com.mongodb

Class MongoCredential

java.lang.Object

com.mongodb.MongoCredential

@Immutable
public final class MongoCredential
extends java.lang.Object

Represents credentials to authenticate to a mongo server,as well as the source of the credentials and the authentication mechanism to use.

Since:

2.11

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	CANONICALIZE_HOST_NAME_KEY Mechanism property key for specifying whether to canonicalize the host name for GSSAPI authentication.
static java.lang.String	GSSAPI_MECHANISM The GSSAPI mechanism.
static java.lang.String	JAVA_SASL_CLIENT_PROPERTIES_KEY Mechanism property key for overriding the SaslClient properties for GSSAPI authentication.
static java.lang.String	JAVA_SUBJECT_KEY Mechanism property key for overriding the Subject under which GSSAPI authentication executes.
static java.lang.String	MONGODB_CR_MECHANISM Deprecated. This mechanism was replaced by SCRAM_SHA_1_MECHANISM in MongoDB 3.0, and is now deprecated
static java.lang.String	MONGODB_X509_MECHANISM The MongoDB X.509
static java.lang.String	PLAIN_MECHANISM The PLAIN mechanism.
static java.lang.String	SCRAM_SHA_1_MECHANISM The SCRAM-SHA-1 Mechanism.
static java.lang.String	SCRAM_SHA_256_MECHANISM The SCRAM-SHA-256 Mechanism.
static java.lang.String	SERVICE_NAME_KEY Mechanism property key for overriding the service name for GSSAPI authentication.

Method Summary

Modifier and Type	Method and Description
static MongoCredential	createCredential(java.lang.String userName, java.lang.String database, char[] password) Creates a MongoCredential instance with an unspecified mechanism.
static MongoCredential	createGSSAPICredential(java.lang.String userName) Creates a MongoCredential instance for the GSSAPI SASL mechanism.
static MongoCredential	createMongoCRCredential(java.lang.String userName, java.lang.String database, char[] password) Deprecated. MONGODB-CR was replaced by SCRAM-SHA-1 in MongoDB 3.0, and is now deprecated. Use the createCredential(String, String, char[]) factory method instead.
static MongoCredential	createMongoX509Credential() Creates a MongoCredential instance for the MongoDB X.509 protocol where the distinguished subject name of the client certificate acts as the userName.
static MongoCredential	createMongoX509Credential(java.lang.String userName) Creates a MongoCredential instance for the MongoDB X.509 protocol.
static MongoCredential	createPlainCredential(java.lang.String userName, java.lang.String source, char[] password) Creates a MongoCredential instance for the PLAIN SASL mechanism.
static MongoCredential	createScramSha1Credential(java.lang.String userName, java.lang.String source, char[] password) Creates a MongoCredential instance for the SCRAM-SHA-1 SASL mechanism.
static MongoCredential	createScramSha256Credential(java.lang.String userName, java.lang.String source, char[] password) Creates a MongoCredential instance for the SCRAM-SHA-256 SASL mechanism.
boolean	equals(java.lang.Object o)
AuthenticationMechanism	getAuthenticationMechanism() Gets the mechanism
java.lang.String	getMechanism() Gets the mechanism
<T> T	getMechanismProperty(java.lang.String key, T defaultValue) Get the value of the given key to a mechanism property, or defaultValue if there is no mapping.
char[]	getPassword() Gets the password.
java.lang.String	getSource() Gets the source of the user name, typically the name of the database where the user is defined.
java.lang.String	getUserName() Gets the user name
int	hashCode()
java.lang.String	toString()
MongoCredential	withMechanism(AuthenticationMechanism mechanism) Creates a new MongoCredential with the set mechanism.
<T> MongoCredential	withMechanismProperty(java.lang.String key, T value) Creates a new MongoCredential as a copy of this instance, with the specified mechanism property added.

Methods inherited from class java.lang.Object

getClass, notify, notifyAll, wait, wait, wait

Field Detail

MONGODB_CR_MECHANISM

@Deprecated
public static final java.lang.String MONGODB_CR_MECHANISM

Deprecated. This mechanism was replaced by SCRAM_SHA_1_MECHANISM in MongoDB 3.0, and is now deprecated

The MongoDB Challenge Response mechanism.

GSSAPI_MECHANISM

public static final java.lang.String GSSAPI_MECHANISM

The GSSAPI mechanism. See the RFC.

PLAIN_MECHANISM

public static final java.lang.String PLAIN_MECHANISM

The PLAIN mechanism. See the RFC.

Since:

2.12

MONGODB_X509_MECHANISM

public static final java.lang.String MONGODB_X509_MECHANISM

The MongoDB X.509

Since:

2.12

SCRAM_SHA_1_MECHANISM

public static final java.lang.String SCRAM_SHA_1_MECHANISM

The SCRAM-SHA-1 Mechanism.

Since:

2.13

SCRAM_SHA_256_MECHANISM

public static final java.lang.String SCRAM_SHA_256_MECHANISM

The SCRAM-SHA-256 Mechanism.

Since:

3.8

SERVICE_NAME_KEY

public static final java.lang.String SERVICE_NAME_KEY

Mechanism property key for overriding the service name for GSSAPI authentication.

Since:

3.3

See Also:

createGSSAPICredential(String), withMechanismProperty(String, Object), Constant Field Values

CANONICALIZE_HOST_NAME_KEY

public static final java.lang.String CANONICALIZE_HOST_NAME_KEY

Mechanism property key for specifying whether to canonicalize the host name for GSSAPI authentication.

Since:

3.3

See Also:

createGSSAPICredential(String), withMechanismProperty(String, Object), Constant Field Values

JAVA_SASL_CLIENT_PROPERTIES_KEY

public static final java.lang.String JAVA_SASL_CLIENT_PROPERTIES_KEY

Mechanism property key for overriding the SaslClient properties for GSSAPI authentication. The value of this property must be a Map<String, Object>. In most cases there is no need to set this mechanism property. But if an application does:

• Generally it must set the Sasl.CREDENTIALS property to an instance of GSSCredential.
• It's recommended that it set the Sasl.MAX_BUFFER property to "0" to ensure compatibility with all versions of MongoDB.

Since:

3.3

See Also:

createGSSAPICredential(String), withMechanismProperty(String, Object), Sasl, Sasl.CREDENTIALS, Sasl.MAX_BUFFER, Constant Field Values

JAVA_SUBJECT_KEY

public static final java.lang.String JAVA_SUBJECT_KEY

Mechanism property key for overriding the Subject under which GSSAPI authentication executes.

Since:

3.3

See Also:

createGSSAPICredential(String), withMechanismProperty(String, Object), Constant Field Values

Method Detail

createCredential

public static MongoCredential createCredential(java.lang.String userName,
                                               java.lang.String database,
                                               char[] password)

Creates a MongoCredential instance with an unspecified mechanism. The client will negotiate the best mechanism based on the version of the server that the client is authenticating to.

If the server version is 4.0 or higher, the driver will negotiate with the server preferring the SCRAM-SHA-256 mechanism. 3.x servers will authenticate using SCRAM-SHA-1, older servers will authenticate using the MONGODB_CR mechanism.

Parameters:

userName - the user name

database - the database where the user is defined

password - the user's password

Returns:

the credential

Since:

2.13

createScramSha1Credential

public static MongoCredential createScramSha1Credential(java.lang.String userName,
                                                        java.lang.String source,
                                                        char[] password)

Creates a MongoCredential instance for the SCRAM-SHA-1 SASL mechanism. Use this method only if you want to ensure that the driver uses the SCRAM-SHA-1 mechanism regardless of whether the server you are connecting to supports the authentication mechanism. Otherwise use the createCredential(String, String, char[]) method to allow the driver to negotiate the best mechanism based on the server version.

Parameters:

userName - the non-null user name

source - the source where the user is defined.

password - the non-null user password

Returns:

the credential

Since:

2.13

See Also:

createCredential(String, String, char[])

createScramSha256Credential

public static MongoCredential createScramSha256Credential(java.lang.String userName,
                                                          java.lang.String source,
                                                          char[] password)

Creates a MongoCredential instance for the SCRAM-SHA-256 SASL mechanism.

Parameters:

userName - the non-null user name

source - the source where the user is defined.

password - the non-null user password

Returns:

the credential

Since:

3.8

See Also:

createCredential(String, String, char[])

createMongoCRCredential

@Deprecated
public static MongoCredential createMongoCRCredential(java.lang.String userName,
                                                                  java.lang.String database,
                                                                  char[] password)

Deprecated. MONGODB-CR was replaced by SCRAM-SHA-1 in MongoDB 3.0, and is now deprecated. Use the createCredential(String, String, char[]) factory method instead.

Creates a MongoCredential instance for the MongoDB Challenge Response protocol. Use this method only if you want to ensure that the driver uses the MONGODB_CR mechanism regardless of whether the server you are connecting to supports a more secure authentication mechanism. Otherwise use the createCredential(String, String, char[]) method to allow the driver to negotiate the best mechanism based on the server version.

Parameters:

userName - the user name

database - the database where the user is defined

password - the user's password

Returns:

the credential

See Also:

createCredential(String, String, char[])

createMongoX509Credential

public static MongoCredential createMongoX509Credential(java.lang.String userName)

Creates a MongoCredential instance for the MongoDB X.509 protocol.

Parameters:

userName - the user name

Returns:

the credential

Since:

2.12

createMongoX509Credential

public static MongoCredential createMongoX509Credential()

Creates a MongoCredential instance for the MongoDB X.509 protocol where the distinguished subject name of the client certificate acts as the userName.

Available on MongoDB server versions >= 3.4.

Returns:

the credential

Since:

3.4

createPlainCredential

public static MongoCredential createPlainCredential(java.lang.String userName,
                                                    java.lang.String source,
                                                    char[] password)

Creates a MongoCredential instance for the PLAIN SASL mechanism.

Parameters:

userName - the non-null user name

source - the source where the user is defined. This can be either "$external" or the name of a database.

password - the non-null user password

Returns:

the credential

Since:

2.12

createGSSAPICredential

public static MongoCredential createGSSAPICredential(java.lang.String userName)

Creates a MongoCredential instance for the GSSAPI SASL mechanism.

To override the default service name of "mongodb", add a mechanism property with the name "SERVICE_NAME".

To force canonicalization of the host name prior to authentication, add a mechanism property with the name "CANONICALIZE_HOST_NAME" with the valuetrue.

To override the Subject with which the authentication executes, add a mechanism property with the name "JAVA_SUBJECT" with the value of a Subject instance.

To override the properties of the SaslClient with which the authentication executes, add a mechanism property with the name "JAVA_SASL_CLIENT_PROPERTIES" with the value of a Map<String, Object instance containing the necessary properties. This can be useful if the application is customizing the default SaslClientFactory.

Parameters:

userName - the non-null user name

Returns:

the credential

See Also:

withMechanismProperty(String, Object), SERVICE_NAME_KEY, CANONICALIZE_HOST_NAME_KEY, JAVA_SUBJECT_KEY, JAVA_SASL_CLIENT_PROPERTIES_KEY

withMechanismProperty

public <T> MongoCredential withMechanismProperty(java.lang.String key,
                                                 T value)

Creates a new MongoCredential as a copy of this instance, with the specified mechanism property added.

Type Parameters:

T - the property type

Parameters:

key - the key to the property, which is treated as case-insensitive

value - the value of the property

Returns:

the credential

Since:

2.12

withMechanism

public MongoCredential withMechanism(AuthenticationMechanism mechanism)

Creates a new MongoCredential with the set mechanism. The existing mechanism must be null.

Parameters:

mechanism - the mechanism to set

Returns:

the credential

Since:

3.8

getMechanism

@Nullable
public java.lang.String getMechanism()

Gets the mechanism

Returns:

the mechanism.

getAuthenticationMechanism

@Nullable
public AuthenticationMechanism getAuthenticationMechanism()

Gets the mechanism

Returns:

the mechanism.

Since:

3.0

getUserName

@Nullable
public java.lang.String getUserName()

Gets the user name

Returns:

the user name.

getSource

public java.lang.String getSource()

Gets the source of the user name, typically the name of the database where the user is defined.

Returns:

the user name. Can never be null.

getPassword

@Nullable
public char[] getPassword()

Gets the password.

Returns:

the password. Can be null for some mechanisms.

getMechanismProperty

@Nullable
public <T> T getMechanismProperty(java.lang.String key,
                                            @Nullable
                                            T defaultValue)

Get the value of the given key to a mechanism property, or defaultValue if there is no mapping.

Type Parameters:

T - the value type

Parameters:

key - the mechanism property key, which is treated as case-insensitive

defaultValue - the default value, if no mapping exists

Returns:

the mechanism property value

Since:

2.12

equals

public boolean equals(java.lang.Object o)

Overrides:

equals in class java.lang.Object

hashCode

public int hashCode()

Overrides:

hashCode in class java.lang.Object

toString

public java.lang.String toString()

Overrides:

toString in class java.lang.Object