[JAVA-1181] Authentication is not done for DBCollection.createIndex() Created: 25/Apr/14 Updated: 01/Apr/16 Resolved: 28/Apr/14 |
|
| Status: | Closed |
| Project: | Java Driver |
| Component/s: | Authentication |
| Affects Version/s: | 2.12.0 |
| Fix Version/s: | 2.12.1 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Patrick Peschlow | Assignee: | Jeffrey Yemin |
| Resolution: | Done | Votes: | 0 |
| Labels: | regression | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Environment: |
Server: MongoDB 2.6.0 |
||
| Description |
|
Scenario: Run the server with auth enabled and some user created for a "foo" db. Create a MongoClient with a list of MongoCredentials (including the valid credentials for the user on "foo" db). Expected behavior: All connections to that db are authenticated using the credentials (as claimed by the MongoClient constructor javadoc). Actual behavior: While authentication is indeed done behind the scenes for most calls (like a find()), this is not true for all calls. For example, when doing the following right after creating the MongoClient, the driver does not make any authorization attempt and the client experiences an exception that the user is not authenticated to the db: This looks like a bug to me - or is it intentional? The workaround would be to authenticate using one of the deprecated driver or to run some other command immediately after creating the client. Both are not nice. Looking into the code, this happens because (for example, for createIndex()) there is a path down to DBPort.call() that hasn't visited DBPort.checkAuth() before. |
| Comments |
| Comment by Githook User [ 01/Aug/14 ] |
|
Author: {u'username': u'jyemin', u'name': u'Jeff Yemin', u'email': u'jeff.yemin@10gen.com'}Message: |
| Comment by Jeffrey Yemin [ 29/Apr/14 ] |
|
Closing for 2.12.1 release. |
| Comment by Githook User [ 28/Apr/14 ] |
|
Author: {u'username': u'jyemin', u'name': u'Jeff Yemin', u'email': u'jeff.yemin@10gen.com'}Message: |
| Comment by Jeffrey Yemin [ 25/Apr/14 ] |
|
Thanks for the report. It's a bug. The fix is easy and it will be in 2.12.1. |