Cannot authenticate into mongo, “auth fails”

问题:

I've created an admin user for mongo using these directions:

http://docs.mongodb.org/manual/tutorial/add-user-administrator/

From the mongo client it looks like I can authenticate:

> use admin switched to db admin > db.auth('admin','SECRETPASSWORD'); 1 > 

But I can't connect any other way. For example:

mongo -u admin -p SECRETPASSWORD

gives the error:

JavaScript execution failed: Error: 18 { code: 18, ok: 0.0, errmsg: "auth fails" } at src/mongo/shell/db.js:L228

I have auth = true in etc/mongod.conf.

What am I missing?

回答1:

Authentication is managed at a database level. When you try to connect to the system using a database, mongo actually checks for the credentials you provide in the collection .system.users. So, basically when you are trying to connect to "test", it looks for the credentials in test.system.users and returns an error because it cannot find them (as they are stored in admin.system.users). Having the right to read and write from all db doesn't mean you can directly connect to them.

You have to connect to the database holding the credentials first. Try:

mongo admin -u admin -p SECRETPASSWORD 

For more info, check this http://docs.mongodb.org/manual/reference/privilege-documents/

回答2:

I also received this error, what I needed was to specify the database where the user authentication data was stored:

mongo -u admin -p SECRETPASSWORD --authenticationDatabase admin

Update Nov 18 2017:

mongo admin -u admin -p 

is a better solution. Mongo will prompt you for your password, this way you won't put your cleartext password into the shell history which is just terrible security practice.

回答3:

You may need to upgrade your mongo shell. I had version 2.4.9 of the mongo shell locally, and I got this error trying to connect to a mongo 3 database. Upgrading the shell version to 3 solved the problem.

回答4:

I know this may seem obvious but I also had to use a single quote around the u/n and p/w before it worked

mongo admin -u 'user' -p 'password'

回答5:

In MongoDB 3.0, it now supports multiple authentication mechanisms.

1. MongoDB Challenge and Response (SCRAM-SHA-1) - default in 3.0
2. MongoDB Challenge and Response (MONGODB-CR) - previous default (

If you started with a new 3.0 database with new users created, they would have been created using SCRAM-SHA-1.

So you will need a driver capable of that authentication:

http://docs.mongodb.org/manual/release-notes/3.0-scram/#considerations-scram-sha-1-drivers

If you had a database upgraded from 2.x with existing user data, they would still be using MONGODB-CR, and the user authentication database would have to be upgraded:

http://docs.mongodb.org/manual/release-notes/3.0-scram/#upgrade-mongodb-cr-to-scram

Now, connecting to MongoDB 3.0 with users created with SCRAM-SHA-1 are required to specify the authentication database (via command line mongo client), and using other mechanisms if using a driver.

$> mongo -u USER -p PASSWORD --authenticationDatabase admin

In this case, the "admin" database, which is also the default will be used to authenticate.

回答6:

It appears the problem is that a user created via the method described in the mongo docs does not have permission to connect to the default database (test), even if that user was created with the "userAdminAnyDatabase" and "dbAdminAnyDatabase" roles.

回答7:

This fixed my issue:

Go to terminal shell and type mongo.

Then type use db_name.

Then type:

 db.createUser(    {      user: "mongodb",      pwd: "dogmeatsubparflavour1337",      roles: [ { role: "dbOwner", db: "db_name" } ]    }  ) 

Also try: db.getUsers()

Quick sample:

const MongoClient = require('mongodb').MongoClient;  // MongoDB Connection Info const url = 'mongodb://mongodb:dogmeatsubparflavour1337@stackoverflow.com:27017/?authMechanism=DEFAULT&authSource=db_name'; // Additional options: https://docs.mongodb.com/manual/reference/connection-string/#connection-string-options  // Use Connect Method to connect to the Server MongoClient.connect(url)   .then((db) => {     console.log(db);     console.log('Casually connected correctly to server.');     // Be careful with db.close() when working asynchronously     db.close();   })   .catch((error) => {     console.log(error);   }); 

回答8:

This is kind of a specific case, but in case anyone gets here with my problem:

In MongoHQ, it'll show you a field called "password", but it's actually just the hash of the password. You'll have to add a new user and store the password elsewhere (because MongoHQ won't show it to you).

回答9:

The proper way to login into mongo shell is

mongo localhost:27017 -u 'uuuuu' -p '>xxxxxx' --authenticationDatabase dbname

回答10:

You can also try this :-

mongo localhost:27017/admin -u admin -p SECRETPASSWORD 

Found it in this post

Here obviously the localhost can be some other host and the /admin can be some other database on which authentication has been applied

文章来源: Cannot authenticate into mongo, “auth fails”