MongoDB 3.2 身份验证失败
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/37372684/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
MongoDB 3.2 authentication failed
提问by NarūnasK
I create a user with the following set of commands. This should create user in both admindb as well as my target db (c2d):
我使用以下命令集创建了一个用户。这应该在admindb 和我的目标 db ( c2d) 中创建用户:
# mongo 127.0.0.1:27017
MongoDB shell version: 3.2.6-29-g5c19788
connecting to: 127.0.0.1:27017/test
> use admin
switched to db admin
> show collections
system.users
system.version
> db.system.users.find()
> db.createUser({user:"cd2", pwd:"cd2", roles:[{role:"dbOwner", db: "c2d"}]})
Successfully added user: {
"user" : "cd2",
"roles" : [
{
"role" : "dbOwner",
"db" : "c2d"
}
]
}
> db.system.users.find()
{ "_id" : "admin.cd2", "user" : "cd2", "db" : "admin", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "4g6t9kC+godz7k6QQOfD+A==", "storedKey" : "m3tDZBQDU2Tlb1lIjLGyTHmr2QQ=", "serverKey" : "GSA4OXSod1s8mBuZBtfmXq2tlTo=" } }, "roles" : [ { "role" : "dbOwner", "db" : "c2d" } ] }
> use c2d
switched to db c2d
> db.createUser({user:"cd2", pwd:"cd2", roles:[{role:"dbOwner", db: "c2d"}]})
Successfully added user: {
"user" : "cd2",
"roles" : [
{
"role" : "dbOwner",
"db" : "c2d"
}
]
}
> use admin
switched to db admin
> db.system.users.find()
{ "_id" : "admin.cd2", "user" : "cd2", "db" : "admin", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "4g6t9kC+godz7k6QQOfD+A==", "storedKey" : "m3tDZBQDU2Tlb1lIjLGyTHmr2QQ=", "serverKey" : "GSA4OXSod1s8mBuZBtfmXq2tlTo=" } }, "roles" : [ { "role" : "dbOwner", "db" : "c2d" } ] }
{ "_id" : "c2d.cd2", "user" : "cd2", "db" : "c2d", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "vnMjnjfykVQS8ujQXeWaYw==", "storedKey" : "OYXivkmIwuTavlwTGfjrspT6j2E=", "serverKey" : "lw8xqzAaW8V4IQ9wOmQrG2VSp88=" } }, "roles" : [ { "role" : "dbOwner", "db" : "c2d" } ] }
If I try to login, I'm welcomed with an error message:
如果我尝试登录,则会收到一条错误消息:
# mongo 127.0.0.1:27017/c2d -u c2d -p c2d
MongoDB shell version: 3.2.6-29-g5c19788
connecting to: 127.0.0.1:27017/c2d
2016-05-22T10:35:41.862+0100 E QUERY [thread1] Error: Authentication failed. :
DB.prototype._authOrThrow@src/mongo/shell/db.js:1441:20
@(auth):6:1
@(auth):1:2
exception: login failed
Then I enable security features in the conf file and restart the server:
然后我在 conf 文件中启用安全功能并重新启动服务器:
security:
authorization: enabled
Error is still the same:
错误还是一样:
# mongo 127.0.0.1:27017/c2d -u c2d -p c2d
MongoDB shell version: 3.2.6-29-g5c19788
connecting to: 127.0.0.1:27017/c2d
2016-05-22T10:37:43.713+0100 E QUERY [thread1] Error: Authentication failed. :
DB.prototype._authOrThrow@src/mongo/shell/db.js:1441:20
@(auth):6:1
@(auth):1:2
exception: login failed
回答by Saleem
Well, you'll need to take couple of steps in sequence to create user successfully.
好吧,您需要按顺序执行几个步骤才能成功创建用户。
First of all, you need to create an administrator user. I prefer creating super user.
首先,您需要创建一个管理员用户。我更喜欢创建超级用户。
> use admin
> db.createUser({user: "root", pwd: "123456", roles:["root"]})
Restart your MongoDB server and enable authentication with --authflag.
重新启动 MongoDB 服务器并使用--auth标志启用身份验证。
> mongod --auth --port 27017 --dbpath /var/lib/mongodb
Once your server is up, connect to it as administrator
服务器启动后,以管理员身份连接到它
> mongo <host:port> -u "root" -p "123456" --authenticationDatabase "admin"
> mongo <host:port> -u "root" -p "123456" --authenticationDatabase "admin"
Once you are connected, create normal user. Assuming your user database name is cd2.
连接后,创建普通用户。假设您的用户数据库名称是cd2.
> use cd2
> db.createUser({user: "cd2", pwd: "cd2", roles:["dbOwner"]})
If you see success messsage, disconnect from mongo shell and reconnect with new user credentials.
如果您看到成功消息,请断开与 mongo shell 的连接并使用新用户凭据重新连接。
> mongo <host:port>/cd2 -u "cd2" -p "cd2"
回答by RodrigoM
Our experience with this issue on MongoDB (3.2.4) is that it seems a bug or a undocumented feature. If you attempt to create the users and roles from a remote shell (not localhost), the users are created but as soon as you leave the shell they are gone (they are transient to that session) and not really persisted.
我们在 MongoDB (3.2.4) 上解决此问题的经验是它似乎是一个错误或未记录的功能。如果您尝试从远程 shell(而不是本地主机)创建用户和角色,则会创建用户,但是一旦您离开 shell,它们就会消失(它们对该会话是短暂的)并且不会真正持久化。
Solution:Just try to create your users (without authentication enabled initially on MongoDB) and do it directly on the console of your DB server (localhost).
解决方案:只需尝试创建您的用户(最初在 MongoDB 上未启用身份验证)并直接在您的数据库服务器 (localhost) 的控制台上创建。
回答by kennyut
If you log in through shell, make sure your create user under db "admin", NOTunder a customized db. In your case you switched to "c2d".
如果您通过 shell 登录,请确保您在数据库“ admin”下创建用户,而不是在自定义数据库下。在您的情况下,您切换到“c2d”。
Here is what I have tried (Log in as "admin")
这是我尝试过的(以“管理员”身份登录)
1. This one will work:
1.这个会起作用:
$ mongo -u admin -p --authenticationDatabase "admin"
> use admin
> db.createUser(
{
user: "user007",
pwd: "YourP@ssw0rd",
roles: [
{ role: "readWrite", db: "yourdb" },
]
}
)
Output 1:
输出 1:
root@mongo-server:/# mongo -u admin -p --authenticationDatabase "admin"
MongoDB shell version v4.0.6
Enter password:
connecting to: mongodb://127.0.0.1:27017/?authSource=admin&gssapiServiceName=mongodb
MongoDB server version: 4.0.6
----
> use admin
switched to db admin
> db.createUser(
... {
... user: "user007",
... pwd: "YourP@ssw0rd",
... roles: [
... { role: "readWrite", db: "yourdb" },
... ]
... }
... )
Successfully added user: {
"user" : "user007",
"roles" : [
{
"role" : "readWrite",
"db" : "yourdb"
}
]
}
root@mongo-server:/# mongo -u user007 -p YourP@ssw0rd
connecting to: mongodb://127.0.0.1:27017/?gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("ceabf440-c584-4518-90f5-cc845eaec3b3") }
MongoDB server version: 4.0.6
---
>
2. This one will fail:
2. 这个会失败:
$ mongo -u admin -p --authenticationDatabase "admin"
> use yourdb
> db.createUser(
{
user: "user007",
pwd: "YourP@ssw0rd",
roles: [
{ role: "readWrite", db: "yourdb" },
]
}
)
Output 2:
输出 2:
root@mongo-server:/# mongo -u admin -p --authenticationDatabase "admin"
MongoDB shell version v4.0.6
Enter password:
connecting to: mongodb://127.0.0.1:27017/?authSource=admin&gssapiServiceName=mongodb
MongoDB server version: 4.0.6
----
> use yourdb
switched to db yourdb
> db.createUser(
... {
... user: "user007",
... pwd: "YourP@ssw0rd",
... roles: [
... { role: "readWrite", db: "yourdb" },
... ]
... }
... )
Successfully added user: {
"user" : "user007",
"roles" : [
{
"role" : "readWrite",
"db" : "yourdb"
}
]
}
>
root@mongo-server:/# mongo -u user007 -p YourP@ssw0rd
MongoDB shell version v4.0.6
connecting to: mongodb://127.0.0.1:27017/?gssapiServiceName=mongodb
2019-12-06T04:28:34.630+0800 E QUERY [js] Error: Authentication failed. :
connect@src/mongo/shell/mongo.js:343:13
@(connect):1:6
exception: connect failed
回答by asvni
try --authenticationDatabase=adminoption in your terminal mongo command, if admin is the authentication database.
--authenticationDatabase=admin如果 admin 是身份验证数据库,请在终端 mongo 命令中尝试选项。
For example:
例如:
insteed of: mongo 127.0.0.1:27017/c2d -u c2d -p c2d
代替: mongo 127.0.0.1:27017/c2d -u c2d -p c2d
use: mongo 127.0.0.1:27017/c2d -u c2d -p c2d --authenticationDatabase=admin
用: mongo 127.0.0.1:27017/c2d -u c2d -p c2d --authenticationDatabase=admin
