[JAVA-1181] Authentication is not done for DBCollection.createIndex() Created: 25/Apr/14  Updated: 01/Apr/16  Resolved: 28/Apr/14

Status: Closed
Project: Java Driver
Component/s: Authentication
Affects Version/s: 2.12.0
Fix Version/s: 2.12.1

Type: Bug Priority: Major - P3
Reporter: Patrick Peschlow Assignee: Jeffrey Yemin
Resolution: Done Votes: 0
Labels: regression
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Server: MongoDB 2.6.0



 Description   

Scenario: Run the server with auth enabled and some user created for a "foo" db. Create a MongoClient with a list of MongoCredentials (including the valid credentials for the user on "foo" db).

Expected behavior: All connections to that db are authenticated using the credentials (as claimed by the MongoClient constructor javadoc).

Actual behavior: While authentication is indeed done behind the scenes for most calls (like a find()), this is not true for all calls. For example, when doing the following right after creating the MongoClient, the driver does not make any authorization attempt and the client experiences an exception that the user is not authenticated to the db:
mongoClient.getDB("foo").getCollection("bar").createIndex(new BasicDBObject("baz", 1));

This looks like a bug to me - or is it intentional? The workaround would be to authenticate using one of the deprecated driver or to run some other command immediately after creating the client. Both are not nice.

Looking into the code, this happens because (for example, for createIndex()) there is a path down to DBPort.call() that hasn't visited DBPort.checkAuth() before.



 Comments   
Comment by Githook User [ 01/Aug/14 ]

Author:

{u'username': u'jyemin', u'name': u'Jeff Yemin', u'email': u'jeff.yemin@10gen.com'}

Message: JAVA-1181: Calls to new createIndexes command now go through DBTCPConnector, ensuring that auth is checked first.
Branch: master
https://github.com/mongodb/mongo-java-driver/commit/c900d68b931570f8d5140e635d1f3360c883058e

Comment by Jeffrey Yemin [ 29/Apr/14 ]

Closing for 2.12.1 release.

Comment by Githook User [ 28/Apr/14 ]

Author:

{u'username': u'jyemin', u'name': u'Jeff Yemin', u'email': u'jeff.yemin@10gen.com'}

Message: JAVA-1181: Calls to new createIndexes command now go through DBTCPConnector, ensuring that auth is checked first.
Branch: 2.12.x
https://github.com/mongodb/mongo-java-driver/commit/c900d68b931570f8d5140e635d1f3360c883058e

Comment by Jeffrey Yemin [ 25/Apr/14 ]

Thanks for the report. It's a bug. The fix is easy and it will be in 2.12.1.

Generated at Thu Feb 08 08:53:58 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.