bool CmdSaslContinue::run(OperationContext* txn, const std::string& db, BSONObj& cmdObj, int options, std::string& ignored, BSONObjBuilder& result, bool fromRepl) { ClientBasic* client = ClientBasic::getCurrent(); boost::scoped_ptr<AuthenticationSession> sessionGuard(NULL); client->swapAuthenticationSession(sessionGuard); if (!sessionGuard || sessionGuard->getType() != AuthenticationSession::SESSION_TYPE_SASL) { addStatus(Status(ErrorCodes::ProtocolError, "No SASL session state found"), &result); return false; } SaslAuthenticationSession* session = static_cast<SaslAuthenticationSession*>(sessionGuard.get()); // Authenticating the __system@local user to the admin database on mongos is required // by the auth passthrough test suite. if (session->getAuthenticationDatabase() != db && !Command::testCommandsEnabled) { addStatus(Status(ErrorCodes::ProtocolError, "Attempt to switch database target during SASL authentication."), &result); return false; } session->setOpCtxt(txn); Status status = doSaslContinue(session, cmdObj, &result); addStatus(status, &result); if (session->isDone()) { audit::logAuthentication( client, session->getMechanism(), UserName(session->getPrincipalId(), db), status.code()); } else { client->swapAuthenticationSession(sessionGuard); } return status.isOK(); }
bool CmdSaslContinue::run(OperationContext* opCtx, const std::string& db, const BSONObj& cmdObj, BSONObjBuilder& result) { Client* client = Client::getCurrent(); std::unique_ptr<AuthenticationSession> sessionGuard; AuthenticationSession::swap(client, sessionGuard); if (!sessionGuard || sessionGuard->getType() != AuthenticationSession::SESSION_TYPE_SASL) { return appendCommandStatus( result, Status(ErrorCodes::ProtocolError, "No SASL session state found")); } SaslAuthenticationSession* session = static_cast<SaslAuthenticationSession*>(sessionGuard.get()); // Authenticating the __system@local user to the admin database on mongos is required // by the auth passthrough test suite. if (session->getAuthenticationDatabase() != db && !Command::testCommandsEnabled) { return appendCommandStatus( result, Status(ErrorCodes::ProtocolError, "Attempt to switch database target during SASL authentication.")); } session->setOpCtxt(opCtx); Status status = doSaslContinue(client, session, cmdObj, &result); appendCommandStatus(result, status); if (session->isDone()) { audit::logAuthentication(client, session->getMechanism(), UserName(session->getPrincipalId(), db), status.code()); } else { AuthenticationSession::swap(client, sessionGuard); } return status.isOK(); }