[JAVA-2771] SCRAM-SHA-256 Support Created: 02/Feb/18  Updated: 28/Oct/23  Resolved: 12/Apr/18

Status: Closed
Project: Java Driver
Component/s: Authentication
Affects Version/s: None
Fix Version/s: 3.8.0

Type: New Feature Priority: Major - P3
Reporter: Rathi Gnanasekaran Assignee: Ross Lawley
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
is depended on by DRIVERS-439 SCRAM-SHA-256 Support Closed
Epic Link: Java MongoDB 4.0 Support

 Description   

The next version of MongoDB will include SCRAM-SHA-256 as an authentication type. This is defined in RFC 7677. The sample conversation from the RFC is:

 This is a simple example of a SCRAM-SHA-256 authentication exchange... The username
   'user' and password 'pencil' are being used
 
   C: n,,n=user,r=rOprNGfwEbeRWgbNEkqO
 
   S: r=rOprNGfwEbeRWgbNEkqO%hvYDpWUa2RaTCAfuxFIlj)hNlF$k0,
      s=W22ZaJ0SNY7soEsUEjb6gQ==,i=4096
 
   C: c=biws,r=rOprNGfwEbeRWgbNEkqO%hvYDpWUa2RaTCAfuxFIlj)hNlF$k0,
      p=dHzbZapWIk4jUhN+Ute9ytag9zjfMHgsqmmiz7AndVQ=
 
   S: v=6rriTRBi23WpRR/wtup+mMhUZUn/dB5nLTJRsjl95G4=

In advance of updates to the Auth spec, which will include additional details of mechanism negotiation and user/password normalization (see DRIVERS-444), all drivers should take steps now to ensure their SCRAM libraries are capable of operating in SHA-256 mode, using the sample conversation for verification. (You'll need for force the client nonce to be "rOprNGfwEbeRWgbNEkqO" for the test conversation to work.)



 Comments   
Comment by Githook User [ 29/May/18 ]

Author:

{'username': 'jyemin', 'name': 'Jeff Yemin', 'email': 'jeff.yemin@10gen.com'}

Message: JAVA-2771: Add prose integration test from auth spec
Branch: master
https://github.com/mongodb/mongo-java-driver/commit/32bc24a3d0c1c8aebef569e8b8bbca4627efe78a

Comment by Githook User [ 12/Apr/18 ]

Author:

{'email': 'ross.lawley@gmail.com', 'name': 'Ross Lawley', 'username': 'rozza'}

Message: SCRAM-SHA-256 support

Included a SaslPrep helper class.
Refactored the Hi() method, so to not rely on PBEKeySpec, thus
supporting Java 6+

JAVA-2771 JAVA-2759
Branch: master
https://github.com/mongodb/mongo-java-driver/commit/8d8dd3bdc35b3875d5c73796cb98060e6cb35e72

Comment by Githook User [ 09/Mar/18 ]

Author:

{'email': 'ross.lawley@gmail.com', 'name': 'Ross Lawley', 'username': 'rozza'}

Message: Temporarily disable user operations in MongoClientSessionSpecification

Will be renabled once SCRAM-SHA-256 support is added in JAVA-2771
Branch: master
https://github.com/mongodb/mongo-java-driver/commit/a53c0c6663576aba9092615c1f704f11ad0f69b5

Comment by Githook User [ 09/Mar/18 ]

Author:

{'email': 'ross.lawley@gmail.com', 'name': 'Ross Lawley', 'username': 'rozza'}

Message: Temporarily disable user operations in DBFunctionalSpecification

Will be renabled once SCRAM-SHA-256 support is added in JAVA-2771
Branch: master
https://github.com/mongodb/mongo-java-driver/commit/0f35dfcd2a7484470110512965208ef65a83bf21

Comment by Githook User [ 09/Mar/18 ]

Author:

{'email': 'ross.lawley@gmail.com', 'name': 'Ross Lawley', 'username': 'rozza'}

Message: Temporarily disable user operations in DBTest

Will be renabled once SCRAM-SHA-256 support is added in JAVA-2771
Branch: master
https://github.com/mongodb/mongo-java-driver/commit/0b85ecf2fb362a32702c936940004eb6ff47981e

Comment by Githook User [ 08/Mar/18 ]

Author:

{'email': 'ross.lawley@gmail.com', 'name': 'Ross Lawley', 'username': 'rozza'}

Message: Disable tests failing in MongoDB 3.7

Disables DropUserOperationSpecification and UserOperationSpecification
Will be renabled once SCRAM-SHA-256 support is added in JAVA-2771
Branch: master
https://github.com/mongodb/mongo-java-driver/commit/f878d5f93b36b82d0a6f5238ad6c57278517bb71

Comment by Ross Lawley [ 01/Mar/18 ]

PR: https://github.com/rozza/mongo-java-driver/pull/256

Generated at Thu Feb 08 08:58:02 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.