问题
I create a user with the following set of commands. This should create user in both admin db as well as my target db (c2d):
# mongo 127.0.0.1:27017
MongoDB shell version: 3.2.6-29-g5c19788
connecting to: 127.0.0.1:27017/test
> use admin
switched to db admin
> show collections
system.users
system.version
> db.system.users.find()
> db.createUser({user:\"cd2\", pwd:\"cd2\", roles:[{role:\"dbOwner\", db: \"c2d\"}]})
Successfully added user: {
\"user\" : \"cd2\",
\"roles\" : [
{
\"role\" : \"dbOwner\",
\"db\" : \"c2d\"
}
]
}
> db.system.users.find()
{ \"_id\" : \"admin.cd2\", \"user\" : \"cd2\", \"db\" : \"admin\", \"credentials\" : { \"SCRAM-SHA-1\" : { \"iterationCount\" : 10000, \"salt\" : \"4g6t9kC+godz7k6QQOfD+A==\", \"storedKey\" : \"m3tDZBQDU2Tlb1lIjLGyTHmr2QQ=\", \"serverKey\" : \"GSA4OXSod1s8mBuZBtfmXq2tlTo=\" } }, \"roles\" : [ { \"role\" : \"dbOwner\", \"db\" : \"c2d\" } ] }
> use c2d
switched to db c2d
> db.createUser({user:\"cd2\", pwd:\"cd2\", roles:[{role:\"dbOwner\", db: \"c2d\"}]})
Successfully added user: {
\"user\" : \"cd2\",
\"roles\" : [
{
\"role\" : \"dbOwner\",
\"db\" : \"c2d\"
}
]
}
> use admin
switched to db admin
> db.system.users.find()
{ \"_id\" : \"admin.cd2\", \"user\" : \"cd2\", \"db\" : \"admin\", \"credentials\" : { \"SCRAM-SHA-1\" : { \"iterationCount\" : 10000, \"salt\" : \"4g6t9kC+godz7k6QQOfD+A==\", \"storedKey\" : \"m3tDZBQDU2Tlb1lIjLGyTHmr2QQ=\", \"serverKey\" : \"GSA4OXSod1s8mBuZBtfmXq2tlTo=\" } }, \"roles\" : [ { \"role\" : \"dbOwner\", \"db\" : \"c2d\" } ] }
{ \"_id\" : \"c2d.cd2\", \"user\" : \"cd2\", \"db\" : \"c2d\", \"credentials\" : { \"SCRAM-SHA-1\" : { \"iterationCount\" : 10000, \"salt\" : \"vnMjnjfykVQS8ujQXeWaYw==\", \"storedKey\" : \"OYXivkmIwuTavlwTGfjrspT6j2E=\", \"serverKey\" : \"lw8xqzAaW8V4IQ9wOmQrG2VSp88=\" } }, \"roles\" : [ { \"role\" : \"dbOwner\", \"db\" : \"c2d\" } ] }
If I try to login, I\'m welcomed with an error message:
# mongo 127.0.0.1:27017/c2d -u c2d -p c2d
MongoDB shell version: 3.2.6-29-g5c19788
connecting to: 127.0.0.1:27017/c2d
2016-05-22T10:35:41.862+0100 E QUERY [thread1] Error: Authentication failed. :
DB.prototype._authOrThrow@src/mongo/shell/db.js:1441:20
@(auth):6:1
@(auth):1:2
exception: login failed
Then I enable security features in the conf file and restart the server:
security:
authorization: enabled
Error is still the same:
# mongo 127.0.0.1:27017/c2d -u c2d -p c2d
MongoDB shell version: 3.2.6-29-g5c19788
connecting to: 127.0.0.1:27017/c2d
2016-05-22T10:37:43.713+0100 E QUERY [thread1] Error: Authentication failed. :
DB.prototype._authOrThrow@src/mongo/shell/db.js:1441:20
@(auth):6:1
@(auth):1:2
exception: login failed
回答1:
Well, you'll need to take couple of steps in sequence to create user successfully.
First of all, you need to create an administrator user. I prefer creating super user.
> use admin
> db.createUser({user: "root", pwd: "123456", roles:["root"]})
Restart your MongoDB server and enable authentication with --auth flag.
> mongod --auth --port 27017 --dbpath /var/lib/mongodb
Once your server is up, connect to it as administrator
> mongo <host:port> -u "root" -p "123456" --authenticationDatabase "admin"
Once you are connected, create normal user. Assuming your user database name is cd2.
> use cd2
> db.createUser({user: "cd2", pwd: "cd2", roles:["dbOwner"]})
If you see success messsage, disconnect from mongo shell and reconnect with new user credentials.
> mongo <host:port>/cd2 -u "cd2" -p "cd2"
回答2:
Our experience with this issue on MongoDB (3.2.4) is that it seems a bug or a undocumented feature. If you attempt to create the users and roles from a remote shell (not localhost), the users are created but as soon as you leave the shell they are gone (they are transient to that session) and not really persisted.
Solution: Just try to create your users (without authentication enabled initially on MongoDB) and do it directly on the console of your DB server (localhost).
来源:https://stackoverflow.com/questions/37372684/mongodb-3-2-authentication-failed