5

I'm building a JavaFX 2.0 standalone application (it'll be distributed as an .exe) and it opens a connection to a MongoDB instance. The connection is just a standard Mongo connection using the Mongo wire protocol.

Is the Mongo wire protocol secure enough, or could users examine it to see the data being passed back and forth?

Mongo database connections will be able to use SSL at some point in the future, but that isn't available yet.

Instead, should I use a REST web service for data access with SSL? The direct database connection is quite a bit faster so it would be great if I could keep that, but also not have big security problems.

alecxe
  • 1,515
  • 5
  • 19
  • 34
Jon Onstott
  • 155
  • 7
  • 1
    Unless you want to give your end users direct access to the database you need an API in front of mongo anyways. SSL won't protect you from a malicious endpoint. – CodesInChaos Oct 22 '13 at 16:41

2 Answers2

5

Just for your information. Giving a direct database connection in a client side application is a bad idea. Build a RESTful interface which allows for correct authentication and input validation. This will allow you to have a stricter control on what your applications can access.

The problem is that currently MongoDB doesn't offer SSL encapsulation. This means that in itself, the wire protocol can be eavesdropped upon (the data sent over the protocol is exposed). So if you are running this protocol non-locally (so across a network) then yes it's not secure, but not because the protocol itself is insecure, but because the implementation currently can't guarantee confidentiality or integrity due to the lack of encapsulation.

However you can fix this by encapsulating the protocol yourself. If the protocol doesn't offer SSL you first make a tunnel and send the protocol through that tunnel. For instance you make an encrypted VPN between your webserver and MongoDB and through this VPN you send the wire protocol connection (note that you should use a secure VPN protocol). Preferably this is implemented so that you have end-point encryption.

This will disallow eavesdroppers from sniffing your wire connection.

Lucas Kauffman
  • 54,169
  • 17
  • 112
  • 196
  • Totally agree with this answer. Just want to reiterate the importance of implementing a RESTful interface. This stands even if in the future Mongo allows SSL connections. SSL only protects the data in transit; a correctly implemented RESTful application will protect against malicious application users. – paj28 Oct 22 '13 at 17:31
  • I think this answer needs to be revised, as MongoDB now support encryption by TLS. – Alireza Apr 24 '18 at 14:02
4

Mongo database connections will be able to use SSL at some point in the future, but that isn't available yet.

Writing to have a more recent reference for this one.

From https://docs.mongodb.org/manual/tutorial/configure-ssl/

New in version 3.0: Most MongoDB distributions now include support for SSL.

...

Certain distributions of MongoDB do not contain support for SSL. To use SSL, be sure to choose a package that supports SSL.

You can check if MongoDB for your OS/distribution supports SSL from here.

Community
  • 1
Ali Ok
  • 141
  • 1
  • 2
  • And for those for whom this is not an option, stunnel and stud can wrap the connection easily but best used with persistent connections. – symcbean Jan 21 '16 at 23:54