Mongodb authentication using MongoCredential

295 views
Skip to first unread message

Moe B

unread,
May 16, 2014, 4:04:17 PM5/16/14
to mongod...@googlegroups.com
I have a grails application in which Im using db.authenticate for a login page but I understand this method has been deprecated and therefore I would like to upgrade my application to using the MongoCredential object for authentication. However, unlike the db.authenticate which nicely returns a boolean to get authentication done, the MongoCredential doesn't return a boolean so how can I go about accomplishing the code replacement with minimal headache. Ideally, I'd like to derive some kind of a boolean to tell me if authentication was achieved. Thanks for your patience. Im a newbie with Mongodb.

thanks

Moe B

unread,
May 29, 2014, 11:26:38 AM5/29/14
to mongod...@googlegroups.com
Still trying to figure this one out. In know the answer lies in using the MongoClient somehow but then I'm stuck.

Moe B

unread,
May 29, 2014, 10:33:20 PM5/29/14
to mongod...@googlegroups.com
What property of the MongoClient can I test to see if it contains an authenticated connection? That's what it boils down to. That is what I can't seem to figure out. 

Stephen Steneker

unread,
Jun 16, 2014, 2:39:24 AM6/16/14
to mongod...@googlegroups.com
On Friday, 30 May 2014 12:33:20 UTC+10, Moe B wrote:
What property of the MongoClient can I test to see if it contains an authenticated connection? That's what it boils down to. That is what I can't seem to figure out. 

Hi Moe,

I expect you've already found a method in the Java driver documentation, but I believe what you're looking for is getCredentialsList():
 http://api.mongodb.org/java/current/com/mongodb/MongoClient.html#getCredentialsList()

Regards,
Stephen

Jeff Yemin

unread,
Jun 16, 2014, 1:52:49 PM6/16/14
to mongod...@googlegroups.com
Hi Moe,

The MongoClient.getCredentialsList() only returns the list of credentials that were provided via the MongoClient constructor, but does not indicate whether authentication succeeded or failed.   To determine that, the application must attempt to use the MongoClient in some meaningful way, e.g. by executing a command, updating, querying, etc.  If authentication fails an exception will be thrown.

Regards,
Jeff





--
You received this message because you are subscribed to the Google Groups "mongodb-user"
group.
 
For other MongoDB technical support options, see: http://www.mongodb.org/about/support/.
---
You received this message because you are subscribed to the Google Groups "mongodb-user" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mongodb-user...@googlegroups.com.
To post to this group, send email to mongod...@googlegroups.com.
Visit this group at http://groups.google.com/group/mongodb-user.
To view this discussion on the web visit https://groups.google.com/d/msgid/mongodb-user/04cb5fbc-85b9-4908-9014-05f0c8980b4b%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

Mohammad Amir

unread,
Jun 1, 2016, 7:40:26 PM6/1/16
to mongodb-user
Hi Jeff,

I am also facing the same issue. How can I determine that connection to the database is successful as db.authenticate() is not available in Java Driver 3.2. 

package com.mkyong.core;

import java.net.UnknownHostException;
import java.util.Date;
import com.mongodb.BasicDBObject;
import com.mongodb.DB;
import com.mongodb.DBCollection;
import com.mongodb.Mongo;
import com.mongodb.MongoException;

/**
 * Java + MongoDB in Secure Mode
 * 
 */
public class JavaMongoDBAuthExample {
   public static void main(String[] args) {

    try {

	Mongo mongo = new Mongo("localhost", 27017);
	DB db = mongo.getDB("testdb");
			
	boolean auth = db.authenticate("testdb", "password".toCharArray());
	if (auth) {
			
		DBCollection table = db.getCollection("user");

		BasicDBObject document = new BasicDBObject();
		document.put("name", "mkyong");
		table.insert(document);
	
		System.out.println("Login is successful!");
	} else {
		System.out.println("Login is failed!");
	}
	System.out.println("Done");

    } catch (UnknownHostException e) {
	e.printStackTrace();
    } catch (MongoException e) {
	e.printStackTrace();
    }
  }
}

The above code is not working for version 3.2. The exact code is this

boolean auth = db.authenticate("testdb", "password".toCharArray());

But this is not available in version 3.2. Is there any way to this in 3.2 java driver?

Wan Bachtiar

unread,
Jun 8, 2016, 9:19:51 PM6/8/16
to mongodb-user

boolean auth = db.authenticate(“testdb”, “password”.toCharArray());
But this is not available in version 3.2. Is there any way to this in 3.2 java driver?

Hi Mohammad,

Normally, the use case for MongoDB is that the credentials represent ‘system’ users and are expected to be correct unless the application was mis-configured. In the case of misconfiguration, a manual intervention would be required to change the credentials.

However if the application is receiving credentials from an untrusted party and therefore expecting failure, should these users be given database credentials ? What are you trying to achieve ?

Kind regards,

Wan.

Reply all
Reply to author
Forward
0 new messages