[JAVA-436] MongoURI ignores username, password, database Created: 23/Sep/11  Updated: 26/Nov/12  Resolved: 16/Nov/12

Status: Closed
Project: Java Driver
Component/s: API
Affects Version/s: 2.5.3
Fix Version/s: 2.10.0

Type: Improvement Priority: Major - P3
Reporter: Havoc Pennington Assignee: Jeffrey Yemin
Resolution: Done Votes: 2
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified


 Description   

If you try to deploy to Heroku and use the MongoHQ addon (which is probably the easiest way to use Mongo on Heroku), the MONGOHQ_URL they provide doesn't work.

This is something like:

mongodb://uname:pwd@host:13029/database

So MongoDB isn't usable with Java on Heroku as best I can tell. I guess they only tested Ruby

In debugging this, there seemed to be two problems, at least with 2.5.3:

  • Mongo(uri) ignores the username, password, port, and most of the options
  • MongoURI doesn't parse them correctly anyhow, this was JAVA-299 though I think (fixed just after 2.5.3)

I guess technically it should be MongoURI.connectDB() that does the db.authorize() - there's a "// TODO auth" comment in there, but the patch I think is barely longer than the comment, maybe:

  • // TODO auth
  • return connect().getDB( _database );
    + DB db = connect().getDB(_database);
    + if (_username != null && _password != null)
    + db.authenticate(_username, _password);
    + return db;

Fixing Mongo(uri) is mildly more involved because it has to parse the port out of each host.



 Comments   
Comment by auto [ 15/Nov/12 ]

Author:

{u'date': u'2012-11-13T23:08:13Z', u'email': u'jeff.yemin@10gen.com', u'name': u'Jeff Yemin'}

Message: JAVA-436: If a database is not specified in the URI but credentials are, authenticate to the admin database
Branch: master
https://github.com/mongodb/mongo-java-driver/commit/96747b22dad9141d9dd1c729c5a19a8854d0eec3

Comment by auto [ 15/Nov/12 ]

Author:

{u'date': u'2012-11-12T02:47:45Z', u'email': u'jeff.yemin@10gen.com', u'name': u'Jeff Yemin'}

Message: JAVA-436: When a database and credentials are specified in the Mongo URI, automatically authenticate the database. This is done lazily on first use of the database by just setting the credentials on the DB instance. Care is taken to make sure that DB.authenticate and DB.authenticateCommand still work correctly even if credentials are on the URI, so long as the same credentials are used in all cases. Otherwise clients who were working around this by calling those methods explicitly would break.
Branch: master
https://github.com/mongodb/mongo-java-driver/commit/4874df2499f387c71a7070bdf29cec9e4fb3d94a

Comment by Jeffrey Yemin [ 14/Nov/12 ]

I decided to integrate this into the Mongo class more closely. If you pass a MongoURI to Mongo constructor, it will store the credentials but not actually authenticate. Authentication will happen implicitly on first use of the database (or, if no database is specified, on the admin database). MongoURI.connectDB, by virtue of using this constructor, will get this behavior as well.

Comment by Jeffrey Yemin [ 11/Nov/12 ]

Nick, as part of another issue (JAVA-682) we've had to re-write MongoURI a bit. I'm going to see if I can merge your pull request by hand into the new code.

Comment by Nick Heudecker [ 08/Nov/12 ]

I've filed a pull request to fix this issue:
https://github.com/mongodb/mongo-java-driver/pull/86

Comment by Pierre-Alban DEWITTE [ 28/Oct/12 ]

Here is a simple code to reproduce the bug (with 2.9.2 version). It could be a work around. Local mongod should be start with --auth option and a user test:test add to test database.

MongoURI mongoURI = new MongoURI(("mongodb://test:test@127.0.0.1:27017/test"));
DB db = mongoURI.connectDB();

//Uncomment line to make example working
//db.authenticateCommand("test", "test".toCharArray());
Set<String> colls = db.getCollectionNames();
for (String s : colls)

{ System.out.println(s); }
Comment by Scott Hernandez (Inactive) [ 31/Dec/11 ]

Looking at the code this was not fixed. The parsing was, but not setting the user/pass on the db passed in.

That is what need to be done.

Comment by Scott Hernandez (Inactive) [ 29/Dec/11 ]

I believe this was fixed.a while ago. Can you test the latest driver?

Comment by David Chancogne [ 29/Dec/11 ]

Any update on this issue?

Generated at Thu Feb 08 08:52:16 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.