diff options
| author | Andy Schwerin <schwerin@10gen.com> | 2013-03-28 15:22:26 -0400 |
|---|---|---|
| committer | Andy Schwerin <schwerin@10gen.com> | 2013-04-22 13:02:47 -0400 |
| commit | 2d8e9831979076e5f6a47895aedad80c8da10d4c (patch) | |
| tree | ab35ee725cb594b5685a544429a48bc9bfd034cc /src/mongo/client/sasl_client_authenticate.h | |
| parent | 506e7c0adffc8708fb15bab929fa83d016e96eec (diff) | |
| download | mongo-2d8e9831979076e5f6a47895aedad80c8da10d4c.tar.gz | |
SERVER-8813 Switch C++ client and shell code for SASL authentication to use the Cyrus SASL library.
Replaces gsasl implementation in clients.
Diffstat (limited to 'src/mongo/client/sasl_client_authenticate.h')
| -rw-r--r-- | src/mongo/client/sasl_client_authenticate.h | 14 |
1 files changed, 4 insertions, 10 deletions
diff --git a/src/mongo/client/sasl_client_authenticate.h b/src/mongo/client/sasl_client_authenticate.h index f6d550abe87..c95cdc42660 100644 --- a/src/mongo/client/sasl_client_authenticate.h +++ b/src/mongo/client/sasl_client_authenticate.h @@ -34,34 +34,28 @@ namespace mongo { * * The "saslParameters" BSONObj should be initialized with zero or more of the * fields below. Which fields are required depends on the mechanism. Consult the - * libgsasl documentation. + * relevant IETF standards. * * "mechanism": The string name of the sasl mechanism to use. Mandatory. * "autoAuthorize": Truthy values tell the server to automatically acquire privileges on * all resources after successful authentication, which is the default. Falsey values * instruct the server to await separate privilege-acquisition commands. - * "user": The string name of the principal to authenticate, GSASL_AUTHID. + * "user": The string name of the principal to authenticate. * "userSource": The database target of the auth command, which identifies the location * of the credential information for the principal. May be "$external" if credential * information is stored outside of the mongo cluster. - * "pwd": The password data, GSASL_PASSWORD. + * "pwd": The password. * "serviceName": The GSSAPI service name to use. Defaults to "mongodb". * "serviceHostname": The GSSAPI hostname to use. Defaults to the name of the remote host. * * Other fields in saslParameters are silently ignored. * - * "sessionHook" is a pointer to optional data, which may be used by the gsasl_callback - * previously set on "gsasl". The session hook is set on an underlying Gsasl_session using - * gsasl_session_hook_set, and may be accessed by callbacks using gsasl_session_hook_get. - * See the gsasl documentation. - * * Returns an OK status on success, and ErrorCodes::AuthenticationFailed if authentication is * rejected. Other failures, all of which are tantamount to authentication failure, may also be * returned. */ extern Status (*saslClientAuthenticate)(DBClientWithCommands* client, - const BSONObj& saslParameters, - void* sessionHook); + const BSONObj& saslParameters); /** * Extracts the payload field from "cmdObj", and store it into "*payload". |