Creating User in $external via Java Driver

[Jakob Webers]

Hi All,

we would need to create Users in $external to allow them to login via LDAP.
On command shell the following command:

db.getSiblingDB('$external').createUser({ user : 'username', roles: [ { role: 'dbOwner', db: 'databasename' } ] } )

Is working fine.

But as far as we are executing the same command via Java Driver we are getting exceptions.

Java Code:

DB db = mongoClient.getDB("$external");
String command = "db.getSiblingDB('$external').createUser({ user : '"+ userName +"', roles: [ { role: 'dbOwner', db: 'CMRepWs_'"+userName.toUpperCase()+"' } ] } )";

CommandResult result = db.command(command);

Result Message:

{ "serverUsed" : "lblasa1t.cm-cic.fr:27017" , "ok" : 0.0 , "errmsg" : "no such command: db.getSiblingDB('$external').createUser({ user : 'WANIYO', roles: [ { role: 'dbOwner', db: 'CMRepWs_WANIYO' } ] } )" , "code" : 59 , "bad cmd" : { "db.getSiblingDB('$external').createUser({ user : 'username', roles: [ { role: 'dbOwner', db: 'CMRepWs_username' } ] } )" : true}}

We are running MongoDb Version 3.0.1 with Java Driver 2.13.1.

Would be great, if anybody has an idea, how we can create users in $external via the Java Driver.

Many thanks and best regards,
Jakob

[Jeff Yemin]

The DB.command method that takes a String does not parse shell syntax like that.  It's only for executing very simple commands like ping.  So:

     db.command("ping")

is just shorthand for

     db.command(new BasicDBObject("ping", 1));

What you want to do is create a BasicDBObject that has the structure necessary to execute the createUser command, something like:

     

     db.command(new BasicDBObject("createUser", userName).append("pwd", password).append("roles", ... );  

Regards,

Jeff

[Jakob Webers]

Hi Jeff,

thanks for your answer, but we also tried this already with the following code:

        DB db = mongoClient.getDB("$external");

        String dbOwner = "dbOwner";
        String dbName = "CMRepWs_" + userName.toUpperCase();
        String role = "{ role: '" + dbOwner + "', db: '" + dbName + "'}";
        Map<String, Object> commandArguments = new BasicDBObject();

        String[] roles = new String[] { role };
        commandArguments.put("createUser", userName);
        commandArguments.put("roles", roles);
        BasicDBObject command = new BasicDBObject(commandArguments);
        CommandResult result = db.command(command);

And we are getting the following result in the CommandResult Object:

{ "serverUsed" : "server:27017" , "ok" : 0.0 , "errmsg" : "No role named { role: 'dbOwner', db: 'CMRepWs_Username'}@$external" , "code" : 31}

So in this case he at least the command was executed, but he can't find the role as we need to have it.

Is there any syntax error on our side?

Many thanks upfront and best regards,
Jakob

[Jeff Yemin]

The role also must be a BasicDBObject:

  DB db = client.getDB("$external");
  CommandResult result = db.command(new BasicDBObject("createUser", userName)
                                    .append("roles", Collections.singletonList(new BasicDBObject("role", "dbOwner").append("db", "CMRepWs_Username"))));
  result.throwOnError();

Note that users in the $external database are not configured with passwords.

Regards,

Jeff

[Jakob Webers]

Hi Jeff,

thanks for this code. It's working fine. Yes, we know that the password is not saved.

Many thanks and best regards,
Jakob