System
Hi I am running mongodb on ubuntu 20.14.
Im running mongodb with systemctl
What I've done
I've tried to make it more secure by adding an admin user and enabled authentication.
Ive restarted the service multiple times.
config file:
security:
authorization: enabled
How I created user:
use admin
db.createUser({
user: "username",
pwd: "123456",
roles:["root"]
})
Problem
I am still able to connect through mongodb compass without any auth??? Im able to do everything even tho I enabled the authentication?
I am not able to login authenticated using these urls:
mongodb://username:password#localhost:27017/
mongodb://username:password#localhost:27017?authSource=admin
Im sure the config file is loading since authentication works in console and I can see the right config load in the mongod.log
It would be this one:
mongodb://username:password#localhost:27017?authSource=admin
See also: Authentication failure while trying to save to mongodb
Yes, even without authentication you can connect to Mongo database in any case. However, apart from harmless commands like db.help(), db.version(), db.getMongo(), etc. you cannot execute anything.
You can skip parameter enableLocalhostAuthBypass. The localhost exception applies only when there are no users created in the MongoDB instance.
Solution
I thought the issue was with mongodb compass.
So what I did was deleting the application and when I did that I saw that I had mongodb installed on my pc too.
I was never connecting to the mongodb that I have created on my ubuntu server but on my own pc.
I am trying to move my data in MongoDB to Redshift using AWS Glue. To do this, I am trying to add a connection to MongoDB. My MongoDB setup does not have credentials configured. But the Username and Password fields in the Add Connection page are mandatory. Test Connection fails on giving dummy values as they will be considered during the authentication process. Would appreciate any help in this regard.
To be upfront I haven't tried this myself, but to remove the requirement for Username and Password is easy.
Basically in the Migration Setup Wizard in the "Authentication mode" drop-down box select "none". Default value is "password, where the username and password is mandatory.
Hope that assist.
I'm currently using Robomongo when accessing my mongodb database. I
have created a admin account on mongodb who has admin access to any
db. I would like to be able to ONLY login with the credentials of the
admin account. Now I can just login as "guest" without giving in any
credentials, I've already looked at the authentication mongodb files
but these seem only to authenticate using the cmd tool on the mongodb
itself. How can I make that my admin account can only login using the
Robomongo?
Regards.
In your mongodb conf file add this line "authorization: enabled"
I have a Parse app, and I'm trying to migrate my app's database to a MongoDB instance on mLab.
I already have a fork of Parse Server set up on Heroku, and I'm using Heroku's mLab MongoDB add-on.
I have a database on mLab called heroku_1ksph3jj, and I should be able to connect to it with the following template:
mongodb://<dbuser>:<dbpassword>#ds047124.mlab.com:47124/heroku_1ksph3jj
However, each attempt returns:
Server returned error on SASL authentication step: Authentication failed.
I'm unsure what to replace <dbuser> and <dbpassword> with. I have a database user with the same name as my database: heroku_1ksph3jjz, so I used that. And I used the password for that user in place of <dbpassword>. Should I have used something else here?
You can get the dbuser and dbpass with:
heroku config | grep MONGODB_URI
Grab the dbuser (example_user) and dbpass (example_pass) from the response:
MONGOLAB_URI: mongodb://example_user:example_pass#mlab.com:12345/db
As of March 2016, mLab.com only supports mongo 3.0+ (as per a conversation with support), because of their new onerous authentication requirements.
This was not on the website, but I hope it helps someone here!
There's a message to create a user for the specific database:
A database user is required to connect to this database. To create one now, visit the 'Users' tab and click the 'Add database user' button
I'm so sorry that this may seem obvious but, you have to remove this characters <> for the migration to work
In your example would look like this:
mongodb://dbuser:dbpassword#ds047124.mlab.com:47124/heroku_1ksph3jj
Check your mongo client version. If it is in older major version (probably 2.x), update it to 3.x
For future visitors - don't use special characters in password .Even if you change the special character to ascii or unicode it wont work for mLab using mongoose.
Also don't use mLab credential , use db user credentials . I created a new user.
Eg. For me a password containing # character was replaced with ascii value %40 in URI , which worked when using native mongodb driver.
But on using mongoose, i was always getting Authentication Failed .
I removed special characters and db was authenticated via mongoose.
It looks like it was the password that was incorrect, which I'm assuming was set up by Heroku's mLab add-on. There was no obvious way to reset this in the mLab UI, so in the end I created another database user (with a new username and password) and was able to connect with that just fine.
Just go to your Heroku dashboard and check your settings.
Under the name field there's a big button "Reveal Config Vars". Click it and you'll see a MONGODB_URI var with a uri to your db. It'll look something like this:
mongodb://heroku_user:PASSWORDyourLOOKINGfor#ds2238985.mlab.com:63295/heroku_user
Your password is right after the semicolon after the heroku user name.
I know I am too late, just for information.
For getting the info of mLab account that got auto created when mLab addon got added to the application in your heroku account, try the below command.
heroku config:get MONGODB_URI
Ref:
http://algebra.sci.csueastbay.edu/~grewe/CS6320/Mat/NodeJS/Heroku/Heroku_MLabMongoDB.html
I've been running my application with a readOnly=false admin user for 6 months in development on MongoDB 2.2.2. We're getting closer to launch and I wanted to switch over the user that my application runs under to a user in the application's database only with readOnly=false.
I ran the following script from the robomongo as the admin user.
use MyDB
db.addUser("api", "MyPassword", {"readOnly": false});
I also updated the MongoDB connection string to the following.
<add key="DataServer" value="mongodb://api:MyPassword#localhost:27017/MyDB" />
It created my user correctly and I validated that it is in MyDB and is readOnly=false. However, when I use the MongoDB c# driver 1.8.1 it fails on any writes with a WriteConcernException unauthorized. I am able to read records just fine from the database. Looking at the MongoDB logs it is correctly logging into my DB from my c# application but failing on the write calls.
Using the robomongo shell I was able to successfully auth with the api user and write records into one of the collections in the application's DB. So it's leading me to believe that it's something to do with the c# driver. I've also debugged my application code and validated that the MongoClient's GetServer method is returning a MongoServer that has the correct credentials.
Here's the robomongo shell script I ran to validate the user is able to write to the DB.
use MyDB
db.auth("api","MyPassword");
db.Person.insert({"first_name":"Test","last_name":"User"});
db.Person.find({"first_name":"Test"});
Any help as to why the MongoDB c# 1.8.1 driver connecting to MongoDB 2.2.2 and not being able to write records in a user DB with a readOnly=false user would be greatly appreciated.
I can't really see much wrong with your code. I'd suggest trying the following:
Make sure you're reading the DataServer app setting correctly in your C# code (including the DB name)
Create the user in the admin database and see if that helps:
use admin
db.addUser("api", "MyPassword"); // readonly defaults to false