<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 09:03:16 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[JAVA-4912] Driver does not prevent application startup for wrong credentials</title>
                <link>https://jira.mongodb.org/browse/JAVA-4912</link>
                <project id="10006" key="JAVA">Java Driver</project>
                    <description>&lt;h4&gt;&lt;a name=&quot;Summary&quot;&gt;&lt;/a&gt;Summary&lt;/h4&gt;

&lt;p&gt;Hi Team,&lt;/p&gt;

&lt;p&gt;We are using spring boot version 2.7.1,&#160; driver version 4.9 and java version 11 and MongoDB Atlas version 5 sharded cluster.&lt;/p&gt;

&lt;p&gt;Now, normally when a spring/boot application starts up, it tries to connect to dependent resources. in our case MongoDB Atlas, and if&lt;br/&gt;
the credentials are wrong then the startup fails. This is expected behavior.&lt;/p&gt;

&lt;p&gt;But in our case for the given spring boot version the startup does not fails if the creds are wrong. In logs (root level info mode) it shows successfully connected to given Mongodb Atlas server and even listed down the different host information in our sharded cluster.&lt;/p&gt;

&lt;p&gt;But when you hit the health endpoint, it will show application status as down.&lt;/p&gt;

&lt;p&gt;Note, we have defined a custom MongoClient as the the uri for Managed MongoDB (Atlas) start as&#160;&lt;b&gt;mongodb+srv://&lt;/b&gt;&lt;/p&gt;

&lt;p&gt;&#160; @Bean&lt;br/&gt;
&#160; &#160; &#160; public MongoClient mongoClient() &lt;/p&gt;
{
&#160; &#160; &#160; &#160; &#160; return MongoClients.create(mongoClientSettings());
&#160; &#160; &#160; }
&lt;p&gt;&#160; &#160; &#160; private MongoClientSettings mongoClientSettings() &lt;/p&gt;
{
&#160; &#160; &#160; &#160; &#160; return MongoClientSettings.builder()
&#160; &#160; &#160; &#160; &#160; &#160; &#160; &#160; &#160; .applyConnectionString(new ConnectionString(generateConnectionURI()))
&#160; &#160; &#160; &#160; &#160; &#160; &#160; &#160; &#160; .build();
&#160;&#160;
&#160; &#160; &#160; }

&lt;p&gt;&#160; &#160;&#160;&lt;br/&gt;
&#160; &#160; &#160;private String generateConnectionURI() &lt;/p&gt;
{
&#160; &#160; &#160; &#160; return &quot;mongodb+srv://&quot;
&#160; &#160; &#160; &#160; &#160; &#160; &#160; &#160; + username
&#160; &#160; &#160; &#160; &#160; &#160; &#160; &#160; + &quot;:&quot;
&#160; &#160; &#160; &#160; &#160; &#160; &#160; &#160; + password
&#160; &#160; &#160; &#160; &#160; &#160; &#160; &#160; + &quot;@&quot;
&#160; &#160; &#160; &#160; &#160; &#160; &#160; &#160; + hostname
&#160; &#160; &#160; &#160; &#160; &#160; &#160; &#160; + &quot;/?retryWrites=&quot;
&#160; &#160; &#160; &#160; &#160; &#160; &#160; &#160; + true
&#160; &#160; &#160; &#160; &#160; &#160; &#160; &#160; + &quot;&amp;amp;w=&quot;
&#160; &#160; &#160; &#160; &#160; &#160; &#160; &#160; + majority;

&#160; &#160; }
&lt;h4&gt;&lt;a name=&quot;HowtoReproduce&quot;&gt;&lt;/a&gt;How to Reproduce&lt;/h4&gt;

&lt;p&gt;Regarding sample code,&lt;br/&gt;
You can simple replicate this issue by creating a demo project from start.spring.io having dependency of mongo, rest, actuator and creating a custom MongoClient as shown above and provide a valid Mongo Atlas uri and wrong creds.&lt;br/&gt;
Same problem is there with other version of Spring boot. You can test it with 2.7.9 version of spring boot as well.&lt;/p&gt;
&lt;h4&gt;&lt;a name=&quot;AdditionalBackground&quot;&gt;&lt;/a&gt;Additional Background&lt;/h4&gt;

&lt;p&gt;If I provide the wrong creds it fails silently and prints successfully connected message in the logs&lt;/p&gt;

&lt;p&gt;&#160;&lt;/p&gt;

&lt;p&gt;2023-03-20 18:03:41.033 &#160;INFO 61240 &amp;#8212; &lt;span class=&quot;error&quot;&gt;&amp;#91;ngodb.net:27016&amp;#93;&lt;/span&gt; org.mongodb.driver.connection &#160; &#160; &#160; &#160; &#160; &#160;: Opened connection &lt;span class=&quot;error&quot;&gt;&amp;#91;connectionId\{localValue:11, serverValue:201556}&amp;#93;&lt;/span&gt; to dev-shard-01-00.bgj1m.mongodb.net:27016&lt;br/&gt;
2023-03-20 18:03:41.033 &#160;INFO 61240 &amp;#8212; &lt;span class=&quot;error&quot;&gt;&amp;#91;ngodb.net:27016&amp;#93;&lt;/span&gt; org.mongodb.driver.connection &#160; &#160; &#160; &#160; &#160; &#160;: Opened connection &lt;span class=&quot;error&quot;&gt;&amp;#91;connectionId\{localValue:8, serverValue:193485}&amp;#93;&lt;/span&gt; to dev-shard-00-01.bgj1m.mongodb.net:27016&lt;br/&gt;
2023-03-20 18:03:41.038 &#160;INFO 61240 &amp;#8212; &lt;span class=&quot;error&quot;&gt;&amp;#91;ngodb.net:27016&amp;#93;&lt;/span&gt; org.mongodb.driver.cluster &#160; &#160; &#160; &#160; &#160; &#160; &#160; : Monitor thread successfully connected to server with description ServerDescription{address=dev-shard-00-01.bgj1m.mongodb.net:27016, type=SHARD_ROUTER, state=CONNECTED, ok=true, minWireVersion=0, maxWireVersion=17, maxDocumentSize=16777216, logicalSessionTimeoutMinutes=30, roundTripTimeNanos=402444800}&lt;br/&gt;
2023-03-20 18:03:41.038 &#160;INFO 61240 &amp;#8212; &lt;span class=&quot;error&quot;&gt;&amp;#91;ngodb.net:27016&amp;#93;&lt;/span&gt; org.mongodb.driver.cluster &#160; &#160; &#160; &#160; &#160; &#160; &#160; : Monitor thread successfully connected to server with description ServerDescription{address=dev-shard-00-02.bgj1m.mongodb.net:27016, type=SHARD_ROUTER, state=CONNECTED, ok=true, minWireVersion=0, maxWireVersion=17, maxDocumentSize=16777216, logicalSessionTimeoutMinutes=30, roundTripTimeNanos=407949900}&lt;br/&gt;
2023-03-20 18:03:41.045 &#160;INFO 61240 &amp;#8212; &lt;span class=&quot;error&quot;&gt;&amp;#91;ngodb.net:27016&amp;#93;&lt;/span&gt; org.mongodb.driver.cluster &#160; &#160; &#160; &#160; &#160; &#160; &#160; : Discovered cluster type of SHARDED&lt;br/&gt;
2023-03-20 18:03:41.724 &#160;INFO 61240 &amp;#8212; [ &#160; &#160; &#160; &#160; &#160; main] o.s.b.a.e.web.EndpointLinksResolver &#160; &#160; &#160;: Exposing 1 endpoint(s) beneath base path &apos;/actuator&apos;&lt;br/&gt;
2023-03-20 18:03:41.797 &#160;INFO 61240 &amp;#8212; [ &#160; &#160; &#160; &#160; &#160; main] o.s.b.w.embedded.tomcat.TomcatWebServer &#160;: Tomcat started on port(s): 8080 (http) with context path &apos;&apos;&lt;/p&gt;

&lt;p&gt;&#160;&lt;/p&gt;

&lt;p&gt;&#160;&lt;/p&gt;

&lt;p&gt;But if I provide wrong host (MongoDB Atlas uri) it fails with unknown host, which implies that the mongo client did tried to reach out to the host.&lt;/p&gt;

&lt;p&gt;&#160;&lt;/p&gt;

&lt;p&gt;023-03-20 18:07:30.906 &#160;INFO 84452 &amp;#8212; [ &#160; &#160; &#160; &#160; &#160; main] w.s.c.ServletWebServerApplicationContext : Root WebApplicationContext: initialization completed in 2057 ms&lt;br/&gt;
2023-03-20 18:07:31.344 &#160;INFO 84452 &amp;#8212; &lt;span class=&quot;error&quot;&gt;&amp;#91;j1m.mongodb.net&amp;#93;&lt;/span&gt; org.mongodb.driver.cluster &#160; &#160; &#160; &#160; &#160; &#160; &#160; : Exception while resolving SRV records&lt;/p&gt;

&lt;p&gt;com.mongodb.MongoConfigurationException: Failed looking up SRV record for &apos;_mongodb._tcp.dev123-002.bgj1m.mongodb.net&apos;.&lt;br/&gt;
&#160; &#160; at com.mongodb.internal.dns.DefaultDnsResolver.resolveHostFromSrvRecords(DefaultDnsResolver.java:92) ~&lt;span class=&quot;error&quot;&gt;&amp;#91;mongodb-driver-core-4.6.1.jar:na&amp;#93;&lt;/span&gt;&lt;br/&gt;
&#160; &#160; at com.mongodb.internal.connection.DefaultDnsSrvRecordMonitor$DnsSrvRecordMonitorRunnable.run(DefaultDnsSrvRecordMonitor.java:80) ~&lt;span class=&quot;error&quot;&gt;&amp;#91;mongodb-driver-core-4.6.1.jar:na&amp;#93;&lt;/span&gt;&lt;br/&gt;
&#160; &#160; at java.base/java.lang.Thread.run(Thread.java:834) ~&lt;span class=&quot;error&quot;&gt;&amp;#91;na:na&amp;#93;&lt;/span&gt;&lt;br/&gt;
Caused by: com.mongodb.spi.dns.DnsWithResponseCodeException: DNS name not found &lt;span class=&quot;error&quot;&gt;&amp;#91;response code 3&amp;#93;&lt;/span&gt;&lt;br/&gt;
&#160; &#160; at com.mongodb.internal.dns.JndiDnsClient.getResourceRecordData(JndiDnsClient.java:52) ~&lt;span class=&quot;error&quot;&gt;&amp;#91;mongodb-driver-core-4.6.1.jar:na&amp;#93;&lt;/span&gt;&lt;br/&gt;
&#160; &#160; at com.mongodb.internal.dns.DefaultDnsResolver.resolveHostFromSrvRecords(DefaultDnsResolver.java:74) ~&lt;span class=&quot;error&quot;&gt;&amp;#91;mongodb-driver-core-4.6.1.jar:na&amp;#93;&lt;/span&gt;&lt;br/&gt;
&#160; &#160; ... 2 common frames omitted&lt;br/&gt;
Caused by: javax.naming.NameNotFoundException: DNS name not found &lt;span class=&quot;error&quot;&gt;&amp;#91;response code 3&amp;#93;&lt;/span&gt;&lt;br/&gt;
&#160; &#160; at jdk.naming.dns/com.sun.jndi.dns.DnsClient.checkResponseCode(DnsClient.java:661) ~&lt;span class=&quot;error&quot;&gt;&amp;#91;jdk.naming.dns:na&amp;#93;&lt;/span&gt;&lt;br/&gt;
&#160; &#160; at jdk.naming.dns/com.sun.jndi.dns.DnsClient.isMatchResponse(DnsClient.java:579) ~&lt;span class=&quot;error&quot;&gt;&amp;#91;jdk.naming.dns:na&amp;#93;&lt;/span&gt;&lt;br/&gt;
&#160; &#160; at jdk.naming.dns/com.sun.jndi.dns.DnsClient.doUdpQuery(DnsClient.java:427) ~&lt;span class=&quot;error&quot;&gt;&amp;#91;jdk.naming.dns:na&amp;#93;&lt;/span&gt;&lt;br/&gt;
&#160; &#160; at jdk.naming.dns/com.sun.jndi.dns.DnsClient.query(DnsClient.java:212) ~&lt;span class=&quot;error&quot;&gt;&amp;#91;jdk.naming.dns:na&amp;#93;&lt;/span&gt;&lt;br/&gt;
&#160; &#160; at jdk.naming.dns/com.sun.jndi.dns.Resolver.query(Resolver.java:81) ~&lt;span class=&quot;error&quot;&gt;&amp;#91;jdk.naming.dns:na&amp;#93;&lt;/span&gt;&lt;br/&gt;
&#160; &#160; at jdk.naming.dns/com.sun.jndi.dns.DnsContext.c_getAttributes(DnsContext.java:434) ~&lt;span class=&quot;error&quot;&gt;&amp;#91;jdk.naming.dns:na&amp;#93;&lt;/span&gt;&lt;br/&gt;
&#160; &#160; at java.naming/com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(ComponentDirContext.java:235) ~&lt;span class=&quot;error&quot;&gt;&amp;#91;na:na&amp;#93;&lt;/span&gt;&lt;br/&gt;
&#160; &#160; at java.naming/com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:141) ~&lt;span class=&quot;error&quot;&gt;&amp;#91;na:na&amp;#93;&lt;/span&gt;&lt;br/&gt;
&#160; &#160; at java.naming/com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:129) ~&lt;span class=&quot;error&quot;&gt;&amp;#91;na:na&amp;#93;&lt;/span&gt;&lt;br/&gt;
&#160; &#160; at java.naming/javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:142) ~&lt;span class=&quot;error&quot;&gt;&amp;#91;na:na&amp;#93;&lt;/span&gt;&lt;br/&gt;
&#160; &#160; at com.mongodb.internal.dns.JndiDnsClient.getResourceRecordData(JndiDnsClient.java:41) ~&lt;span class=&quot;error&quot;&gt;&amp;#91;mongodb-driver-core-4.6.1.jar:na&amp;#93;&lt;/span&gt;&lt;br/&gt;
Caused by: com.mongodb.spi.dns.DnsWithResponseCodeException: DNS name not found &lt;span class=&quot;error&quot;&gt;&amp;#91;response code 3&amp;#93;&lt;/span&gt;&lt;/p&gt;</description>
                <environment></environment>
        <key id="2292869">JAVA-4912</key>
            <summary>Driver does not prevent application startup for wrong credentials</summary>
                <type id="6" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14720&amp;avatarType=issuetype">Question</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="13202">Works as Designed</resolution>
                                        <assignee username="jeff.yemin@mongodb.com">Jeffrey Yemin</assignee>
                                    <reporter username="sanjaykmruk@gmail.com">Sanjay Kumar</reporter>
                        <labels>
                    </labels>
                <created>Mon, 20 Mar 2023 19:33:17 +0000</created>
                <updated>Fri, 27 Oct 2023 13:20:51 +0000</updated>
                            <resolved>Tue, 28 Mar 2023 19:40:28 +0000</resolved>
                                                                    <component>Authentication</component>
                                        <votes>0</votes>
                                    <watches>2</watches>
                                                                                                                <comments>
                            <comment id="5307259" author="jeff.yemin" created="Tue, 28 Mar 2023 19:40:14 +0000"  >&lt;p&gt;Hi &lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=sanjaykmruk%40gmail.com&quot; class=&quot;user-hover&quot; rel=&quot;sanjaykmruk@gmail.com&quot;&gt;sanjaykmruk@gmail.com&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;When the application creates a MongoClient instance, the MongoClient constructor returns immediately, before doing any I/O. Rather, it starts some background threads that attempt to connect to all the servers in the host list, and also discover any servers (i.e. other replica set members) not mentioned in the host list. So those background thread do DNS lookup, and will log any DNS lookup failures as well as connectivity failures. That logging is what you&apos;re seeing. However, those threads don&apos;t actually &lt;em&gt;authenticate&lt;/em&gt; the connections it makes for this discovery and monitoring. Rather, authentication is deferred until the application attempts to execute an operation, via a call to some method that requires sending a command to the server (e.g. a generic method like runCommand, a CRUD method like insertOne, or an admin method like listIndexes).&lt;/p&gt;

&lt;p&gt;So if you want to ensure all mis-configuration is detected at startup, you should make sure that you execute some operation, e.g:&lt;/p&gt;
&lt;p/&gt;
&lt;div id=&quot;syntaxplugin&quot; class=&quot;syntaxplugin&quot; style=&quot;border: 1px dashed #bbb; border-radius: 5px !important; overflow: auto; max-height: 30em;&quot;&gt;
&lt;table cellspacing=&quot;0&quot; cellpadding=&quot;0&quot; border=&quot;0&quot; width=&quot;100%&quot; style=&quot;font-size: 1em; line-height: 1.4em !important; font-weight: normal; font-style: normal; color: black;&quot;&gt;
		&lt;tbody &gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;  margin-top: 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;var client = MongoClients.create(...);&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   margin-bottom: 10px;  width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;client.getDatabase(&lt;/span&gt;&lt;span style=&quot;color: blue; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;&quot;admin&quot;&lt;/span&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;).runCommand(&lt;/span&gt;&lt;span style=&quot;color: #006699; font-weight: bold; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;new&lt;/span&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt; Document(&lt;/span&gt;&lt;span style=&quot;color: blue; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;&quot;ping&quot;&lt;/span&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;, &lt;/span&gt;&lt;span style=&quot;color: #009900; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;1&lt;/span&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;));&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
			&lt;/tbody&gt;
&lt;/table&gt;
&lt;/div&gt;
&lt;p/&gt;
&lt;p&gt;and the call to &lt;tt&gt;runCommand&lt;/tt&gt; will throw an exception for DNS lookup failure, connectivity issues, and authentication failure.&lt;/p&gt;

&lt;p&gt;You can read some of the justification for this behavior &lt;a href=&quot;https://github.com/mongodb/specifications/blob/master/source/server-discovery-and-monitoring/server-discovery-and-monitoring.rst#clients-do-no-i-o-in-the-constructor&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;here&lt;/a&gt;.&lt;/p&gt;</comment>
                    </comments>
                    <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_14266" key="com.atlassian.jira.plugin.system.customfieldtypes:textarea">
                        <customfieldname>Documentation Changes Summary</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>&lt;p&gt;1.  What would you like to communicate to the user about this feature?&lt;br/&gt;
2.  Would you like the user to see examples of the syntax and/or executable code and its output?&lt;br/&gt;
3.  Which versions of the driver/connector does this apply to?&lt;/p&gt;</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|i1jbxk:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            </customfields>
    </item>
</channel>
</rss>