stackoom
  简体   繁体   中英

Cannot access database after authencation enabled

 原文  2014-05-19 17:44:24       mongodb/ authentication

Question

I'm using mongodb 2.6.1, Windows 7 64bit

I started mongod without --auth and create a first user using 

db.createUser({
    user: "root",
    pwd: "xxx",
    roles:
    [{
        role: "userAdminAnyDatabase",
        db: "admin"
        }]
})

I restarted mongod again with this configuration 

systemLog:
  destination: "file"
  path: "c:\\mongodb\\log\\mongo.log"
  quiet: true
  logAppend: true
storage:
  dbPath: "c:\\mongodb\\data\\db"
  directoryPerDB: true
  smallFiles: true
  journal:
    enabled: true
net:
  bindIp: 127.0.0.1
  port: 27017
  http:
    enabled: true
    JSONPEnabled: true
    RESTInterfaceEnabled: true
security:
  authorization: enabled

There was no errors, so the authentication has been enabled.

I started mongo using mongo -u root -p --authenticationDatabase admin but I got error message shown below. 

MongoDB shell version: 2.6.1
Enter password:
connecting to: test
Error while trying to show server startup warnings: not authorized on admin to execute command { getLog: "startupWarnings" }

I tried to use show collections but I got error message shown below. 

2014-05-20T00:36:07.801+0700 error: {
        "$err" : "not authorized for query on admin.system.namespaces",
        "code" : 13
} at src/mongo/shell/query.js:131

But when I tried db.system.users.find() I can display the user in the collection without any error messages.

I also tried db.auth("root","xxx") but I got the same result, I can display user but I cannot list available collections.

I have 2 more db which were imported from the older version, without --auth these dbs work just fine, but starting mongod with authentication enabled, I cannot display anything inside those dbs.

Please help, solve the question.

1 answers

solution1
 2 ACCPTED  2014-05-20 21:35:57

In my case, the username: root was created with adminAnyDatabase , which actually has no priviliges such as find action.

Therefore as I expected the root to be top level user, so the root should be granted as superuser using root role. 

use admin

db.grantRolesToUser(
    "root",
    [
        { role: "root", db: "admin" }
    ]
)

Also the adminAnyDatabase should be revoked 

use admin

db.revokeRolesFromUser(
    "root",
    [
        { role: "adminAnyDatabase", db: "admin" }
    ]
)

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Access control is not enabled for the database MongoDB: Server has startup warnings ''Access control is not enabled for the database'' WARNING: Access control is not enabled for the database. Read and write access to data and configuration is unrestricted Cannot access the record from mongo db after authentication at server side Cannot access mongoDB after “meteor deploy myapp.com” Cannot delete database in Mongo: it returns immediately (and mysteriously) after we delete it Tableau and Mongodb: WARNING: Access control is not enabled for mongosqld MongoDB replication when access control is enabled Mongoengine Database cannot change Database Use mongorestore to restore a database to MongoDB (3.4) with --auth enabled, SASL error
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM