通过Robomongo + CLI进行MongoDB身份验证失败

时间:2015-12-04 11:14:32

标签: mongodb authentication robo3t database

使用连接到 MongoDB 3.0.7 Robomongo 0.8.5 生成以下用户。

问题:

  • 在Robomongo中生成用户时,无法通过CLI登录。
  • 使用CLI生成的用户无法通过Robomongo登录(使用auth=true
  • Robomongo未使用auth=true
  • 登录

启动Robomongo时,我没有执行任何身份验证,这可能导致以未经身份验证的模式创建这些表。

虽然其他问题与其他各种编程语言和JSON脚本有关,但这个模式是由Robomongo自己创建的,因此它应该是有效的。

如果在3种不同的情况下验证用户有什么问题?

admin Users表,定义admin

{
    "_id" : ObjectId("56616c9c273eba0cc996edc5"),
    "user" : "admin",
    "pwd" : "90f500568434c37b61c8c1ce05fdf3ae",
    "roles" : [ 
        "readWrite", 
        "dbAdmin"
    ]
}

test_db Usersadmin引用了admin

{
    "_id" : ObjectId("56616cb1273eba0cc996edc7"),
    "user" : "admin",
    "userSource" : "admin",
    "roles" : [ 
        "readWrite", 
        "dbAdmin"
    ]
}

direct_db Users表,定义user

{
    "_id" : ObjectId("56616edd273eba0cc996edcc"),
    "user" : "user",
    "pwd" : "3bcfc22a1cd6be41bc7814c13d3ce94c",
    "roles" : [ 
        "readWrite", 
        "dbAdmin"
    ]
}

命令行输出:

> use admin;
switched to db admin
> db.auth( "admin", "password" );
Error: 18 Authentication failed.
0
> use test_db;
switched to db test_db
> db.auth( "admin", "password" );
Error: 18 Authentication failed.
0
> use direct_db;
switched to db direct_db
> db.auth( "user", "password" );
Error: 18 Authentication failed.
0

mongo.log

2015-12-04T12:26:09.665+0100 I NETWORK  [initandlisten] connection accepted from 127.0.0.1:5140 #272 (53 connections now open)
2015-12-04T12:26:09.685+0100 I ACCESS   [conn272]  authenticate db: admin { authenticate: 1, nonce: "xxx", user: "admin", key: "xxx" }
2015-12-04T12:26:09.685+0100 I ACCESS   [conn272] Failed to authenticate admin@admin with mechanism MONGODB-CR: AuthenticationFailed UserNotFound Could not find user admin@admin

有趣的是,这个CLI命令可以使用和不使用auth=true。我设法能够使用auth=ture登录,但只有设置{ role: "readWrite", db: "root" },这一行很重要:

mongo --authenticationDatabase db_name -u username -p password
>>>Connected to Mongo CLI client...<<<
> db.createUser( 
  { 
    "user" : "admin", 
    "pwd": "password",  
    "roles" : [   
      { role: "readWrite", db: "root" }, 
      { role: "readWrite", db: "admin" }, 
      { role: "dbAdmin", db: "admin" },   
      { role: "readWrite", db: "test_db" }, 
      { role: "dbAdmin", db: "test_db" }
    ]  
})
>>>Successfully added user...<<<
> db.auth("admin","password")
1

0 个答案:

没有答案