I am trying to upgrade my application with the following :
1. Mongo db 2.6.5 to 3.4.2
2. Hibernate OGM from 4.2.0.Final to 5.1.0.Final
I am getting Authentication failure with OGM 5.1 , however it works fine with OGM 4.2
Exception stack -
com.mongodb.MongoSecurityException: Exception authenticating MongoCredential{mechanism=null, userName='prodhub', source='admin', password=<hidden>, mechanismProperties={}}
at com.mongodb.connection.SaslAuthenticator.wrapInMongoSecurityException(SaslAuthenticator.java:157) ~[mongo-java-driver-3.4.2.jar:na]
at com.mongodb.connection.SaslAuthenticator.access$200(SaslAuthenticator.java:37) ~[mongo-java-driver-3.4.2.jar:na]
at com.mongodb.connection.SaslAuthenticator$1.run(SaslAuthenticator.java:66) ~[mongo-java-driver-3.4.2.jar:na]
at com.mongodb.connection.SaslAuthenticator$1.run(SaslAuthenticator.java:44) ~[mongo-java-driver-3.4.2.jar:na]
at com.mongodb.connection.SaslAuthenticator.doAsSubject(SaslAuthenticator.java:162) ~[mongo-java-driver-3.4.2.jar:na]
at com.mongodb.connection.SaslAuthenticator.authenticate(SaslAuthenticator.java:44) ~[mongo-java-driver-3.4.2.jar:na]
at com.mongodb.connection.DefaultAuthenticator.authenticate(DefaultAuthenticator.java:32) ~[mongo-java-driver-3.4.2.jar:na]
at com.mongodb.connection.InternalStreamConnectionInitializer.authenticateAll(InternalStreamConnectionInitializer.java:109) ~[mongo-java-driver-3.4.2.jar:na]
at com.mongodb.connection.InternalStreamConnectionInitializer.initialize(InternalStreamConnectionInitializer.java:46) ~[mongo-java-driver-3.4.2.jar:na]
at com.mongodb.connection.InternalStreamConnection.open(InternalStreamConnection.java:116) ~[mongo-java-driver-3.4.2.jar:na]
at com.mongodb.connection.DefaultServerMonitor$ServerMonitorRunnable.run(DefaultServerMonitor.java:113) ~[mongo-java-driver-3.4.2.jar:na]
at java.lang.Thread.run(Thread.java:745) [na:1.8.0_72]
Caused by: com.mongodb.MongoCommandException: Command failed with error 18: 'Authentication failed.' on server localhost:27017. The full response is { "ok" : 0.0, "errmsg" : "Authentication failed.", "code" : 18, "codeName" : "AuthenticationFailed" }
at com.mongodb.connection.CommandHelper.createCommandFailureException(CommandHelper.java:170) ~[mongo-java-driver-3.4.2.jar:na]
at com.mongodb.connection.CommandHelper.receiveCommandResult(CommandHelper.java:123) ~[mongo-java-driver-3.4.2.jar:na]
at com.mongodb.connection.CommandHelper.executeCommand(CommandHelper.java:32) ~[mongo-java-driver-3.4.2.jar:na]
at com.mongodb.connection.SaslAuthenticator.sendSaslStart(SaslAuthenticator.java:117) ~[mongo-java-driver-3.4.2.jar:na]
at com.mongodb.connection.SaslAuthenticator.access$000(SaslAuthenticator.java:37) ~[mongo-java-driver-3.4.2.jar:na]
at com.mongodb.connection.SaslAuthenticator$1.run(SaslAuthenticator.java:50) ~[mongo-java-driver-3.4.2.jar:na]
... 9 common frames omitted
I came across this jira -
https://hibernate.atlassian.net/browse/OGM-791 , which suggests that I might have to do a mongo authentication scheme migration.
My persistence xml is like this --
Code:
<persistence version="2.0" xmlns="http://java.sun.com/xml/ns/persistence" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/persistence http://java.sun.com/xml/ns/persistence/persistence_2_0.xsd">
<persistence-unit name="productHub">
<provider>org.hibernate.ogm.jpa.HibernateOgmPersistence</provider>
<shared-cache-mode>ENABLE_SELECTIVE</shared-cache-mode>
<properties>
<property name="hibernate.ogm.datastore.provider" value="mongodb" />
<property name="hibernate.ogm.datastore.database" value="test" />
<!-- property name="hibernate.ogm.datastore.host" value="localhost" / -->
<!-- property name="hibernate.ogm.datastore.port" value="27017" / -->
<property name="hibernate.ogm.datastore.username" value="prodhub" />
<property name="hibernate.ogm.datastore.password" value="xxxxxxxxx" />
<property name="hibernate.ogm.mongodb.connection_timeout" value="6000" />
<!-- property name="hibernate.ogm.mongodb.authentication_mechanism" value="MONGODB_CR" / -->
<property name="hibernate.cache.use_second_level_cache" value="false" />
<!--
<property name="hibernate.search.default.directory_provider" value="filesystem" />
<property name="hibernate.search.default.indexBase" value="D:\\Projects\\prodhub\\lucene" />
<property name="jboss.as.jpa.managed" value="false" />
-->
</properties>
</persistence-unit>
</persistence>
And the mongo log shows -
2017-03-19T01:37:37.352+0530 I NETWORK [thread1] connection accepted from 127.0.0.1:62379 #640 (2 connections now open)
2017-03-19T01:37:37.353+0530 I NETWORK [conn640] received client metadata from 127.0.0.1:62379 conn640: { driver: { name: "mongo-java-driver", version: "3.4.2" }, os: { type: "Windows", name: "Windows 7", architecture: "amd64", version: "6.1" }, platform: "Java/Oracle Corporation/1.8.0_72-b15" }
2017-03-19T01:37:37.355+0530 I ACCESS [conn640] SCRAM-SHA-1 authentication failed for prodhub on admin from client 127.0.0.1:62379 ; UserNotFound: Could not find user prodhub@admin
2017-03-19T01:37:37.356+0530 I - [conn640] end connection 127.0.0.1:62379 (2 connections now open)
If I change the authentication mechanism to MONGODB_CR, I get the following log messages -
[conn667] received client metadata from 127.0.0.1:64331 conn667: { driver: { name: "mongo-java-driver", version: "3.4.2" }, os: { type: "Windows", name: "Windows 7", architecture: "amd64", version: "6.1" }, platform: "Java/Oracle Corporation/1.8.0_72-b15" }
2017-03-19T15:10:33.346+0530 I ACCESS [conn667] authenticate db: admin { authenticate: 1, user: "prodhub", nonce: "xxx", key: "xxx" }
2017-03-19T15:10:33.347+0530 I ACCESS [conn667] Failed to authenticate prodhub@admin with mechanism MONGODB-CR: AuthenticationFailed: UserNotFound: Could not find user prodhub@admin
2017-03-19T15:10:33.349+0530 I - [conn667] end connection 127.0.0.1:64331 (2 connections now open)
From the error stack & log messages, is it confirmed that I need to go through the auth migration process mentioned here -
https://docs.mongodb.com/manual/release-notes/3.0-scram/Or should I look for some more diagnostics information before doing the upgrade ?
Thanks.