SERVER-2917: REST interface now authenticate user to db when user suc…

…cessfully authenticates to web server

db/dbwebserver.cpp

@@ -79,11 +79,10 @@ namespace mongo {
         }
 
         bool allowed( const char * rq , vector<string>& headers, const SockAddr &from ) {
-            if ( from.isLocalHost() )
-                return true;
-
-            if ( ! _webUsers->haveAdminUsers() )
+            if ( from.isLocalHost() || !_webUsers->haveAdminUsers() ) {
+                cmdAuthenticate.authenticate( "admin", "RestUser", false );
                 return true;
+            }
 
             string auth = getHeader( rq , "Authorization" );
 
@@ -118,8 +117,10 @@ namespace mongo {
                     r << ha2;
                     string r1 = md5simpledigest( r.str() );
 
-                    if ( r1 == parms["response"] )
+                    if ( r1 == parms["response"] ) {
+                        cmdAuthenticate.authenticate( "admin", user["user"].str(), user[ "readOnly" ].isBoolean() && user[ "readOnly" ].boolean() );
                         return true;
+                    }
                 }
             }
 

db/security_common.h

@@ -61,10 +61,12 @@ namespace mongo {
         virtual void help(stringstream& ss) const { ss << "internal"; }
         CmdAuthenticate() : Command("authenticate") {}
         bool run(const string& dbname , BSONObj& cmdObj, int options, string& errmsg, BSONObjBuilder& result, bool fromRepl);
+        void authenticate(const string& dbname, const string& user, const bool readOnly);
     private:
         bool getUserObj(const string& dbname, const string& user, BSONObj& userObj, string& pwd);
-        void authenticate(const string& dbname, const string& user, const bool readOnly);
     };
+
+    extern CmdAuthenticate cmdAuthenticate;
 
     class CmdLogout : public Command {
     public: