1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
|
// Verify that clients can speculatively authenticate to mongos.
// @tags: [requires_sharding]
(function() {
'use strict';
const fallbackMech = 'SCRAM-SHA-256';
const keyfile = 'jstests/libs/key1';
const st = new ShardingTest({
mongos: 1,
keyFile: keyfile,
other: {mongosOptions: {auth: null}, configOptions: {auth: null}, shardOptions: {auth: null}}
});
const admin = st.s.getDB('admin');
admin.createUser({user: 'admin', pwd: 'pwd', roles: ['root']});
admin.auth('admin', 'pwd');
let lastStats =
assert.commandWorked(admin.runCommand({serverStatus: 1})).security.authentication.mechanisms;
jsTest.log('Inintial stats: ' + lastStats);
function test(uri, incrMech) {
jsTest.log('Connecting to: ' + uri);
assert.eq(runMongoProgram('mongo', uri, '--eval', ';'), 0);
const stats = assert.commandWorked(admin.runCommand({serverStatus: 1}))
.security.authentication.mechanisms;
assert.eq(Object.keys(lastStats).length, Object.keys(stats).length);
Object.keys(lastStats).forEach(function(mech) {
const inc = (mech == incrMech) ? 1 : 0;
const specBefore = lastStats[mech].speculativeAuthenticate;
const specAfter = stats[mech].speculativeAuthenticate;
assert.eq(specAfter.received, specBefore.received + inc);
assert.eq(specAfter.successful, specBefore.successful + inc);
const allBefore = lastStats[mech].authenticate;
const allAfter = stats[mech].authenticate;
assert.eq(allAfter.received, allBefore.received + inc);
assert.eq(allAfter.successful, allBefore.successful + inc);
});
lastStats = stats;
}
const baseURI = 'mongodb://admin:pwd@' + st.s.host + '/admin';
test(baseURI, fallbackMech);
test(baseURI + '?authMechanism=SCRAM-SHA-1', 'SCRAM-SHA-1');
test(baseURI + '?authMechanism=SCRAM-SHA-256', 'SCRAM-SHA-256');
admin.logout();
st.stop();
}());
|