[JAVA-2853] Java MongoDB 3.6.1 Driver Authenticate Command Created: 07/May/18  Updated: 11/Sep/19  Resolved: 07/May/18

Status: Closed
Project: Java Driver
Component/s: Authentication
Affects Version/s: None
Fix Version/s: None

Type: Task Priority: Major - P3
Reporter: Preeti Gupta Assignee: Unassigned
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified


 Description   

I was attempting to perform a db.auth() or authenticate command through the driver 3.6.1 and got the following error.

 

Error: com.mongodb.MongoCommandException: Command failed with error 2: 'Challenge-response authentication using getnonce and authenticate commands is disabled.' on server maas-gt-d4-u0038.nam.nsroot.net:37017. The full response is { "ok" : 0.0, "errmsg" : "Challenge-response authentication using getnonce and authenticate commands is disabled.", "code" : 2, "codeName" : "BadValue" }

 

My Code

 

mongodb://<user>:<pwd>@maas-gt-d4-u0038.nam.nsroot.net:37017/?ssl=true&authSource=admin&sslInvalidHostNameAllowed=true&authMechanism=SCRAM-SHA-1

 

       MongoDatabase mongoDB = mongoClient.getDatabase(databaseName);

       Document doc = mongoDB.runCommand(NativeAuthenticationHelper.getNonceCommand());

       BsonDocument auth = NativeAuthenticationHelper.getAuthCommand(<my user>, <my password>.toCharArray(), doc.getString("nonce"));

       Document res = mongoDB.runCommand(auth);

 

I am able to connect to the MongoDB instance with that string from my local Tomcat application. SCRAM-SHA-1 is being used.

 

 

Thanks & Regards,

Preeti Gupta



 Comments   
Comment by Jeffrey Yemin [ 07/May/18 ]

The commands you're using (getNonce, authenticate) are for the deprecated MONGODB-CR authentication mechanism, not SCRAM-SHA-1.  I suspect that your MongoDB server is configured to not accept MONGODB-CR, which would explain why authentication works when you provide the credentials to the MongoClient constructor, but fails when you attempt to explicitly authenticate.  See the MONGODB-DR documentation for more information.

Also, note that NativeAuthenticationHelper is internal and documented as not part of the public API.  

 

 

Generated at Thu Feb 08 08:58:14 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.