MongoSecurityException with MongoDB 3.6 and authentication

5,127 views
Skip to first unread message

nj.data....@gmail.com

unread,
Jul 5, 2018, 5:50:07 AM7/5/18
to obiba-users
Hello,


I tried installing Opal with mongoDB 3.6.5. Unfortunately, in the logs I keep getting this kind of exception at every operation:

  

018-07-03 06:11:53,356 [qtp976782276-89] INFO  org.mongodb.driver.cluster - Cluster description not yet available. Waiting for 30000 ms before timing out

2018-07-03 06:11:53,358 [cluster-ClusterId{value='5b3b4be98b5015eeeab8d797', description='null'}-localhost:27017] INFO  org.mongodb.driver.cluster - Exception in monitor thread while connecting to server localhost:27017

com.mongodb.MongoSecurityException: Exception authenticating MongoCredential{mechanism=null, userName='opal', source='opal_data', password=<hidden>, mechanismProperties={}}

        at com.mongodb.connection.SaslAuthenticator.wrapException(SaslAuthenticator.java:173) ~[mongo-java-driver-3.7.1.jar:na]

        at com.mongodb.connection.SaslAuthenticator.access$300(SaslAuthenticator.java:40) ~[mongo-java-driver-3.7.1.jar:na]

        at com.mongodb.connection.SaslAuthenticator$1.run(SaslAuthenticator.java:70) ~[mongo-java-driver-3.7.1.jar:na]

        at com.mongodb.connection.SaslAuthenticator$1.run(SaslAuthenticator.java:47) ~[mongo-java-driver-3.7.1.jar:na]

        at com.mongodb.connection.SaslAuthenticator.doAsSubject(SaslAuthenticator.java:179) ~[mongo-java-driver-3.7.1.jar:na]

        at com.mongodb.connection.SaslAuthenticator.authenticate(SaslAuthenticator.java:47) ~[mongo-java-driver-3.7.1.jar:na]

        at com.mongodb.connection.DefaultAuthenticator.authenticate(DefaultAuthenticator.java:32) ~[mongo-java-driver-3.7.1.jar:na]

        at com.mongodb.connection.InternalStreamConnectionInitializer.authenticateAll(InternalStreamConnectionInitializer.java:122) ~[mongo-java-driver-3.7.1.jar:na]

        at com.mongodb.connection.InternalStreamConnectionInitializer.initialize(InternalStreamConnectionInitializer.java:52) ~[mongo-java-driver-3.7.1.jar:na]

        at com.mongodb.connection.InternalStreamConnection.open(InternalStreamConnection.java:119) ~[mongo-java-driver-3.7.1.jar:na]

        at com.mongodb.connection.DefaultServerMonitor$ServerMonitorRunnable.run(DefaultServerMonitor.java:114) ~[mongo-java-driver-3.7.1.jar:na]

        at java.lang.Thread.run(Thread.java:748) [na:1.8.0_161]

Caused by: com.mongodb.MongoCommandException: Command failed with error 18: 'Authentication failed.' on server localhost:27017. The full response is { "ok" : 0.0, "errmsg" : "Authentication failed.", "code" : 18, "codeName" : "AuthenticationFailed" }

        at com.mongodb.connection.ProtocolHelper.getCommandFailureException(ProtocolHelper.java:164) ~[mongo-java-driver-3.7.1.jar:na]

        at com.mongodb.connection.InternalStreamConnection.receiveCommandMessageResponse(InternalStreamConnection.java:286) ~[mongo-java-driver-3.7.1.jar:na]

        at com.mongodb.connection.InternalStreamConnection.sendAndReceive(InternalStreamConnection.java:247) ~[mongo-java-driver-3.7.1.jar:na]

        at com.mongodb.connection.CommandHelper.sendAndReceive(CommandHelper.java:84) ~[mongo-java-driver-3.7.1.jar:na]

        at com.mongodb.connection.CommandHelper.executeCommand(CommandHelper.java:34) ~[mongo-java-driver-3.7.1.jar:na]

        at com.mongodb.connection.SaslAuthenticator.sendSaslStart(SaslAuthenticator.java:130) ~[mongo-java-driver-3.7.1.jar:na]

        at com.mongodb.connection.SaslAuthenticator.access$100(SaslAuthenticator.java:40) ~[mongo-java-driver-3.7.1.jar:na]

        at com.mongodb.connection.SaslAuthenticator$1.run(SaslAuthenticator.java:54) ~[mongo-java-driver-3.7.1.jar:na]

        ... 9 common frames omitted


However if I don't put a username/password when defining databases, I don't get the errors.

I've tried to enable authentication on MongoDB by adding in the /etc/mongod.conf file the following lines:


security:

  authorization: "enabled"


and restarting mongod. But to no avail. What gives ?

Yannick Marcon

unread,
Jul 5, 2018, 11:48:56 AM7/5/18
to obiba...@googlegroups.com
Hi,

Have you created a user in Mongo? Enabling authentication is not enough.


Yannick

--
You received this message because you are subscribed to the Google Groups "obiba-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to obiba-users+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

nj.data....@gmail.com

unread,
Jul 6, 2018, 4:51:03 AM7/6/18
to obiba-users
Here is exactly what I've done:

1) connect to mongo as root, paste 
use admin
db.createUser(
  {
    user: "opaladmin",
    pwd: "opaladmin",
    roles: [
      {
        "role" : "readWrite",
        "db" : "opal_ids"
      },
      {
        "role" : "dbAdmin",
        "db" : "opal_ids"
      },
      {
        "role" : "readWrite",
        "db" : "opal_data"
      },
      {
        "role" : "dbAdmin",
        "db" : "opal_data"
      },
      {
          "role": "clusterMonitor",
          "db": "admin"
      },
      {
          "role": "readAnyDatabase",
          "db": "admin"
      }
    ]
  }
)
Then quit()
2) Added 
security:
  authorization: "enabled"

in /"etc/mongod.conf, then restarted MongoDB:
service mongod restart
3) in the Opal GUI, added opaladmin/opaladmin in the opal_ids and opal_data databases.



There is still a connexion error.
To unsubscribe from this group and stop receiving emails from it, send an email to obiba-users...@googlegroups.com.

Ramin Maelstrom

unread,
Jul 6, 2018, 10:24:30 AM7/6/18
to obiba...@googlegroups.com
Hi,

Did you also specify the ?authSource=admin in the connection url?

Ramin
Reply all
Reply to author
Forward
0 new messages