Doctrine MongoDB ODM Authentication, possible? - mongodb

Is there a way to use MongoDB authentication in Doctrine MongoDB ODM?
equivilant to db.auth(username,password) in shell

The most robust method is to specify your username and password in the connection URI (e.g. mongodb://username:password#localhost), as that will allow the driver to re-authenticate if a connection is dropped and it needs to reconnect. You can also use MongoDB::authenticate() if you need to authenticate against various DB's in a single connection, but you will have to manually re-authenticate if the connection is dropped. See the connection documentation for more examples.

Related

How to choose MongoDB Connect to Cluster option?

I'm new to MongoDB and I'm having some problems with MongoDB recently.
I'm not sure about Connect with the MongoDB Shell, Connect your application, Connect using MongoDB Compass, what's the difference?
The current demand is. I want to directly allow connection from anywhere and create a user account password to log into this database, which option should I choose?
https://i.stack.imgur.com/iwYMf.png
In Connect your application tab, you get a link that you need to copy
and paste in your application you are building to connect it to the
database. Remember to replace your password and databse name.
In Connect using MongoDB Compass tab, you get a link that you need
to paste in your compass application(A desktop application that
makes your mongodb data handling so much easier). And again remember to replace
your credentials.
I'm not very fond of Mongodb shell. It's actually an extensible
command-line interface.

Error : No unix socket support on windows connecting mongodb

I'm using robomongo tool to access mongodb. When I connect into my db then
Show error details
How to fix it?
I had the same issue and was able to fix it by removing the full url (for example: mongodb://myuser:mypassword#mongodb-test.mydomain.com/my_database) in the connection tab and only putting in the mongodb server url: mongodb-test.mydomain.com.
Next, in the Authentication tab, I checked the Perform authentication checkbox, specified the Database, user name, password.
I also added the database in the Advanded tab just in case and I can now connect without error.
Try inserting only e.g: ds12345.mlab.com at address bar instead of full [http:// mongodb://<dbuser>:<dbpassword>#...] and create user to authenticate in mlab.com and then try connect to it. Something like this:
And then:
Whilst this answer is only partly related to the problem, I want to describe the solution in here.
I had this problem when trying to connect via Robo3T to a cluster of MongoDBs hosted on Atlas. They offer a connection string with the protocol in front (e.g. mongodb+srv://<USER>:<PASSWORD>#database-mongodb.net/admin). This was a combination of two problems:
Robo3T does not like the protocol mongodb+srv:// in the URI. You should use only the second part (after the #). Like: database-mongodb.net.
Robo3T does not like shards. At least I could not get to connect with it via that connection string. Fro what I understand, you need that protocol to connect to a shard. Since you can't use that kind of URI, you will need to connect directly to the primary shard. To do that, you need to build a new connection string with the URI of the primary shard. Like this: database-shard-00-00-vemhh.mongodb.net and provide the port to Robo3T. Also, you need to connect via SSL, if you're using MongoDB Atlas (a self-signed certificate configured directly in Robo3T worked for me).
Remove only [http://] worked for me
Get the newer version of the Robo3T client...it can import it automatically from +srv link
I was facing the same problem, but I can solve it by installing Robo 3T 1.3 and import connection details from MongoDB SRV connection string. See this:
Steps to connect remote DB from Robo 3T 1.3
Remember to replace the user in the connection string and the pass at Authentication Tab
The connection string in the picture is dummy by the way

Can Meteor connect to MongoDB over SSL?

Can Meteor connect to MongoDB over SSL? If yes, what should MONGO_URL be set to so the connection is encrypted?
Looks like you simply need to include ssl=true in your MONGO_URL connection string, e.g.
MONGO_URL=mongodb://user:password#ip:port/mydb?ssl=true
See:
https://github.com/meteor/meteor/issues/4812#issuecomment-129074941
https://forums.meteor.com/t/what-mongo-url-to-connect-to-mongodb-server-with-ssl/13223
Update:
Since writing this answer, I have actually tried and failed to use the ssl=true param in the MONGO_URL connection string.
This prompted me to explore the Mongo.setConnectionOptions method, and to publish this simple package that allows you pass in more advanced connection settings.
Yes! In fact, on Meteor's free hosting all the Mongo connection urls are SSL connection urls. It works just fine because for low-level operations with MongoDB Meteor uses the same node-mongodb-native npm module which supports SSL.

what's the easiest way to password protect mongodb database for remote user?

I have a mongodb running in my server, for local connections to the db I don't need any password to protect it(that is within the same physical machine, meaning connect to the server thru the 127.0.0.1 ip address).
But I don't want other people in the network be able connect to my database without password, only the authorized user. So I want to do password protection for the remote user.
How to do it?
Right now monogdb does not support authentication mode based on the user location. So that means if you run mongod with --auth that will apply to everyone.
There are no (yet) advanced authentication schemas like IP, protocol source, etc. For now you can only define if the user has read only or write permissions on a database. So basically the only thing mongodb cares is if you typed the right password for the right user.
Personally in all production environment I would recommend to use the secure mode, because even if you allow only connection from a localhost any users who has access to the local server or any malicious script on the host can easily wipe all your data.
The MongoDB Security and Authentication page has information on configuring user authentication and firewall settings.
Note that when you enable password authentication for a database, the authentication requirement will apply to both local and remote users (so you will also need to connect with a password through the local IP).
MongoDb does not offer an easy way to protect the database. I assume this is the reason why there are tens of thousands of mongodb instances on the net that are unprotected for hackers

Connect to Mongo DB on MongoLab without Authorization?

My Question:
Is there any way to connect to Mongo DB (hosted on MongoLab) without username and password ?
My Case:
I have created a free MongoLab account (https://mongolab.com) and also create new database -> collection -> document in it.
When I connect to Mongo DB (on Mongo Lab) without username and password, I was able to connect, but when I try to retrieve any data it gives me "unauthorized db:testing lock type:-1 client:...." error.
So I have created a DB User in MongLab as well and provide username and password at the time of connection. After that I am able to connect and retrieve data from Mongo DB.
MongoLab's multi-tenant database plans are on shared servers. We cannot give you the choice to forgo authentication. Even if you were ok with others seeing you data, the other tenants on the server you share would still not want you to see their data.
We have dedicated server plans where you have your own server. On those we could turn off authentication for you. Email us at support#mongolab.com.
As for your benchmarks - auth will not slow things down. The drivers do not authentication on each request, just each connection. If you use the driver properly it should all work well.
-will (MongoLab)