Use RBAC credentials for Couchbase cluster info #19393
Description
Hey,
Autoconfiguration for Couchbase driver with RBAC on server side fails. After providing the following configuration:
spring:
couchbase:
bootstrap-hosts:
- 127.0.0.1:8091
username: test
password: super_secret
bucket:
name: test
I get the error below:
Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [com.couchbase.client.java.cluster.ClusterInfo]: Factory method 'couchbaseClusterInfo' threw exception; nested exception is com.couchbase.client.java.error.InvalidPasswordException
I think the problem lies in the fact that CouchbaseConfiguration.couchbaseClusterInfo() passes bucket level credentials to CouchbaseCluster's clusterManager(String username, String password). The javadoc for this method explicitly states:
Provides access to the ClusterManager to perform cluster-wide operations. Note that the credentials provided here are different from bucket-level credentials. As a rule of thumb, the "Administrator" credentials need to be passed in here or any credentials with enough permissions to perform the underlying operations. Bucket level credentials will not work.
In CouchbaseConfiguration.couchbaseCluster() we check whether RBAC is used and then we authenticate:
@Bean
@Primary
public Cluster couchbaseCluster() {
CouchbaseCluster couchbaseCluster = CouchbaseCluster.create(couchbaseEnvironment(), determineBootstrapHosts());
if (isRoleBasedAccessControlEnabled()) {
return couchbaseCluster.authenticate(this.properties.getUsername(), this.properties.getPassword());
}
return couchbaseCluster;
}
This would mean that we can safely use couchbaseCluster().clusterManager().info() inside couchbaseClusterInfo() if RBAC is enabled.
I am happy to raise a PR for this change if that would help.
Thanks!