我已经接管了没有文件记录的蒙戈4.4.8集群(PSA)。我正在努力整理和测试。
原始连接字符串:
MONGODB_URI=mongodb://${USER}:${PASS}@10.0.0.3:27017,10.0.0.6:27017,10.0.0.2:27017/bud?replicaSet=bud-replica&authSource=admin我已启用localhost和套接字连接。我可以使用以下命令从cmdlet行登录
mongo -u ${USER} -p ${PASS}
MongoDB shell version v4.4.8
connecting to: mongodb://127.0.0.1:27017/?compressors=disabled&gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("492e331b-417e-458a-83c7-9db6eaae0869") }
MongoDB server version: 4.4.8我可以将db切换到 bud 并执行查询。
mongo则具有相同凭证的认证不起作用:
bud-replica:PRIMARY> db.auth('admin','admin');
Error: Authentication failed.
0我尝试搜索用户,但显示没有任何:
bud-replica:PRIMARY> db.getUsers()
[ ]
bud-replica:PRIMARY> use bud
switched to db bud
bud-replica:PRIMARY> db.getUsers()
[ ]这是mongod.conf安全部分:
security:
authorization: enabled
keyFile: "/etc/bud-rs"最后,我需要在做实验之前导出数据,虽然cmd行界面看起来很相似,但不管我设置用户名/密码或跳过这些参数,mongoexport都无法获取数据。
mongoexport -h localhost --db=bud -u ${USER} -p ${PASS} -c=accidents --jsonArray > accidents.json
2021-08-25T19:30:30.631+0200 could not connect to server: connection() error occured during connection handshake: auth error: sasl conversation error: unable to authenticate using mechanism "SCRAM-SHA-1": (AuthenticationFailed) Authentication failed.
mongoexport -h localhost --db=bud -u ${USER} -p ${PASS} -c=accidents --jsonArray --authenticationDatabase “admin” > accidents.json
2021-08-25T19:36:18.738+0200 could not connect to server: connection() error occured during connection handshake: auth error: sasl conversation error: unable to authenticate using mechanism "SCRAM-SHA-1": (AuthenticationFailed) Authentication failed.
root@10:~# mongoexport -h localhost --db=bud -u ${USER} -p ${PASS} -c=accidents --jsonArray --authenticationDatabase “bud” > accidents.json
2021-08-25T19:38:21.174+0200 could not connect to server: connection() error occured during connection handshake: auth error: sasl conversation error: unable to authenticate using mechanism "SCRAM-SHA-1": (AuthenticationFailed) Authentication failed.我真的很困惑,我没能在谷歌或其他网站上找到解决方案。
第二个相关问题:
如果我需要创建新用户,我应该在所有副本上创建还是自动同步?
第1次更新
这是变通方案,但我的问题仍然有效。我想了解。
root@10:~# mongoexport --db=bud -u ${USER} -p ${PASS} -c=accidents --jsonArray "mongodb://admin:admin@10.0.0.3:27017/bud?authSource=admin" > accidents.json
2021-08-25T20:46:54.777+0200 connected to: mongodb://[**REDACTED**]@10.0.0.3:27017/bud?authSource=admin
2021-08-25T20:46:55.778+0200 [........................] bud.accidents 0/4379 (0.0%)
2021-08-25T20:46:56.497+0200 [########################] bud.accidents 4379/4379 (100.0%)
2021-08-25T20:46:56.497+0200 exported 4379 records第二次更新
bud-replica:PRIMARY> use admin
bud-replica:PRIMARY> show collections
system.keys
system.users
system.version
bud-replica:PRIMARY> db.system.users.find()
{ "_id" : "admin.admin", "userId" : UUID("769e4f5c-6f46-4153-857e-47d7d8730066"), "user" : "admin", "db" : "admin", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "32/AP4019eome36j8n
3条答案
按热度按时间kgsdhlau1#
用户凭据是在管理数据库中创建的。
连接mongo shell时,在运行
db.auth之前切换到use admin有效的mongoexport命令在连接字符串中使用了
authSource=admin。将
--authenticationDatabase=admin添加到另一个命令行,以指示它也使用admin数据库进行身份验证。carvr3hs2#
下面的整个示例命令对我很有效。
Mongodb版本:5.x.x,也适用于Mongodb版本:第八章
mwkjh3gx3#