Class MongoCredential
-
- com.mongodb.MongoCredential
-
@Immutable public final class MongoCredential extends
Represents credentials to authenticate to a mongo server,as well as the source of the credentials and the authentication mechanism to use.- Since:
- 2.11
-
-
Field Summary
Fields Modifier and Type Field Description static
CANONICALIZE_HOST_NAME_KEY
Mechanism property key for specifying whether to canonicalize the host name for GSSAPI authentication.static
GSSAPI_MECHANISM
The GSSAPI mechanism.static
JAVA_SASL_CLIENT_PROPERTIES_KEY
Mechanism property key for overriding the SaslClient properties for GSSAPI authentication.static
JAVA_SUBJECT_KEY
Mechanism property key for overriding the under which GSSAPI authentication executes.static
MONGODB_CR_MECHANISM
Deprecated.This mechanism was replaced bySCRAM_SHA_1_MECHANISM
in MongoDB 3.0, and is now deprecatedstatic
MONGODB_X509_MECHANISM
The MongoDB X.509static
PLAIN_MECHANISM
The PLAIN mechanism.static
SCRAM_SHA_1_MECHANISM
The SCRAM-SHA-1 Mechanism.static
SCRAM_SHA_256_MECHANISM
The SCRAM-SHA-256 Mechanism.static
SERVICE_NAME_KEY
Mechanism property key for overriding the service name for GSSAPI authentication.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description static MongoCredential
userName, database, char[] password)
Creates a MongoCredential instance with an unspecified mechanism.static MongoCredential
userName)
Creates a MongoCredential instance for the GSSAPI SASL mechanism.static MongoCredential
userName, database, char[] password)
Deprecated.MONGODB-CR was replaced by SCRAM-SHA-1 in MongoDB 3.0, and is now deprecated.static MongoCredential
createMongoX509Credential()
Creates a MongoCredential instance for the MongoDB X.509 protocol where the distinguished subject name of the client certificate acts as the userName.static MongoCredential
userName)
Creates a MongoCredential instance for the MongoDB X.509 protocol.static MongoCredential
userName, source, char[] password)
Creates a MongoCredential instance for the PLAIN SASL mechanism.static MongoCredential
userName, source, char[] password)
Creates a MongoCredential instance for the SCRAM-SHA-1 SASL mechanism.static MongoCredential
userName, source, char[] password)
Creates a MongoCredential instance for the SCRAM-SHA-256 SASL mechanism.boolean
o)
AuthenticationMechanism
getAuthenticationMechanism()
Gets the mechanismgetMechanism()
Gets the mechanism<T> T
key, T defaultValue)
Get the value of the given key to a mechanism property, or defaultValue if there is no mapping.char[]
getPassword()
Gets the password.getSource()
Gets the source of the user name, typically the name of the database where the user is defined.getUserName()
Gets the user nameint
hashCode()
toString()
MongoCredential
withMechanism(AuthenticationMechanism mechanism)
Creates a new MongoCredential with the set mechanism.<T> MongoCredential
key, T value)
Creates a new MongoCredential as a copy of this instance, with the specified mechanism property added.
-
-
-
Field Detail
-
MONGODB_CR_MECHANISM
public static final MONGODB_CR_MECHANISM
Deprecated.This mechanism was replaced bySCRAM_SHA_1_MECHANISM
in MongoDB 3.0, and is now deprecatedThe MongoDB Challenge Response mechanism.- MongoDB documentation
-
GSSAPI_MECHANISM
public static final GSSAPI_MECHANISM
The GSSAPI mechanism. See the .- MongoDB documentation
- Since server release
-
PLAIN_MECHANISM
public static final PLAIN_MECHANISM
The PLAIN mechanism. See the .- Since:
- 2.12
- MongoDB documentation
- Since server release
-
MONGODB_X509_MECHANISM
public static final MONGODB_X509_MECHANISM
The MongoDB X.509- Since:
- 2.12
- MongoDB documentation
- Since server release
-
SCRAM_SHA_1_MECHANISM
public static final SCRAM_SHA_1_MECHANISM
The SCRAM-SHA-1 Mechanism.- Since:
- 2.13
- MongoDB documentation
- Since server release
-
SCRAM_SHA_256_MECHANISM
public static final SCRAM_SHA_256_MECHANISM
The SCRAM-SHA-256 Mechanism.- Since:
- 3.8
- MongoDB documentation
- Since server release
-
SERVICE_NAME_KEY
public static final SERVICE_NAME_KEY
Mechanism property key for overriding the service name for GSSAPI authentication.- Since:
- 3.3
- See Also:
createGSSAPICredential(String)
,withMechanismProperty(String, Object)
, Constant Field Values
-
CANONICALIZE_HOST_NAME_KEY
public static final CANONICALIZE_HOST_NAME_KEY
Mechanism property key for specifying whether to canonicalize the host name for GSSAPI authentication.- Since:
- 3.3
- See Also:
createGSSAPICredential(String)
,withMechanismProperty(String, Object)
, Constant Field Values
-
JAVA_SASL_CLIENT_PROPERTIES_KEY
public static final JAVA_SASL_CLIENT_PROPERTIES_KEY
Mechanism property key for overriding the SaslClient properties for GSSAPI authentication. The value of this property must be aMap<String, Object>
. In most cases there is no need to set this mechanism property. But if an application does:- Generally it must set the property to an instance of .
- It's recommended that it set the property to "0" to ensure compatibility with all versions of MongoDB.
- Since:
- 3.3
- See Also:
createGSSAPICredential(String)
,withMechanismProperty(String, Object)
, , , , Constant Field Values
-
JAVA_SUBJECT_KEY
public static final JAVA_SUBJECT_KEY
Mechanism property key for overriding the under which GSSAPI authentication executes.- Since:
- 3.3
- See Also:
createGSSAPICredential(String)
,withMechanismProperty(String, Object)
, Constant Field Values
-
-
Method Detail
-
createCredential
public static userName, database, char[] password)
Creates a MongoCredential instance with an unspecified mechanism. The client will negotiate the best mechanism based on the version of the server that the client is authenticating to.If the server version is 4.0 or higher, the driver will negotiate with the server preferring the SCRAM-SHA-256 mechanism. 3.x servers will authenticate using SCRAM-SHA-1, older servers will authenticate using the MONGODB_CR mechanism.
- Parameters:
userName
- the user namedatabase
- the database where the user is definedpassword
- the user's password- Returns:
- the credential
- Since:
- 2.13
- MongoDB documentation
-
createScramSha1Credential
public static userName, source, char[] password)
Creates a MongoCredential instance for the SCRAM-SHA-1 SASL mechanism. Use this method only if you want to ensure that the driver uses the SCRAM-SHA-1 mechanism regardless of whether the server you are connecting to supports the authentication mechanism. Otherwise use thecreateCredential(String, String, char[])
method to allow the driver to negotiate the best mechanism based on the server version.- Parameters:
userName
- the non-null user namesource
- the source where the user is defined.password
- the non-null user password- Returns:
- the credential
- Since:
- 2.13
- See Also:
createCredential(String, String, char[])
- MongoDB documentation
- Since server release
-
createScramSha256Credential
public static userName, source, char[] password)
Creates a MongoCredential instance for the SCRAM-SHA-256 SASL mechanism.- Parameters:
userName
- the non-null user namesource
- the source where the user is defined.password
- the non-null user password- Returns:
- the credential
- Since:
- 3.8
- See Also:
createCredential(String, String, char[])
- MongoDB documentation
- Since server release
-
createMongoCRCredential
public static userName, database, char[] password)
Deprecated.MONGODB-CR was replaced by SCRAM-SHA-1 in MongoDB 3.0, and is now deprecated. Use thecreateCredential(String, String, char[])
factory method instead.Creates a MongoCredential instance for the MongoDB Challenge Response protocol. Use this method only if you want to ensure that the driver uses the MONGODB_CR mechanism regardless of whether the server you are connecting to supports a more secure authentication mechanism. Otherwise use thecreateCredential(String, String, char[])
method to allow the driver to negotiate the best mechanism based on the server version.- Parameters:
userName
- the user namedatabase
- the database where the user is definedpassword
- the user's password- Returns:
- the credential
- See Also:
createCredential(String, String, char[])
- MongoDB documentation
-
createMongoX509Credential
public static userName)
Creates a MongoCredential instance for the MongoDB X.509 protocol.- Parameters:
userName
- the user name- Returns:
- the credential
- Since:
- 2.12
- MongoDB documentation
- Since server release
-
createMongoX509Credential
public static MongoCredential createMongoX509Credential()
Creates a MongoCredential instance for the MongoDB X.509 protocol where the distinguished subject name of the client certificate acts as the userName.Available on MongoDB server versions >= 3.4.
- Returns:
- the credential
- Since:
- 3.4
- MongoDB documentation
- Since server release
-
createPlainCredential
public static userName, source, char[] password)
Creates a MongoCredential instance for the PLAIN SASL mechanism.- Parameters:
userName
- the non-null user namesource
- the source where the user is defined. This can be either"$external"
or the name of a database.password
- the non-null user password- Returns:
- the credential
- Since:
- 2.12
- MongoDB documentation
- Since server release
-
createGSSAPICredential
public static userName)
Creates a MongoCredential instance for the GSSAPI SASL mechanism.To override the default service name of
"mongodb"
, add a mechanism property with the name"SERVICE_NAME"
.To force canonicalization of the host name prior to authentication, add a mechanism property with the name
"CANONICALIZE_HOST_NAME"
with the valuetrue
.To override the with which the authentication executes, add a mechanism property with the name
"JAVA_SUBJECT"
with the value of aSubject
instance.To override the properties of the with which the authentication executes, add a mechanism property with the name
"JAVA_SASL_CLIENT_PROPERTIES"
with the value of aMap<String, Object
instance containing the necessary properties. This can be useful if the application is customizing the default .- Parameters:
userName
- the non-null user name- Returns:
- the credential
- See Also:
withMechanismProperty(String, Object)
,SERVICE_NAME_KEY
,CANONICALIZE_HOST_NAME_KEY
,JAVA_SUBJECT_KEY
,JAVA_SASL_CLIENT_PROPERTIES_KEY
- MongoDB documentation
- Since server release
-
withMechanismProperty
public <T> key, T value)
Creates a new MongoCredential as a copy of this instance, with the specified mechanism property added.- Type Parameters:
T
- the property type- Parameters:
key
- the key to the property, which is treated as case-insensitivevalue
- the value of the property- Returns:
- the credential
- Since:
- 2.12
-
withMechanism
public MongoCredential withMechanism(AuthenticationMechanism mechanism)
Creates a new MongoCredential with the set mechanism. The existing mechanism must be null.- Parameters:
mechanism
- the mechanism to set- Returns:
- the credential
- Since:
- 3.8
-
getMechanism
@Nullable public getMechanism()
Gets the mechanism- Returns:
- the mechanism.
-
getAuthenticationMechanism
@Nullable public AuthenticationMechanism getAuthenticationMechanism()
Gets the mechanism- Returns:
- the mechanism.
- Since:
- 3.0
-
getUserName
@Nullable public getUserName()
Gets the user name- Returns:
- the user name.
-
getSource
public getSource()
Gets the source of the user name, typically the name of the database where the user is defined.- Returns:
- the user name. Can never be null.
-
getPassword
@Nullable public char[] getPassword()
Gets the password.- Returns:
- the password. Can be null for some mechanisms.
-
getMechanismProperty
@Nullable public <T> T getMechanismProperty( key, @Nullable T defaultValue)
Get the value of the given key to a mechanism property, or defaultValue if there is no mapping.- Type Parameters:
T
- the value type- Parameters:
key
- the mechanism property key, which is treated as case-insensitivedefaultValue
- the default value, if no mapping exists- Returns:
- the mechanism property value
- Since:
- 2.12
-
equals
public boolean equals( o)
- Overrides:
in class
-
hashCode
public int hashCode()
- Overrides:
in class
-
toString
public toString()
- Overrides:
in class
-
-