Uploaded image for project: 'Java Driver'
  1. Java Driver
  2. JAVA-397

authentication for replica set fails frequently because 'getnonce' and 'authenticate' command is issued to different server

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Done
    • Priority: Icon: Major - P3 Major - P3
    • 2.9.0
    • Affects Version/s: 2.6.3
    • Component/s: Cluster Management
    • Environment:
      OS: Ubuntu 11.04 64bit, Mongod: 1.8.2, JDK: Oracle JDK 1.6.0u26, mongo-java-driver: 2.6.3
    • Fully Compatible

      following code returns false.

      import com.mongodb.Mongo
import com.mongodb.ServerAddress

val servers = new java.util.ArrayList[ServerAddress]
servers.add("192.168.10.1",27017)
servers.add("192.168.10.2",27017)
servers.add("192.168.10.3",27017)
val mongo = new Mongo(servers)
mongo.slaveOk // <= IMPORTANT!
mongo.getDB("dbname").authenticate("user","pass".toCharArray)

      'getnonce' and 'authenticate' command seems to be issued to different server.
      ( 'getnonce' issued to 192.168.10.2, 'authenticate' issued to 192.168.10.3)

      and logged following message on the server which received 'authenticate' command.

      auth: bad nonce received or getnonce not called. could be a driver bug or a security attack. db:dbname

      'getnonce' and 'authenticate' should be issued to same server whether 'slaveOk' or not.

            Assignee:
            jeff.yemin@mongodb.com Jeffrey Yemin
            Reporter:
            hito_asa Hitoshi Asai
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: