diff options
author | Robert Guo <robert.guo@10gen.com> | 2018-03-17 09:35:21 -0400 |
---|---|---|
committer | Robert Guo <robert.guo@10gen.com> | 2018-03-20 14:42:06 -0400 |
commit | 290edd9cd2f6476f83605ee3189875d4592fc975 (patch) | |
tree | 7e779bfee5209a36af9c019ddb45928a07f9800f /src/mongo/shell/utils_auth.js | |
parent | aaba5b468e67f81380f7fa099932a2722dab3a8a (diff) | |
download | mongo-290edd9cd2f6476f83605ee3189875d4592fc975.tar.gz |
SERVER-33935 add clusterAuthMode option to TestData
Diffstat (limited to 'src/mongo/shell/utils_auth.js')
-rw-r--r-- | src/mongo/shell/utils_auth.js | 31 |
1 files changed, 23 insertions, 8 deletions
diff --git a/src/mongo/shell/utils_auth.js b/src/mongo/shell/utils_auth.js index b105164ea50..b0437f50bf3 100644 --- a/src/mongo/shell/utils_auth.js +++ b/src/mongo/shell/utils_auth.js @@ -13,7 +13,8 @@ var authutil; conn = [conn]; } for (i = 0; i < conn.length; ++i) { - conn[i].getDB(dbname).logout(); + var curDB = new DB(conn[i], dbname); + curDB.logout(); } }; @@ -31,7 +32,9 @@ var authutil; try { for (i = 0; i < conns.length; ++i) { conn = conns[i]; - assert(conn.getDB(dbName).auth(authParams), + // Bypass the implicit auth call in getDB(); + var db = new DB(conn, dbName); + assert(db.auth(authParams), "Failed to authenticate " + conn + " to " + dbName + " using parameters " + tojson(authParams)); } @@ -55,7 +58,9 @@ var authutil; for (i = 0; i < conns.length; ++i) { conn = conns[i]; - assert(!conn.getDB(dbName).auth(authParams), + // Bypass the implicit auth call in getDB(); + var db = new DB(conn, dbName); + assert(!db.auth(authParams), "Unexpectedly authenticated " + conn + " to " + dbName + " using parameters " + tojson(authParams)); } @@ -67,11 +72,21 @@ var authutil; */ authutil.asCluster = function(conn, keyfile, action) { var ex; - authutil.assertAuthenticate(conn, 'admin', { - user: '__system', - mechanism: 'SCRAM-SHA-1', - pwd: cat(keyfile).replace(/[\011-\015\040]/g, '') - }); + const authMode = jsTest.options().clusterAuthMode; + + if (authMode === 'keyFile') { + authutil.assertAuthenticate(conn, 'admin', { + user: '__system', + mechanism: 'SCRAM-SHA-1', + pwd: cat(keyfile).replace(/[\011-\015\040]/g, '') + }); + } else if (authMode === 'x509') { + authutil.assertAuthenticate(conn, '$external', { + mechanism: 'MONGODB-X509', + }); + } else { + throw new Error('clusterAuthMode ' + authMode + ' is currently unsupported'); + } try { return action(); |