java NegotiatedAuthenticationProtocolExample server userName password databaseName
- * </pre>
- */
-public class NegotiatedAuthenticationProtocolExample {
-    public static void main(String[] args) throws UnknownHostException, InterruptedException {
+public class MongoCredentialsExample {
+    public static void main(String[] args) throws UnknownHostException {
         String server = args[0];
         String user = args[1];
-        String pwd = args[2];
-        String db = args[3];
+        String password = args[2];
+        String databaseName = args[3];
+
+        System.out.println("server: " + server);
+        System.out.println("user: " + user);
+        System.out.println("database: " + databaseName);
 
-        MongoCredential credentials = new MongoCredential(user, pwd.toCharArray(), MongoAuthenticationProtocol.NEGOTIATE, db);
+        System.out.println();
 
-        MongoClient mongoClient = new MongoClient(new ServerAddress(server), Arrays.asList(credentials), new MongoClientOptions.Builder().build());
+        MongoClient mongoClient = new MongoClient(new ServerAddress(server),
+                Arrays.asList(new MongoCredential(user, password.toCharArray(), MongoAuthenticationMechanism.MONGO_CR, "test")),
+                new MongoClientOptions.Builder().socketKeepAlive(true).socketTimeout(30000).build());
+        DB testDB = mongoClient.getDB(databaseName);
 
-        DB testDB = mongoClient.getDB(db);
-        testDB.getCollection("test").insert(new BasicDBObject());
         System.out.println("Count: " + testDB.getCollection("test").count());
+
+        System.out.println("Insert result: " + testDB.getCollection("test").insert(new BasicDBObject()));
+
     }
 }

src/main/com/mongodb/DB.java

@@ -614,7 +614,7 @@ public synchronized CommandResult authenticateCommand(String username, char[] pa
     }
 
     private CommandResultPair authenticateCommandHelper(String username, char[] password) {
-        MongoCredential credentials = new MongoCredential(username, password, MongoAuthenticationProtocol.NEGOTIATE, getName());
+        MongoCredential credentials = new MongoCredential(username, password, MongoAuthenticationMechanism.MONGO_CR, getName());
 
         if (getAuthenticationCredentials() != null) {
             if (getAuthenticationCredentials().equals(credentials)) {

src/main/com/mongodb/DBPort.java

@@ -313,12 +313,12 @@ protected void close(){
 
     CommandResult authenticate(Mongo mongo, final MongoCredential credentials) {
         Authenticator authenticator;
-        if (credentials.getProtocol() == MongoAuthenticationProtocol.NEGOTIATE) {
-            authenticator = getStrongestAuthenticator(mongo, credentials);
-        } else if (credentials.getProtocol().equals(MongoAuthenticationProtocol.GSSAPI)) {
+        if (credentials.getMechanism() == MongoAuthenticationMechanism.MONGO_CR) {
+            authenticator = new NativeAuthenticator(mongo, credentials);
+        } else if (credentials.getMechanism().equals(MongoAuthenticationMechanism.GSSAPI)) {
             authenticator = new GSSAPIAuthenticator(mongo, credentials);
         } else {
-            throw new IllegalArgumentException("Unsupported authentication protocol: " + credentials.getProtocol());
+            throw new IllegalArgumentException("Unsupported authentication protocol: " + credentials.getMechanism());
         }
         CommandResult res = authenticator.authenticate();
         authenticatedDatabases.add(credentials.getSource());
@@ -459,8 +459,8 @@ class GSSAPIAuthenticator extends SaslAuthenticator {
         GSSAPIAuthenticator(final Mongo mongo, final MongoCredential credentials) {
             super(mongo, credentials);
 
-            if (!this.credentials.getProtocol().equals(MongoAuthenticationProtocol.GSSAPI)) {
-                throw new MongoException("Incorrect mechanism: " + this.credentials.getProtocol());
+            if (!this.credentials.getMechanism().equals(MongoAuthenticationMechanism.GSSAPI)) {
+                throw new MongoException("Incorrect mechanism: " + this.credentials.getMechanism());
             }
         }
 

src/main/com/mongodb/MongoAuthenticationProtocol.java renamed to src/main/com/mongodb/MongoAuthenticationMechanism.java

@@ -18,9 +18,9 @@
 package com.mongodb;
 
 /**
- * An enumeration of the supported authentication protocols.
+ * An enumeration of the supported authentication mechanisms.
  */
-public enum MongoAuthenticationProtocol {
+public enum MongoAuthenticationMechanism {
     /**
      * The GSSAPI protocol, to support Kerberos v5 via a SASL-based authentication protocol
      */
@@ -33,19 +33,29 @@ public enum MongoAuthenticationProtocol {
         public String getDefaultSource() {
             return "$external";
         }
+
+        @Override
+        public String getMechanismName() {
+            return "GSSAPI";
+        }
     },
     /**
-     * Negotiate the strongest available protocol available.  This is the default protocol.
+     * The native MongoDB authentication mechanism.  This is an abbreviation for MongoDB Challenge Response.
      */
-    NEGOTIATE {
+    MONGO_CR {
         /**
          * The default source is the "admin" database.
-         * @return
+         * @return the "admin" database
          */
         @Override
         public String getDefaultSource() {
             return "admin";
         }
+
+        @Override
+        public String getMechanismName() {
+            return "MONGO-CR";
+        }
     };
 
     /**
@@ -54,4 +64,20 @@ public String getDefaultSource() {
      * @return the default database for this protocol
      */
     public abstract String getDefaultSource();
+
+    /**
+     * Gets the mechanism name.
+     * @return the name
+     */
+    public abstract String getMechanismName();
+
+    public static MongoAuthenticationMechanism byMechanismName(String name) {
+        if (name.equals(GSSAPI.getMechanismName())) {
+            return GSSAPI;
+        }
+        if (name.equals(MONGO_CR.getMechanismName())) {
+            return MONGO_CR;
+        }
+        throw new IllegalArgumentException("Invalid authentication mechanism name: " + name);
+    }
 }

src/main/com/mongodb/MongoClientURI.java

@@ -127,7 +127,8 @@
  * </ul>
  * <p>Authentication configuration:</p>
  * <ul>
- * <li>{@code authProtocol=NEGOTIATE|GSSAPI}: The authentication protocol to use.  The default is NEGOTIATE.
+ * <li>{@code authProtocol=MONGO-CR|GSSAPI}: The authentication protocol to use if a credential was supplied.
+ * The default is MONGO-CR, which is the native MongoDB Challenge Response mechanism.
  * </li>
  * <li>{@code authSource=string}: The source of the authentication credentials.  This is typically the database that
  * the credentials have been created.  The value defaults to the database specified in the path portion of the URI.
@@ -388,7 +389,7 @@ private MongoCredential createCredentials(Map<String, List<String>> optionsMap,
             return null;
         }
 
-        MongoAuthenticationProtocol protocol = MongoAuthenticationProtocol.NEGOTIATE;
+        MongoAuthenticationMechanism protocol = MongoAuthenticationMechanism.MONGO_CR;
         String authSource = database;
 
         for (String key : authKeys) {
@@ -399,7 +400,7 @@ private MongoCredential createCredentials(Map<String, List<String>> optionsMap,
             }
 
             if (key.equals("authprotocol")) {
-                protocol = MongoAuthenticationProtocol.valueOf(value);
+                protocol = MongoAuthenticationMechanism.byMechanismName(value);
             } else if (key.equals("authsource")) {
                 authSource = value;
             }