~rogpeppe/+junk/mgo-tagged-log-messages

« back to all changes in this revision

Viewing changes to auth_test.go

  • Committer: Roger Peppe
  • Date: 2014-03-14 18:11:33 UTC
  • mfrom: (263.1.8 master)
  • Revision ID: roger.peppe@canonical.com-20140314181133-107ag3xpitk9682u
merge trunk

Show diffs side-by-side

added added

removed removed

Lines of Context:
27
27
package mgo_test
28
28
 
29
29
import (
 
30
        "flag"
30
31
        "fmt"
31
32
        "labix.org/v2/mgo"
32
33
        . "launchpad.net/gocheck"
 
34
        "net/url"
33
35
        "sync"
34
36
        "time"
35
37
)
36
38
 
37
 
func (s *S) TestAuthLogin(c *C) {
 
39
func (s *S) TestAuthLoginDatabase(c *C) {
38
40
        // Test both with a normal database and with an authenticated shard.
39
41
        for _, addr := range []string{"localhost:40002", "localhost:40203"} {
40
42
                session, err := mgo.Dial(addr)
58
60
        }
59
61
}
60
62
 
 
63
func (s *S) TestAuthLoginSession(c *C) {
 
64
        // Test both with a normal database and with an authenticated shard.
 
65
        for _, addr := range []string{"localhost:40002", "localhost:40203"} {
 
66
                session, err := mgo.Dial(addr)
 
67
                c.Assert(err, IsNil)
 
68
                defer session.Close()
 
69
 
 
70
                coll := session.DB("mydb").C("mycoll")
 
71
                err = coll.Insert(M{"n": 1})
 
72
                c.Assert(err, ErrorMatches, "unauthorized|need to login|not authorized .*")
 
73
 
 
74
                cred := mgo.Credential{
 
75
                        Username: "root",
 
76
                        Password: "wrong",
 
77
                }
 
78
                err = session.Login(&cred)
 
79
                c.Assert(err, ErrorMatches, "auth fails")
 
80
 
 
81
                cred.Password = "rapadura"
 
82
 
 
83
                err = session.Login(&cred)
 
84
                c.Assert(err, IsNil)
 
85
 
 
86
                err = coll.Insert(M{"n": 1})
 
87
                c.Assert(err, IsNil)
 
88
        }
 
89
}
 
90
 
61
91
func (s *S) TestAuthLoginLogout(c *C) {
62
92
        // Test both with a normal database and with an authenticated shard.
63
93
        for _, addr := range []string{"localhost:40002", "localhost:40203"} {
707
737
        err = mydb.AddUser("myruser", "mypass", true)
708
738
        c.Assert(err, IsNil)
709
739
 
710
 
        usession, err := mgo.Dial("mongodb://myruser:mypass@localhost:40002/mydb")
711
 
        c.Assert(err, IsNil)
712
 
        defer usession.Close()
 
740
        // Test once with database, and once with source.
 
741
        for i := 0; i < 2; i++ {
 
742
                var url string
 
743
                if i == 0 {
 
744
                        url = "mongodb://myruser:mypass@localhost:40002/mydb"
 
745
                } else {
 
746
                        url = "mongodb://myruser:mypass@localhost:40002/admin?authSource=mydb"
 
747
                }
 
748
                usession, err := mgo.Dial(url)
 
749
                c.Assert(err, IsNil)
 
750
                defer usession.Close()
713
751
 
714
 
        ucoll := usession.DB("mydb").C("mycoll")
715
 
        err = ucoll.FindId(0).One(nil)
716
 
        c.Assert(err, Equals, mgo.ErrNotFound)
717
 
        err = ucoll.Insert(M{"n": 1})
718
 
        c.Assert(err, ErrorMatches, "unauthorized|not authorized .*")
 
752
                ucoll := usession.DB("mydb").C("mycoll")
 
753
                err = ucoll.FindId(0).One(nil)
 
754
                c.Assert(err, Equals, mgo.ErrNotFound)
 
755
                err = ucoll.Insert(M{"n": 1})
 
756
                c.Assert(err, ErrorMatches, "unauthorized|not authorized .*")
 
757
        }
719
758
}
720
759
 
721
760
func (s *S) TestDefaultDatabase(c *C) {
776
815
                c.Assert(err, Equals, mgo.ErrNotFound)
777
816
        }
778
817
}
 
818
 
 
819
var (
 
820
        kerberosFlag = flag.Bool("kerberos", false, "Test Kerberos authentication (depends on custom environment)")
 
821
        kerberosHost = "mmscustmongo.10gen.me"
 
822
        kerberosUser = "mmsagent/mmscustagent.10gen.me@10GEN.ME"
 
823
)
 
824
 
 
825
func (s *S) TestAuthKerberosCred(c *C) {
 
826
        if !*kerberosFlag {
 
827
                c.Skip("no -kerberos")
 
828
        }
 
829
        cred := &mgo.Credential{
 
830
                Username:  kerberosUser,
 
831
                Mechanism: "GSSAPI",
 
832
        }
 
833
        c.Logf("Connecting to %s...", kerberosHost)
 
834
        session, err := mgo.Dial(kerberosHost)
 
835
        defer session.Close()
 
836
 
 
837
        c.Logf("Connected! Testing the need for authentication...")
 
838
        c.Assert(err, IsNil)
 
839
        names, err := session.DatabaseNames()
 
840
        c.Assert(err, ErrorMatches, "unauthorized")
 
841
 
 
842
        c.Logf("Authenticating...")
 
843
        err = session.Login(cred)
 
844
        c.Assert(err, IsNil)
 
845
        c.Logf("Authenticated!")
 
846
 
 
847
        names, err = session.DatabaseNames()
 
848
        c.Assert(err, IsNil)
 
849
        c.Assert(len(names) > 0, Equals, true)
 
850
}
 
851
 
 
852
func (s *S) TestAuthKerberosURL(c *C) {
 
853
        if !*kerberosFlag {
 
854
                c.Skip("no -kerberos")
 
855
        }
 
856
        c.Logf("Connecting to %s...", kerberosHost)
 
857
        session, err := mgo.Dial(url.QueryEscape(kerberosUser) + "@" + kerberosHost + "?authMechanism=GSSAPI")
 
858
        c.Assert(err, IsNil)
 
859
        defer session.Close()
 
860
        names, err := session.DatabaseNames()
 
861
        c.Assert(err, IsNil)
 
862
        c.Assert(len(names) > 0, Equals, true)
 
863
}