SERVER-21890 Allow realm to be set in SSPI shell

author: Spencer Jackson <spencer.jackson@mongodb.com> 2015-12-14 13:48:05 -0500
committer: Spencer Jackson <spencer.jackson@mongodb.com> 2015-12-15 11:11:39 -0500
commit: 4b37c81ddfd33f550f2f42e1a14a56e427620db4 (patch)
tree: d8933fa0d375d64c50b13ec90d38d806ac6f92a9 /src/mongo/client
parent: a3658623443f53b415d94d3f6d793070f535f19d (diff)
download: mongo-4b37c81ddfd33f550f2f42e1a14a56e427620db4.tar.gz
3 files changed, 15 insertions, 0 deletions
diff --git a/src/mongo/client/sasl_sspi.cpp b/src/mongo/client/sasl_sspi.cpp
index a9635320dd0..c1ee9fce981 100644
--- a/src/mongo/client/sasl_sspi.cpp
+++ b/src/mongo/client/sasl_sspi.cpp
@@ -222,6 +222,9 @@ int sspiClientMechNew(void* glob_context,
     }
 
     pcctx->nameToken = toWideString(cparams->service) + L'/' + toWideString(canonName.c_str());
+    if (!saslSSPIGlobalParams.realmOverride.empty()) {
+        pcctx->nameToken += L'@' + toWideString(saslSSPIGlobalParams.realmOverride.c_str());
+    }
 
     *conn_context = pcctx.release();
 
diff --git a/src/mongo/client/sasl_sspi_options.cpp b/src/mongo/client/sasl_sspi_options.cpp
index f392f5b5412..c63a3f408ba 100644
--- a/src/mongo/client/sasl_sspi_options.cpp
+++ b/src/mongo/client/sasl_sspi_options.cpp
@@ -51,6 +51,10 @@ Status addSASLSSPIOptions(moe::OptionSection* options) {
                                   "DNS resolution strategy to use for hostname canonicalization. "
                                   "May be one of: {none, forward, forwardAndReverse}")
         .setDefault(moe::Value(std::string("none")));
+    sspiOptions.addOptionChaining("security.sspiRealmOverride",
+                                  "sspiRealmOverride",
+                                  moe::String,
+                                  "Override the detected realm with the provided string").hidden();
     return options->addSection(sspiOptions);
 }
 
@@ -69,6 +73,9 @@ Status storeSASLSSPIOptions(const moe::Environment& params) {
                           "Unrecognized sspiHostnameCanonicalization option");
         }
     }
+    if (params.count("security.sspiRealmOverride")) {
+        saslSSPIGlobalParams.realmOverride = params["security.sspiRealmOverride"].as<std::string>();
+    }
     return Status::OK();
 }
 
diff --git a/src/mongo/client/sasl_sspi_options.h b/src/mongo/client/sasl_sspi_options.h
index e0dca3516ec..c32dc54bacc 100644
--- a/src/mongo/client/sasl_sspi_options.h
+++ b/src/mongo/client/sasl_sspi_options.h
@@ -28,6 +28,8 @@
 
 #pragma once
 
+#include <string>
+
 #include "mongo/util/net/hostname_canonicalization.h"
 
 namespace mongo {
@@ -44,6 +46,9 @@ namespace moe = mongo::optionenvironment;
 struct SASLSSPIGlobalParams {
     // HostnameCanonicalizationMode to use for resolving SASL hostname into the SPN's hostname
     HostnameCanonicalizationMode canonicalization = HostnameCanonicalizationMode::kNone;
+
+    // Override the automatically detected realm
+    std::string realmOverride;
 };
 
 extern SASLSSPIGlobalParams saslSSPIGlobalParams;
author	Spencer Jackson <spencer.jackson@mongodb.com>	2015-12-14 13:48:05 -0500
committer	Spencer Jackson <spencer.jackson@mongodb.com>	2015-12-15 11:11:39 -0500
commit	4b37c81ddfd33f550f2f42e1a14a56e427620db4 (patch)
tree	d8933fa0d375d64c50b13ec90d38d806ac6f92a9 /src/mongo/client
parent	a3658623443f53b415d94d3f6d793070f535f19d (diff)
download	mongo-4b37c81ddfd33f550f2f42e1a14a56e427620db4.tar.gz