当我在测试环境中测试身份验证时,一切正常。唯一的区别是我没有使用副本集。我读到如果使用复制,我可能需要使用密钥文件来使用用户名和密码进行身份验证,但我的主管希望尽可能远离密钥文件。有没有办法在没有密钥文件的情况下执行此操作,同时仍然使用用户名/密码?
在我的日志文件中,我看到如下行:
[conn4552] Successfully authenticated as principal DBAdmin on admin
[conn1] Unauthorized: not authorized on admin to execute command { replSetHeartbeat: "rs0", configVersion: 1, hbv: 1, from: "172.30.1.216:27017", fromId: 1, term: 8, $replData: 1, $clusterTime: { clusterTime: Timestamp(1527610291, 1), signature: { hash: BinData(0, FA0631F3EE81E932FE5E49031F76A9E5199250A0), keyId: 6561016230625411073 } }, $db: "admin" }
[replexec-27] Error in heartbeat (requestId: 22357) to <IP>:<PORT>, response status: Unauthorized: not authorized on admin to execute command { replSetHeartbeat: "rs0", configVersion: 1, hbv: 1, from: "<IP>:<PORT>", fromId: 0, term: 8, $replData: 1, $clusterTime: { clusterTime: Timestamp(1527610291, 1), signature: { hash: BinData(0, FA0631F3EE81E932FE5E49031F76A9E5199250A0), keyId: 6561016230625411073 } }, $db: "admin" }