[JAVA-2853] Java MongoDB 3.6.1 Driver Authenticate Command Created: 07/May/18 Updated: 11/Sep/19 Resolved: 07/May/18 |
|
| Status: | Closed |
| Project: | Java Driver |
| Component/s: | Authentication |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Task | Priority: | Major - P3 |
| Reporter: | Preeti Gupta | Assignee: | Unassigned |
| Resolution: | Done | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Description |
|
I was attempting to perform a db.auth() or authenticate command through the driver 3.6.1 and got the following error.
Error: com.mongodb.MongoCommandException: Command failed with error 2: 'Challenge-response authentication using getnonce and authenticate commands is disabled.' on server maas-gt-d4-u0038.nam.nsroot.net:37017. The full response is { "ok" : 0.0, "errmsg" : "Challenge-response authentication using getnonce and authenticate commands is disabled.", "code" : 2, "codeName" : "BadValue" }
My Code
mongodb://<user>:<pwd>@maas-gt-d4-u0038.nam.nsroot.net:37017/?ssl=true&authSource=admin&sslInvalidHostNameAllowed=true&authMechanism=SCRAM-SHA-1
MongoDatabase mongoDB = mongoClient.getDatabase(databaseName); Document doc = mongoDB.runCommand(NativeAuthenticationHelper.getNonceCommand()); BsonDocument auth = NativeAuthenticationHelper.getAuthCommand(<my user>, <my password>.toCharArray(), doc.getString("nonce")); Document res = mongoDB.runCommand(auth);
I am able to connect to the MongoDB instance with that string from my local Tomcat application. SCRAM-SHA-1 is being used.
Thanks & Regards, Preeti Gupta |
| Comments |
| Comment by Jeffrey Yemin [ 07/May/18 ] |
|
The commands you're using (getNonce, authenticate) are for the deprecated MONGODB-CR authentication mechanism, not SCRAM-SHA-1. I suspect that your MongoDB server is configured to not accept MONGODB-CR, which would explain why authentication works when you provide the credentials to the MongoClient constructor, but fails when you attempt to explicitly authenticate. See the MONGODB-DR documentation for more information. Also, note that NativeAuthenticationHelper is internal and documented as not part of the public API.
|