Uploaded image for project: 'Java Driver'
  1. Java Driver
  2. JAVA-397

authentication for replica set fails frequently because 'getnonce' and 'authenticate' command is issued to different server

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major - P3
    • Resolution: Done
    • 2.6.3
    • 2.9.0
    • Cluster Management
    • OS: Ubuntu 11.04 64bit, Mongod: 1.8.2, JDK: Oracle JDK 1.6.0u26, mongo-java-driver: 2.6.3
    • Fully Compatible

    Description

      following code returns false.

      import com.mongodb.Mongo
      import com.mongodb.ServerAddress
       
      val servers = new java.util.ArrayList[ServerAddress]
      servers.add("192.168.10.1",27017)
      servers.add("192.168.10.2",27017)
      servers.add("192.168.10.3",27017)
      val mongo = new Mongo(servers)
      mongo.slaveOk // <= IMPORTANT!
      mongo.getDB("dbname").authenticate("user","pass".toCharArray)

      'getnonce' and 'authenticate' command seems to be issued to different server.
      ( 'getnonce' issued to 192.168.10.2, 'authenticate' issued to 192.168.10.3)

      and logged following message on the server which received 'authenticate' command.

      auth: bad nonce received or getnonce not called. could be a driver bug or a security attack. db:dbname

      'getnonce' and 'authenticate' should be issued to same server whether 'slaveOk' or not.

      Attachments

        Issue Links

          Activity

            People

              jeff.yemin@mongodb.com Jeffrey Yemin
              hito_asa Hitoshi Asai
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: