instllation of mongodb server and client on fedora20 - mongodb

I have installed mongodb server on fedora20.
Then I have used admin database.
In admin database I created company database.
I created user emp with readWrite priviliges.
When I try to connect with mongodb server from another machine as client as folllows
mongo -u emp -p emp123 ipaddress of mongodb server:port no
it says "authentication fail".
I don't want to connect to admin or test database.
I want to connect to company database.
Can anybody explain me steps to install client and server of mongodb on fedora20

mongo command-line has an option to specify the database against which you want to authenticate. In your case, since you created user in admin database, you should use "--authenticationDatabase admin" on the command-part in addition to the other parameters.

Related

Fusionauth-app docker without mysql superuser credentials

I would like to connect to a hosted remote mySQL DB (mariadb 10.1.39). I use the available fusionauth docker images (app and search) from docker hub and the published docker compose file. The db hosting provider does not grant superuser credentials. The assigned user rights should be sufficient to maintain the tables of the schema. Unfortunately, using the docker container mysql superuser credentials seems to be mandatory.
I imported the DB dump of a local (dockerized) mariadb (10.1.40) to the remote db. Username and schema name are the same local and remote. I tried not to provide DATABASE_ROOT_USER with the docker-compose yaml, but this approach ends in maintenance mode.
Is there an approach to connect to a remote mysql db without superuser credentials?
We will be enhancing our automated setup to better support external db service providers. See https://github.com/FusionAuth/fusionauth-issues/issues/95
Your current option is to create the schema manually. https://fusionauth.io/docs/v1/tech/installation-guide/fusionauth-app#advanced-installation
You may also try to use your user credentials in the superuser fields, it may work.

MongoDB 2.6.12 - no collections in DB

I have a some problem with MongoDB (2.6.12). I have one database with collections and a lot of data. Then I created user with readWrite role, enabled auth=true in mongod.conf, restarted 'mongod' service.
Looks like auth works fine, but I can't see any data/collections in DB. I can't use 'find' query, in mongo shell it just returns nothing (empty line). I also can connect to DB without credentials and I see the same result.
I've tried a different roles and different users, but I can't get access to my data. What can be a problem?
OK!
When you login, you need to use --authenticationDatabase -parameter, normal value for that is 'admin'.
mongo host:port -u user -p password --authenticationDatabase admin
If authentication database is not same database where your collection is (your collection is not at admin-database) give that database name as last parameter at 'mongo'-command, to select that DB.
mongo host:port -u user -p password --authenticationDatabase admin myOwnDB
OR
after successful login, use command: 'use your_db_name', to change that database.
use myOwnDB
IF you don't know your database name.
When you have login successful, give command 'show dbs' to list all databases.
show dbs
After that you can use command 'use db_name' to change database. Then you can use command 'show collections' to list all collections on that database.
use myOwnDB
show collections

MongoDB Authentication Database Purpose

My question is about the mongo shell --authenticationDatabase option.
I was confused by it for a bit thinking that the the database I created the user in was the admin database since that is where the user is actually defined after reading this documentation here: https://docs.mongodb.com/manual/core/security-users/#user-management-interface
I understand I was wrong; the authentication database is the database the user has a role for. My question then is what is the purpose of the option "--authenicationDatabase?" See my scenarios below.
The command below will connect to the myapp database and also authenticate against the myapp database
mongo -u "bob" -p "bobspassword" --authenticationDatabase "myapp" myapp
The command below will connect to the myapp database and also authenticate against the myapp database by default. This seems to make the command above obsolete.
mongo -u "bob" -p "bobspassword" --authenticationDatabase "myapp" myapp
The command below will authenticate against the myapp database but not connect to it. Why? Is it simply to test credentials?
mongo -u "bob" -p "bobspassword" --authenticationDatabase "myapp"
This command would tell me "Error: Authentication failed." as well so I still wonder why I would need the previous command to find out my credentials are invalid.
mongo -u "bob" -p "bobspassword" myapp
Lastly, is there a situation where I need to authenticate against one database and connect to a different one like the command below? I can only connect to databases for which I have a role defined so why wouldn't I authenticate against the database I was trying to connect to?
mongo -u "bob" -p "bobspassword" --authenticationDatabase "myapp" myotherapp
Thank you for your insight!
In mongo you are connecting to a server not really to a database. You can change the database afterwards.
your code:
mongo -u "bob" -p "bobspassword" --authenticationDatabase "myapp"
will connect to mongod server and it will use a 'test' database if others not defined
The next one should work, since mongo takes the auth db from the connection string. Also it might be set different in a config file.
mongo -u "bob" -p "bobspassword" myapp
And final:
Lastly, is there a situation where I need to authenticate against one
database and connect to a different one..
No
When adding a user, you create the user in a specific database. This database is the authentication database for the user.
In most cases, you would want to create users in the admin database. This is a privileged database. However, you are allowed to create user in other databases. If two users have the same name but are created in different databases, they are two separate users. IMHO, this authentication database mechanism provides a sort of namespace so that users with same name are allowed (think about user management in a big organization).
But this is just how Mongo organize users and store then in authentication databases. The authentication database has nothing to do with to which databases this user has privilege (access).
Back to your case, you created a user in 'myapp' database and also grant it access to 'myapp' database. That's why you need to first authenticate against 'myapp', which serves as authentication database, and then connect to 'myapp' for accessing data.

What is the default dbuser and dbpassword for a MongoDB database provisioned by Heroku and MongoLab?

I am new to Heroku and MongoDB. I created a Heroku app which has an added-on MongoDB by MongoLab.
Everything was set up automatically by Heroku. When I navigated to MongoLab database manager page (SSO protected) it showed a standard MongoDB URL as:
mongodb://<dbuser>:<dbpassword>#dsxxxxxx.mongolab.com:39674/heroku_xxxxxxxx
Those "x" letters represents numbers.
I didn't bother to specify a dbuser and dbpassword at all. So what is the dbuser and dbpassword?
None of these answers are correct, if you want to know your URI to your database go to your project in heroku and look at settings, reveal config vars and you find all the URI
In your terminal, navigate to your project folder and type $ heroku config:get MONGODB_URI to get your Heroku provisioned username and password.
Mongolab provides you with database hosting services using MongoDB as the database engine. This means you have to have a subscription to their services, in order to have access to a MongoDB database. Once you sign up for one of their plans you will have your own database username and database password to authenticate database connections with.
So dbuser will be your MongoDb username and dbpassword will be your MongoDB password. You use these elements to gain access to your own databases and collections.
https://mongolab.com/plans/pricing/
When you create a MongoLab add-on for your Heroku app, a MONGOLAB_URI environment variable is automatically created with connection info for your database add-on:
https://devcenter.heroku.com/articles/mongolab#getting-your-connection-uri

Postgres accepts any password

I have the following code which connects to a database on my remote server (the connection script resides on the same server):
Database::$ErrorHandle = new PDO('pgsql:host=111.222.33.44;dbname=mydatabase;', 'postgres', 'mypassword', $db_settings);
The problem is I can change the password to be anything at all and the connection is still made! Like seriously what the hell!?!
Can my database be connected to (providing you know the IP and db name) by anyone from a PHP script running on a different server?
How can I enforce passwords, I have looked at the following stack overflow page and did what they said but still no luck:
How to change PostgreSQL user password?
I am running Ubuntu 12.04 server with PHP 5.5 and Apache2
Off course your postgresql database can be properly configured to only connect with authenticated users even certain users (Roles in Postgres) from certain IPs/sockets.
Some considerations:
Do you see data? Or can you just connect to the server? Can you list the databases?
Look at your pg_hba.conf and setup the proper permissions, per role per database per source
Did you grant access to the mydatabase to everyone? Which roles did you grant access?
Does the database have its tables in the public scheme? And granted access to the public?
Yes, with this configuration everyone who knows your IP and database name can connect to your database.