I am running MongoDB on windows8.1 and created users for admin database. For convenience, I use mongoVUE to check data. But after turning on the "auth" function. I cannot logged in.
Actually, I can use the username and password to authenticate with mongo shell. Further more, I can also use them to authenticate by python codes. They failed to work only when I use mongoVUE or Robomongo.
When I clicked "test" button on mongoVUE, it returned a message "Connection was refused". And the windows command shell presents the following words:
2015-07-03T19:52:34.843+0800 I NETWORK [initandlisten] connection
accepted from
127.0.0.1:24163 #242 (4 connections now open)
2015-07-03T19:52:34.845+0800 I ACCESS [conn242] authenticate db:
admin { auth enticate: 1, user: "uvpaiad", nonce: "xxx", key: "xxx" }
2015-07-03T19:52:34.846+0800 I ACCESS [conn242] Failed to
authenticate uvpaiad #admin with mechanism MONGODB-CR:
AuthenticationFailed MONGODB-CR credentials mi ssing in the user
document
2015-07-03T19:52:34.847+0800 I NETWORK [conn242] end connection
127.0.0.1:24163 (3 connections now open)
Does anyone know what the matter is?
This is because of the changed authentication mechanism in MongoDB latest version. In Mongo 3.X, auth mechanism is changed to SCRAM- Salted challenge response authentication mechanism.
In order to avoid this one needs to get into system users collection and create the new users documents and delete the old ones.
Related
System
Hi I am running mongodb on ubuntu 20.14.
Im running mongodb with systemctl
What I've done
I've tried to make it more secure by adding an admin user and enabled authentication.
Ive restarted the service multiple times.
config file:
security:
authorization: enabled
How I created user:
use admin
db.createUser({
user: "username",
pwd: "123456",
roles:["root"]
})
Problem
I am still able to connect through mongodb compass without any auth??? Im able to do everything even tho I enabled the authentication?
I am not able to login authenticated using these urls:
mongodb://username:password#localhost:27017/
mongodb://username:password#localhost:27017?authSource=admin
Im sure the config file is loading since authentication works in console and I can see the right config load in the mongod.log
It would be this one:
mongodb://username:password#localhost:27017?authSource=admin
See also: Authentication failure while trying to save to mongodb
Yes, even without authentication you can connect to Mongo database in any case. However, apart from harmless commands like db.help(), db.version(), db.getMongo(), etc. you cannot execute anything.
You can skip parameter enableLocalhostAuthBypass. The localhost exception applies only when there are no users created in the MongoDB instance.
Solution
I thought the issue was with mongodb compass.
So what I did was deleting the application and when I did that I saw that I had mongodb installed on my pc too.
I was never connecting to the mongodb that I have created on my ubuntu server but on my own pc.
I am working on a project, there I need to dump a database from windows and need to restore it on a centos server.
Whenever I do that, there is some error.
Like - error reading database: (Unauthorized) not authorized on mydatabase to execute command
or
error connecting to host: could not connect to server: connection() : auth error: sasl conversation error: unable to authenticate using mechanism "SCRAM-SHA-1": (AuthenticationFailed) Authentication failed.
Both os have the same mongo version that is 4.2
How can I correct it?
The error not authorized on mydatabase to execute command indicates that either you have not authenticated, or the authenticated user has not been granted the appropriate permissions to execute that command.
Authentication failed means just that. The server side log may have more detail, like the user and database names used in the auth attempt.
To fix these, make sure:
you are providing authentication credentials
the user account you are using has already been created in the server
the user account has been granted permission for that command on the correct database/collection
The Security page in the docs might be a good place to start.
This question already has answers here:
MongoDB server can still be accessed without credentials
(2 answers)
Closed 8 years ago.
I'm a beginner to mongodb,I have a installed mongodb 2.6 on windows. Now, I want to prevent any login without authentication. I read localhost exception manual from docs.mongodb.org. after reading that manual, I created a userAdminAnyDatabase with
use admin
db.createUser
(
{
user: "adminDB",
pwd: "password",
roles: [ "userAdminAnyDatabase","readWriteAnyDatabase","root" ]
}
)
localhost exception must disable automatically. I use this command to start mongodb server.
mongod --auth --setParameter enableLocalhostAuthBypass=0 --setParameter enableTestCommands=0 --dbpath "D:\data"
I still can login with mongo.exe and can see databases name. but I can't change,update or drop anything. Is there anyway to prevent any login ? and prevent anyone to read databases names?
That's the expected behavior of having the MongoDB auth enabled.
You establish a connection with the MongoDB server
you specify against which database you need to authenticate
you validate your credentials
For anyone to be able to authenticate, you actually need to allow them to reach point 3.
My Question:
Is there any way to connect to Mongo DB (hosted on MongoLab) without username and password ?
My Case:
I have created a free MongoLab account (https://mongolab.com) and also create new database -> collection -> document in it.
When I connect to Mongo DB (on Mongo Lab) without username and password, I was able to connect, but when I try to retrieve any data it gives me "unauthorized db:testing lock type:-1 client:...." error.
So I have created a DB User in MongLab as well and provide username and password at the time of connection. After that I am able to connect and retrieve data from Mongo DB.
MongoLab's multi-tenant database plans are on shared servers. We cannot give you the choice to forgo authentication. Even if you were ok with others seeing you data, the other tenants on the server you share would still not want you to see their data.
We have dedicated server plans where you have your own server. On those we could turn off authentication for you. Email us at support#mongolab.com.
As for your benchmarks - auth will not slow things down. The drivers do not authentication on each request, just each connection. If you use the driver properly it should all work well.
-will (MongoLab)
I have this exception being thrown with mongodb connection
Wed May 11 10:39:33 Assertion: 10057:unauthorized for db [inbox] lock type: -1
where inbox is the database. I am using the PHP driver for the connection. The problem is I am using the admin username and password for the connection but still it is throwing unauthorized. Can you please provide some insights.
Authenticating as an admin requires you to run the authenticate command in the admin database before changing to the regular database. Authenticating your admin user from say, test will not work.
For your case, connect to admin, run authenticate as the admin user, and then get a handle on inbox. Alternately you should create a user specific to the inbox database for safety. Connecting as a superuser for an application isn't the best idea.