Can not authenticate via mongo's official node.js driver (MongoDB Cloud Manager replica deployment)

Pedro Diogo

unread,

Dec 22, 2015, 3:56:08 PM12/22/15

to mongodb-user

Hello everybody,

I am trying to authenticate to my replica set, which was deployed via Mongo Cloud Manager, but I can not figure out why it fails.

Here are my users on database abcd:

abcdRepliaSet:PRIMARY> use abcd
switched to db abcd
show users
abcdRepliaSet:PRIMARY> show users
{
 "_id" : "abcd.abcdAppUser",
 "user" : "abcdAppUser",
 "db" : "abcd",
 "roles" : [
 {
 "role" : "readWrite",
 "db" : "abcd"
 }
 ]
}

and I can successfully connect to it via mongo shell:

mongo adbcd-mongo-mms.cloudapp.net:57002 -u adbcd AppUser -p hidden --authenticationDatabase adbcd

However, I can not using this simple code:

MongoClient.connect("mongodb://abcdAppUser:hid...@abcd-mongo-mms.cloudapp.net:57001,abcd-mongo-mms.cloudapp.net:57002,abcd-mongo-mms.cloudapp.net:57003/abcd?replicaSet=abcdRepliaSet&authSource=abcd&authMechanism=SCRAM-SHA-1",
 function(err, db) {
 if(err) throw err;
 else console.log(db);
});

I am also pretty sure my authMechanism is SCRAM-SHA-1 as I've added the user using mongoldb v. 3.0.7 and I've also confirmed it using:

db.system.users.find({user:"abcdAppUser"}).pretty()

Here is mongod's log when I try to auth via the nodejs app:

2015-12-22T13:31:33.823+0000 I ACCESS   [conn30286] SCRAM-SHA-1 authentication failed for abcdAppUser on abcd from client 10.0.0.10 ; AuthenticationFailed SCRAM-SHA-1 authentication failed, storedKey mismatch
2015-12-22T13:31:33.894+0000 I ACCESS   [conn30288] SCRAM-SHA-1 authentication failed for abcdAppUser on abcd from client 10.0.0.10 ; AuthenticationFailed SCRAM-SHA-1 authentication failed, storedKey mismatch
2015-12-22T13:31:34.051+0000 I ACCESS   [conn30287] SCRAM-SHA-1 authentication failed for abcdAppUser on abcd from client 10.0.0.10 ; AuthenticationFailed SCRAM-SHA-1 authentication failed, storedKey mismatch
2015-12-22T13:31:34.124+0000 I ACCESS   [conn30289] SCRAM-SHA-1 authentication failed for abcdAppUser on abcd from client 10.0.0.10 ; AuthenticationFailed SCRAM-SHA-1 authentication failed, storedKey mismatch
2015-12-22T13:31:34.206+0000 I ACCESS   [conn30290] SCRAM-SHA-1 authentication failed for abcdAppUser on abcd from client 10.0.0.10 ; AuthenticationFailed SCRAM-SHA-1 authentication failed, storedKey mismatch
2015-12-22T13:31:34.263+0000 I NETWORK  [conn30288] end connection 94.61.85.76:53102 (17 connections now open)
2015-12-22T13:31:34.264+0000 I NETWORK  [conn30286] end connection 94.61.85.76:61293 (17 connections now open)
2015-12-22T13:31:34.263+0000 I NETWORK  [conn30287] end connection 94.61.85.76:58194 (17 connections now open)
2015-12-22T13:31:34.263+0000 I NETWORK  [conn30289] end connection 94.61.85.76:58537 (17 connections now open)
2015-12-22T13:31:34.264+0000 I NETWORK  [conn30290] end connection 94.61.85.76:57720 (13 connections now open)
2015-12-22T13:31:37.185+0000 I NETWORK  [conn30281] end connection 10.0.0.8:34322 (12 connections now open)

I also made sure my node.js driver was compatible with SCRAM and it is. At this point, I can't really understand why it fails... Any help would be most welcome!

Thank you in advance.

Regards,

Pedro

Pedro Diogo

unread,

Jan 3, 2016, 3:01:38 PM1/3/16

to mongodb-user

I still can not authenticate and I don't know what else I should do... Could you please take a look at this user?

{
 "_id" : "abcd. abcdAppUser",


 "user" : "abcdAppUser",
 "db" : "abcd",


 "credentials" : {
 "SCRAM-SHA-1" : {
 "iterationCount" : 10000,
 "salt" : "90Ay1lAKpaq2GoEHh3hzkQ==",
 "storedKey" : "hidden=",
 "serverKey" : "alsoHidden="


 }
 },
 "roles" : [
 {
 "role" : "readWrite",
 "db" : "abcd"
 }
 ]
}

Why am I getting the storedKey mismatch error only when connecting via the driver ?! I'm using node.js driver version 2.1.2 so it should work as per https://docs.mongodb.org/v3.0/release-notes/3.0-scram/#upgrade-drivers

I really am in the dark here.......

Wan Bachtiar

unread,

Jan 4, 2016, 1:57:35 AM1/4/16

to mongodb-user

and I can successfully connect to it via mongo shell:

mongo adbcd-mongo-mms.cloudapp.net:57002 -u adbcd AppUser -p hidden —authenticationDatabase adbcd

Hi Pedro,

For the shell connection test you have posted a slightly different information:

user: “adbcd AppUser” vs “abcdAppUser”
database: adbcd vs abcd
host: “adbcd-mongo-mms.cloudapp.net” vs “abcd-mongo-mms.cloudapp.net”

Can you please confirm whether the above are just a typing error when posting ?

I am also pretty sure my authMechanism is SCRAM-SHA-1 as I’ve added the user using mongoldb v. 3.0.7

Can you confirm that your deployment is still running MongoDB v3.0.7 ?

Also can you run a couple of tests:

Try changing the connection string to a single node :
MongoClient.connect("mongodb://abcdAppUser:hid...@abcd-mongo-mms.cloudapp.net:57001/abcd", function(err, db) ...
Try connecting with a different username/password. i.e. admin

Regards,

Wan.

Pedro Diogo

unread,

Jan 4, 2016, 7:39:16 AM1/4/16

to mongodb-user

Thank you very much, Wan, for your input!

It was all typos, yes - database is abcd, user is abcdAppUser and host is abcd-mongo-mms.cloudapp.net

I've also already tried all of what you said and nothing worked. I do have an Admin account which I can also access via mongo shell, but not via node.s's driver and I've also tried, unsuccessfully, to connect to a single host.

I've also updated mongodb to v. 3.2.0 using Mongo Cloud Manager.

Any other feedback? Please just let me know!

Will also try to connect using a different driver (C or JAVA).

Wan Bachtiar

unread,

Jan 4, 2016, 9:55:46 PM1/4/16

to mongodb-user

Hi Pedro,

Unfortunately I can’t replicate the authentication problem that you are seeing. My test environment is:
node v5.10, mongodb driver v2.1.2, MongoDB replica set v3.2.0 (auth SCRAM-SHA-1).

Did you start a new v3.0.7 installation without any users ?
Or did you upgrade from v2.6 with existing users and then create new users in v3.0.7?

If you are upgrading from v2.6 with existing users, to use SCRAM-SHA-1 please follow the upgrade steps for v2.6 MONGODB-CR Users to SCRAM-SHA-1.

Another test that you should try is separating the connection code with the authentication code. See code snippet below for an example:

var Db = require('mongodb').Db;
var Server = require('mongodb').Server;
var dbname = 'abcd';
var host = 'abcd-mongo-mms.cloudapp.net';
var port = 57001;
var user = 'abcdAppUser';
var pwd = 'hidden';

var db = new Db(dbname, new Server(host, port));
db.open(function(err, db){
    if (err) throw err;
    console.log('Connected');

    db.authenticate(user, pwd, function(err, result){
        if (err) throw err;
        console.log('Authenticated');
        db.close();
    });
});

If you are able to connect but not authenticate, please check that your username and password are correct.

The below log entry normally indicates that the password is incorrect. Incorrect database or user would result in a different log entry.

2016-01-05T13:21:38.127+1100 I ACCESS   [conn75] SCRAM-SHA-1 authentication failed for abcdAppUser on abcd from client 10.8.1.191 ; AuthenticationFailed SCRAM-SHA-1 authentication failed, storedKey mismatch

Regards,

Wan.

Pedro Diogo

unread,

Jan 5, 2016, 12:06:08 PM1/5/16

to mongodb-user

Hello Wan,

Looks like we had the same environment, except for nodes version (still on v0.12.6). I had already tested that type of authentication and have also taken a look at that specific docs page.

It works now. :) Don't ask me why, though. I just simply deleted my old user, made sure I've upgraded my schema (I was sure it was on v. 5, but oh well...) and then added the exact same user with the exact same password and roles. Magic. I wish I could understand what was causing the problem... I don't really remember, but I think I've installed v. 3.0 and added some users back afterwards. My guess is that I'm wrong and something must have conflicted with Cloud Manager's way of doing things as I've added some users before enabling authentication via that same service. I might even have upgraded to v. 3.0 afterwards. I seriously don't know. This was a test environment I had setup just for development and testing purposes. I know understand how I should have configured it and will make sure I keep logging every action even when in development environment.

Thank you very much, Wan, for your help!

Regards,

Pedro

terça-feira, 22 de Dezembro de 2015 às 20:56:08 UTC, Pedro Diogo escreveu:

Hello everybody,

I am trying to authenticate to my replica set, which was deployed via Mongo Cloud Manager, but I can not figure out why it fails.

Here are my users on database abcd:

abcdRepliaSet:PRIMARY> use abcd switched to db abcd show users abcdRepliaSet:PRIMARY> show users { "_id" : "abcd.abcdAppUser", "user" : "abcdAppUser", "db" : "abcd", "roles" : [ { "role" : "readWrite", "db" : "abcd" } ] }

and I can successfully connect to it via mongo shell:

mongo adbcd-mongo-mms.cloudapp.net:57002 -u adbcd AppUser -p hidden --authenticationDatabase adbcd

However, I can not using this simple code:

MongoClient.connect("mongodb://abcdAppUser:hidden@abcd-mongo-mms.cloudapp.net:57001,abcd-mongo-mms.cloudapp.net:57002,abcd-mongo-mms.cloudapp.net:57003/abcd?replicaSet=abcdRepliaSet&authSource=abcd&authMechanism=SCRAM-SHA-1",

function(err, db) { if(err) throw err; else console.log(db); });

Reply all

Reply to author

Forward