Package com.mongodb

Class MongoCredential

java.lang.Object
com.mongodb.MongoCredential

@Immutable public final class MongoCredential extends Object
Represents credentials to authenticate to a mongo server,as well as the source of the credentials and the authentication mechanism to use.
Since:
2.11
  • Field Details

  • Method Details

    • createCredential

      public static MongoCredential createCredential(String userName, String database, char[] password)
      Creates a MongoCredential instance with an unspecified mechanism. The client will negotiate the best mechanism based on the version of the server that the client is authenticating to.

      If the server version is 4.0 or higher, the driver will negotiate with the server preferring the SCRAM-SHA-256 mechanism. 3.x servers will authenticate using SCRAM-SHA-1, older servers will authenticate using the MONGODB_CR mechanism.

      Parameters:
      userName - the user name
      database - the database where the user is defined
      password - the user's password
      Returns:
      the credential
      Since:
      2.13
      MongoDB documentation
      SCRAM-SHA-256
      SCRAM-SHA-1
      MONGODB-CR
    • createScramSha1Credential

      public static MongoCredential createScramSha1Credential(String userName, String source, char[] password)
      Creates a MongoCredential instance for the SCRAM-SHA-1 SASL mechanism. Use this method only if you want to ensure that the driver uses the SCRAM-SHA-1 mechanism regardless of whether the server you are connecting to supports the authentication mechanism. Otherwise use the createCredential(String, String, char[]) method to allow the driver to negotiate the best mechanism based on the server version.
      Parameters:
      userName - the non-null user name
      source - the source where the user is defined.
      password - the non-null user password
      Returns:
      the credential
      Since:
      2.13
      See Also:
      MongoDB documentation
      SCRAM-SHA-1
      Since server release
      3.0
    • createScramSha256Credential

      public static MongoCredential createScramSha256Credential(String userName, String source, char[] password)
      Creates a MongoCredential instance for the SCRAM-SHA-256 SASL mechanism.
      Parameters:
      userName - the non-null user name
      source - the source where the user is defined.
      password - the non-null user password
      Returns:
      the credential
      Since:
      3.8
      See Also:
      MongoDB documentation
      SCRAM-SHA-256
      Since server release
      4.0
    • createMongoX509Credential

      public static MongoCredential createMongoX509Credential(String userName)
      Creates a MongoCredential instance for the MongoDB X.509 protocol.
      Parameters:
      userName - the user name
      Returns:
      the credential
      Since:
      2.12
      MongoDB documentation
      X-509
    • createMongoX509Credential

      public static MongoCredential createMongoX509Credential()
      Creates a MongoCredential instance for the MongoDB X.509 protocol where the distinguished subject name of the client certificate acts as the userName.

      Available on MongoDB server versions >= 3.4.

      Returns:
      the credential
      Since:
      3.4
      MongoDB documentation
      X-509
      Since server release
      3.4
    • createPlainCredential

      public static MongoCredential createPlainCredential(String userName, String source, char[] password)
      Creates a MongoCredential instance for the PLAIN SASL mechanism.
      Parameters:
      userName - the non-null user name
      source - the source where the user is defined. This can be either "$external" or the name of a database.
      password - the non-null user password
      Returns:
      the credential
      Since:
      2.12
      MongoDB documentation
      PLAIN
    • createGSSAPICredential

      public static MongoCredential createGSSAPICredential(String userName)
      Creates a MongoCredential instance for the GSSAPI SASL mechanism.

      To override the default service name of "mongodb", add a mechanism property with the name "SERVICE_NAME".

      To force canonicalization of the host name prior to authentication, add a mechanism property with the name "CANONICALIZE_HOST_NAME" with the valuetrue.

      To override the Subject with which the authentication executes, add a mechanism property with the name "JAVA_SUBJECT" with the value of a Subject instance.

      To override the properties of the SaslClient with which the authentication executes, add a mechanism property with the name "JAVA_SASL_CLIENT_PROPERTIES" with the value of a Map<String, Object> instance containing the necessary properties. This can be useful if the application is customizing the default SaslClientFactory.

      Parameters:
      userName - the non-null user name
      Returns:
      the credential
      See Also:
      MongoDB documentation
      GSSAPI
      Since server release
      2.4
    • createAwsCredential

      public static MongoCredential createAwsCredential(@Nullable String userName, @Nullable char[] password)
      Creates a MongoCredential instance for the MONGODB-AWS mechanism.
      Parameters:
      userName - the user name, which may be null. This maps to the AWS accessKeyId
      password - the user password, which may be null if the userName is also null. This maps to the AWS secretAccessKey.
      Returns:
      the credential
      Since:
      4.1
      See Also:
      Since server release
      4.4
    • createOidcCredential

      public static MongoCredential createOidcCredential(@Nullable String userName)
      Creates a MongoCredential instance for the MONGODB-OIDC mechanism.
      Parameters:
      userName - the user name, which may be null. This is the OIDC principal name.
      Returns:
      the credential
      Since:
      5.1
      See Also:
      Since server release
      7.0
    • withMechanismProperty

      public <T> MongoCredential withMechanismProperty(String key, T value)
      Creates a new MongoCredential as a copy of this instance, with the specified mechanism property added.
      Type Parameters:
      T - the property type
      Parameters:
      key - the key to the property, which is treated as case-insensitive
      value - the value of the property
      Returns:
      the credential
      Since:
      2.12
    • withMechanism

      public MongoCredential withMechanism(AuthenticationMechanism mechanism)
      Creates a new MongoCredential with the set mechanism. The existing mechanism must be null.
      Parameters:
      mechanism - the mechanism to set
      Returns:
      the credential
      Since:
      3.8
    • getMechanism

      @Nullable public String getMechanism()
      Gets the mechanism
      Returns:
      the mechanism.
    • getAuthenticationMechanism

      @Nullable public AuthenticationMechanism getAuthenticationMechanism()
      Gets the mechanism
      Returns:
      the mechanism.
      Since:
      3.0
    • getUserName

      @Nullable public String getUserName()
      Gets the user name
      Returns:
      the user name.
    • getSource

      public String getSource()
      Gets the source of the user name, typically the name of the database where the user is defined.
      Returns:
      the source of the user name. Can never be null.
    • getPassword

      @Nullable public char[] getPassword()
      Gets the password.
      Returns:
      the password. Can be null for some mechanisms.
    • getMechanismProperty

      @Nullable public <T> T getMechanismProperty(String key, @Nullable T defaultValue)
      Get the value of the given key to a mechanism property, or defaultValue if there is no mapping.
      Type Parameters:
      T - the value type
      Parameters:
      key - the mechanism property key, which is treated as case-insensitive
      defaultValue - the default value, if no mapping exists
      Returns:
      the mechanism property value
      Since:
      2.12
    • equals

      public boolean equals(Object o)
      Overrides:
      equals in class Object
    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object
    • toString

      public String toString()
      Overrides:
      toString in class Object