Skip to content

Commit 6cc2351

Browse files
committed
JAVA-691: Added auth examples for GSSAPI and CRAM-MD5
1 parent 39dcf46 commit 6cc2351

3 files changed

Lines changed: 176 additions & 0 deletions

File tree

Lines changed: 63 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,63 @@
1+
/**
2+
* Copyright (c) 2008 - 2012 10gen, Inc. <http://10gen.com>
3+
* <p/>
4+
* Licensed under the Apache License, Version 2.0 (the "License");
5+
* you may not use this file except in compliance with the License.
6+
* You may obtain a copy of the License at
7+
* <p/>
8+
* http://www.apache.org/licenses/LICENSE-2.0
9+
* <p/>
10+
* Unless required by applicable law or agreed to in writing, software
11+
* distributed under the License is distributed on an "AS IS" BASIS,
12+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13+
* See the License for the specific language governing permissions and
14+
* limitations under the License.
15+
*/
16+
17+
import com.mongodb.BasicDBObject;
18+
import com.mongodb.DB;
19+
import com.mongodb.MongoClient;
20+
import com.mongodb.MongoClientAuthority;
21+
import com.mongodb.MongoClientCredentials;
22+
import com.mongodb.MongoClientOptions;
23+
import com.mongodb.MongoException;
24+
import com.mongodb.ServerAddress;
25+
import com.mongodb.WriteResult;
26+
27+
import java.net.UnknownHostException;
28+
import java.text.SimpleDateFormat;
29+
import java.util.Date;
30+
31+
/**
32+
* Example usage of CRAM-MD5 credentials.
33+
*/
34+
public class CramMd5CredentialsExample {
35+
public static void main(String[] args) throws UnknownHostException, InterruptedException {
36+
MongoClient mongo = new MongoClient(
37+
new MongoClientAuthority(new ServerAddress("kdc.10gen.me"),
38+
new MongoClientCredentials("dev0", "a".toCharArray(),
39+
MongoClientCredentials.CRAM_MD5_MECHANISM, "test")),
40+
new MongoClientOptions.Builder().socketKeepAlive(true).socketTimeout(30000).build());
41+
DB testDB = mongo.getDB("test");
42+
System.out.println("Find one: " + testDB.getCollection("test").findOne());
43+
System.out.println("Count: " + testDB.getCollection("test").count());
44+
WriteResult writeResult = testDB.getCollection("test").insert(new BasicDBObject());
45+
System.out.println("Write result: " + writeResult);
46+
47+
System.out.println();
48+
System.out.println("Trying a query once every 15 seconds...");
49+
System.out.println();
50+
51+
for (; ; ) {
52+
try {
53+
System.out.println(new SimpleDateFormat().format(new Date()));
54+
System.out.println("Count: " + testDB.getCollection("test").count());
55+
System.out.println();
56+
} catch (MongoException e) {
57+
e.printStackTrace();
58+
System.out.println();
59+
}
60+
Thread.sleep(15000);
61+
}
62+
}
63+
}
Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,37 @@
1+
/**
2+
* Copyright (c) 2008 - 2012 10gen, Inc. <http://10gen.com>
3+
* <p/>
4+
* Licensed under the Apache License, Version 2.0 (the "License");
5+
* you may not use this file except in compliance with the License.
6+
* You may obtain a copy of the License at
7+
* <p/>
8+
* http://www.apache.org/licenses/LICENSE-2.0
9+
* <p/>
10+
* Unless required by applicable law or agreed to in writing, software
11+
* distributed under the License is distributed on an "AS IS" BASIS,
12+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13+
* See the License for the specific language governing permissions and
14+
* limitations under the License.
15+
*/
16+
17+
import javax.security.auth.callback.Callback;
18+
import javax.security.auth.callback.CallbackHandler;
19+
import javax.security.auth.callback.NameCallback;
20+
import javax.security.auth.callback.PasswordCallback;
21+
import javax.security.auth.callback.UnsupportedCallbackException;
22+
import java.io.IOException;
23+
24+
public class DefaultSecurityCallbackHandler implements CallbackHandler {
25+
public void handle(final Callback[] callbacks) throws IOException, UnsupportedCallbackException {
26+
for (Callback callback : callbacks) {
27+
if (callback instanceof NameCallback) {
28+
NameCallback nameCallback = (NameCallback) callback;
29+
nameCallback.setName("dev1@10GEN.ME");
30+
}
31+
if (callback instanceof PasswordCallback) {
32+
PasswordCallback passwordCallback = (PasswordCallback) callback;
33+
passwordCallback.setPassword("a".toCharArray());
34+
}
35+
}
36+
}
37+
}
Lines changed: 76 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,76 @@
1+
/**
2+
* Copyright (c) 2008 - 2012 10gen, Inc. <http://10gen.com>
3+
* <p/>
4+
* Licensed under the Apache License, Version 2.0 (the "License");
5+
* you may not use this file except in compliance with the License.
6+
* You may obtain a copy of the License at
7+
* <p/>
8+
* http://www.apache.org/licenses/LICENSE-2.0
9+
* <p/>
10+
* Unless required by applicable law or agreed to in writing, software
11+
* distributed under the License is distributed on an "AS IS" BASIS,
12+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13+
* See the License for the specific language governing permissions and
14+
* limitations under the License.
15+
*/
16+
17+
import com.mongodb.BasicDBObject;
18+
import com.mongodb.DB;
19+
import com.mongodb.MongoClient;
20+
import com.mongodb.MongoClientAuthority;
21+
import com.mongodb.MongoClientCredentials;
22+
import com.mongodb.MongoClientOptions;
23+
import com.mongodb.MongoException;
24+
import com.mongodb.ServerAddress;
25+
import com.mongodb.WriteResult;
26+
27+
import java.net.UnknownHostException;
28+
import java.security.Security;
29+
import java.text.SimpleDateFormat;
30+
import java.util.Date;
31+
32+
/**
33+
* Example usage of Kerberos (GSSAPI) credentials.
34+
*/
35+
public class GSSAPICredentialsExample {
36+
37+
// Steps:
38+
// 1. Install unlimited strength encryption jar files in jre/lib/security
39+
// (e.g. http://www.oracle.com/technetwork/java/javase/downloads/jce-6-download-429243.html)
40+
// 2. run kinit
41+
// 3. Set system properties, e.g.:
42+
// -Djava.security.krb5.realm=10GEN.ME -Djavax.security.auth.useSubjectCredsOnly=false -Djava.security.krb5.kdc=kdc.10gen.me
43+
// auth.login.defaultCallbackHandler=name of class that implements javax.security.auth.callback.CallbackHandler
44+
// You may also need to define realms and domain_realm entries in your krb5.conf file (in /etc by default)
45+
public static void main(String[] args) throws UnknownHostException, InterruptedException {
46+
// Set this property to avoid the default behavior where the program prompts on the command line
47+
// for username/password
48+
Security.setProperty("auth.login.defaultCallbackHandler", "DefaultSecurityCallbackHandler");
49+
50+
MongoClient mongo = new MongoClient(
51+
new MongoClientAuthority(new ServerAddress("kdc.10gen.me"),
52+
new MongoClientCredentials("dev1@10GEN.ME", MongoClientCredentials.GSSAPI_MECHANISM)),
53+
new MongoClientOptions.Builder().socketKeepAlive(true).socketTimeout(30000).build());
54+
DB testDB = mongo.getDB("test");
55+
System.out.println("Find one: " + testDB.getCollection("test").findOne());
56+
System.out.println("Count: " + testDB.getCollection("test").count());
57+
WriteResult writeResult = testDB.getCollection("test").insert(new BasicDBObject());
58+
System.out.println("Write result: " + writeResult);
59+
60+
System.out.println();
61+
System.out.println("Trying a query once every 15 seconds...");
62+
System.out.println();
63+
64+
for (; ; ) {
65+
try {
66+
System.out.println(new SimpleDateFormat().format(new Date()));
67+
System.out.println("Count: " + testDB.getCollection("test").count());
68+
System.out.println();
69+
} catch (MongoException e) {
70+
e.printStackTrace();
71+
System.out.println();
72+
}
73+
Thread.sleep(15000);
74+
}
75+
}
76+
}

0 commit comments

Comments
 (0)