MongoDB 3.2 认证失败
MongoDB 3.2 authentication failed
我使用以下命令集创建了一个用户。这应该在 admin 数据库和我的目标数据库 (c2d):
中创建用户
# mongo 127.0.0.1:27017
MongoDB shell version: 3.2.6-29-g5c19788
connecting to: 127.0.0.1:27017/test
> use admin
switched to db admin
> show collections
system.users
system.version
> db.system.users.find()
> db.createUser({user:"cd2", pwd:"cd2", roles:[{role:"dbOwner", db: "c2d"}]})
Successfully added user: {
"user" : "cd2",
"roles" : [
{
"role" : "dbOwner",
"db" : "c2d"
}
]
}
> db.system.users.find()
{ "_id" : "admin.cd2", "user" : "cd2", "db" : "admin", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "4g6t9kC+godz7k6QQOfD+A==", "storedKey" : "m3tDZBQDU2Tlb1lIjLGyTHmr2QQ=", "serverKey" : "GSA4OXSod1s8mBuZBtfmXq2tlTo=" } }, "roles" : [ { "role" : "dbOwner", "db" : "c2d" } ] }
> use c2d
switched to db c2d
> db.createUser({user:"cd2", pwd:"cd2", roles:[{role:"dbOwner", db: "c2d"}]})
Successfully added user: {
"user" : "cd2",
"roles" : [
{
"role" : "dbOwner",
"db" : "c2d"
}
]
}
> use admin
switched to db admin
> db.system.users.find()
{ "_id" : "admin.cd2", "user" : "cd2", "db" : "admin", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "4g6t9kC+godz7k6QQOfD+A==", "storedKey" : "m3tDZBQDU2Tlb1lIjLGyTHmr2QQ=", "serverKey" : "GSA4OXSod1s8mBuZBtfmXq2tlTo=" } }, "roles" : [ { "role" : "dbOwner", "db" : "c2d" } ] }
{ "_id" : "c2d.cd2", "user" : "cd2", "db" : "c2d", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "vnMjnjfykVQS8ujQXeWaYw==", "storedKey" : "OYXivkmIwuTavlwTGfjrspT6j2E=", "serverKey" : "lw8xqzAaW8V4IQ9wOmQrG2VSp88=" } }, "roles" : [ { "role" : "dbOwner", "db" : "c2d" } ] }
如果我尝试登录,我会收到一条错误消息:
# mongo 127.0.0.1:27017/c2d -u c2d -p c2d
MongoDB shell version: 3.2.6-29-g5c19788
connecting to: 127.0.0.1:27017/c2d
2016-05-22T10:35:41.862+0100 E QUERY [thread1] Error: Authentication failed. :
DB.prototype._authOrThrow@src/mongo/shell/db.js:1441:20
@(auth):6:1
@(auth):1:2
exception: login failed
然后我在 conf 文件中启用安全功能并重新启动服务器:
security:
authorization: enabled
错误依旧:
# mongo 127.0.0.1:27017/c2d -u c2d -p c2d
MongoDB shell version: 3.2.6-29-g5c19788
connecting to: 127.0.0.1:27017/c2d
2016-05-22T10:37:43.713+0100 E QUERY [thread1] Error: Authentication failed. :
DB.prototype._authOrThrow@src/mongo/shell/db.js:1441:20
@(auth):6:1
@(auth):1:2
exception: login failed
嗯,您需要按顺序执行几个步骤才能成功创建用户。
首先,您需要创建一个管理员用户。我更喜欢创建超级用户。
> use admin
> db.createUser({user: "root", pwd: "123456", roles:["root"]})
重新启动您的 MongoDB 服务器并使用 --auth 标志启用身份验证。
> mongod --auth --port 27017 --dbpath /var/lib/mongodb
服务器启动后,以管理员身份连接到它
> mongo <host:port> -u "root" -p "123456" --authenticationDatabase "admin"
连接后,创建普通用户。假设您的用户数据库名称是 cd2.
> use cd2
> db.createUser({user: "cd2", pwd: "cd2", roles:["dbOwner"]})
如果您看到成功消息,请断开与 mongo shell 的连接并重新连接新用户
凭据。
> mongo <host:port>/cd2 -u "cd2" -p "cd2"
我们在 MongoDB (3.2.4) 上对这个问题的经验是,它似乎是一个错误或一个未记录的功能。
如果您尝试从远程 shell(而非本地主机)创建用户和角色,则会创建用户,但一旦您离开 shell,它们就会消失(它们对那个会话来说是短暂的)并且没有真正坚持。
解决方案: 只需尝试创建您的用户(最初在 MongoDB 上未启用身份验证)并直接在您的数据库服务器 (localhost) 的控制台上执行。
如果您通过 shell 登录,请确保您在数据库“admin”下创建用户,NOT定制数据库。在你的情况下,你切换到 "c2d".
这是我尝试过的方法(以 "admin" 身份登录)
1。这个会起作用:
$ mongo -u admin -p --authenticationDatabase "admin"
> use admin
> db.createUser(
{
user: "user007",
pwd: "YourP@ssw0rd",
roles: [
{ role: "readWrite", db: "yourdb" },
]
}
)
输出 1:
root@mongo-server:/# mongo -u admin -p --authenticationDatabase "admin"
MongoDB shell version v4.0.6
Enter password:
connecting to: mongodb://127.0.0.1:27017/?authSource=admin&gssapiServiceName=mongodb
MongoDB server version: 4.0.6
----
> use admin
switched to db admin
> db.createUser(
... {
... user: "user007",
... pwd: "YourP@ssw0rd",
... roles: [
... { role: "readWrite", db: "yourdb" },
... ]
... }
... )
Successfully added user: {
"user" : "user007",
"roles" : [
{
"role" : "readWrite",
"db" : "yourdb"
}
]
}
root@mongo-server:/# mongo -u user007 -p YourP@ssw0rd
connecting to: mongodb://127.0.0.1:27017/?gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("ceabf440-c584-4518-90f5-cc845eaec3b3") }
MongoDB server version: 4.0.6
---
>
2。这个会失败:
$ mongo -u admin -p --authenticationDatabase "admin"
> use yourdb
> db.createUser(
{
user: "user007",
pwd: "YourP@ssw0rd",
roles: [
{ role: "readWrite", db: "yourdb" },
]
}
)
输出 2:
root@mongo-server:/# mongo -u admin -p --authenticationDatabase "admin"
MongoDB shell version v4.0.6
Enter password:
connecting to: mongodb://127.0.0.1:27017/?authSource=admin&gssapiServiceName=mongodb
MongoDB server version: 4.0.6
----
> use yourdb
switched to db yourdb
> db.createUser(
... {
... user: "user007",
... pwd: "YourP@ssw0rd",
... roles: [
... { role: "readWrite", db: "yourdb" },
... ]
... }
... )
Successfully added user: {
"user" : "user007",
"roles" : [
{
"role" : "readWrite",
"db" : "yourdb"
}
]
}
>
root@mongo-server:/# mongo -u user007 -p YourP@ssw0rd
MongoDB shell version v4.0.6
connecting to: mongodb://127.0.0.1:27017/?gssapiServiceName=mongodb
2019-12-06T04:28:34.630+0800 E QUERY [js] Error: Authentication failed. :
connect@src/mongo/shell/mongo.js:343:13
@(connect):1:6
exception: connect failed
如果 admin 是身份验证数据库,请在终端 mongo 命令中尝试 --authenticationDatabase=admin 选项。
例如:
代替:mongo 127.0.0.1:27017/c2d -u c2d -p c2d
使用:mongo 127.0.0.1:27017/c2d -u c2d -p c2d --authenticationDatabase=admin
我使用以下命令集创建了一个用户。这应该在 admin 数据库和我的目标数据库 (c2d):
# mongo 127.0.0.1:27017
MongoDB shell version: 3.2.6-29-g5c19788
connecting to: 127.0.0.1:27017/test
> use admin
switched to db admin
> show collections
system.users
system.version
> db.system.users.find()
> db.createUser({user:"cd2", pwd:"cd2", roles:[{role:"dbOwner", db: "c2d"}]})
Successfully added user: {
"user" : "cd2",
"roles" : [
{
"role" : "dbOwner",
"db" : "c2d"
}
]
}
> db.system.users.find()
{ "_id" : "admin.cd2", "user" : "cd2", "db" : "admin", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "4g6t9kC+godz7k6QQOfD+A==", "storedKey" : "m3tDZBQDU2Tlb1lIjLGyTHmr2QQ=", "serverKey" : "GSA4OXSod1s8mBuZBtfmXq2tlTo=" } }, "roles" : [ { "role" : "dbOwner", "db" : "c2d" } ] }
> use c2d
switched to db c2d
> db.createUser({user:"cd2", pwd:"cd2", roles:[{role:"dbOwner", db: "c2d"}]})
Successfully added user: {
"user" : "cd2",
"roles" : [
{
"role" : "dbOwner",
"db" : "c2d"
}
]
}
> use admin
switched to db admin
> db.system.users.find()
{ "_id" : "admin.cd2", "user" : "cd2", "db" : "admin", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "4g6t9kC+godz7k6QQOfD+A==", "storedKey" : "m3tDZBQDU2Tlb1lIjLGyTHmr2QQ=", "serverKey" : "GSA4OXSod1s8mBuZBtfmXq2tlTo=" } }, "roles" : [ { "role" : "dbOwner", "db" : "c2d" } ] }
{ "_id" : "c2d.cd2", "user" : "cd2", "db" : "c2d", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "vnMjnjfykVQS8ujQXeWaYw==", "storedKey" : "OYXivkmIwuTavlwTGfjrspT6j2E=", "serverKey" : "lw8xqzAaW8V4IQ9wOmQrG2VSp88=" } }, "roles" : [ { "role" : "dbOwner", "db" : "c2d" } ] }
如果我尝试登录,我会收到一条错误消息:
# mongo 127.0.0.1:27017/c2d -u c2d -p c2d
MongoDB shell version: 3.2.6-29-g5c19788
connecting to: 127.0.0.1:27017/c2d
2016-05-22T10:35:41.862+0100 E QUERY [thread1] Error: Authentication failed. :
DB.prototype._authOrThrow@src/mongo/shell/db.js:1441:20
@(auth):6:1
@(auth):1:2
exception: login failed
然后我在 conf 文件中启用安全功能并重新启动服务器:
security:
authorization: enabled
错误依旧:
# mongo 127.0.0.1:27017/c2d -u c2d -p c2d
MongoDB shell version: 3.2.6-29-g5c19788
connecting to: 127.0.0.1:27017/c2d
2016-05-22T10:37:43.713+0100 E QUERY [thread1] Error: Authentication failed. :
DB.prototype._authOrThrow@src/mongo/shell/db.js:1441:20
@(auth):6:1
@(auth):1:2
exception: login failed
嗯,您需要按顺序执行几个步骤才能成功创建用户。
首先,您需要创建一个管理员用户。我更喜欢创建超级用户。
> use admin
> db.createUser({user: "root", pwd: "123456", roles:["root"]})
重新启动您的 MongoDB 服务器并使用 --auth 标志启用身份验证。
> mongod --auth --port 27017 --dbpath /var/lib/mongodb
服务器启动后,以管理员身份连接到它
> mongo <host:port> -u "root" -p "123456" --authenticationDatabase "admin"
连接后,创建普通用户。假设您的用户数据库名称是 cd2.
> use cd2
> db.createUser({user: "cd2", pwd: "cd2", roles:["dbOwner"]})
如果您看到成功消息,请断开与 mongo shell 的连接并重新连接新用户 凭据。
> mongo <host:port>/cd2 -u "cd2" -p "cd2"
我们在 MongoDB (3.2.4) 上对这个问题的经验是,它似乎是一个错误或一个未记录的功能。 如果您尝试从远程 shell(而非本地主机)创建用户和角色,则会创建用户,但一旦您离开 shell,它们就会消失(它们对那个会话来说是短暂的)并且没有真正坚持。
解决方案: 只需尝试创建您的用户(最初在 MongoDB 上未启用身份验证)并直接在您的数据库服务器 (localhost) 的控制台上执行。
如果您通过 shell 登录,请确保您在数据库“admin”下创建用户,NOT定制数据库。在你的情况下,你切换到 "c2d".
这是我尝试过的方法(以 "admin" 身份登录)
1。这个会起作用:
$ mongo -u admin -p --authenticationDatabase "admin"
> use admin
> db.createUser(
{
user: "user007",
pwd: "YourP@ssw0rd",
roles: [
{ role: "readWrite", db: "yourdb" },
]
}
)
输出 1:
root@mongo-server:/# mongo -u admin -p --authenticationDatabase "admin"
MongoDB shell version v4.0.6
Enter password:
connecting to: mongodb://127.0.0.1:27017/?authSource=admin&gssapiServiceName=mongodb
MongoDB server version: 4.0.6
----
> use admin
switched to db admin
> db.createUser(
... {
... user: "user007",
... pwd: "YourP@ssw0rd",
... roles: [
... { role: "readWrite", db: "yourdb" },
... ]
... }
... )
Successfully added user: {
"user" : "user007",
"roles" : [
{
"role" : "readWrite",
"db" : "yourdb"
}
]
}
root@mongo-server:/# mongo -u user007 -p YourP@ssw0rd
connecting to: mongodb://127.0.0.1:27017/?gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("ceabf440-c584-4518-90f5-cc845eaec3b3") }
MongoDB server version: 4.0.6
---
>
2。这个会失败:
$ mongo -u admin -p --authenticationDatabase "admin"
> use yourdb
> db.createUser(
{
user: "user007",
pwd: "YourP@ssw0rd",
roles: [
{ role: "readWrite", db: "yourdb" },
]
}
)
输出 2:
root@mongo-server:/# mongo -u admin -p --authenticationDatabase "admin"
MongoDB shell version v4.0.6
Enter password:
connecting to: mongodb://127.0.0.1:27017/?authSource=admin&gssapiServiceName=mongodb
MongoDB server version: 4.0.6
----
> use yourdb
switched to db yourdb
> db.createUser(
... {
... user: "user007",
... pwd: "YourP@ssw0rd",
... roles: [
... { role: "readWrite", db: "yourdb" },
... ]
... }
... )
Successfully added user: {
"user" : "user007",
"roles" : [
{
"role" : "readWrite",
"db" : "yourdb"
}
]
}
>
root@mongo-server:/# mongo -u user007 -p YourP@ssw0rd
MongoDB shell version v4.0.6
connecting to: mongodb://127.0.0.1:27017/?gssapiServiceName=mongodb
2019-12-06T04:28:34.630+0800 E QUERY [js] Error: Authentication failed. :
connect@src/mongo/shell/mongo.js:343:13
@(connect):1:6
exception: connect failed
如果 admin 是身份验证数据库,请在终端 mongo 命令中尝试 --authenticationDatabase=admin 选项。
例如:
代替:mongo 127.0.0.1:27017/c2d -u c2d -p c2d
使用:mongo 127.0.0.1:27017/c2d -u c2d -p c2d --authenticationDatabase=admin