diff options
author | Spencer T Brody <spencer@10gen.com> | 2013-08-29 15:02:40 -0400 |
---|---|---|
committer | Spencer T Brody <spencer@10gen.com> | 2013-08-29 16:54:23 -0400 |
commit | 578bafdbee5f2a98948ad675d433e4c96cb64284 (patch) | |
tree | 4e61f16d6f1105beec1b4dc635dafb83db4d6463 /src/mongo/db/dbwebserver.cpp | |
parent | 9436f8fe392cbd1bb3920fb627ec614853dfcb10 (diff) | |
download | mongo-578bafdbee5f2a98948ad675d433e4c96cb64284.tar.gz |
SERVER-9518 Change webserver to use acquireUser to get user's password hash, rather than a direct call to getPrivilegeDocument
Diffstat (limited to 'src/mongo/db/dbwebserver.cpp')
-rw-r--r-- | src/mongo/db/dbwebserver.cpp | 18 |
1 files changed, 15 insertions, 3 deletions
diff --git a/src/mongo/db/dbwebserver.cpp b/src/mongo/db/dbwebserver.cpp index 2c6311d463a..d4598fed49e 100644 --- a/src/mongo/db/dbwebserver.cpp +++ b/src/mongo/db/dbwebserver.cpp @@ -32,6 +32,7 @@ #include "mongo/db/auth/authorization_session.h" #include "mongo/db/auth/privilege.h" #include "mongo/db/auth/user_name.h" +#include "mongo/db/auth/user.h" #include "mongo/db/background.h" #include "mongo/db/cmdline.h" #include "mongo/db/commands.h" @@ -109,9 +110,20 @@ namespace mongo { // Only users in the admin DB are visible by the webserver UserName userName(parms["username"], "admin"); - BSONObj user = _webUsers->getAdminUser(userName); - if ( ! user.isEmpty() ) { - string ha1 = user["pwd"].str(); + User* user; + AuthorizationManager& authzManager = + cc().getAuthorizationSession()->getAuthorizationManager(); + Status status = authzManager.acquireUser(userName, &user); + if (!status.isOK()) { + if (status.code() != ErrorCodes::UserNotFound) { + uasserted(17051, status.reason()); + } + } else { + uassert(17090, + "External users don't have a password", + !user->getCredentials().isExternal); + string ha1 = user->getCredentials().password; + authzManager.releaseUser(user); string ha2 = md5simpledigest( (string)"GET" + ":" + parms["uri"] ); stringstream r; |