mongo 1.10.0.rc0 → 1.10.0.rc1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (42) hide show
  1. checksums.yaml +4 -4
  2. checksums.yaml.gz.sig +0 -0
  3. data.tar.gz.sig +0 -0
  4. data/VERSION +1 -1
  5. data/lib/mongo/bulk_write_collection_view.rb +31 -3
  6. data/lib/mongo/collection.rb +69 -25
  7. data/lib/mongo/collection_writer.rb +3 -2
  8. data/lib/mongo/connection/node.rb +5 -0
  9. data/lib/mongo/cursor.rb +4 -1
  10. data/lib/mongo/db.rb +23 -41
  11. data/lib/mongo/functional.rb +2 -0
  12. data/lib/mongo/functional/authentication.rb +18 -3
  13. data/lib/mongo/functional/sasl_java.rb +48 -0
  14. data/lib/mongo/functional/uri_parser.rb +62 -50
  15. data/lib/mongo/mongo_client.rb +24 -9
  16. data/lib/mongo/mongo_replica_set_client.rb +16 -5
  17. data/lib/mongo/networking.rb +3 -3
  18. data/lib/mongo/utils/conversions.rb +2 -1
  19. data/test/functional/authentication_test.rb +6 -1
  20. data/test/functional/bulk_api_stress_test.rb +133 -0
  21. data/test/functional/bulk_write_collection_view_test.rb +573 -226
  22. data/test/functional/client_test.rb +3 -1
  23. data/test/functional/collection_test.rb +336 -17
  24. data/test/functional/conversions_test.rb +32 -0
  25. data/test/functional/cursor_test.rb +3 -3
  26. data/test/functional/db_api_test.rb +2 -2
  27. data/test/functional/db_test.rb +24 -0
  28. data/test/functional/uri_test.rb +49 -32
  29. data/test/helpers/test_unit.rb +8 -0
  30. data/test/replica_set/authentication_test.rb +5 -1
  31. data/test/replica_set/client_test.rb +5 -4
  32. data/test/replica_set/max_values_test.rb +6 -0
  33. data/test/shared/authentication/basic_auth_shared.rb +101 -30
  34. data/test/shared/authentication/bulk_api_auth_shared.rb +259 -0
  35. data/test/shared/authentication/gssapi_shared.rb +164 -0
  36. data/test/shared/ssl_shared.rb +49 -27
  37. data/test/unit/client_test.rb +4 -2
  38. data/test/unit/connection_test.rb +4 -2
  39. data/test/unit/cursor_test.rb +12 -0
  40. data/test/unit/db_test.rb +6 -0
  41. metadata +27 -20
  42. metadata.gz.sig +0 -0
@@ -0,0 +1,259 @@
1
+ # Copyright (C) 2009-2013 MongoDB, Inc.
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License")
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # http://www.apache.org/licenses/LICENSE-2.0x
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
14
+
15
+ module BulkAPIAuthTests
16
+
17
+ include Mongo
18
+
19
+ def init_auth_bulk
20
+ # enable authentication
21
+ @admin = @client["admin"]
22
+ @admin.add_user('admin', 'password', nil, :roles => ['readWriteAnyDatabase',
23
+ 'userAdminAnyDatabase',
24
+ 'dbAdminAnyDatabase'])
25
+ @admin.authenticate('admin', 'password')
26
+
27
+ # Set up the test db
28
+ @collection = @db["bulk-api-auth-tests"]
29
+
30
+ # db user can insert but not remove
31
+ res = BSON::OrderedHash.new
32
+ res[:db] = TEST_DB
33
+ res[:collection] = ""
34
+
35
+ cmd = BSON::OrderedHash.new
36
+ cmd[:createRole] = "insertOnly"
37
+ cmd[:privileges] = [{:resource => res, :actions => [ "insert", "find" ]}]
38
+ cmd[:roles] = []
39
+ @db.command(cmd)
40
+ @db.add_user('insertOnly', 'password', nil, :roles => ['insertOnly'])
41
+
42
+ # db user can insert and remove
43
+ cmd = BSON::OrderedHash.new
44
+ cmd[:createRole] = "insertAndRemove"
45
+ cmd[:privileges] = [{:resource => res, :actions => [ "insert", "remove", "find" ]}]
46
+ cmd[:roles] = []
47
+ @db.command(cmd)
48
+ @db.add_user('insertAndRemove', 'password', nil, :roles => ['insertAndRemove'])
49
+
50
+ # for 2.4 cleanup etc.
51
+ @db.add_user('admin', 'password', nil, :roles => ['readWrite',
52
+ 'userAdmin',
53
+ 'dbAdmin'])
54
+ @admin.logout
55
+ end
56
+
57
+ def teardown_bulk
58
+ remove_all_users_and_roles(@db, 'admin', 'password')
59
+ remove_all_users_and_roles(@admin, 'admin', 'password')
60
+ end
61
+
62
+ def clear_collection(collection)
63
+ @admin.authenticate('admin', 'password')
64
+ collection.remove
65
+ @admin.logout
66
+ end
67
+
68
+ def remove_all_users_and_roles(database, username, password)
69
+ @admin.authenticate('admin', 'password')
70
+ if @version < '2.5.3'
71
+ database['system.users'].remove
72
+ else
73
+ database.command({:dropAllRolesFromDatabase => 1})
74
+ database.command({:dropAllUsersFromDatabase => 1})
75
+ end
76
+ @admin.logout
77
+ end
78
+
79
+ def test_auth_no_error
80
+ return unless @version >= '2.5.3'
81
+ init_auth_bulk
82
+ with_write_commands_and_operations(@db.connection) do |wire_version|
83
+ clear_collection(@collection)
84
+ @db.authenticate('insertAndRemove', 'password')
85
+ bulk = @collection.initialize_ordered_bulk_op
86
+ bulk.insert({:a => 1})
87
+ bulk.find({:a => 1}).remove_one
88
+
89
+ result = bulk.execute
90
+ assert_match_document(
91
+ {
92
+ "ok" => 1,
93
+ "nInserted" => 1,
94
+ "nRemoved" => 1
95
+ }, result, "wire_version:#{wire_version}")
96
+ assert_equal 0, @collection.count
97
+ @db.logout
98
+ end
99
+ teardown_bulk
100
+ end
101
+
102
+ def test_auth_error
103
+ return unless @version >= '2.5.3'
104
+ init_auth_bulk
105
+ with_write_commands_and_operations(@db.connection) do |wire_version|
106
+ clear_collection(@collection)
107
+ @db.authenticate('insertOnly', 'password')
108
+ bulk = @collection.initialize_ordered_bulk_op
109
+ bulk.insert({:a => 1})
110
+ bulk.find({:a => 1}).remove
111
+ bulk.insert({:a => 2})
112
+
113
+ ex = assert_raise Mongo::BulkWriteError do
114
+ bulk.execute
115
+ end
116
+ result = ex.result
117
+ assert_match_document(
118
+ {
119
+ "ok" => 1,
120
+ "n" => 1,
121
+ "writeErrors" =>
122
+ [{
123
+ "index" => 1,
124
+ "code" => 13,
125
+ "errmsg" => /not authorized/
126
+ }],
127
+ "code" => 65,
128
+ "errmsg" => "batch item errors occurred",
129
+ "nInserted" => 1
130
+ }, result, "wire_version:#{wire_version}")
131
+ assert_equal 1, @collection.count
132
+ @db.logout
133
+ end
134
+ teardown_bulk
135
+ end
136
+
137
+ def test_auth_error_unordered
138
+ return unless @version >= '2.5.3'
139
+ init_auth_bulk
140
+ with_write_commands_and_operations(@db.connection) do |wire_version|
141
+ clear_collection(@collection)
142
+ @db.authenticate('insertOnly', 'password')
143
+ bulk = @collection.initialize_unordered_bulk_op
144
+ bulk.insert({:a => 1})
145
+ bulk.find({:a => 1}).remove_one
146
+ bulk.insert({:a => 2})
147
+
148
+ ex = assert_raise Mongo::BulkWriteError do
149
+ bulk.execute
150
+ end
151
+ result = ex.result
152
+ assert_equal 1, result["writeErrors"].length
153
+ assert_equal 2, result["n"]
154
+ assert_equal 2, result["nInserted"]
155
+ assert_equal 2, @collection.count
156
+ @db.logout
157
+ end
158
+ teardown_bulk
159
+ end
160
+
161
+ def test_duplicate_key_with_auth_error
162
+ return unless @version >= '2.5.3'
163
+ init_auth_bulk
164
+ with_write_commands_and_operations(@db.connection) do |wire_version|
165
+ clear_collection(@collection)
166
+ @db.authenticate('insertOnly', 'password')
167
+ bulk = @collection.initialize_ordered_bulk_op
168
+ bulk.insert({:_id => 1, :a => 1})
169
+ bulk.insert({:_id => 1, :a => 2})
170
+ bulk.find({:a => 1}).remove_one
171
+
172
+ ex = assert_raise Mongo::BulkWriteError do
173
+ bulk.execute
174
+ end
175
+ result = ex.result
176
+ assert_match_document(
177
+ {
178
+ "ok" => 1,
179
+ "n" => 1,
180
+ "writeErrors" =>
181
+ [{
182
+ "index" => 1,
183
+ "code" => 11000,
184
+ "errmsg" => /duplicate key error/
185
+ }],
186
+ "code" => 65,
187
+ "errmsg" => "batch item errors occurred",
188
+ "nInserted" => 1
189
+ }, result, "wire_version:#{wire_version}")
190
+ assert_equal 1, @collection.count
191
+ @db.logout
192
+ end
193
+ teardown_bulk
194
+ end
195
+
196
+ def test_duplicate_key_with_auth_error_unordered
197
+ return unless @version >= '2.5.3'
198
+ init_auth_bulk
199
+ with_write_commands_and_operations(@db.connection) do |wire_version|
200
+ clear_collection(@collection)
201
+ @db.authenticate('insertOnly', 'password')
202
+ bulk = @collection.initialize_unordered_bulk_op
203
+ bulk.insert({:_id => 1, :a => 1})
204
+ bulk.insert({:_id => 1, :a => 1})
205
+ bulk.find({:a => 1}).remove_one
206
+
207
+ ex = assert_raise Mongo::BulkWriteError do
208
+ bulk.execute
209
+ end
210
+ result = ex.result
211
+ assert_equal 2, result["writeErrors"].length
212
+ assert_equal 1, result["n"]
213
+ assert_equal 1, result["nInserted"]
214
+ assert_equal 1, @collection.count
215
+ @db.logout
216
+ end
217
+ teardown_bulk
218
+ end
219
+
220
+ def test_write_concern_error_with_auth_error
221
+ with_no_replication(@db.connection) do
222
+ return unless @version >= '2.5.3'
223
+ init_auth_bulk
224
+ with_write_commands_and_operations(@db.connection) do |wire_version|
225
+ clear_collection(@collection)
226
+ @db.authenticate('insertOnly', 'password')
227
+ bulk = @collection.initialize_ordered_bulk_op
228
+ bulk.insert({:_id => 1, :a => 1})
229
+ bulk.insert({:_id => 2, :a => 1})
230
+ bulk.find({:a => 1}).remove_one
231
+
232
+ ex = assert_raise Mongo::BulkWriteError do
233
+ bulk.execute({:w => 2})
234
+ end
235
+ result = ex.result
236
+
237
+ assert_match_document(
238
+ {
239
+ "ok" => 0,
240
+ "n" => 0,
241
+ "nInserted" => 0,
242
+ "writeErrors" =>
243
+ [{
244
+ "index" => 0,
245
+ "code" => 2,
246
+ "errmsg" => /'w' > 1/
247
+ }],
248
+ "code" => 65,
249
+ "errmsg" => "batch item errors occurred"
250
+ }, result, "wire_version#{wire_version}")
251
+ # Re-visit this when RUBY-731 is resolved:
252
+ assert (@collection.count == batch_commands?(wire_version) ? 0 : 1)
253
+ @db.logout
254
+ end
255
+ teardown_bulk
256
+ end
257
+ end
258
+
259
+ end
@@ -0,0 +1,164 @@
1
+ # Copyright (C) 2009-2013 MongoDB, Inc.
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # http://www.apache.org/licenses/LICENSE-2.0
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
14
+
15
+ module GSSAPITests
16
+
17
+ # Tests for the GSSAPI Authentication Mechanism.
18
+ #
19
+ # Note: These tests will be skipped automatically unless the test environment
20
+ # has been configured.
21
+ #
22
+ # In order to run these tests, you must be using JRuby and must set the following
23
+ # environment variables. The realm and KDC are required so that the corresponding
24
+ # system properties can be set:
25
+ #
26
+ # export MONGODB_GSSAPI_HOST='server.domain.com'
27
+ # export MONGODB_GSSAPI_USER='applicationuser@example.com'
28
+ # export MONGODB_GSSAPI_REALM='applicationuser@example.com'
29
+ # export MONGODB_GSSAPI_KDC='SERVER.DOMAIN.COM'
30
+ #
31
+ # You must either use kinit or provide a config file that references a keytab file:
32
+ #
33
+ # export JAAS_LOGIN_CONFIG_FILE='file:///path/to/config/file'
34
+ #
35
+ MONGODB_GSSAPI_HOST = ENV['MONGODB_GSSAPI_HOST']
36
+ MONGODB_GSSAPI_USER = ENV['MONGODB_GSSAPI_USER']
37
+ MONGODB_GSSAPI_REALM = ENV['MONGODB_GSSAPI_REALM']
38
+ MONGODB_GSSAPI_KDC = ENV['MONGODB_GSSAPI_KDC']
39
+ MONGODB_GSSAPI_PORT = ENV['MONGODB_GSSAPI_PORT'] || '27017'
40
+ JAAS_LOGIN_CONFIG_FILE = ENV['JAAS_LOGIN_CONFIG_FILE']
41
+
42
+ if ENV.key?('MONGODB_GSSAPI_HOST') && ENV.key?('MONGODB_GSSAPI_USER') &&
43
+ ENV.key?('MONGODB_GSSAPI_REALM') && ENV.key?('MONGODB_GSSAPI_KDC') && RUBY_PLATFORM =~ /java/
44
+ def test_gssapi_authenticate
45
+ client = Mongo::MongoClient.new(MONGODB_GSSAPI_HOST, MONGODB_GSSAPI_PORT)
46
+ if client['admin'].command(:isMaster => 1)['setName']
47
+ client = Mongo::MongoReplicaSetClient.new(["#{MONGODB_GSSAPI_HOST}:#{MONGODB_GSSAPI_PORT}"])
48
+ end
49
+
50
+ set_system_properties
51
+ db = client['kerberos']
52
+ db.authenticate(MONGODB_GSSAPI_USER, nil, nil, nil, 'GSSAPI')
53
+ assert db.command(:dbstats => 1)
54
+
55
+ threads = []
56
+ 4.times do
57
+ threads << Thread.new do
58
+ assert db.command(:dbstats => 1)
59
+ end
60
+ end
61
+ threads.each(&:join)
62
+ end
63
+
64
+ def test_gssapi_authenticate_uri
65
+ require 'cgi'
66
+ set_system_properties
67
+ username = CGI::escape(ENV['MONGODB_GSSAPI_USER'])
68
+ uri = "mongodb://#{username}@#{ENV['MONGODB_GSSAPI_HOST']}:#{ENV['MONGODB_GSSAPI_PORT']}/?" +
69
+ "authMechanism=GSSAPI"
70
+ client = @client.class.from_uri(uri)
71
+ assert client['kerberos'].command(:dbstats => 1)
72
+ end
73
+
74
+ def test_wrong_service_name_fails
75
+ extra_opts = { :gssapi_service_name => 'example' }
76
+ client = Mongo::MongoClient.new(MONGODB_GSSAPI_HOST, MONGODB_GSSAPI_PORT)
77
+ if client['admin'].command(:isMaster => 1)['setName']
78
+ client = Mongo::MongoReplicaSetClient.new(["#{MONGODB_GSSAPI_HOST}:#{MONGODB_GSSAPI_PORT}"])
79
+ end
80
+
81
+ set_system_properties
82
+ assert_raise_error Java::OrgMongodbSasl::MongoSecurityException do
83
+ client['kerberos'].authenticate(MONGODB_GSSAPI_USER, nil, nil, nil, 'GSSAPI', extra_opts)
84
+ end
85
+ end
86
+
87
+ def test_wrong_service_name_fails_uri
88
+ set_system_properties
89
+
90
+ require 'cgi'
91
+ username = CGI::escape(ENV['MONGODB_GSSAPI_USER'])
92
+ uri = "mongodb://#{username}@#{ENV['MONGODB_GSSAPI_HOST']}:#{ENV['MONGODB_GSSAPI_PORT']}/?" +
93
+ "authMechanism=GSSAPI&gssapiServiceName=example"
94
+ client = @client.class.from_uri(uri)
95
+ assert_raise_error Java::OrgMongodbSasl::MongoSecurityException do
96
+ client['kerberos'].command(:dbstats => 1)
97
+ end
98
+ end
99
+
100
+ def test_extra_opts
101
+ extra_opts = { :gssapi_service_name => 'example', :canonicalize_host_name => true }
102
+ client = Mongo::MongoClient.new(MONGODB_GSSAPI_HOST, MONGODB_GSSAPI_PORT)
103
+ set_system_properties
104
+
105
+ Mongo::Sasl::GSSAPI.expects(:authenticate).with do |username, client, socket, opts|
106
+ opts[:gssapi_service_name] == extra_opts[:gssapi_service_name]
107
+ opts[:canonicalize_host_name] == extra_opts[:canonicalize_host_name]
108
+ end.returns('ok' => true )
109
+ client['kerberos'].authenticate(MONGODB_GSSAPI_USER, nil, nil, nil, 'GSSAPI', extra_opts)
110
+ end
111
+
112
+ def test_extra_opts_uri
113
+ extra_opts = { :gssapi_service_name => 'example', :canonicalize_host_name => true }
114
+ set_system_properties
115
+
116
+ Mongo::Sasl::GSSAPI.expects(:authenticate).with do |username, client, socket, opts|
117
+ opts[:gssapi_service_name] == extra_opts[:gssapi_service_name]
118
+ opts[:canonicalize_host_name] == extra_opts[:canonicalize_host_name]
119
+ end.returns('ok' => true)
120
+
121
+ require 'cgi'
122
+ username = CGI::escape(ENV['MONGODB_GSSAPI_USER'])
123
+ uri = "mongodb://#{username}@#{ENV['MONGODB_GSSAPI_HOST']}:#{ENV['MONGODB_GSSAPI_PORT']}/?" +
124
+ "authMechanism=GSSAPI&gssapiServiceName=example&canonicalizeHostName=true"
125
+ client = @client.class.from_uri(uri)
126
+ client.expects(:receive_message).returns([[{ 'ok' => 1 }], 1, 1])
127
+ client['kerberos'].command(:dbstats => 1)
128
+ end
129
+
130
+ # In order to run this test, you must set the following environment variable:
131
+ #
132
+ # export MONGODB_GSSAPI_HOST_IP='---.---.---.---'
133
+ #
134
+ if ENV.key?('MONGODB_GSSAPI_HOST_IP')
135
+ def test_canonicalize_host_name
136
+ extra_opts = { :canonicalize_host_name => true }
137
+ set_system_properties
138
+ client = Mongo::MongoClient.new(ENV['MONGODB_GSSAPI_HOST_IP'], MONGODB_GSSAPI_PORT)
139
+
140
+ db = client['kerberos']
141
+ db.authenticate(MONGODB_GSSAPI_USER, nil, nil, nil, 'GSSAPI', extra_opts)
142
+ assert db.command(:dbstats => 1)
143
+ end
144
+ end
145
+
146
+ def test_invalid_extra_options
147
+ extra_opts = { :invalid => true, :option => true }
148
+ client = Mongo::MongoClient.new(MONGODB_GSSAPI_HOST)
149
+
150
+ assert_raise Mongo::MongoArgumentError do
151
+ client['kerberos'].authenticate(MONGODB_GSSAPI_USER, nil, nil, nil, 'GSSAPI', extra_opts)
152
+ end
153
+ end
154
+
155
+ private
156
+ def set_system_properties
157
+ java.lang.System.set_property 'javax.security.auth.useSubjectCredsOnly', 'false'
158
+ java.lang.System.set_property "java.security.krb5.realm", MONGODB_GSSAPI_REALM
159
+ java.lang.System.set_property "java.security.krb5.kdc", MONGODB_GSSAPI_KDC
160
+ java.lang.System.set_property "java.security.auth.login.config", JAAS_LOGIN_CONFIG_FILE if JAAS_LOGIN_CONFIG_FILE
161
+ end
162
+ end
163
+
164
+ end
@@ -15,9 +15,10 @@
15
15
  module SSLTests
16
16
  include Mongo
17
17
 
18
- CERT_PATH = "#{Dir.pwd}/test/fixtures/certificates/"
19
- CLIENT_CERT = "#{CERT_PATH}client.pem"
20
- CA_CERT = "#{CERT_PATH}ca.pem"
18
+ MONGODB_X509_USERNAME = 'CN=client,OU=kerneluser,O=10Gen,L=New York City,ST=New York,C=US'
19
+ CERT_PATH = "#{Dir.pwd}/test/fixtures/certificates/"
20
+ CLIENT_CERT = "#{CERT_PATH}client.pem"
21
+ CA_CERT = "#{CERT_PATH}ca.pem"
21
22
 
22
23
  def create_client(*args)
23
24
  if @client_class == MongoClient
@@ -27,6 +28,14 @@ module SSLTests
27
28
  end
28
29
  end
29
30
 
31
+ # Requires MongoDB not built with SSL
32
+ #
33
+ def test_ssl_not_configured
34
+ assert_raise Mongo::ConnectionTimeoutError do
35
+ create_client(['localhost', 27017], :connect_timeout => 2, :ssl => true)
36
+ end
37
+ end
38
+
30
39
  # This test doesn't connect, no server config required
31
40
  def test_ssl_configuration
32
41
  # raises when ssl=false and ssl opts specified
@@ -134,40 +143,53 @@ module SSLTests
134
143
  # --sslCAFile /path/to/ca.pem \
135
144
  # --sslCRLFile /path/to/crl.pem
136
145
  #
137
- if ENV.key?('MONGODB_X509_USER')
146
+ # Note that the cert requires username:
147
+ # 'CN=client,OU=kerneluser,O=10Gen,L=New York City,ST=New York,C=US'
148
+ #
149
+ def test_x509_authentication
150
+ mechanism = 'MONGODB-X509'
138
151
 
139
- def test_x509_authentication
140
- mechanism = 'MONGODB-X509'
141
- client = create_client(@connect_info, :ssl => true,
142
- :ssl_cert => CLIENT_CERT)
152
+ client = create_client(@connect_info, :ssl => true,
153
+ :ssl_cert => CLIENT_CERT,
154
+ :ssl_key => CLIENT_CERT)
143
155
 
144
- return unless client.server_version > '2.5.2'
156
+ return unless client.server_version > '2.5.2'
145
157
 
146
- user = ENV['MONGODB_X509_USER']
147
- db = client.db('$external')
158
+ db = client.db('$external')
148
159
 
149
- # add user for test (enable auth)
150
- roles = [{:role => 'readWriteAnyDatabase', :db => 'admin'},
151
- {:role => 'userAdminAnyDatabase', :db => 'admin'}]
152
- db.add_user(user, nil, false, :roles => roles)
160
+ # add user for test (enable auth)
161
+ roles = [{:role => 'readWriteAnyDatabase', :db => 'admin'},
162
+ {:role => 'userAdminAnyDatabase', :db => 'admin'}]
163
+ db.add_user(MONGODB_X509_USERNAME, nil, false, :roles => roles)
153
164
 
154
- assert db.authenticate(user, nil, nil, nil, mechanism)
155
- assert db.collection_names
165
+ assert db.authenticate(MONGODB_X509_USERNAME, nil, nil, nil, mechanism)
166
+ assert db.collection_names
156
167
 
157
- assert db.logout
158
- assert_raise Mongo::AuthenticationError do
159
- db.collection_names
160
- end
168
+ assert db.logout
169
+ assert_raise Mongo::OperationFailure do
170
+ db.collection_names
171
+ end
161
172
 
162
- assert MongoReplicaSetClient.from_uri(
163
- "mongodb://#{user}@#{@uri_info}/admin?authMechanism=#{mechanism}")
164
- assert db.collection_names
173
+ # username and valid certificate don't match
174
+ assert_raise Mongo::AuthenticationError do
175
+ db.authenticate('test', nil, nil, nil, mechanism)
176
+ end
165
177
 
166
- # clean up and remove all users
167
- db.command(:dropAllUsersFromDatabase => 1)
168
- db.logout
178
+ # username required
179
+ assert_raise Mongo::AuthenticationError do
180
+ db.authenticate(nil, nil, nil, nil, mechanism)
169
181
  end
170
182
 
183
+ assert MongoClient.from_uri(
184
+ "mongodb://#{MONGODB_X509_USERNAME}@#{@uri_info}/?ssl=true;authMechanism=#{mechanism}",
185
+ :ssl_cert => CLIENT_CERT,
186
+ :ssl_key => CLIENT_CERT)
187
+ assert db.authenticate(MONGODB_X509_USERNAME, nil, nil, nil, mechanism)
188
+ assert db.collection_names
189
+
190
+ # clean up and remove all users
191
+ db.command(:dropAllUsersFromDatabase => 1)
192
+ db.logout
171
193
  end
172
194
 
173
195
  end